diff options
Diffstat (limited to 'cmso-topology/src/main/java')
20 files changed, 1927 insertions, 0 deletions
diff --git a/cmso-topology/src/main/java/org/onap/observations/MessageHeaders.java b/cmso-topology/src/main/java/org/onap/observations/MessageHeaders.java new file mode 100644 index 0000000..fe6cea2 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/observations/MessageHeaders.java @@ -0,0 +1,155 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.observations; + +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.Set; + +/** + * The Class MessageHeaders. + */ +public class MessageHeaders { + + /** + * The Enum HeadersEnum. + */ + public enum HeadersEnum { + UNDEFINED("UNDEFINED"), + TransactionID("X-TransactionId"), + FromAppID("X-FromAppId"), + MinorVersion("X-MinorVersion"), + PatchVersion("X-PatchVersion"), + LatestVersion("X-LatestVersion"),; + + private final String text; + + private HeadersEnum(String text) { + this.text = text; + } + + /** + * To string. + * + * @return the string + */ + @Override + public String toString() { + return text; + } + } + + /** The Constant supportedMajorVersions. */ + public static final Map<String, String> supportedMajorVersions = new HashMap<String, String>(); + + static { + supportedMajorVersions.put("v1", "0"); + supportedMajorVersions.put("v2", "0"); + } + + /** The Constant supportedMajorMinorVersions. */ + public static final Set<String> supportedMajorMinorVersions = new HashSet<String>(); + + static { + supportedMajorMinorVersions.add("v1.0"); + supportedMajorMinorVersions.add("v2.0"); + } + + /** The Constant latestVersion. */ + public static final String latestVersion = "2.0.0"; + + /** The Constant patchVersion. */ + public static final String patchVersion = "0"; + + /** + * From string. + * + * @param text the text + * @return the headers enum + */ + public static HeadersEnum fromString(String text) { + for (HeadersEnum e : HeadersEnum.values()) { + if (e.text.equals(text)) { + return e; + } + } + return HeadersEnum.UNDEFINED; + } + + /** + * Gets the patch version. + * + * @return the patch version + */ + public static String getPatchVersion() { + return patchVersion; + } + + /** + * Gets the latest version. + * + * @return the latest version + */ + public static String getLatestVersion() { + return latestVersion; + } + + /** + * Validate major version. + * + * @param major the major + * @return true, if successful + */ + public static boolean validateMajorVersion(String major) { + String majorKey = major.toLowerCase(); + if (!supportedMajorVersions.containsKey(majorKey)) { + return false; + } + return true; + } + + /** + * Validate major minor version. + * + * @param major the major + * @param minor the minor + * @return true, if successful + */ + public static boolean validateMajorMinorVersion(String major, String minor) { + String majorKey = major.toLowerCase(); + if (!supportedMajorVersions.containsKey(majorKey)) { + return false; + } + + if (minor != null) { + String majorMinorKey = majorKey + "." + minor; + return supportedMajorMinorVersions.contains(majorMinorKey); + } + return true; + } +} diff --git a/cmso-topology/src/main/java/org/onap/observations/Observation.java b/cmso-topology/src/main/java/org/onap/observations/Observation.java new file mode 100644 index 0000000..e1ec30c --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/observations/Observation.java @@ -0,0 +1,129 @@ +/* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.observations; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import org.apache.log4j.Level; +import org.onap.optf.cmso.topology.Application; + + +/** + * The Class Observation. + */ +public class Observation { + private static EELFLogger log = EELFManager.getInstance().getLogger(Application.class); + private static EELFLogger metrics = EELFManager.getInstance().getMetricsLogger(); + private static EELFLogger audit = EELFManager.getInstance().getAuditLogger(); + private static EELFLogger errors = EELFManager.getInstance().getErrorLogger(); + private static EELFLogger debug = EELFManager.getInstance().getDebugLogger(); + + /** + * Report. + * + * @param obs the o + * @param execpt the e + * @param arguments the arguments + */ + // ************************************************************************************************* + public static void report(ObservationInterface obs, Exception execpt, String... arguments) { + Mdc.setCaller(4); + Mdc.setObservation(obs); + if (obs.getAudit()) { + audit.info(obs, execpt, arguments); + } + if (obs.getMetric()) { + metrics.info(obs, execpt, arguments); + } + Level lev = obs.getLevel(); + switch (lev.toInt()) { + case Level.WARN_INT: + errors.warn(obs, arguments); + debug.debug(obs, execpt, arguments); + break; + case Level.INFO_INT: + log.info(obs, execpt, arguments); + debug.debug(obs, execpt, arguments); + break; + case Level.ERROR_INT: + errors.error(obs, arguments); + debug.debug(obs, execpt, arguments); + break; + case Level.TRACE_INT: + debug.trace(obs, execpt, arguments); + break; + case Level.DEBUG_INT: + debug.debug(obs, execpt, arguments); + break; + default: + log.info(obs, execpt, arguments); + } + Mdc.clearCaller(); + } + + /** + * Report. + * + * @param obs the o + * @param arguments the arguments + */ + public static void report(ObservationInterface obs, String... arguments) { + Mdc.setCaller(4); + Mdc.setObservation(obs); + if (obs.getAudit()) { + audit.info(obs, arguments); + } + if (obs.getMetric()) { + metrics.info(obs, arguments); + } + Level levl = obs.getLevel(); + switch (levl.toInt()) { + case Level.WARN_INT: + errors.warn(obs, arguments); + debug.debug(obs, arguments); + break; + case Level.INFO_INT: + log.info(obs, arguments); + debug.debug(obs, arguments); + break; + case Level.ERROR_INT: + errors.error(obs, arguments); + debug.debug(obs, arguments); + break; + case Level.TRACE_INT: + debug.debug(obs, arguments); + break; + case Level.DEBUG_INT: + debug.debug(obs, arguments); + break; + default: + log.info(obs, arguments); + } + Mdc.clearCaller(); + } + +} diff --git a/cmso-topology/src/main/java/org/onap/observations/ObservationInterface.java b/cmso-topology/src/main/java/org/onap/observations/ObservationInterface.java new file mode 100644 index 0000000..0dce93d --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/observations/ObservationInterface.java @@ -0,0 +1,49 @@ +/* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.observations; + +import com.att.eelf.i18n.EELFResolvableErrorEnum; +import javax.ws.rs.core.Response.Status; +import org.apache.log4j.Level; + +public interface ObservationInterface extends EELFResolvableErrorEnum { + public Enum<?> getValue(); + + public Level getLevel(); + + public String getMessage(); + + public Status getStatus(); + + public String getDomain(); + + public String name(); + + public Boolean getAudit(); + + public Boolean getMetric(); +} diff --git a/cmso-topology/src/main/java/org/onap/observations/ObservationObject.java b/cmso-topology/src/main/java/org/onap/observations/ObservationObject.java new file mode 100644 index 0000000..f1c1277 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/observations/ObservationObject.java @@ -0,0 +1,198 @@ +/* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.observations; + +import com.att.eelf.i18n.EELFResolvableErrorEnum; +import com.att.eelf.i18n.EELFResourceManager; +import javax.ws.rs.core.Response.Status; +import org.apache.log4j.Level; + + +/** + * The Class ObservationObject. + */ +public class ObservationObject implements ObservationInterface { + + // ************************************************************************************************* + // Interface class that matches the ObservationInteface pattern + // This will be used in case we decide to provide external overrides and we need to instantiate + // For now, we'll just use the Enum itself. + // + // + private Enum<?> value = null; + + private Level level = null; + private String message = null; + private Status status = null; + private String domain = null; + private Boolean metric = false; + private Boolean audit = false; + + /** + * Instantiates a new observation object. + * + * @param obs the o + */ + public ObservationObject(ObservationInterface obs) { + this.value = obs.getValue(); + this.level = obs.getLevel(); + this.message = obs.getMessage(); + this.status = obs.getStatus(); + this.domain = obs.getDomain(); + this.metric = obs.getMetric(); + this.audit = obs.getAudit(); + + } + + /** + * Gets the value. + * + * @return the value + */ + @Override + public Enum<?> getValue() { + return value; + } + + /** + * Gets the message. + * + * @return the message + */ + @Override + public String getMessage() { + return message; + } + + /** + * Gets the status. + * + * @return the status + */ + @Override + public Status getStatus() { + return status; + } + + /** + * Gets the domain. + * + * @return the domain + */ + @Override + public String getDomain() { + return domain; + } + + /** + * Gets the level. + * + * @return the level + */ + @Override + public Level getLevel() { + return level; + } + + /** + * Name. + * + * @return the string + */ + @Override + public String name() { + return value.name(); + } + + /** + * Gets the audit. + * + * @return the audit + */ + @Override + public Boolean getAudit() { + return audit; + } + + /** + * Gets the metric. + * + * @return the metric + */ + @Override + public Boolean getMetric() { + return metric; + } + + /** + * Gets the message. + * + * @param arguments the arguments + * @return the message + */ + public String getMessagef(String... arguments) { + return EELFResourceManager.format((EELFResolvableErrorEnum) value, arguments); + } + + /** + * Sets the value. + * + * @param value the new value + */ + public void setValue(Enum<?> value) { + this.value = value; + } + + /** + * Sets the level. + * + * @param level the new level + */ + public void setLevel(Level level) { + this.level = level; + } + + /** + * Sets the message. + * + * @param message the new message + */ + public void setMessage(String message) { + this.message = message; + } + + /** + * Sets the status. + * + * @param status the new status + */ + public void setStatus(Status status) { + this.status = status; + } + + +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/CmsoEnvironmentPostProcessor.java b/cmso-topology/src/main/java/org/onap/optf/cmso/CmsoEnvironmentPostProcessor.java new file mode 100644 index 0000000..7e15760 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/CmsoEnvironmentPostProcessor.java @@ -0,0 +1,56 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso; + +import java.util.HashMap; +import java.util.Map; +import org.onap.optf.cmso.common.PropertiesManagement; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.env.EnvironmentPostProcessor; +import org.springframework.core.env.ConfigurableEnvironment; +import org.springframework.core.env.MapPropertySource; +import org.springframework.core.env.MutablePropertySources; + +public class CmsoEnvironmentPostProcessor implements EnvironmentPostProcessor { + // TODO tested in ONAP springboot and this is called before all of the properties files have been + // loaded... + // perhaps there is a post post processor? Until this works. DB password will be in the clear in the + // proeprties files. + @Override + public void postProcessEnvironment(ConfigurableEnvironment environment, SpringApplication application) { + String pwd = environment.getProperty("cmso.database.password"); + if (pwd != null) { + pwd = PropertiesManagement.getDecryptedValue(pwd); + Map<String, Object> map = new HashMap<String, Object>(); + map.put("spring.datasource.password", pwd); + MapPropertySource propertySource = new MapPropertySource("abc", map); + MutablePropertySources proeprtySources = environment.getPropertySources(); + proeprtySources.addLast(propertySource); + } + } + +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafAuthorizationFilter.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafAuthorizationFilter.java new file mode 100644 index 0000000..e2602d0 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafAuthorizationFilter.java @@ -0,0 +1,89 @@ +/******************************************************************************* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.onap.optf.cmso.aaf; + +import java.io.IOException; +import java.util.List; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.onap.aaf.cadi.CadiWrap; +import org.onap.aaf.cadi.Permission; +import org.onap.observations.Observation; +import org.onap.optf.cmso.common.exceptions.CmsoException; +import org.onap.optf.cmso.topology.SpringProfiles; +import org.onap.optf.cmso.topology.common.LogMessages; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter; +import org.springframework.context.annotation.Profile; +import org.springframework.stereotype.Component; + +/** + * AAF authorization filter. + */ + +@Component +@Profile(SpringProfiles.AAF_AUTHENTICATION) +public class AafAuthorizationFilter extends OrderedRequestContextFilter { + + @Autowired + AafUserRoleProperties userRoleProperties; + + /** + * Instantiates a new aaf authorization filter. + */ + public AafAuthorizationFilter() { + this.setOrder(FilterPriority.AAF_AUTHORIZATION.getPriority()); + + + } + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) + throws IOException, ServletException { + try { + if (request instanceof CadiWrap) { + CadiWrap cw = (CadiWrap) request; + List<Permission> perms = cw.getPermissions(cw.getUserPrincipal()); + if (userRoleProperties.processPermissions(request, perms)) { + filterChain.doFilter(request, response); + } else { + Observation.report(LogMessages.UNAUTHORIZED); + ResponseFormatter.errorResponse(request, response, new CmsoException( + LogMessages.UNAUTHORIZED.getStatus(), LogMessages.UNAUTHORIZED, "")); + } + } else { + throw new Exception(); + } + } catch (Exception e) { + Observation.report(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage()); + ResponseFormatter.errorResponse(request, response, + new CmsoException(LogMessages.UNAUTHORIZED.getStatus(), LogMessages.UNAUTHORIZED, "")); + } + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafFilter.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafFilter.java new file mode 100644 index 0000000..e396264 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafFilter.java @@ -0,0 +1,82 @@ +/******************************************************************************* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.onap.optf.cmso.aaf; + +import java.io.IOException; +import java.util.Properties; +import javax.servlet.FilterChain; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.filter.CadiFilter; +import org.onap.observations.Observation; +import org.onap.optf.cmso.common.exceptions.CmsoException; +import org.onap.optf.cmso.topology.Application; +import org.onap.optf.cmso.topology.SpringProfiles; +import org.onap.optf.cmso.topology.common.LogMessages; +import org.springframework.boot.web.servlet.filter.OrderedRequestContextFilter; +import org.springframework.context.annotation.Profile; +import org.springframework.stereotype.Component; + +/** + * AAF authentication filter. + */ + +@Component +@Profile(SpringProfiles.AAF_AUTHENTICATION) +public class AafFilter extends OrderedRequestContextFilter { + + private final CadiFilter cadiFilter; + + /** + * Instantiates a new aaf filter. + * + * @throws IOException Signals that an I/O exception has occurred. + * @throws ServletException the servlet exception + */ + public AafFilter() throws IOException, ServletException { + Properties cadiProperties = new Properties(); + cadiProperties.load(Application.class.getClassLoader().getResourceAsStream("cadi.properties")); + cadiFilter = new CadiFilter(new PropAccess(cadiProperties)); + this.setOrder(FilterPriority.AAF_AUTHENTICATION.getPriority()); + } + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) + throws IOException, ServletException { + cadiFilter.doFilter(request, response, filterChain); + if (response.getStatus() == 401) { + Observation.report(LogMessages.UNAUTHENTICATED); + ResponseFormatter.errorResponse(request, response, + new CmsoException(LogMessages.UNAUTHENTICATED.getStatus(), + LogMessages.UNAUTHENTICATED, "")); + } + } + + +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafPerm.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafPerm.java new file mode 100644 index 0000000..db58156 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafPerm.java @@ -0,0 +1,137 @@ +/******************************************************************************* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.onap.optf.cmso.aaf; + +import java.util.HashSet; +import java.util.Set; +import org.onap.aaf.cadi.aaf.AAFPermission; + + +/** + * The Class AafPerm. + */ +public class AafPerm { + private String type; + private String instance; + private String action; + private Set<String> actions = new HashSet<>(); + + /** + * Gets the action. + * + * @return the action + */ + public String getAction() { + return action; + } + + /** + * Sets the action. + * + * @param action the new action + */ + public void setAction(String action) { + this.action = action; + String[] list = action.split(","); + for (String a : list) { + actions.add(a); + } + } + + /** + * Gets the type. + * + * @return the type + */ + public String getType() { + return type; + } + + /** + * Sets the type. + * + * @param type the new type + */ + public void setType(String type) { + this.type = type; + } + + /** + * Gets the single instance of AafPerm. + * + * @return single instance of AafPerm + */ + public String getInstance() { + return instance; + } + + /** + * Sets the instance. + * + * @param instance the new instance + */ + public void setInstance(String instance) { + this.instance = instance; + } + + /** + * Gets the actions. + * + * @return the actions + */ + public Set<String> getActions() { + return actions; + } + + /** + * Sets the actions. + * + * @param actions the new actions + */ + public void setActions(Set<String> actions) { + this.actions = actions; + } + + /** + * Matches. + * + * @param userPerm the user perm + * @return true, if successful + */ + public boolean matches(AAFPermission userPerm) { + if (type.equals(userPerm.getType())) { + if (userPerm.getInstance().equals("*") || instance.equals("*") || userPerm.getInstance().equals(instance)) { + for (String userAction : userPerm.getAction().split(",")) { + if (userAction.equals("*") || actions.contains("*") || actions.contains(userAction)) { + return true; + } + } + } + } + return false; + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafSecurityConfig.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafSecurityConfig.java new file mode 100644 index 0000000..787d786 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafSecurityConfig.java @@ -0,0 +1,56 @@ +/* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.aaf; + +import org.onap.optf.cmso.topology.SpringProfiles; +import org.springframework.context.annotation.ComponentScan; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +@Configuration +@EnableWebSecurity +@ComponentScan("org.onap.optf") +@Profile(SpringProfiles.AAF_AUTHENTICATION) +public class AafSecurityConfig extends WebSecurityConfigurerAdapter { + + + @Override + protected void configure(AuthenticationManagerBuilder auth) throws Exception { + + } + + @Override + protected void configure(HttpSecurity http) throws Exception { + + http.csrf().disable(); + + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRole.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRole.java new file mode 100644 index 0000000..65decec --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRole.java @@ -0,0 +1,176 @@ +/******************************************************************************* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.onap.optf.cmso.aaf; + +import java.util.ArrayList; +import java.util.List; + +/** + * The Class AafUserRole. + */ +public class AafUserRole { + private String url = ""; + private String[] pathParts = {}; + private String perm = ""; + private String method = ""; + private List<AafPerm> aafPerms = new ArrayList<>(); + + /** + * Instantiates a new aaf user role. + * + * @param url the url + * @param perm the perm + */ + public AafUserRole(String url, String perm) { + this.setUrl(url); + this.setPerm(perm); + pathParts = url.split("\\/"); + + String[] perms = perm.split(","); + for (String p : perms) { + String[] parts = p.split(" "); + if (parts.length == 2) { + method = parts[1]; + } else { + method = "ALL"; + } + + String[] list = parts[0].split("\\|"); + if (list.length == 3) { + AafPerm aafPerm = new AafPerm(); + aafPerm.setAction(list[2]); + aafPerm.setInstance(list[1]); + aafPerm.setType(list[0]); + aafPerms.add(aafPerm); + } + } + } + + /** + * Gets the url. + * + * @return the url + */ + public String getUrl() { + return url; + } + + /** + * Sets the url. + * + * @param url the new url + */ + public void setUrl(String url) { + this.url = url; + } + + /** + * Gets the perm. + * + * @return the perm + */ + public String getPerm() { + return perm; + } + + /** + * Sets the perm. + * + * @param perm the new perm + */ + public void setPerm(String perm) { + this.perm = perm; + } + + /** + * Gets the aaf perms. + * + * @return the aaf perms + */ + public List<AafPerm> getAafPerms() { + return aafPerms; + } + + /** + * Sets the aaf perms. + * + * @param aafPerms the new aaf perms + */ + public void setAafPerms(List<AafPerm> aafPerms) { + this.aafPerms = aafPerms; + } + + /** + * Matches. + * + * @param path the path + * @param matchMethod the match method + * @return true, if successful + */ + public boolean matches(String path, String matchMethod) { + if (!this.method.equalsIgnoreCase("ALL") && !this.method.equals("*") && !this.method.equals(matchMethod)) { + return false; + } + List<String> inNodes = new ArrayList<>(); + List<String> matchNodes = new ArrayList<>(); + String[] pathList = path.split("\\/"); + for (String n : pathList) { + inNodes.add(n); + } + for (String n : pathParts) { + matchNodes.add(n); + } + + while (!inNodes.isEmpty() && !matchNodes.isEmpty()) { + String inNode = inNodes.remove(0); + String matchNode = matchNodes.get(0); + if (matchNode.equals(inNode) || matchNode.equals("*")) { + matchNodes.remove(0); + } else { + if (!matchNode.equals("**")) { + return false; + } + } + } + + // + if (inNodes.isEmpty() && matchNodes.isEmpty()) { + return true; + } + + // We have incoming nodes remaining, see if we can wildcard them + if (matchNodes.size() == 1) { + if (matchNodes.get(0).equals("**")) { + return true; + } + if (inNodes.size() == 1 && matchNodes.get(0).equals("*")) { + return true; + } + } + return false; + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java new file mode 100644 index 0000000..2d252f8 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java @@ -0,0 +1,133 @@ +/******************************************************************************* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.onap.optf.cmso.aaf; + +import java.io.File; +import java.io.FileInputStream; +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; +import javax.annotation.PostConstruct; +import javax.servlet.http.HttpServletRequest; +import org.onap.aaf.cadi.Permission; +import org.onap.aaf.cadi.aaf.AAFPermission; +import org.onap.observations.Observation; +import org.onap.optf.cmso.topology.SpringProfiles; +import org.onap.optf.cmso.topology.common.LogMessages; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Profile; +import org.springframework.core.env.Environment; +import org.springframework.stereotype.Component; + +/** + * This class uses a properties file to map URL patterns/method to AAF Permissions (AafPerm). + * + * @author jf9860 + * + */ +@Component +@Profile(SpringProfiles.AAF_AUTHENTICATION) +public class AafUserRoleProperties { + @Autowired + Environment env; + + private List<AafUserRole> list = new ArrayList<>(); + + /** + * Initialize permissions. + */ + @PostConstruct + public void initializePermissions() { + String userRolePropertiesName = + env.getProperty("aaf.user.roles", "src/main/resources/aaf/AAFUserRoles.properties"); + Properties props = new Properties(); + try { + props.load(new FileInputStream(new File(userRolePropertiesName))); + } catch (Exception e) { + Observation.report(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage()); + } + for (Object url : props.keySet()) { + Object value = props.get(url); + list.add(new AafUserRole((String) url, (String) value)); + } + } + + /** + * Gets the for url method. + * + * @param url the url + * @param method the method + * @return the for url method + */ + public List<AafUserRole> getForUrlMethod(String url, String method) { + List<AafUserRole> userRoleList = new ArrayList<>(); + for (AafUserRole aur : list) { + if (aur.matches(url, method)) { + userRoleList.add(aur); + } + } + return userRoleList; + } + + /** + * Process permissions. + * + * @param request the request + * @param userPerms the user perms + * @return true, if successful + */ + public boolean processPermissions(HttpServletRequest request, List<Permission> userPerms) { + try { + // Get list of perms that match incoming URL. May be more than 1... + // Users perms must match all that match URL + List<AafUserRole> perms = getForUrlMethod(request.getRequestURI(), request.getMethod()); + int tested = 0; + int passed = 0; + for (AafUserRole perm : perms) { + for (AafPerm test : perm.getAafPerms()) { + tested++; + for (Permission userPerm : userPerms) { + + if (test.matches((AAFPermission) userPerm)) { + passed++; + break; + } + } + } + } + // All permissions must be OK + if (tested > 0 && tested == passed) { + return true; + } else { + return false; + } + } catch (Exception e) { + Observation.report(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage()); + } + return false; + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/FilterPriority.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/FilterPriority.java new file mode 100644 index 0000000..bfafbd8 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/FilterPriority.java @@ -0,0 +1,42 @@ +/******************************************************************************* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.onap.optf.cmso.aaf; + +import org.springframework.core.Ordered; + +public enum FilterPriority { + AAF_AUTHENTICATION(Ordered.HIGHEST_PRECEDENCE), AAF_AUTHORIZATION(Ordered.HIGHEST_PRECEDENCE + 1); + private final int priority; + + FilterPriority(final int ppri) { + priority = ppri; + } + + public int getPriority() { + return priority; + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/ResponseFormatter.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/ResponseFormatter.java new file mode 100644 index 0000000..518814e --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/ResponseFormatter.java @@ -0,0 +1,45 @@ +/******************************************************************************* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.onap.optf.cmso.aaf; + +import java.io.IOException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.onap.optf.cmso.common.exceptions.CmsoException; + +class ResponseFormatter { + + + static void errorResponse(HttpServletRequest request, HttpServletResponse response, CmsoException error) + throws IOException { + response.setStatus(error.getStatus().getStatusCode()); + response.getWriter().write(error.getRequestError().toString()); + response.getWriter().flush(); + response.getWriter().close(); + } + +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/common/BasicAuthenticatorFilter.java b/cmso-topology/src/main/java/org/onap/optf/cmso/common/BasicAuthenticatorFilter.java new file mode 100644 index 0000000..750e109 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/common/BasicAuthenticatorFilter.java @@ -0,0 +1,102 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.common; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.client.ClientRequestContext; +import javax.ws.rs.client.ClientRequestFilter; +import javax.ws.rs.core.MultivaluedMap; +import javax.xml.bind.DatatypeConverter; + +public class BasicAuthenticatorFilter implements ClientRequestFilter { + private static EELFLogger log = EELFManager.getInstance().getLogger(BasicAuthenticatorFilter.class); + private final String user; + private final String password; + + /** + * Instantiates a new basic authenticator filter. + * + * @param user the user + * @param password the password + */ + public BasicAuthenticatorFilter(String user, String password) { + this.user = user; + this.password = password; + log.info("user: " + user + " pass:" + password); + } + + @Override + public void filter(ClientRequestContext requestContext) throws IOException { + MultivaluedMap<String, Object> headers = requestContext.getHeaders(); + final String basicAuthentication = getBasicAuthentication(); + headers.add("Authorization", basicAuthentication); + } + + private String getBasicAuthentication() { + String token = this.user + ":" + this.password; + try { + return "Basic " + DatatypeConverter.printBase64Binary(token.getBytes("UTF-8")); + } catch (UnsupportedEncodingException ex) { + throw new IllegalStateException("Cannot encode with UTF-8", ex); + } + } + + /** + * Gets the user. + * + * @param request the request + * @return the user + */ + public static String getUser(HttpServletRequest request) { + String user = ""; + String header = request.getHeader("Authorization"); + if (header != null) { + String[] auth = header.split("Basic "); + if (auth.length == 2) { + String token = getToken(auth[1]); + if (token.contains(":")) { + String[] tokens = token.split(":"); + user = tokens[0]; + } + } + } + return user; + } + + private static String getToken(String auth) { + try { + String token = new String(DatatypeConverter.parseBase64Binary(auth)); + return token; + } catch (Exception e) { + return auth; + } + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/common/CmsoRequestError.java b/cmso-topology/src/main/java/org/onap/optf/cmso/common/CmsoRequestError.java new file mode 100644 index 0000000..5cd258e --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/common/CmsoRequestError.java @@ -0,0 +1,82 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.common; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import com.fasterxml.jackson.annotation.JsonProperty; +import java.io.Serializable; +import java.util.ArrayList; +import java.util.List; + +public class CmsoRequestError implements Serializable { + private static final long serialVersionUID = 1L; + private static EELFLogger log = EELFManager.getInstance().getLogger(CmsoRequestError.class); + @JsonProperty + RequestError requestError; + + public CmsoRequestError(String messageId, String text, List<String> variables) { + requestError = new RequestError(messageId, text, variables); + } + + public CmsoRequestError(String messageId, String text) { + requestError = new RequestError(messageId, text, new ArrayList<String>()); + } + + public class RequestError { + @JsonProperty + private String messageId; + @JsonProperty + private String text; + @JsonProperty + private List<String> variables; + + private RequestError(String messageId, String text, List<String> variables) { + this.messageId = "Scheduler." + messageId; + this.text = text; + this.variables = variables; + } + + /** + * To string. + * + * @return the string + */ + @Override + public String toString() { + StringBuffer sb = new StringBuffer(); + sb.append(messageId).append(":").append(text).append(":").append(variables); + return sb.toString(); + + } + } + + @Override + public String toString() { + return requestError.toString(); + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java b/cmso-topology/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java new file mode 100644 index 0000000..1993b82 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java @@ -0,0 +1,129 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.common; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; +import org.apache.commons.codec.binary.Base64; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.env.Environment; +import org.springframework.stereotype.Component; + +@Component +public class PropertiesManagement { + + private static EELFLogger debug = EELFManager.getInstance().getDebugLogger(); + private static EELFLogger errors = EELFManager.getInstance().getErrorLogger(); + + private static final String algorithm = "AES"; + private static final String cipherMode = "CBC"; + private static final String paddingScheme = "PKCS5Padding"; + private static final String transformation = algorithm + "/" + cipherMode + "/" + paddingScheme; + + private static final String initVector = "ONAPCMSOVECTORIV"; // 16 bytes IV + + @Autowired + Environment env; + + /** + * Gets the property. + * + * @param key the key + * @param defaultValue the default value + * @return the property + */ + public String getProperty(String key, String defaultValue) { + String value = env.getProperty(key, defaultValue); + value = getDecryptedValue(value); + return value; + } + + /** + * Gets the decrypted value. + * + * @param value the value + * @return the decrypted value + */ + public static String getDecryptedValue(String value) { + if (value.startsWith("enc:")) { + String secret = getSecret(); + value = decrypt(secret, initVector, value.substring(4)); + } + return value; + } + + /** + * Gets the encrypted value. + * + * @param value the value + * @return the encrypted value + */ + public static String getEncryptedValue(String value) { + String secret = getSecret(); + value = encrypt(secret, initVector, value); + return value; + } + + private static final String encrypt(String key, String initVector, String value) { + try { + IvParameterSpec iv = new IvParameterSpec(initVector.getBytes("UTF-8")); + SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); + Cipher cipher = Cipher.getInstance(transformation); + cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); + byte[] encrypted = cipher.doFinal(value.getBytes()); + return Base64.encodeBase64String(encrypted); + } catch (Exception ex) { + errors.error("Unexpected exception {0}", ex.getMessage()); + debug.debug("Unexpected exception", ex); + } + + return null; + } + + private static final String decrypt(String key, String initVector, String encrypted) { + try { + IvParameterSpec iv = new IvParameterSpec(initVector.getBytes("UTF-8")); + SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); + Cipher cipher = Cipher.getInstance(transformation); + cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); + byte[] original = cipher.doFinal(Base64.decodeBase64(encrypted)); + return new String(original); + } catch (Exception ex) { + errors.error("Unexpected exception {0}", ex.getMessage()); + debug.debug("Unexpected exception", ex); + } + return null; + } + + private static String getSecret() { + return "ONAPCMSOSECRETIV"; + } + +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/common/exceptions/CmsoException.java b/cmso-topology/src/main/java/org/onap/optf/cmso/common/exceptions/CmsoException.java new file mode 100644 index 0000000..41476ee --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/common/exceptions/CmsoException.java @@ -0,0 +1,76 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.common.exceptions; + +import com.att.eelf.i18n.EELFResourceManager; +import java.util.ArrayList; +import java.util.List; +import javax.ws.rs.core.Response.Status; +import org.onap.observations.ObservationInterface; +import org.onap.optf.cmso.common.CmsoRequestError; + +public class CmsoException extends Exception { + private static final long serialVersionUID = 1L; + + protected CmsoRequestError requestError = null; + private List<String> variables = new ArrayList<String>(); + protected ObservationInterface messageCode; + protected Status status; + + /** + * Instantiates a new cmso exception. + * + * @param status the status + * @param messageCode the message code + * @param args the args + */ + public CmsoException(Status status, ObservationInterface messageCode, String... args) { + super(EELFResourceManager.format(messageCode, args)); + this.status = status; + this.messageCode = messageCode; + for (String arg : args) { + variables.add(arg); + } + requestError = new CmsoRequestError(messageCode.name(), getMessage(), variables); + } + + public Status getStatus() { + return status; + } + + public ObservationInterface getMessageCode() { + return messageCode; + } + + public String[] getVariables() { + return variables.toArray(new String[variables.size()]); + } + + public CmsoRequestError getRequestError() { + return requestError; + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/topology/Application.java b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/Application.java new file mode 100644 index 0000000..7223166 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/Application.java @@ -0,0 +1,96 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.topology; + +import com.att.eelf.configuration.Configuration; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import java.net.InetAddress; +import java.util.TimeZone; +import javax.annotation.PostConstruct; +import org.onap.optf.cmso.topology.common.LogMessages; +import org.slf4j.MDC; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.EnableAutoConfiguration; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration; +import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration; +import org.springframework.boot.builder.SpringApplicationBuilder; +import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; +import org.springframework.boot.web.servlet.server.ServletWebServerFactory; +import org.springframework.boot.web.servlet.support.SpringBootServletInitializer; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.ComponentScan; +import org.springframework.scheduling.annotation.EnableAsync; + +@SpringBootApplication +@ComponentScan(basePackages = {"org.onap.optf.cmso"}) +@EnableAsync + +@EnableAutoConfiguration(exclude = {DataSourceAutoConfiguration.class, HibernateJpaAutoConfiguration.class}) +public class Application extends SpringBootServletInitializer { + + private static EELFLogger log = EELFManager.getInstance().getLogger(Application.class); + + @Override + protected SpringApplicationBuilder configure(SpringApplicationBuilder application) { + return application.sources(Application.class); + } + + @PostConstruct + void started() { + // Make sure all datetimes are stored in UTC format. + TimeZone.setDefault(TimeZone.getTimeZone("UTC")); + } + + public static void main(String[] args) { + initMdcData(); + SpringApplication.run(Application.class, args); + } + + protected static void initMdcData() { + MDC.clear(); + try { + MDC.put(Configuration.MDC_SERVER_FQDN, InetAddress.getLocalHost().getHostName()); + MDC.put("hostname", InetAddress.getLocalHost().getCanonicalHostName()); + MDC.put("serviceName", System.getProperty("info.build.artifact")); + MDC.put("version", System.getProperty("info.build.version")); + MDC.put(Configuration.MDC_SERVER_IP_ADDRESS, InetAddress.getLocalHost().getHostAddress()); + } catch (Exception e) { + log.error(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage()); + } + } + + @Bean + public ServletWebServerFactory servletContainer() { + TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory(); + return tomcat; + } + + + +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/topology/ApplicationPropertiesFiles.java b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/ApplicationPropertiesFiles.java new file mode 100644 index 0000000..3017222 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/ApplicationPropertiesFiles.java @@ -0,0 +1,37 @@ +/* + * Copyright © 2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.topology; + +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.PropertySource; +import org.springframework.context.annotation.PropertySources; + + +@Configuration +@PropertySources({@PropertySource("file:etc/config/topology.properties"),}) +public class ApplicationPropertiesFiles { +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/topology/AuthProvider.java b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/AuthProvider.java new file mode 100644 index 0000000..511033d --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/AuthProvider.java @@ -0,0 +1,58 @@ +/* + * Copyright © 2018 AT&T Intellectual Property. Modifications Copyright © 2019 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.topology; + +import java.util.ArrayList; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Profile; +import org.springframework.core.env.Environment; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.stereotype.Component; + +@Component +@Profile(SpringProfiles.PROPRIETARY__AUTHENTICATION) + +public class AuthProvider implements AuthenticationProvider { + + @Autowired + Environment env; + + @Override + public Authentication authenticate(Authentication authentication) { + String name = authentication.getName(); + String password = authentication.getCredentials().toString(); + // TODO check credentials until we enable AAF + return new UsernamePasswordAuthenticationToken(name, password, new ArrayList<>()); + } + + @Override + public boolean supports(Class<?> authentication) { + return authentication.equals(UsernamePasswordAuthenticationToken.class); + } +} |