From cf85dfbeaa83e4c1827e2c4ef334e67f6f911fc3 Mon Sep 17 00:00:00 2001 From: Jerry Flood Date: Tue, 26 Mar 2019 15:01:04 -0400 Subject: Commit 3 for Define Topology API mS Multiple commits required due to commit size limitation. Change-Id: I755d27fbb54627b416df72c079b6b54bc28eb5fe Issue-ID: OPTFRA-430 Signed-off-by: Jerry Flood --- .../java/org/onap/optf/cmso/aaf/AafUserRole.java | 176 +++++++++++++++++++++ .../onap/optf/cmso/aaf/AafUserRoleProperties.java | 133 ++++++++++++++++ .../org/onap/optf/cmso/aaf/FilterPriority.java | 42 +++++ .../org/onap/optf/cmso/aaf/ResponseFormatter.java | 45 ++++++ .../optf/cmso/common/BasicAuthenticatorFilter.java | 102 ++++++++++++ .../onap/optf/cmso/common/CmsoRequestError.java | 82 ++++++++++ .../optf/cmso/common/PropertiesManagement.java | 129 +++++++++++++++ .../optf/cmso/common/exceptions/CmsoException.java | 76 +++++++++ .../org/onap/optf/cmso/topology/Application.java | 96 +++++++++++ .../cmso/topology/ApplicationPropertiesFiles.java | 37 +++++ .../org/onap/optf/cmso/topology/AuthProvider.java | 58 +++++++ 11 files changed, 976 insertions(+) create mode 100644 cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRole.java create mode 100644 cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java create mode 100644 cmso-topology/src/main/java/org/onap/optf/cmso/aaf/FilterPriority.java create mode 100644 cmso-topology/src/main/java/org/onap/optf/cmso/aaf/ResponseFormatter.java create mode 100644 cmso-topology/src/main/java/org/onap/optf/cmso/common/BasicAuthenticatorFilter.java create mode 100644 cmso-topology/src/main/java/org/onap/optf/cmso/common/CmsoRequestError.java create mode 100644 cmso-topology/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java create mode 100644 cmso-topology/src/main/java/org/onap/optf/cmso/common/exceptions/CmsoException.java create mode 100644 cmso-topology/src/main/java/org/onap/optf/cmso/topology/Application.java create mode 100644 cmso-topology/src/main/java/org/onap/optf/cmso/topology/ApplicationPropertiesFiles.java create mode 100644 cmso-topology/src/main/java/org/onap/optf/cmso/topology/AuthProvider.java (limited to 'cmso-topology') diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRole.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRole.java new file mode 100644 index 0000000..65decec --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRole.java @@ -0,0 +1,176 @@ +/******************************************************************************* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.onap.optf.cmso.aaf; + +import java.util.ArrayList; +import java.util.List; + +/** + * The Class AafUserRole. + */ +public class AafUserRole { + private String url = ""; + private String[] pathParts = {}; + private String perm = ""; + private String method = ""; + private List aafPerms = new ArrayList<>(); + + /** + * Instantiates a new aaf user role. + * + * @param url the url + * @param perm the perm + */ + public AafUserRole(String url, String perm) { + this.setUrl(url); + this.setPerm(perm); + pathParts = url.split("\\/"); + + String[] perms = perm.split(","); + for (String p : perms) { + String[] parts = p.split(" "); + if (parts.length == 2) { + method = parts[1]; + } else { + method = "ALL"; + } + + String[] list = parts[0].split("\\|"); + if (list.length == 3) { + AafPerm aafPerm = new AafPerm(); + aafPerm.setAction(list[2]); + aafPerm.setInstance(list[1]); + aafPerm.setType(list[0]); + aafPerms.add(aafPerm); + } + } + } + + /** + * Gets the url. + * + * @return the url + */ + public String getUrl() { + return url; + } + + /** + * Sets the url. + * + * @param url the new url + */ + public void setUrl(String url) { + this.url = url; + } + + /** + * Gets the perm. + * + * @return the perm + */ + public String getPerm() { + return perm; + } + + /** + * Sets the perm. + * + * @param perm the new perm + */ + public void setPerm(String perm) { + this.perm = perm; + } + + /** + * Gets the aaf perms. + * + * @return the aaf perms + */ + public List getAafPerms() { + return aafPerms; + } + + /** + * Sets the aaf perms. + * + * @param aafPerms the new aaf perms + */ + public void setAafPerms(List aafPerms) { + this.aafPerms = aafPerms; + } + + /** + * Matches. + * + * @param path the path + * @param matchMethod the match method + * @return true, if successful + */ + public boolean matches(String path, String matchMethod) { + if (!this.method.equalsIgnoreCase("ALL") && !this.method.equals("*") && !this.method.equals(matchMethod)) { + return false; + } + List inNodes = new ArrayList<>(); + List matchNodes = new ArrayList<>(); + String[] pathList = path.split("\\/"); + for (String n : pathList) { + inNodes.add(n); + } + for (String n : pathParts) { + matchNodes.add(n); + } + + while (!inNodes.isEmpty() && !matchNodes.isEmpty()) { + String inNode = inNodes.remove(0); + String matchNode = matchNodes.get(0); + if (matchNode.equals(inNode) || matchNode.equals("*")) { + matchNodes.remove(0); + } else { + if (!matchNode.equals("**")) { + return false; + } + } + } + + // + if (inNodes.isEmpty() && matchNodes.isEmpty()) { + return true; + } + + // We have incoming nodes remaining, see if we can wildcard them + if (matchNodes.size() == 1) { + if (matchNodes.get(0).equals("**")) { + return true; + } + if (inNodes.size() == 1 && matchNodes.get(0).equals("*")) { + return true; + } + } + return false; + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java new file mode 100644 index 0000000..2d252f8 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java @@ -0,0 +1,133 @@ +/******************************************************************************* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.onap.optf.cmso.aaf; + +import java.io.File; +import java.io.FileInputStream; +import java.util.ArrayList; +import java.util.List; +import java.util.Properties; +import javax.annotation.PostConstruct; +import javax.servlet.http.HttpServletRequest; +import org.onap.aaf.cadi.Permission; +import org.onap.aaf.cadi.aaf.AAFPermission; +import org.onap.observations.Observation; +import org.onap.optf.cmso.topology.SpringProfiles; +import org.onap.optf.cmso.topology.common.LogMessages; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Profile; +import org.springframework.core.env.Environment; +import org.springframework.stereotype.Component; + +/** + * This class uses a properties file to map URL patterns/method to AAF Permissions (AafPerm). + * + * @author jf9860 + * + */ +@Component +@Profile(SpringProfiles.AAF_AUTHENTICATION) +public class AafUserRoleProperties { + @Autowired + Environment env; + + private List list = new ArrayList<>(); + + /** + * Initialize permissions. + */ + @PostConstruct + public void initializePermissions() { + String userRolePropertiesName = + env.getProperty("aaf.user.roles", "src/main/resources/aaf/AAFUserRoles.properties"); + Properties props = new Properties(); + try { + props.load(new FileInputStream(new File(userRolePropertiesName))); + } catch (Exception e) { + Observation.report(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage()); + } + for (Object url : props.keySet()) { + Object value = props.get(url); + list.add(new AafUserRole((String) url, (String) value)); + } + } + + /** + * Gets the for url method. + * + * @param url the url + * @param method the method + * @return the for url method + */ + public List getForUrlMethod(String url, String method) { + List userRoleList = new ArrayList<>(); + for (AafUserRole aur : list) { + if (aur.matches(url, method)) { + userRoleList.add(aur); + } + } + return userRoleList; + } + + /** + * Process permissions. + * + * @param request the request + * @param userPerms the user perms + * @return true, if successful + */ + public boolean processPermissions(HttpServletRequest request, List userPerms) { + try { + // Get list of perms that match incoming URL. May be more than 1... + // Users perms must match all that match URL + List perms = getForUrlMethod(request.getRequestURI(), request.getMethod()); + int tested = 0; + int passed = 0; + for (AafUserRole perm : perms) { + for (AafPerm test : perm.getAafPerms()) { + tested++; + for (Permission userPerm : userPerms) { + + if (test.matches((AAFPermission) userPerm)) { + passed++; + break; + } + } + } + } + // All permissions must be OK + if (tested > 0 && tested == passed) { + return true; + } else { + return false; + } + } catch (Exception e) { + Observation.report(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage()); + } + return false; + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/FilterPriority.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/FilterPriority.java new file mode 100644 index 0000000..bfafbd8 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/FilterPriority.java @@ -0,0 +1,42 @@ +/******************************************************************************* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.onap.optf.cmso.aaf; + +import org.springframework.core.Ordered; + +public enum FilterPriority { + AAF_AUTHENTICATION(Ordered.HIGHEST_PRECEDENCE), AAF_AUTHORIZATION(Ordered.HIGHEST_PRECEDENCE + 1); + private final int priority; + + FilterPriority(final int ppri) { + priority = ppri; + } + + public int getPriority() { + return priority; + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/ResponseFormatter.java b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/ResponseFormatter.java new file mode 100644 index 0000000..518814e --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/aaf/ResponseFormatter.java @@ -0,0 +1,45 @@ +/******************************************************************************* + * Copyright © 2019 AT&T Intellectual Property. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + ******************************************************************************/ + +package org.onap.optf.cmso.aaf; + +import java.io.IOException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.onap.optf.cmso.common.exceptions.CmsoException; + +class ResponseFormatter { + + + static void errorResponse(HttpServletRequest request, HttpServletResponse response, CmsoException error) + throws IOException { + response.setStatus(error.getStatus().getStatusCode()); + response.getWriter().write(error.getRequestError().toString()); + response.getWriter().flush(); + response.getWriter().close(); + } + +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/common/BasicAuthenticatorFilter.java b/cmso-topology/src/main/java/org/onap/optf/cmso/common/BasicAuthenticatorFilter.java new file mode 100644 index 0000000..750e109 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/common/BasicAuthenticatorFilter.java @@ -0,0 +1,102 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.common; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.client.ClientRequestContext; +import javax.ws.rs.client.ClientRequestFilter; +import javax.ws.rs.core.MultivaluedMap; +import javax.xml.bind.DatatypeConverter; + +public class BasicAuthenticatorFilter implements ClientRequestFilter { + private static EELFLogger log = EELFManager.getInstance().getLogger(BasicAuthenticatorFilter.class); + private final String user; + private final String password; + + /** + * Instantiates a new basic authenticator filter. + * + * @param user the user + * @param password the password + */ + public BasicAuthenticatorFilter(String user, String password) { + this.user = user; + this.password = password; + log.info("user: " + user + " pass:" + password); + } + + @Override + public void filter(ClientRequestContext requestContext) throws IOException { + MultivaluedMap headers = requestContext.getHeaders(); + final String basicAuthentication = getBasicAuthentication(); + headers.add("Authorization", basicAuthentication); + } + + private String getBasicAuthentication() { + String token = this.user + ":" + this.password; + try { + return "Basic " + DatatypeConverter.printBase64Binary(token.getBytes("UTF-8")); + } catch (UnsupportedEncodingException ex) { + throw new IllegalStateException("Cannot encode with UTF-8", ex); + } + } + + /** + * Gets the user. + * + * @param request the request + * @return the user + */ + public static String getUser(HttpServletRequest request) { + String user = ""; + String header = request.getHeader("Authorization"); + if (header != null) { + String[] auth = header.split("Basic "); + if (auth.length == 2) { + String token = getToken(auth[1]); + if (token.contains(":")) { + String[] tokens = token.split(":"); + user = tokens[0]; + } + } + } + return user; + } + + private static String getToken(String auth) { + try { + String token = new String(DatatypeConverter.parseBase64Binary(auth)); + return token; + } catch (Exception e) { + return auth; + } + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/common/CmsoRequestError.java b/cmso-topology/src/main/java/org/onap/optf/cmso/common/CmsoRequestError.java new file mode 100644 index 0000000..5cd258e --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/common/CmsoRequestError.java @@ -0,0 +1,82 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.common; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import com.fasterxml.jackson.annotation.JsonProperty; +import java.io.Serializable; +import java.util.ArrayList; +import java.util.List; + +public class CmsoRequestError implements Serializable { + private static final long serialVersionUID = 1L; + private static EELFLogger log = EELFManager.getInstance().getLogger(CmsoRequestError.class); + @JsonProperty + RequestError requestError; + + public CmsoRequestError(String messageId, String text, List variables) { + requestError = new RequestError(messageId, text, variables); + } + + public CmsoRequestError(String messageId, String text) { + requestError = new RequestError(messageId, text, new ArrayList()); + } + + public class RequestError { + @JsonProperty + private String messageId; + @JsonProperty + private String text; + @JsonProperty + private List variables; + + private RequestError(String messageId, String text, List variables) { + this.messageId = "Scheduler." + messageId; + this.text = text; + this.variables = variables; + } + + /** + * To string. + * + * @return the string + */ + @Override + public String toString() { + StringBuffer sb = new StringBuffer(); + sb.append(messageId).append(":").append(text).append(":").append(variables); + return sb.toString(); + + } + } + + @Override + public String toString() { + return requestError.toString(); + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java b/cmso-topology/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java new file mode 100644 index 0000000..1993b82 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/common/PropertiesManagement.java @@ -0,0 +1,129 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.common; + +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; +import org.apache.commons.codec.binary.Base64; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.env.Environment; +import org.springframework.stereotype.Component; + +@Component +public class PropertiesManagement { + + private static EELFLogger debug = EELFManager.getInstance().getDebugLogger(); + private static EELFLogger errors = EELFManager.getInstance().getErrorLogger(); + + private static final String algorithm = "AES"; + private static final String cipherMode = "CBC"; + private static final String paddingScheme = "PKCS5Padding"; + private static final String transformation = algorithm + "/" + cipherMode + "/" + paddingScheme; + + private static final String initVector = "ONAPCMSOVECTORIV"; // 16 bytes IV + + @Autowired + Environment env; + + /** + * Gets the property. + * + * @param key the key + * @param defaultValue the default value + * @return the property + */ + public String getProperty(String key, String defaultValue) { + String value = env.getProperty(key, defaultValue); + value = getDecryptedValue(value); + return value; + } + + /** + * Gets the decrypted value. + * + * @param value the value + * @return the decrypted value + */ + public static String getDecryptedValue(String value) { + if (value.startsWith("enc:")) { + String secret = getSecret(); + value = decrypt(secret, initVector, value.substring(4)); + } + return value; + } + + /** + * Gets the encrypted value. + * + * @param value the value + * @return the encrypted value + */ + public static String getEncryptedValue(String value) { + String secret = getSecret(); + value = encrypt(secret, initVector, value); + return value; + } + + private static final String encrypt(String key, String initVector, String value) { + try { + IvParameterSpec iv = new IvParameterSpec(initVector.getBytes("UTF-8")); + SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); + Cipher cipher = Cipher.getInstance(transformation); + cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv); + byte[] encrypted = cipher.doFinal(value.getBytes()); + return Base64.encodeBase64String(encrypted); + } catch (Exception ex) { + errors.error("Unexpected exception {0}", ex.getMessage()); + debug.debug("Unexpected exception", ex); + } + + return null; + } + + private static final String decrypt(String key, String initVector, String encrypted) { + try { + IvParameterSpec iv = new IvParameterSpec(initVector.getBytes("UTF-8")); + SecretKeySpec skeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "AES"); + Cipher cipher = Cipher.getInstance(transformation); + cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv); + byte[] original = cipher.doFinal(Base64.decodeBase64(encrypted)); + return new String(original); + } catch (Exception ex) { + errors.error("Unexpected exception {0}", ex.getMessage()); + debug.debug("Unexpected exception", ex); + } + return null; + } + + private static String getSecret() { + return "ONAPCMSOSECRETIV"; + } + +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/common/exceptions/CmsoException.java b/cmso-topology/src/main/java/org/onap/optf/cmso/common/exceptions/CmsoException.java new file mode 100644 index 0000000..41476ee --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/common/exceptions/CmsoException.java @@ -0,0 +1,76 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.common.exceptions; + +import com.att.eelf.i18n.EELFResourceManager; +import java.util.ArrayList; +import java.util.List; +import javax.ws.rs.core.Response.Status; +import org.onap.observations.ObservationInterface; +import org.onap.optf.cmso.common.CmsoRequestError; + +public class CmsoException extends Exception { + private static final long serialVersionUID = 1L; + + protected CmsoRequestError requestError = null; + private List variables = new ArrayList(); + protected ObservationInterface messageCode; + protected Status status; + + /** + * Instantiates a new cmso exception. + * + * @param status the status + * @param messageCode the message code + * @param args the args + */ + public CmsoException(Status status, ObservationInterface messageCode, String... args) { + super(EELFResourceManager.format(messageCode, args)); + this.status = status; + this.messageCode = messageCode; + for (String arg : args) { + variables.add(arg); + } + requestError = new CmsoRequestError(messageCode.name(), getMessage(), variables); + } + + public Status getStatus() { + return status; + } + + public ObservationInterface getMessageCode() { + return messageCode; + } + + public String[] getVariables() { + return variables.toArray(new String[variables.size()]); + } + + public CmsoRequestError getRequestError() { + return requestError; + } +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/topology/Application.java b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/Application.java new file mode 100644 index 0000000..7223166 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/Application.java @@ -0,0 +1,96 @@ +/* + * Copyright © 2017-2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.topology; + +import com.att.eelf.configuration.Configuration; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; +import java.net.InetAddress; +import java.util.TimeZone; +import javax.annotation.PostConstruct; +import org.onap.optf.cmso.topology.common.LogMessages; +import org.slf4j.MDC; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.EnableAutoConfiguration; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration; +import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration; +import org.springframework.boot.builder.SpringApplicationBuilder; +import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory; +import org.springframework.boot.web.servlet.server.ServletWebServerFactory; +import org.springframework.boot.web.servlet.support.SpringBootServletInitializer; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.ComponentScan; +import org.springframework.scheduling.annotation.EnableAsync; + +@SpringBootApplication +@ComponentScan(basePackages = {"org.onap.optf.cmso"}) +@EnableAsync + +@EnableAutoConfiguration(exclude = {DataSourceAutoConfiguration.class, HibernateJpaAutoConfiguration.class}) +public class Application extends SpringBootServletInitializer { + + private static EELFLogger log = EELFManager.getInstance().getLogger(Application.class); + + @Override + protected SpringApplicationBuilder configure(SpringApplicationBuilder application) { + return application.sources(Application.class); + } + + @PostConstruct + void started() { + // Make sure all datetimes are stored in UTC format. + TimeZone.setDefault(TimeZone.getTimeZone("UTC")); + } + + public static void main(String[] args) { + initMdcData(); + SpringApplication.run(Application.class, args); + } + + protected static void initMdcData() { + MDC.clear(); + try { + MDC.put(Configuration.MDC_SERVER_FQDN, InetAddress.getLocalHost().getHostName()); + MDC.put("hostname", InetAddress.getLocalHost().getCanonicalHostName()); + MDC.put("serviceName", System.getProperty("info.build.artifact")); + MDC.put("version", System.getProperty("info.build.version")); + MDC.put(Configuration.MDC_SERVER_IP_ADDRESS, InetAddress.getLocalHost().getHostAddress()); + } catch (Exception e) { + log.error(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage()); + } + } + + @Bean + public ServletWebServerFactory servletContainer() { + TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory(); + return tomcat; + } + + + +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/topology/ApplicationPropertiesFiles.java b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/ApplicationPropertiesFiles.java new file mode 100644 index 0000000..3017222 --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/ApplicationPropertiesFiles.java @@ -0,0 +1,37 @@ +/* + * Copyright © 2018 AT&T Intellectual Property. Modifications Copyright © 2018 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.topology; + +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.PropertySource; +import org.springframework.context.annotation.PropertySources; + + +@Configuration +@PropertySources({@PropertySource("file:etc/config/topology.properties"),}) +public class ApplicationPropertiesFiles { +} diff --git a/cmso-topology/src/main/java/org/onap/optf/cmso/topology/AuthProvider.java b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/AuthProvider.java new file mode 100644 index 0000000..511033d --- /dev/null +++ b/cmso-topology/src/main/java/org/onap/optf/cmso/topology/AuthProvider.java @@ -0,0 +1,58 @@ +/* + * Copyright © 2018 AT&T Intellectual Property. Modifications Copyright © 2019 IBM. + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software distributed under the License + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express + * or implied. See the License for the specific language governing permissions and limitations under + * the License. + * + * + * Unless otherwise specified, all documentation contained herein is licensed under the Creative + * Commons License, Attribution 4.0 Intl. (the "License"); you may not use this documentation except + * in compliance with the License. You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation distributed under the + * License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.onap.optf.cmso.topology; + +import java.util.ArrayList; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Profile; +import org.springframework.core.env.Environment; +import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.stereotype.Component; + +@Component +@Profile(SpringProfiles.PROPRIETARY__AUTHENTICATION) + +public class AuthProvider implements AuthenticationProvider { + + @Autowired + Environment env; + + @Override + public Authentication authenticate(Authentication authentication) { + String name = authentication.getName(); + String password = authentication.getCredentials().toString(); + // TODO check credentials until we enable AAF + return new UsernamePasswordAuthenticationToken(name, password, new ArrayList<>()); + } + + @Override + public boolean supports(Class authentication) { + return authentication.equals(UsernamePasswordAuthenticationToken.class); + } +} -- cgit 1.2.3-korg