From a950e73cd6185df6e843204c7fa69efa5e7640c1 Mon Sep 17 00:00:00 2001
From: Ritu Sood <ritu.sood@intel.com>
Date: Fri, 11 May 2018 07:28:52 -0700
Subject: Adding basic auth to AAI Plugin

For now leaving the original certificates as before
so as not to disturb any existing test cases etc.

Issue-ID: OPTFRA-232
Change-Id: If28c772f14c89dbf4229d754cf9dd49094fc5196
Signed-off-by: Ritu Sood <ritu.sood@intel.com>
---
 AAF_RootCA.cer                                     | 31 ++++++++++++++++++++++
 conductor.conf                                     |  9 ++++++-
 .../data/plugins/inventory_provider/aai.py         | 10 +++++++
 run-dockers.sh                                     |  4 +--
 4 files changed, 51 insertions(+), 3 deletions(-)
 create mode 100644 AAF_RootCA.cer

diff --git a/AAF_RootCA.cer b/AAF_RootCA.cer
new file mode 100644
index 0000000..e9a50d7
--- /dev/null
+++ b/AAF_RootCA.cer
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFPjCCAyagAwIBAgIJAJ6u7cCnzrWdMA0GCSqGSIb3DQEBCwUAMCwxDjAMBgNV
+BAsMBU9TQUFGMQ0wCwYDVQQKDARPTkFQMQswCQYDVQQGEwJVUzAeFw0xODA0MDUx
+NDE1MjhaFw0zODAzMzExNDE1MjhaMCwxDjAMBgNVBAsMBU9TQUFGMQ0wCwYDVQQK
+DARPTkFQMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAMA5pkgRs7NhGG4ew5JouhyYakgYUyFaG121+/h8qbSdt0hVQv56+EA41Yq7
+XGie7RYDQK9NmAFF3gruE+6X7wvJiChp+Cyd7sFMnb65uWhxEdxWTM2BJFrgfzUn
+H8ZCxgaCo3XH4PzlKRy2LQQJEJECwl/RZmRCXijMt5e9h8XoZY/fKkKcZZUsWNCM
+pTo266wjvA9MXLmdgReRj0+vrCjrNqy+htwJDztoiHWiYPqT6o8EvGcgjNqjlZx7
+NUNf8MfLDByqKF6+wRbHv1GKjn3/Vijd45Fv8riyRYROiFanvbV6jIfBkv8PZbXg
+2VDWsYsgp8NAvMxK+iV8cO+Ck3lBI2GOPZbCEqpPVTYbLUz6sczAlCXwQoPzDIZY
+wYa3eR/gYLY1gP2iEVHORag3bLPap9ZX5E8DZkzTNTjovvLk8KaCmfcaUMJsBtDd
+ApcUitz10cnRyZc1sX3gE1f3DpzQM6t9C5sOVyRhDcSrKqqwb9m0Ss04XAS9FsqM
+P3UWYQyqDXSxlUAYaX892u8mV1hxnt2gjb22RloXMM6TovM3sSrJS0wH+l1nznd6
+aFXftS/G4ZVIVZ/LfT1is4StoyPWZCwwwly1z8qJQ/zhip5NgZTxQw4mi7ww35DY
+PdAQOCoajfSvFjqslQ/cPRi/MRCu079heVb5fQnnzVtnpFQRAgMBAAGjYzBhMB0G
+A1UdDgQWBBRTVTPyS+vQUbHBeJrBKDF77+rtSTAfBgNVHSMEGDAWgBRTVTPyS+vQ
+UbHBeJrBKDF77+rtSTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAN
+BgkqhkiG9w0BAQsFAAOCAgEAPx/IaK94n02wPxpnYTy+LVLIxwdq/kawNd6IbiMz
+L87zmNMDmHcGbfoRCj8OkhuggX9Lx1/CkhpXimuYsZOFQi5blr/u+v4mIbsgbmi9
+7j+cUHDP0zLycvSvxKHty51LwmaX9a4wkJl5zBU4O1sd/H9tWcEmwJ39ltKoBKBx
+c94Zc3iMm5ytRWGj+0rKzLDAXEWpoZ5bE5PLJauA6UDCxDLfs3FwhbS7uDggxYvf
+jySF5FCNET94oJ+m8s7VeHvoa8iPGKvXrIqdd7XDHnqJJlVKr7m9S0fMbyEB8ci2
+RtOXDt93ifY1uhoEtEykn4dqBSp8ezvNMnwoXdYPDvTd9uCAFeWFLVreBAWxd25h
+PsBTkZA5hpa/rA+mKv6Af4VBViYr8cz4dZCsFChuioVebe9ighrfjB//qKepFjPF
+CyjzKN1u0JKm/2x/ORqxkTONG8p3uDwoIOyimUcTtTMv42bfYD88RKakqSFXE9G+
+Z0LlaKABqfjK49o/tsAp+c5LoNlYllKhnetO3QAdraHwdmC36BhoghzR1jpX751A
+cZn2VH3Q4XKyp01cJNCJIrua+A+bx6zh3RyW6zIIkbRCbET+UD+4mr8WIcSE3mtR
+ZVlnhUDO4z9//WKMVzwS9Rh8/kuszrGFI1KQozXCHLrce3YP6RYZfOed79LXaRwX
+dYY=
+-----END CERTIFICATE-----
diff --git a/conductor.conf b/conductor.conf
index 150d78b..b2c1f61 100755
--- a/conductor.conf
+++ b/conductor.conf
@@ -150,7 +150,14 @@ certificate_key_file = /usr/local/bin/aai_key.key
 # Certificate Authority Bundle file in pem format. Must contain the appropriate
 # trust chain for the Certificate file. (string value)
 #certificate_authority_bundle_file = /opt/app/conductor/etc/certs/ca_bundle.pem
-certificate_authority_bundle_file = /opt/optf-has/aai_cert.cer
+certificate_authority_bundle_file = /usr/local/bin/AAF_RootCA.cer
+
+# Basic Authentication Username (string value)
+username = OOF
+
+# Basic Authentication Password (string value)
+password = OOF
+
 
 [api]
 
diff --git a/conductor/conductor/data/plugins/inventory_provider/aai.py b/conductor/conductor/data/plugins/inventory_provider/aai.py
index 41f55c5..2e36bf5 100644
--- a/conductor/conductor/data/plugins/inventory_provider/aai.py
+++ b/conductor/conductor/data/plugins/inventory_provider/aai.py
@@ -71,6 +71,12 @@ AAI_OPTS = [
                help='Certificate Authority Bundle file in pem format. '
                     'Must contain the appropriate trust chain for the '
                     'Certificate file.'),
+    cfg.StrOpt('username',
+               default='',
+               help='Username for AAI.'),
+    cfg.StrOpt('password',
+               default='',
+               help='Password for AAI.'),
 ]
 
 CONF.register_opts(AAI_OPTS, group='aai')
@@ -97,6 +103,8 @@ class AAI(base.InventoryProviderBase):
         self.complex_last_refresh_time = None
         self.timeout = self.conf.aai.aai_rest_timeout
         self.retries = self.conf.aai.aai_retries
+        self.username = self.conf.aai.username
+        self.password = self.conf.aai.password
 
         # Cache is initially empty
         self._aai_cache = {}
@@ -172,6 +180,8 @@ class AAI(base.InventoryProviderBase):
         kwargs = {
             "server_url": self.base,
             "retries": self.retries,
+            "username": self.username,
+            "password": self.password,
             "cert_file": self.cert,
             "cert_key_file": self.key,
             "ca_bundle_file": self.verify,
diff --git a/run-dockers.sh b/run-dockers.sh
index 569957c..087c92c 100755
--- a/run-dockers.sh
+++ b/run-dockers.sh
@@ -80,7 +80,7 @@ fi
 #aai_ca_bundle.pem
 if [ -z "$5" ]
   then
-    get_from_arguments_or_default 'aai_ca_bundle.pem' 5
+    get_from_arguments_or_default './AAF_RootCA.cer' 5
 fi
 
 echo Value is .... $COND_CONF $LOG_FILE
@@ -90,5 +90,5 @@ docker run -d --name controller -v $COND_CONF:/usr/local/bin/conductor.conf -v $
 docker run -d --name api -p "8091:8091" -v $COND_CONF:/usr/local/bin/conductor.conf -v $LOG_CONF:/usr/local/bin/log.conf ${IMAGE_NAME}:latest python /usr/local/bin/conductor-api --port=8091 -- --config-file=/usr/local/bin/conductor.conf
 docker run -d --name solver -v $COND_CONF:/usr/local/bin/conductor.conf -v $LOG_CONF:/usr/local/bin/log.conf ${IMAGE_NAME}:latest python /usr/local/bin/conductor-solver --config-file=/usr/local/bin/conductor.conf
 docker run -d --name reservation -v $COND_CONF:/usr/local/bin/conductor.conf -v $LOG_CONF:/usr/local/bin/log.conf ${IMAGE_NAME}:latest python /usr/local/bin/conductor-reservation --config-file=/usr/local/bin/conductor.conf
-docker run -d --name data -v $COND_CONF:/usr/local/bin/conductor.conf -v $LOG_CONF:/usr/local/bin/log.conf -v $CERT:/usr/local/bin/aai_cert.cer -v $KEY:/usr/local/bin/aai_key.key -v $BUNDLE:/usr/local/bin/bundle.pem ${IMAGE_NAME}:latest python /usr/local/bin/conductor-data --config-file=/usr/local/bin/conductor.conf
+docker run -d --name data -v $COND_CONF:/usr/local/bin/conductor.conf -v $LOG_CONF:/usr/local/bin/log.conf -v $CERT:/usr/local/bin/aai_cert.cer -v $KEY:/usr/local/bin/aai_key.key -v $BUNDLE:/usr/local/bin/AAF_RootCA.cer ${IMAGE_NAME}:latest python /usr/local/bin/conductor-data --config-file=/usr/local/bin/conductor.conf
 
-- 
cgit 1.2.3-korg