diff options
author | Determe, Sebastien (sd378r) <sd378r@intl.att.com> | 2017-10-30 18:50:37 +0100 |
---|---|---|
committer | Determe, Sebastien (sd378r) <sd378r@intl.att.com> | 2017-10-30 19:00:08 +0100 |
commit | 434170f50621917a7fb2cbe7c7b01c4b29a8211e (patch) | |
tree | dc52603bac0159f3a3f1c3b60222df7d500ad6bd /src/main/java/org/onap | |
parent | 2e5ec6aaac811c9a0efd8f80eef39fd91a1ac9ea (diff) |
Add encryption for passwords
Add encrypted password on all values specified in the properties files,
unit tests have been reworked.
Change-Id: I619ff67fe1025f69af733b776f055914f949f26a
Issue-ID: CLAMP-64
Signed-off-by: Determe, Sebastien (sd378r) <sd378r@intl.att.com>
Diffstat (limited to 'src/main/java/org/onap')
10 files changed, 460 insertions, 343 deletions
diff --git a/src/main/java/org/onap/clamp/clds/client/DcaeInventoryServices.java b/src/main/java/org/onap/clamp/clds/client/DcaeInventoryServices.java index 8f80e07ca..71e57ded9 100644 --- a/src/main/java/org/onap/clamp/clds/client/DcaeInventoryServices.java +++ b/src/main/java/org/onap/clamp/clds/client/DcaeInventoryServices.java @@ -32,6 +32,7 @@ import java.io.IOException; import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
+import java.security.GeneralSecurityException;
import java.util.Date;
import java.util.List;
@@ -52,34 +53,37 @@ import org.onap.clamp.clds.util.LoggingUtils; import org.springframework.beans.factory.annotation.Autowired;
/**
+ *
* This class implements the communication with DCAE for the service inventory.
*
+ *
+ *
*/
public class DcaeInventoryServices {
protected static final EELFLogger logger = EELFManager.getInstance().getLogger(DcaeInventoryServices.class);
protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger();
protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger();
-
@Autowired
private RefProp refProp;
-
@Autowired
private CldsDao cldsDao;
-
@Autowired
private SdcCatalogServices sdcCatalogServices;
/**
+ *
* Set the event inventory.
*
* @param cldsModel
* The CldsModel
* @param userId
* The user ID
+ * @throws GeneralSecurityException
+ * In case of issue when decryting the DCAE password
* @throws ParseException
- * In case of issues during the parsing of DCAE answer
+ * In case of DCAE Json parse exception
*/
- public void setEventInventory(CldsModel cldsModel, String userId) throws ParseException {
+ public void setEventInventory(CldsModel cldsModel, String userId) throws GeneralSecurityException, ParseException {
String artifactName = cldsModel.getControlName();
DcaeEvent dcaeEvent = new DcaeEvent();
String isDcaeInfoAvailable = null;
@@ -90,8 +94,11 @@ public class DcaeInventoryServices { }
try {
/*
+ *
* Below are the properties required for calling the dcae inventory
+ *
* url call
+ *
*/
ModelProperties prop = new ModelProperties(cldsModel.getName(), cldsModel.getControlName(), null, false,
"{}", cldsModel.getPropText());
@@ -105,11 +112,9 @@ public class DcaeInventoryServices { }
/* Invemtory service url is called in this method */
isDcaeInfoAvailable = getDcaeInformation(artifactName, serviceUuid, resourceUuid);
-
/* set dcae events */
dcaeEvent.setArtifactName(artifactName);
dcaeEvent.setEvent(DcaeEvent.EVENT_DISTRIBUTION);
-
} catch (JsonProcessingException e) {
logger.error("Error during JSON decoding", e);
} catch (IOException ex) {
@@ -159,6 +164,7 @@ public class DcaeInventoryServices { * In case of issues with the stream
* @throws ParseException
* In case of issues with the Json parsing
+ *
*/
public String getDcaeInformation(String artifactName, String serviceUuid, String resourceUuid)
throws IOException, ParseException {
@@ -167,28 +173,22 @@ public class DcaeInventoryServices { String queryString = "?sdcResourceId=" + resourceUuid + "&sdcServiceId=" + serviceUuid + "&typeName="
+ artifactName;
String fullUrl = refProp.getStringValue("DCAE_INVENTORY_URL") + "/dcae-service-types" + queryString;
-
logger.info("Dcae Inventory Service full url - " + fullUrl);
String daceInventoryResponse = null;
URL inventoryUrl = new URL(fullUrl);
-
HttpURLConnection conn = (HttpURLConnection) inventoryUrl.openConnection();
conn.setRequestMethod("GET");
String reqid = LoggingUtils.getRequestId();
logger.info("reqid set to " + reqid);
conn.setRequestProperty("X-ECOMP-RequestID", reqid);
-
boolean requestFailed = true;
int responseCode = conn.getResponseCode();
if (responseCode == 200) {
requestFailed = false;
}
-
StringBuilder response = new StringBuilder();
-
try (BufferedReader in = new BufferedReader(new InputStreamReader(conn.getInputStream()))) {
String inputLine = null;
-
while ((inputLine = in.readLine()) != null) {
response.append(inputLine);
}
@@ -203,11 +203,8 @@ public class DcaeInventoryServices { String jsonResponseString = response.toString();
JSONParser parser = new JSONParser();
Object obj0 = parser.parse(jsonResponseString);
-
JSONObject jsonObj = (JSONObject) obj0;
-
Long totalCount = (Long) jsonObj.get("totalCount");
-
int numServices = totalCount.intValue();
if (numServices == 0) {
daceInventoryResponse = null;
@@ -221,5 +218,4 @@ public class DcaeInventoryServices { metricsLogger.info("getDcaeInformation complete: number services returned=" + numServices);
return daceInventoryResponse;
}
-
}
diff --git a/src/main/java/org/onap/clamp/clds/client/SdcCatalogServices.java b/src/main/java/org/onap/clamp/clds/client/SdcCatalogServices.java index 56f296184..36265e837 100644 --- a/src/main/java/org/onap/clamp/clds/client/SdcCatalogServices.java +++ b/src/main/java/org/onap/clamp/clds/client/SdcCatalogServices.java @@ -40,6 +40,7 @@ import java.io.Reader; import java.io.StringReader;
import java.net.HttpURLConnection;
import java.net.URL;
+import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
@@ -71,14 +72,16 @@ import org.onap.clamp.clds.util.LoggingUtils; import org.springframework.beans.factory.annotation.Autowired;
public class SdcCatalogServices {
- protected static final EELFLogger logger = EELFManager.getInstance().getLogger(SdcCatalogServices.class);
- protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger();
-
- private static final String RESOURCE_VF_TYPE = "VF";
- private static final String RESOURCE_VFC_TYPE = "VFC";
-
+ protected static final EELFLogger logger = EELFManager.getInstance()
+ .getLogger(SdcCatalogServices.class);
+ protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger();
+ private static final String RESOURCE_VF_TYPE = "VF";
+ private static final String RESOURCE_VFC_TYPE = "VFC";
+ private static final String RESOURCE_CVFC_TYPE = "CVFC";
@Autowired
private RefProp refProp;
+ @Autowired
+ private SdcReq sdcReq;
/**
* This method get the SDC services Information with the corresponding
@@ -87,31 +90,29 @@ public class SdcCatalogServices { * @param uuid
* The service UUID
* @return A Json String with all the service list
+ * @throws GeneralSecurityException
+ * In case of issue when decryting the SDC password
*/
- public String getSdcServicesInformation(String uuid) {
+ public String getSdcServicesInformation(String uuid) throws GeneralSecurityException {
Date startTime = new Date();
String baseUrl = refProp.getStringValue("sdc.serviceUrl");
- String basicAuth = SdcReq.getSdcBasicAuth(refProp);
+ String basicAuth = sdcReq.getSdcBasicAuth();
LoggingUtils.setTargetContext("SDC", "getSdcServicesInformation");
-
try {
String url = baseUrl;
if (uuid != null) {
url = baseUrl + "/" + uuid + "/metadata";
}
URL urlObj = new URL(url);
-
HttpURLConnection conn = (HttpURLConnection) urlObj.openConnection();
-
conn.setRequestProperty(refProp.getStringValue("sdc.InstanceID"), "CLAMP-Tool");
conn.setRequestProperty("Authorization", basicAuth);
conn.setRequestProperty("Content-Type", "application/json;charset=UTF-8");
conn.setRequestProperty("X-ECOMP-RequestID", LoggingUtils.getRequestId());
conn.setRequestMethod("GET");
-
String resp = getResponse(conn);
if (resp != null) {
- logger.info(resp); + logger.info(resp);
// metrics log
LoggingUtils.setResponseContext("0", "Get sdc services success", this.getClass().getName());
return resp;
@@ -124,13 +125,12 @@ public class SdcCatalogServices { LoggingUtils.setTimeContext(startTime, new Date());
metricsLogger.info("getSdcServicesInformation complete");
}
-
return "";
}
/**
* To remove duplicate serviceUUIDs from sdc services List.
- *
+ *
* @param rawCldsSdcServiceList
* A list of CldsSdcServiceInfo
* @return A list of CldsSdcServiceInfo without duplicate service UUID
@@ -159,7 +159,7 @@ public class SdcCatalogServices { /**
* To remove duplicate serviceUUIDs from sdc resources List.
- *
+ *
* @param rawCldsSdcResourceList
* @return
*/
@@ -187,7 +187,7 @@ public class SdcCatalogServices { /**
* To remove duplicate basic resources with same resourceUUIDs.
- *
+ *
* @param rawCldsSdcResourceListBasicList
* @return
*/
@@ -217,12 +217,14 @@ public class SdcCatalogServices { /**
* To get ServiceUUID by using serviceInvariantUUID.
- *
+ *
* @param invariantId
* The invariant ID
* @return The service UUID
+ * @throws GeneralSecurityException
+ * In case of issue when decryting the SDC password
*/
- public String getServiceUuidFromServiceInvariantId(String invariantId) {
+ public String getServiceUuidFromServiceInvariantId(String invariantId) throws GeneralSecurityException {
String serviceUuid = "";
String responseStr = getSdcServicesInformation(null);
List<CldsSdcServiceInfo> rawCldsSdcServicesList = getCldsSdcServicesListFromJson(responseStr);
@@ -241,7 +243,7 @@ public class SdcCatalogServices { /**
* To get CldsAsdsServiceInfo class by parsing json string.
- *
+ *
* @param jsonStr
* The Json string that must be decoded
* @return The list of CldsSdcServiceInfo, if there is a failure it return
@@ -274,7 +276,6 @@ public class SdcCatalogServices { if (StringUtils.isBlank(jsonStr)) {
return new ArrayList<>();
}
-
try {
return objectMapper.readValue(jsonStr,
objectMapper.getTypeFactory().constructCollectionType(List.class, CldsSdcResourceBasicInfo.class));
@@ -286,7 +287,7 @@ public class SdcCatalogServices { /**
* To get CldsAsdsResource class by parsing json string.
- *
+ *
* @param jsonStr
* @return
* @throws IOException
@@ -298,7 +299,7 @@ public class SdcCatalogServices { /**
* To get CldsSdcServiceDetail by parsing json string.
- *
+ *
* @param jsonStr
* @return
*/
@@ -314,22 +315,24 @@ public class SdcCatalogServices { /**
* To upload artifact to sdc based on serviceUUID and resource name on url.
- *
+ *
* @param prop
* @param userid
* @param url
* @param formattedSdcReq
* @return
+ * @throws GeneralSecurityException
*/
- public String uploadArtifactToSdc(ModelProperties prop, String userid, String url, String formattedSdcReq) { + public String uploadArtifactToSdc(ModelProperties prop, String userid, String url, String formattedSdcReq)
+ throws GeneralSecurityException {
// Verify whether it is triggered by Validation Test button from UI
if (prop.isTest()) {
return "sdc artifact upload not executed for test action";
}
try {
logger.info("userid=" + userid);
- String md5Text = SdcReq.calculateMD5ByString(formattedSdcReq);
- byte[] postData = SdcReq.stringToByteArray(formattedSdcReq);
+ String md5Text = sdcReq.calculateMD5ByString(formattedSdcReq);
+ byte[] postData = sdcReq.stringToByteArray(formattedSdcReq);
int postDataLength = postData.length;
HttpURLConnection conn = getSdcHttpUrlConnection(userid, postDataLength, url, md5Text);
try (DataOutputStream wr = new DataOutputStream(conn.getOutputStream())) {
@@ -341,7 +344,6 @@ public class SdcCatalogServices { if (responseCode == 200) {
requestFailed = false;
}
-
String responseStr = getResponse(conn);
if (responseStr != null && requestFailed) {
logger.error("requestFailed - responseStr=" + responseStr);
@@ -352,13 +354,13 @@ public class SdcCatalogServices { logger.error("Exception when attempting to communicate with SDC", e);
throw new SdcCommunicationException("Exception when attempting to communicate with SDC", e);
}
-
}
- private HttpURLConnection getSdcHttpUrlConnection(String userid, int postDataLength, String url, String md5Text) {
+ private HttpURLConnection getSdcHttpUrlConnection(String userid, int postDataLength, String url, String md5Text)
+ throws GeneralSecurityException {
try {
logger.info("userid=" + userid);
- String basicAuth = SdcReq.getSdcBasicAuth(refProp);
+ String basicAuth = sdcReq.getSdcBasicAuth();
String sdcXonapInstanceId = refProp.getStringValue("sdc.sdcX-InstanceID");
URL urlObj = new URL(url);
HttpURLConnection conn = (HttpURLConnection) urlObj.openConnection();
@@ -426,7 +428,14 @@ public class SdcCatalogServices { }
}
- public boolean isCldsSdcCacheDataExpired(CldsServiceData cldsServiceData) {
+ /**
+ * Check if the SDC Info in cache has expired.
+ *
+ * @param cldsServiceData
+ * @return
+ * @throws GeneralSecurityException
+ */
+ public boolean isCldsSdcCacheDataExpired(CldsServiceData cldsServiceData) throws GeneralSecurityException {
boolean expired = false;
if (cldsServiceData != null && cldsServiceData.getServiceUUID() != null) {
String cachedServiceUuid = cldsServiceData.getServiceUUID();
@@ -442,7 +451,16 @@ public class SdcCatalogServices { return expired;
}
- public CldsServiceData getCldsServiceDataWithAlarmConditions(String invariantServiceUuid) {
+ /**
+ * Get the Service Data with Alarm Conditions for a given
+ * invariantServiceUuid.
+ *
+ * @param invariantServiceUuid
+ * @return
+ * @throws GeneralSecurityException
+ */
+ public CldsServiceData getCldsServiceDataWithAlarmConditions(String invariantServiceUuid)
+ throws GeneralSecurityException {
String url = refProp.getStringValue("sdc.serviceUrl");
String catalogUrl = refProp.getStringValue("sdc.catalog.url");
String serviceUuid = getServiceUuidFromServiceInvariantId(invariantServiceUuid);
@@ -460,7 +478,6 @@ public class SdcCatalogServices { }
cldsServiceData.setServiceUUID(cldsSdcServiceDetail.getUuid());
cldsServiceData.setServiceInvariantUUID(cldsSdcServiceDetail.getInvariantUUID());
-
// To remove duplicate resources from serviceDetail and add valid
// vfs to service
if (cldsSdcServiceDetail != null && cldsSdcServiceDetail.getResources() != null) {
@@ -488,13 +505,15 @@ public class SdcCatalogServices { return cldsServiceData;
}
- private void getAllVfcForVfList(List<CldsVfData> cldsVfDataList, String catalogUrl) {
+ private void getAllVfcForVfList(List<CldsVfData> cldsVfDataList, String catalogUrl)
+ throws GeneralSecurityException {
// todo : refact this..
if (cldsVfDataList != null && !cldsVfDataList.isEmpty()) {
List<CldsSdcResourceBasicInfo> allVfResources = getAllSdcVForVfcResourcesBasedOnResourceType(
RESOURCE_VF_TYPE);
List<CldsSdcResourceBasicInfo> allVfcResources = getAllSdcVForVfcResourcesBasedOnResourceType(
RESOURCE_VFC_TYPE);
+ allVfcResources.addAll(getAllSdcVForVfcResourcesBasedOnResourceType(RESOURCE_CVFC_TYPE));
for (CldsVfData currCldsVfData : cldsVfDataList) {
if (currCldsVfData != null && currCldsVfData.getVfInvariantResourceUUID() != null) {
String resourceUuid = getResourceUuidFromResourceInvariantUuid(
@@ -507,7 +526,6 @@ public class SdcCatalogServices { // associated with the VF's
List<CldsVfKPIData> cldsVfKPIDataList = getFieldPathFromVF(vfResponse);
currCldsVfData.setCldsKPIList(cldsVfKPIDataList);
-
List<CldsVfcData> vfcDataListFromVfResponse = getVfcDataListFromVfResponse(vfResponse);
if (vfcDataListFromVfResponse != null) {
currCldsVfData.setCldsVfcs(vfcDataListFromVfResponse);
@@ -547,7 +565,7 @@ public class SdcCatalogServices { }
}
- private List<CldsVfcData> getVfcDataListFromVfResponse(String vfResponse) {
+ private List<CldsVfcData> getVfcDataListFromVfResponse(String vfResponse) throws GeneralSecurityException {
ObjectMapper mapper = new ObjectMapper();
ObjectNode vfResponseNode;
try {
@@ -570,6 +588,11 @@ public class SdcCatalogServices { currCldsVfcData.setVfcInvariantResourceUUID(vfcInvariantResourceUuid.textValue());
cldsVfcDataList.add(currCldsVfcData);
} else if (resourceTypeNode != null && "CVFC".equalsIgnoreCase(resourceTypeNode.textValue())) {
+ TextNode vfcResourceName = (TextNode) currVfcNode.get("resourceInstanceName");
+ TextNode vfcInvariantResourceUuid = (TextNode) currVfcNode.get("resourceInvariantUUID");
+ currCldsVfcData.setVfcName(vfcResourceName.textValue());
+ currCldsVfcData.setVfcInvariantResourceUUID(vfcInvariantResourceUuid.textValue());
+ cldsVfcDataList.add(currCldsVfcData);
cldsVfcDataList.addAll(getVFCfromCVFC(currVfcNode.get("resourceUUID").textValue()));
}
}
@@ -577,10 +600,9 @@ public class SdcCatalogServices { return cldsVfcDataList;
}
- private List<CldsVfcData> getVFCfromCVFC(String resourceUUID) {
+ private List<CldsVfcData> getVFCfromCVFC(String resourceUUID) throws GeneralSecurityException {
String catalogUrl = refProp.getStringValue("sdc.catalog.url");
List<CldsVfcData> cldsVfcDataList = new ArrayList<>();
-
if (resourceUUID != null) {
String vfcResourceUUIDUrl = catalogUrl + "resources" + "/" + resourceUUID + "/metadata";
try {
@@ -588,7 +610,6 @@ public class SdcCatalogServices { ObjectMapper mapper = new ObjectMapper();
ObjectNode vfResponseNode = (ObjectNode) mapper.readTree(vfcResponse);
ArrayNode vfcArrayNode = (ArrayNode) vfResponseNode.get("resources");
-
if (vfcArrayNode != null) {
for (JsonNode vfcjsonNode : vfcArrayNode) {
CldsVfcData currCldsVfcData = new CldsVfcData();
@@ -614,7 +635,7 @@ public class SdcCatalogServices { return (id != null) ? id.replaceAll("\"", "") : "";
}
- private List<CldsAlarmCondition> getAlarmCondtionsFromVfc(String vfcResponse) {
+ private List<CldsAlarmCondition> getAlarmCondtionsFromVfc(String vfcResponse) throws GeneralSecurityException {
List<CldsAlarmCondition> cldsAlarmConditionList = new ArrayList<>();
ObjectMapper mapper = new ObjectMapper();
ObjectNode vfcResponseNode;
@@ -625,7 +646,6 @@ public class SdcCatalogServices { return cldsAlarmConditionList;
}
ArrayNode artifactsArrayNode = (ArrayNode) vfcResponseNode.get("artifacts");
-
if (artifactsArrayNode != null && artifactsArrayNode.size() > 0) {
for (int index = 0; index < artifactsArrayNode.size(); index++) {
ObjectNode currArtifactNode = (ObjectNode) artifactsArrayNode.get(index);
@@ -660,7 +680,7 @@ public class SdcCatalogServices { }
// Method to get the artifact for any particular VF
- private List<CldsVfKPIData> getFieldPathFromVF(String vfResponse) {
+ private List<CldsVfKPIData> getFieldPathFromVF(String vfResponse) throws GeneralSecurityException {
List<CldsVfKPIData> cldsVfKPIDataList = new ArrayList<>();
ObjectMapper mapper = new ObjectMapper();
ObjectNode vfResponseNode;
@@ -671,7 +691,6 @@ public class SdcCatalogServices { return cldsVfKPIDataList;
}
ArrayNode artifactsArrayNode = (ArrayNode) vfResponseNode.get("artifacts");
-
if (artifactsArrayNode != null && artifactsArrayNode.size() > 0) {
for (int index = 0; index < artifactsArrayNode.size(); index++) {
ObjectNode currArtifactNode = (ObjectNode) artifactsArrayNode.get(index);
@@ -682,7 +701,7 @@ public class SdcCatalogServices { artifactName = artifactNameNode.textValue();
artifactName = artifactName.substring(artifactName.lastIndexOf('.') + 1);
}
- if (artifactUrlNode != null && "csv".equalsIgnoreCase(artifactName)) { + if (artifactUrlNode != null && "csv".equalsIgnoreCase(artifactName)) {
String responsesFromArtifactUrl = getResponsesFromArtifactUrl(artifactUrlNode.textValue());
cldsVfKPIDataList.addAll(parseCsvToGetFieldPath(responsesFromArtifactUrl));
logger.info(responsesFromArtifactUrl);
@@ -697,24 +716,19 @@ public class SdcCatalogServices { logger.debug("invalid csv field path Record,total columns less than 6: " + record);
return null;
}
-
if (StringUtils.isBlank(record.get(1)) || StringUtils.isBlank(record.get(3))
|| StringUtils.isBlank(record.get(5))) {
logger.debug("Invalid csv field path Record,one of column is having blank value : " + record);
return null;
}
-
CldsVfKPIData cldsVfKPIData = new CldsVfKPIData();
cldsVfKPIData.setNfNamingCode(record.get(0).trim());
cldsVfKPIData.setNfNamingValue(record.get(1).trim());
-
cldsVfKPIData.setFieldPath(record.get(2).trim());
cldsVfKPIData.setFieldPathValue(record.get(3).trim());
-
cldsVfKPIData.setThresholdName(record.get(4).trim());
cldsVfKPIData.setThresholdValue(record.get(5).trim());
return cldsVfKPIData;
-
}
// Method to get the artifactURL Data and set the CldsVfKPIData node
@@ -759,7 +773,14 @@ public class SdcCatalogServices { cldsAlarmConditionList.add(cldsAlarmCondition);
}
- public String getResponsesFromArtifactUrl(String artifactsUrl) {
+ /**
+ * Get the responses for the current artifact from the artifacts URL.
+ *
+ * @param artifactsUrl
+ * @return
+ * @throws GeneralSecurityException
+ */
+ public String getResponsesFromArtifactUrl(String artifactsUrl) throws GeneralSecurityException {
String hostUrl = refProp.getStringValue("sdc.hostUrl");
String artifactsUrlReworked = artifactsUrl.replaceAll("\"", "");
String artifactUrl = hostUrl + artifactsUrlReworked;
@@ -771,27 +792,29 @@ public class SdcCatalogServices { /**
* Service to services/resources/artifacts from sdc.Pass alarmConditions as
- * true to get alarmconditons from artifact url and else it is false
- *
+ * true to get alarm conditons from artifact url and else it is false
+ *
* @param url
* @param alarmConditions
* @return
+ * @throws GeneralSecurityException
+ * In case of issue when decrypting the SDC password
+ *
*/
- public String getCldsServicesOrResourcesBasedOnURL(String url, boolean alarmConditions) {
+ public String getCldsServicesOrResourcesBasedOnURL(String url, boolean alarmConditions)
+ throws GeneralSecurityException {
Date startTime = new Date();
try {
LoggingUtils.setTargetContext("SDC", "getCldsServicesOrResourcesBasedOnURL");
String urlReworked = removeUnwantedBracesFromString(url);
URL urlObj = new URL(urlReworked);
-
HttpURLConnection conn = (HttpURLConnection) urlObj.openConnection();
- String basicAuth = SdcReq.getSdcBasicAuth(refProp);
+ String basicAuth = sdcReq.getSdcBasicAuth();
conn.setRequestProperty(refProp.getStringValue("sdc.InstanceID"), "CLAMP-Tool");
conn.setRequestProperty("Authorization", basicAuth);
conn.setRequestProperty("Content-Type", "application/json;charset=UTF-8");
conn.setRequestProperty("X-ECOMP-RequestID", LoggingUtils.getRequestId());
conn.setRequestMethod("GET");
-
int responseCode = conn.getResponseCode();
logger.info("Sdc resource url - " + urlReworked + " , responseCode=" + responseCode);
StringBuilder response;
@@ -818,7 +841,6 @@ public class SdcCatalogServices { LoggingUtils.setTimeContext(startTime, new Date());
metricsLogger.info("getCldsServicesOrResourcesBasedOnURL completed");
}
-
}
/**
@@ -833,19 +855,15 @@ public class SdcCatalogServices { ObjectMapper mapper = new ObjectMapper();
ObjectNode globalPropsJson;
if (cldsServiceData != null && cldsServiceData.getServiceUUID() != null) {
-
// Objectnode to save all byservice, byvf , byvfc and byalarm nodes
ObjectNode byIdObjectNode = mapper.createObjectNode();
-
// To create vf ResourceUUID node with serviceInvariantUUID
ObjectNode invariantUuidObjectNodeWithVf = createVfObjectNodeByServiceInvariantUuid(mapper,
cldsServiceData);
byIdObjectNode.putPOJO("byService", invariantUuidObjectNodeWithVf);
-
// To create byVf and vfcResourceNode with vfResourceUUID
ObjectNode vfcObjectNodeByVfUuid = createVfcObjectNodeByVfUuid(mapper, cldsServiceData.getCldsVfs());
byIdObjectNode.putPOJO("byVf", vfcObjectNodeByVfUuid);
-
// To create byKpi
ObjectNode kpiObjectNode = mapper.createObjectNode();
if (cldsServiceData.getCldsVfs() != null && !cldsServiceData.getCldsVfs().isEmpty()) {
@@ -856,7 +874,6 @@ public class SdcCatalogServices { }
}
byIdObjectNode.putPOJO("byKpi", kpiObjectNode);
-
// To create byVfc and alarmCondition with vfcResourceUUID
ObjectNode vfcResourceUuidObjectNode = mapper.createObjectNode();
if (cldsServiceData.getCldsVfs() != null && !cldsServiceData.getCldsVfs().isEmpty()) {
@@ -868,23 +885,17 @@ public class SdcCatalogServices { }
}
byIdObjectNode.putPOJO("byVfc", vfcResourceUuidObjectNode);
-
// To create byAlarmCondition with alarmConditionKey
List<CldsAlarmCondition> allAlarmConditions = getAllAlarmConditionsFromCldsServiceData(cldsServiceData,
"alarmCondition");
ObjectNode alarmCondObjectNodeByAlarmKey = createAlarmCondObjectNodeByAlarmKey(mapper, allAlarmConditions);
-
byIdObjectNode.putPOJO("byAlarmCondition", alarmCondObjectNodeByAlarmKey);
-
// To create byAlertDescription with AlertDescription
List<CldsAlarmCondition> allAlertDescriptions = getAllAlarmConditionsFromCldsServiceData(cldsServiceData,
"alertDescription");
ObjectNode alertDescObjectNodeByAlert = createAlarmCondObjectNodeByAlarmKey(mapper, allAlertDescriptions);
-
byIdObjectNode.putPOJO("byAlertDescription", alertDescObjectNodeByAlert);
-
globalPropsJson = decodeGlobalProp(globalProps, mapper);
-
globalPropsJson.putPOJO("shared", byIdObjectNode);
logger.info("value of objNode:" + globalPropsJson);
} else {
@@ -940,7 +951,6 @@ public class SdcCatalogServices { */
private List<CldsAlarmCondition> getAllAlarmConditionsFromCldsVfData(CldsVfData currCldsVfData, String eventName) {
List<CldsAlarmCondition> alarmCondList = new ArrayList<>();
-
if (currCldsVfData != null && currCldsVfData.getCldsVfcs() != null && !currCldsVfData.getCldsVfcs().isEmpty()) {
for (CldsVfcData currCldsVfcData : currCldsVfData.getCldsVfcs()) {
alarmCondList.addAll(getAllAlarmConditionsFromCldsVfcData(currCldsVfcData, eventName));
@@ -962,7 +972,6 @@ public class SdcCatalogServices { private List<CldsAlarmCondition> getAllAlarmConditionsFromCldsVfcData(CldsVfcData currCldsVfcData,
String eventName) {
List<CldsAlarmCondition> alarmCondList = new ArrayList<>();
-
if (currCldsVfcData != null && currCldsVfcData.getCldsAlarmConditions() != null
&& !currCldsVfcData.getCldsAlarmConditions().isEmpty()) {
for (CldsAlarmCondition currCldsAlarmCondition : currCldsVfcData.getCldsAlarmConditions()) {
@@ -978,7 +987,6 @@ public class SdcCatalogServices { private ObjectNode createAlarmCondObjectNodeByAlarmKey(ObjectMapper mapper,
List<CldsAlarmCondition> cldsAlarmCondList) {
ObjectNode alarmCondKeyNode = mapper.createObjectNode();
-
if (cldsAlarmCondList != null && !cldsAlarmCondList.isEmpty()) {
for (CldsAlarmCondition currCldsAlarmCondition : cldsAlarmCondList) {
if (currCldsAlarmCondition != null) {
@@ -1022,17 +1030,13 @@ public class SdcCatalogServices { for (CldsVfKPIData currCldsVfKpiData : cldsVfKpiDataList) {
if (currCldsVfKpiData != null) {
ObjectNode thresholdNameObjectNode = mapper.createObjectNode();
-
ObjectNode fieldPathObjectNode = mapper.createObjectNode();
ObjectNode nfNamingCodeNode = mapper.createObjectNode();
-
fieldPathObjectNode.put(currCldsVfKpiData.getFieldPathValue(),
currCldsVfKpiData.getFieldPathValue());
nfNamingCodeNode.put(currCldsVfKpiData.getNfNamingValue(), currCldsVfKpiData.getNfNamingValue());
-
thresholdNameObjectNode.putPOJO("fieldPath", fieldPathObjectNode);
thresholdNameObjectNode.putPOJO("nfNamingCode", nfNamingCodeNode);
-
vfResourceUuidObjectNode.putPOJO(currCldsVfKpiData.getThresholdValue(), thresholdNameObjectNode);
}
}
@@ -1050,9 +1054,7 @@ public class SdcCatalogServices { if (currCldsVfcData.getCldsAlarmConditions() != null
&& !currCldsVfcData.getCldsAlarmConditions().isEmpty()) {
for (CldsAlarmCondition currCldsAlarmCondition : currCldsVfcData.getCldsAlarmConditions()) {
- alarmCondNode.put(currCldsAlarmCondition.getAlarmConditionKey(),
- currCldsAlarmCondition.getAlarmConditionKey());
- if ("alarmCondition".equalsIgnoreCase(currCldsAlarmCondition.getEventName())) { + if ("alarmCondition".equalsIgnoreCase(currCldsAlarmCondition.getEventName())) {
alarmCondNode.put(currCldsAlarmCondition.getAlarmConditionKey(),
currCldsAlarmCondition.getAlarmConditionKey());
} else {
@@ -1061,7 +1063,6 @@ public class SdcCatalogServices { }
}
}
-
vfcObjectNode.putPOJO("alarmCondition", alarmCondNode);
vfcObjectNode.putPOJO("alertDescription", alertDescNode);
vfcResourceUuidObjectNode.putPOJO(currCldsVfcData.getVfcInvariantResourceUUID(), vfcObjectNode);
@@ -1085,7 +1086,6 @@ public class SdcCatalogServices { */
private ObjectNode createVfcObjectNodeByVfUuid(ObjectMapper mapper, List<CldsVfData> cldsVfDataList) {
ObjectNode vfUuidObjectNode = mapper.createObjectNode();
-
if (cldsVfDataList != null && !cldsVfDataList.isEmpty()) {
for (CldsVfData currCldsVfData : cldsVfDataList) {
if (currCldsVfData != null) {
@@ -1094,8 +1094,11 @@ public class SdcCatalogServices { ObjectNode kpiObjectNode = mapper.createObjectNode();
if (currCldsVfData.getCldsVfcs() != null && !currCldsVfData.getCldsVfcs().isEmpty()) {
for (CldsVfcData currCldsVfcData : currCldsVfData.getCldsVfcs()) {
- vfcUuidNode.put(currCldsVfcData.getVfcInvariantResourceUUID(),
- currCldsVfcData.getVfcName());
+ if (currCldsVfcData.getCldsAlarmConditions() != null
+ && !currCldsVfcData.getCldsAlarmConditions().isEmpty()) {
+ vfcUuidNode.put(currCldsVfcData.getVfcInvariantResourceUUID(),
+ currCldsVfcData.getVfcName());
+ }
}
} else {
vfcUuidNode.put("", "");
@@ -1159,9 +1162,9 @@ public class SdcCatalogServices { }
public String updateControlLoopStatusToDcae(String dcaeUrl, String invariantResourceUuid,
- String invariantServiceUuid, String artifactName) {
+ String invariantServiceUuid, String artifactName) throws GeneralSecurityException {
String baseUrl = refProp.getStringValue("sdc.serviceUrl");
- String basicAuth = SdcReq.getSdcBasicAuth(refProp);
+ String basicAuth = sdcReq.getSdcBasicAuth();
String postStatusData = "{ \n" + "\"event\" : \"" + "Created" + "\",\n" + "\"serviceUUID\" : \""
+ invariantServiceUuid + "\",\n" + "\"resourceUUID\" :\"" + invariantResourceUuid + "\",\n"
+ "\"artifactName\" : \"" + artifactName + "\",\n" + "} \n";
@@ -1171,22 +1174,18 @@ public class SdcCatalogServices { url = dcaeUrl + "/closed-loops";
}
URL urlObj = new URL(url);
-
HttpURLConnection conn = (HttpURLConnection) urlObj.openConnection();
conn.setRequestProperty(refProp.getStringValue("sdc.InstanceID"), "CLAMP-Tool");
conn.setRequestProperty("Authorization", basicAuth);
conn.setRequestProperty("Content-Type", "application/json;charset=UTF-8");
conn.setRequestProperty("X-ECOMP-RequestID", LoggingUtils.getRequestId());
conn.setRequestMethod("POST");
-
- byte[] postData = SdcReq.stringToByteArray(postStatusData);
+ byte[] postData = sdcReq.stringToByteArray(postStatusData);
try (DataOutputStream wr = new DataOutputStream(conn.getOutputStream())) {
wr.write(postData);
}
-
int responseCode = conn.getResponseCode();
logger.info("responseCode=" + responseCode);
-
String resp = getResponse(conn);
if (resp != null) {
return resp;
@@ -1203,8 +1202,12 @@ public class SdcCatalogServices { * @param resourceType
* The resourceType
* @return The list of CldsSdcResourceBasicInfo
+ * @throws GeneralSecurityException
+ * In case of issue when decryting the SDC password
+ *
*/
- private List<CldsSdcResourceBasicInfo> getAllSdcVForVfcResourcesBasedOnResourceType(String resourceType) {
+ private List<CldsSdcResourceBasicInfo> getAllSdcVForVfcResourcesBasedOnResourceType(String resourceType)
+ throws GeneralSecurityException {
String catalogUrl = refProp.getStringValue("sdc.catalog.url");
String resourceUrl = catalogUrl + "resources?resourceType=" + resourceType;
String allSdcVfcResources = getCldsServicesOrResourcesBasedOnURL(resourceUrl, false);
@@ -1260,10 +1263,12 @@ public class SdcCatalogServices { * @param locationArtifactName
* The location artifact name from where we can get the Artifact
* UUID
- *
+ * @throws GeneralSecurityException
+ * In case of issues to decrypt the SDC password
*/
public void uploadToSdc(ModelProperties prop, String userid, List<String> sdcReqUrlsList, String formattedSdcReq,
- String formattedSdcLocationReq, String artifactName, String locationArtifactName) {
+ String formattedSdcLocationReq, String artifactName, String locationArtifactName)
+ throws GeneralSecurityException {
logger.info("userid=" + userid);
String serviceInvariantUuid = getServiceInvariantUuidFromProps(prop);
if (sdcReqUrlsList != null && !sdcReqUrlsList.isEmpty()) {
diff --git a/src/main/java/org/onap/clamp/clds/client/SdcSendReqDelegate.java b/src/main/java/org/onap/clamp/clds/client/SdcSendReqDelegate.java index 2d327f5da..90bdcb3a1 100644 --- a/src/main/java/org/onap/clamp/clds/client/SdcSendReqDelegate.java +++ b/src/main/java/org/onap/clamp/clds/client/SdcSendReqDelegate.java @@ -23,6 +23,9 @@ package org.onap.clamp.clds.client; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; + import java.util.List; import org.camunda.bpm.engine.delegate.DelegateExecution; @@ -33,27 +36,23 @@ import org.onap.clamp.clds.model.prop.ModelProperties; import org.onap.clamp.clds.model.refprop.RefProp; import org.springframework.beans.factory.annotation.Autowired; -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; - /** * Send control loop model to dcae proxy. */ public class SdcSendReqDelegate implements JavaDelegate { protected static final EELFLogger logger = EELFManager.getInstance().getLogger(SdcSendReqDelegate.class); protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger(); - @Autowired - private RefProp refProp; - + private SdcReq sdcReq; @Autowired - private SdcCatalogServices sdcCatalogServices; - - private String baseUrl; - private String artifactType; - private String locationArtifactType; - private String artifactLabel; - private String locationArtifactLabel; + private RefProp refProp; + @Autowired + private SdcCatalogServices sdcCatalogServices; + private String baseUrl; + private String artifactType; + private String locationArtifactType; + private String artifactLabel; + private String locationArtifactLabel; /** * Perform activity. Send to sdc proxy. @@ -69,36 +68,37 @@ public class SdcSendReqDelegate implements JavaDelegate { execution.setVariable("artifactName", artifactName); getSdcAttributes((String) execution.getVariable("controlName")); ModelProperties prop = ModelProperties.create(execution); - String bluprintPayload = SdcReq.formatBlueprint(refProp, prop, docText); - // no need to upload blueprint for Holmes, thus blueprintPayload for Holmes is empty + String bluprintPayload = sdcReq.formatBlueprint(prop, docText); + // no need to upload blueprint for Holmes, thus blueprintPayload for + // Holmes is empty if (!bluprintPayload.isEmpty()) { - String formattedSdcReq = SdcReq.formatSdcReq(bluprintPayload, artifactName, artifactLabel, artifactType); + String formattedSdcReq = sdcReq.formatSdcReq(bluprintPayload, artifactName, artifactLabel, artifactType); if (formattedSdcReq != null) { execution.setVariable("formattedArtifactReq", formattedSdcReq.getBytes()); } - List<String> sdcReqUrlsList = SdcReq.getSdcReqUrlsList(prop, baseUrl, sdcCatalogServices, execution); - - String sdcLocationsPayload = SdcReq.formatSdcLocationsReq(prop, artifactName); + List<String> sdcReqUrlsList = sdcReq.getSdcReqUrlsList(prop, baseUrl, sdcCatalogServices, execution); + String sdcLocationsPayload = sdcReq.formatSdcLocationsReq(prop, artifactName); String locationArtifactName = (String) execution.getVariable("controlName") + "-location.json"; - String formattedSdcLocationReq = SdcReq.formatSdcReq(sdcLocationsPayload, locationArtifactName, - locationArtifactLabel, locationArtifactType); + String formattedSdcLocationReq = sdcReq.formatSdcReq(sdcLocationsPayload, locationArtifactName, + locationArtifactLabel, locationArtifactType); if (formattedSdcLocationReq != null) { execution.setVariable("formattedLocationReq", formattedSdcLocationReq.getBytes()); } sdcCatalogServices.uploadToSdc(prop, userid, sdcReqUrlsList, formattedSdcReq, formattedSdcLocationReq, - artifactName, locationArtifactName); + artifactName, locationArtifactName); } } /** * Method to get sdc service values from properties file. + * * @param controlName */ private void getSdcAttributes(String controlName) { baseUrl = refProp.getStringValue("sdc.serviceUrl"); - artifactLabel = SdcReq + artifactLabel = sdcReq .normalizeResourceInstanceName(refProp.getStringValue("sdc.artifactLabel") + "-" + controlName); - locationArtifactLabel = SdcReq + locationArtifactLabel = sdcReq .normalizeResourceInstanceName(refProp.getStringValue("sdc.locationArtifactLabel") + "-" + controlName); artifactType = refProp.getStringValue("sdc.artifactType"); locationArtifactType = refProp.getStringValue("sdc.locationArtifactType"); diff --git a/src/main/java/org/onap/clamp/clds/client/req/SdcReq.java b/src/main/java/org/onap/clamp/clds/client/req/SdcReq.java index 640d3b0cd..38e3b15a0 100644 --- a/src/main/java/org/onap/clamp/clds/client/req/SdcReq.java +++ b/src/main/java/org/onap/clamp/clds/client/req/SdcReq.java @@ -31,15 +31,14 @@ import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.node.ArrayNode; import com.fasterxml.jackson.databind.node.ObjectNode; -import com.fasterxml.jackson.dataformat.yaml.snakeyaml.Yaml; import java.io.IOException; import java.nio.charset.StandardCharsets; +import java.security.GeneralSecurityException; import java.util.ArrayList; import java.util.Base64; import java.util.Iterator; import java.util.List; -import java.util.Map; import java.util.Map.Entry; import org.apache.commons.codec.digest.DigestUtils; @@ -51,19 +50,23 @@ import org.onap.clamp.clds.model.prop.Global; import org.onap.clamp.clds.model.prop.ModelProperties; import org.onap.clamp.clds.model.prop.Tca; import org.onap.clamp.clds.model.refprop.RefProp; +import org.onap.clamp.clds.util.CryptoUtils; +import org.springframework.beans.factory.annotation.Autowired; /** * Construct a Sdc request given CLDS objects. */ public class SdcReq { + @Autowired + protected CryptoUtils cryptoUtils; protected static final EELFLogger logger = EELFManager.getInstance().getLogger(SdcReq.class); protected static final EELFLogger metricsLogger = EELFManager.getInstance().getMetricsLogger(); + @Autowired + protected RefProp refProp; /** * Format the Blueprint from a Yaml * - * @param refProp - * The RefProp instance containing the Clds config * @param prop * The ModelProperties describing the clds model * @param docText @@ -77,14 +80,9 @@ public class SdcReq { * @throws IOException * In case of issues */ - public static String formatBlueprint(RefProp refProp, ModelProperties prop, String docText) + public String formatBlueprint(ModelProperties prop, String docText) throws JsonParseException, JsonMappingException, IOException { - - Global globalProp = prop.getGlobal(); - String service = globalProp.getService(); - String yamlvalue = getYamlvalue(docText); - String updatedBlueprint = ""; Tca tca = prop.getType(Tca.class); if (tca.isFound()) { @@ -94,7 +92,17 @@ public class SdcReq { return updatedBlueprint; } - public static String formatSdcLocationsReq(ModelProperties prop, String artifactName) { + /** + * Format the SDC Locations Request in the JSON Format + * + * @param prop + * The ModelProperties describing the clds model + * @param artifactName + * The name of the artifact + * + * @return SDC Locations request in the JSON Format + */ + public String formatSdcLocationsReq(ModelProperties prop, String artifactName) { ObjectMapper objectMapper = new ObjectMapper(); Global global = prop.getGlobal(); List<String> locationsList = global.getLocation(); @@ -106,12 +114,27 @@ public class SdcReq { locationObject.put("artifactName", artifactName); locationObject.putPOJO("locations", locationsArrayNode); String locationJsonFormat = locationObject.toString(); - logger.info("Value of locaation Json Artifact:" + locationsArrayNode); + logger.info("Value of location Json Artifact:" + locationsArrayNode); return locationJsonFormat; } - public static String formatSdcReq(String payloadData, String artifactName, String artifactLabel, - String artifactType) throws IOException { + /** + * Format the SDC Request + * + * @param payloadData + * The ModelProperties describing the clds model + * @param artifactName + * The name of the artifact + * @param artifactLabel + * The Label of the artifact + * @param artifactType + * The type of the artifact + * @return formatted SDC Request + * @throws IOException + * In case of issues + */ + public String formatSdcReq(String payloadData, String artifactName, String artifactLabel, String artifactType) + throws IOException { logger.info("artifact=" + payloadData); String base64Artifact = base64Encode(payloadData); return "{ \n" + "\"payloadData\" : \"" + base64Artifact + "\",\n" + "\"artifactLabel\" : \"" + artifactLabel @@ -120,7 +143,16 @@ public class SdcReq { + "} \n"; } - public static String getSdcReqUrl(ModelProperties prop, String url) { + /** + * Get the SDC Request URL + * + * @param prop + * The ModelProperties describing the clds model + * @param url + * url + * @return SDC Request URL + */ + public String getSdcReqUrl(ModelProperties prop, String url) { Global globalProps = prop.getGlobal(); String serviceUUID = ""; String resourceInstanceName = ""; @@ -143,13 +175,14 @@ public class SdcReq { * @param prop * @param baseUrl * @param sdcCatalogServices + * @param execution * @return + * @throws GeneralSecurityException */ - public static List<String> getSdcReqUrlsList(ModelProperties prop, String baseUrl, - SdcCatalogServices sdcCatalogServices, DelegateExecution execution) { + public List<String> getSdcReqUrlsList(ModelProperties prop, String baseUrl, SdcCatalogServices sdcCatalogServices, + DelegateExecution execution) throws GeneralSecurityException { // TODO : refact and regroup with very similar code List<String> urlList = new ArrayList<>(); - Global globalProps = prop.getGlobal(); if (globalProps != null) { if (globalProps.getService() != null) { @@ -178,7 +211,6 @@ public class SdcReq { } } } - return urlList; } @@ -190,7 +222,7 @@ public class SdcReq { * @param inText * @return */ - public static String normalizeResourceInstanceName(String inText) { + public String normalizeResourceInstanceName(String inText) { return inText.replace(" ", "").replace("-", "").replace(".", "").toLowerCase(); } @@ -200,7 +232,7 @@ public class SdcReq { * @param data * @return */ - public static String calculateMD5ByString(String data) { + public String calculateMD5ByString(String data) { String calculatedMd5 = DigestUtils.md5Hex(data); // encode base-64 result return base64Encode(calculatedMd5.getBytes()); @@ -212,7 +244,7 @@ public class SdcReq { * @param inText * @return */ - public static String base64Encode(String inText) { + public String base64Encode(String inText) { return base64Encode(stringToByteArray(inText)); } @@ -222,7 +254,7 @@ public class SdcReq { * @param inText * @return */ - public static byte[] stringToByteArray(String inText) { + public byte[] stringToByteArray(String inText) { return inText.getBytes(StandardCharsets.UTF_8); } @@ -232,7 +264,7 @@ public class SdcReq { * @param bytes * @return */ - public static String base64Encode(byte[] bytes) { + public String base64Encode(byte[] bytes) { Base64.Encoder encoder = Base64.getEncoder(); return encoder.encodeToString(bytes); } @@ -241,12 +273,15 @@ public class SdcReq { * Return SDC id and pw as a HTTP Basic Auth string (for example: Basic * dGVzdDoxMjM0NTY=). * - * @return + * @return The String with Basic Auth and password + * @throws GeneralSecurityException + * In case of issue when decryting the SDC password */ - public static String getSdcBasicAuth(RefProp refProp) { + public String getSdcBasicAuth() throws GeneralSecurityException { String sdcId = refProp.getStringValue("sdc.serviceUsername"); String sdcPw = refProp.getStringValue("sdc.servicePassword"); - String idPw = base64Encode(sdcId + ":" + sdcPw); + String password = cryptoUtils.decrypt(sdcPw); + String idPw = base64Encode(sdcId + ":" + password); return "Basic " + idPw; } @@ -257,7 +292,7 @@ public class SdcReq { * @return * @throws IOException */ - public static String getYamlvalue(String docText) throws IOException { + public String getYamlvalue(String docText) throws IOException { ObjectMapper objectMapper = new ObjectMapper(); String yamlFileValue = ""; ObjectNode root = objectMapper.readValue(docText, ObjectNode.class); diff --git a/src/main/java/org/onap/clamp/clds/config/CamundaEngineConfiguration.java b/src/main/java/org/onap/clamp/clds/config/CamundaEngineConfiguration.java index a27cc69ba..3790e235f 100644 --- a/src/main/java/org/onap/clamp/clds/config/CamundaEngineConfiguration.java +++ b/src/main/java/org/onap/clamp/clds/config/CamundaEngineConfiguration.java @@ -23,9 +23,10 @@ package org.onap.clamp.clds.config; +import java.security.GeneralSecurityException; + import javax.sql.DataSource; -import org.springframework.boot.autoconfigure.jdbc.DataSourceBuilder; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -33,15 +34,17 @@ import org.springframework.context.annotation.Primary; @Configuration public class CamundaEngineConfiguration { - /** - * Camunda Identity databse DataSource configuration + * Camunda Identity database DataSource configuration + * + * @return + * @throws GeneralSecurityException + * In case of issue during the decoding of the password */ @Primary @Bean(name = "camundaBpmDataSource") @ConfigurationProperties(prefix = "spring.datasource.camunda") public DataSource dataSource() { - return DataSourceBuilder.create().build(); + return new EncodedPasswordBasicDataSource(); } - } diff --git a/src/main/java/org/onap/clamp/clds/config/CldsConfiguration.java b/src/main/java/org/onap/clamp/clds/config/CldsConfiguration.java index 6b7d337ec..0c73ac71f 100644 --- a/src/main/java/org/onap/clamp/clds/config/CldsConfiguration.java +++ b/src/main/java/org/onap/clamp/clds/config/CldsConfiguration.java @@ -26,6 +26,7 @@ package org.onap.clamp.clds.config; import com.att.ajsc.common.AjscProvider; import com.att.ajsc.common.AjscService; +import java.security.GeneralSecurityException; import java.util.ArrayList; import java.util.List; @@ -44,12 +45,12 @@ import org.onap.clamp.clds.client.SdcCatalogServices; import org.onap.clamp.clds.client.SdcSendReqDelegate; import org.onap.clamp.clds.client.TcaPolicyDelegate; import org.onap.clamp.clds.client.TcaPolicyDeleteDelegate; +import org.onap.clamp.clds.client.req.SdcReq; import org.onap.clamp.clds.dao.CldsDao; import org.onap.clamp.clds.model.refprop.RefProp; import org.onap.clamp.clds.transform.XslTransformer; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.boot.autoconfigure.jdbc.DataSourceBuilder; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.Bean; @@ -59,17 +60,18 @@ import org.springframework.context.annotation.Profile; @Configuration @Profile("clamp-default") public class CldsConfiguration { - @Autowired private ApplicationContext context; /** * Clds Identity database DataSource configuration + * + * @return */ @Bean(name = "cldsDataSource") @ConfigurationProperties(prefix = "spring.datasource.cldsdb") public DataSource cldsDataSource() { - return DataSourceBuilder.create().build(); + return new EncodedPasswordBasicDataSource(); } @Bean(name = "jaxrsProviders") @@ -102,6 +104,11 @@ public class CldsConfiguration { } @Bean + public SdcReq getSdcReq() { + return new SdcReq(); + } + + @Bean public PolicyClient getPolicyClient() { return new PolicyClient(); } @@ -160,5 +167,4 @@ public class CldsConfiguration { public HolmesPolicyDeleteDelegate getHolmesPolicyDeleteDelegate() { return new HolmesPolicyDeleteDelegate(); } - }
\ No newline at end of file diff --git a/src/main/java/org/onap/clamp/clds/service/CldsService.java b/src/main/java/org/onap/clamp/clds/service/CldsService.java index 19e3caa39..157063456 100644 --- a/src/main/java/org/onap/clamp/clds/service/CldsService.java +++ b/src/main/java/org/onap/clamp/clds/service/CldsService.java @@ -24,12 +24,15 @@ package org.onap.clamp.clds.service; import com.att.ajsc.common.AjscService; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.node.ObjectNode; import java.io.IOException; import java.io.InputStream; +import java.security.GeneralSecurityException; import java.util.Date; import java.util.HashMap; import java.util.List; @@ -39,6 +42,7 @@ import java.util.UUID; import java.util.concurrent.TimeUnit; import javax.annotation.PostConstruct; +import javax.ws.rs.BadRequestException; import javax.ws.rs.Consumes; import javax.ws.rs.DefaultValue; import javax.ws.rs.GET; @@ -62,11 +66,13 @@ import org.onap.clamp.clds.client.SdcCatalogServices; import org.onap.clamp.clds.dao.CldsDao; import org.onap.clamp.clds.exception.CldsConfigException; import org.onap.clamp.clds.exception.SdcCommunicationException; +import org.onap.clamp.clds.exception.policy.PolicyClientException; import org.onap.clamp.clds.model.CldsDBServiceCache; import org.onap.clamp.clds.model.CldsEvent; import org.onap.clamp.clds.model.CldsHealthCheck; import org.onap.clamp.clds.model.CldsInfo; import org.onap.clamp.clds.model.CldsModel; +import org.onap.clamp.clds.model.CldsModelProp; import org.onap.clamp.clds.model.CldsSdcResource; import org.onap.clamp.clds.model.CldsSdcServiceDetail; import org.onap.clamp.clds.model.CldsSdcServiceInfo; @@ -74,6 +80,7 @@ import org.onap.clamp.clds.model.CldsServiceData; import org.onap.clamp.clds.model.CldsTemplate; import org.onap.clamp.clds.model.DcaeEvent; import org.onap.clamp.clds.model.ValueItem; +import org.onap.clamp.clds.model.prop.AbstractModelElement; import org.onap.clamp.clds.model.prop.ModelProperties; import org.onap.clamp.clds.model.refprop.RefProp; import org.onap.clamp.clds.transform.XslTransformer; @@ -94,37 +101,26 @@ import io.swagger.annotations.ApiOperation; @Api(value = "/clds") @Path("/clds") public class CldsService extends SecureServiceBase { - + protected static final EELFLogger securityLogger = EELFManager.getInstance().getSecurityLogger(); @Autowired - private ApplicationContext appContext; - - private static final String RESOURCE_NAME = "clds-version.properties"; - + private ApplicationContext appContext; + private static final String RESOURCE_NAME = "clds-version.properties"; @Value("${CLDS_PERMISSION_TYPE_CL:permission-type-cl}") - private String cldsPersmissionTypeCl; - + private String cldsPersmissionTypeCl; @Value("${CLDS_PERMISSION_TYPE_CL_MANAGE:permission-type-cl-manage}") - private String cldsPermissionTypeClManage; - + private String cldsPermissionTypeClManage; @Value("${CLDS_PERMISSION_TYPE_CL_EVENT:permission-type-cl-event}") - private String cldsPermissionTypeClEvent; - + private String cldsPermissionTypeClEvent; @Value("${CLDS_PERMISSION_TYPE_FILTER_VF:permission-type-filter-vf}") - private String cldsPermissionTypeFilterVf; - + private String cldsPermissionTypeFilterVf; @Value("${CLDS_PERMISSION_TYPE_TEMPLATE:permission-type-template}") - private String cldsPermissionTypeTemplate; - + private String cldsPermissionTypeTemplate; @Value("${CLDS_PERMISSION_INSTANCE:dev}") - private String cldsPermissionInstance; - - private SecureServicePermission permissionReadCl; - - private SecureServicePermission permissionUpdateCl; - - private SecureServicePermission permissionReadTemplate; - - private SecureServicePermission permissionUpdateTemplate; + private String cldsPermissionInstance; + private SecureServicePermission permissionReadCl; + private SecureServicePermission permissionUpdateCl; + private SecureServicePermission permissionReadTemplate; + private SecureServicePermission permissionUpdateTemplate; @PostConstruct private final void afterConstruction() { @@ -138,25 +134,19 @@ public class CldsService extends SecureServiceBase { @Value("${org.onap.clamp.config.files.globalClds:'classpath:/clds/globalClds.properties'}") private String globalClds; - private Properties globalCldsProperties; - @Autowired private CldsDao cldsDao; @Autowired private RuntimeService runtimeService; @Autowired private XslTransformer cldsBpmnTransformer; - @Autowired private RefProp refProp; - @Autowired private SdcCatalogServices sdcCatalogServices; - @Autowired private DcaeDispatcherServices dcaeDispatcherServices; - @Autowired private DcaeInventoryServices dcaeInventoryServices; @@ -173,23 +163,20 @@ public class CldsService extends SecureServiceBase { * that is currently installed from pom.xml file 3. User permissions * */ - @GET @Path("/cldsInfo") @Produces(MediaType.APPLICATION_JSON) public CldsInfo getCldsInfo() { - CldsInfo cldsInfo = new CldsInfo(); - + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: GET cldsInfo", getPrincipalName()); + LoggingUtils.setTimeContext(startTime, new Date()); // Get the user info cldsInfo.setUserName(getUserName()); - // Get CLDS application version String cldsVersion = ""; Properties props = new Properties(); - ClassLoader loader = Thread.currentThread().getContextClassLoader(); - try (InputStream resourceStream = loader.getResourceAsStream(RESOURCE_NAME)) { props.load(resourceStream); cldsVersion = props.getProperty("clds.version"); @@ -197,22 +184,31 @@ public class CldsService extends SecureServiceBase { logger.error("Exception caught during the clds.version reading", ex); } cldsInfo.setCldsVersion(cldsVersion); - // Get the user list of permissions cldsInfo.setPermissionReadCl(isAuthorizedNoException(permissionReadCl)); cldsInfo.setPermissionUpdateCl(isAuthorizedNoException(permissionUpdateCl)); cldsInfo.setPermissionReadTemplate(isAuthorizedNoException(permissionReadTemplate)); cldsInfo.setPermissionUpdateTemplate(isAuthorizedNoException(permissionUpdateTemplate)); + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get cldsInfo success", this.getClass().getName()); + securityLogger.info("GET cldsInfo completed"); return cldsInfo; } + /** + * REST service that retrieves clds healthcheck information. + * + * @return CldsHealthCheck class containing healthcheck info + */ @GET @Path("/healthcheck") @Produces(MediaType.APPLICATION_JSON) public CldsHealthCheck gethealthcheck() { - CldsHealthCheck cldsHealthCheck = new CldsHealthCheck(); - + Date startTime = new Date(); + LoggingUtils.setRequestContext("CldsService: GET healthcheck", getPrincipalName()); + LoggingUtils.setTimeContext(startTime, new Date()); try { cldsDao.doHealthCheck(); cldsHealthCheck.setHealthCheckComponent("CLDS-APP"); @@ -224,8 +220,11 @@ public class CldsService extends SecureServiceBase { cldsHealthCheck.setHealthCheckStatus("DOWN"); cldsHealthCheck.setDescription("NOT-OK"); } + // audit log + LoggingUtils.setTimeContext(startTime, new Date()); + LoggingUtils.setResponseContext("0", "Get healthcheck success", this.getClass().getName()); + securityLogger.info("GET healthcheck completed"); return cldsHealthCheck; - } /** @@ -254,32 +253,6 @@ public class CldsService extends SecureServiceBase { } /** - * REST service that saves BPMN for a CLDS model by name in the database. - * This is subset of the json putModel. This is only expected to be used for - * testing purposes, not by the UI. - * - * @param modelName - */ - @ApiOperation(value = "Saves BPMN for a CLDS model by name in the database", notes = "This is only expected to be used for testing purposes, not by the UI", response = String.class) - @PUT - @Path("/model/bpmn/{modelName}") - @Consumes(MediaType.TEXT_XML) - public String putBpmnXml(@PathParam("modelName") String modelName, String bpmnText) { - LoggingUtils.setRequestContext("CldsService: PUT model bpmn", getPrincipalName()); - isAuthorized(permissionUpdateCl); - logger.info("PUT bpmnText for modelName={}", modelName); - logger.info("PUT bpmnText={}", bpmnText); - CldsModel cldsModel = CldsModel.retrieve(cldsDao, modelName, true); - cldsModel.setBpmnText(bpmnText); - cldsModel.save(cldsDao, getUserId()); - // audit log - LoggingUtils.setTimeContext(new Date(), new Date()); - LoggingUtils.setResponseContext("0", "Put model bpmn success", this.getClass().getName()); - auditLogger.info("PUT model bpmn completed"); - return "wrote bpmnText for modelName=" + modelName; - } - - /** * REST service that retrieves image for a CLDS model name from the * database. This is subset of the json getModel. This is only expected to * be used for testing purposes, not by the UI. @@ -305,33 +278,6 @@ public class CldsService extends SecureServiceBase { } /** - * REST service that saves image for a CLDS model by name in the database. - * This is subset of the json putModel. This is only expected to be used for - * testing purposes, not by the UI. - * - * @param modelName - */ - @ApiOperation(value = "Saves image for a CLDS model by name in the database", notes = "This is only expected to be used for testing purposes, not by the UI", response = String.class) - @PUT - @Path("/model/image/{modelName}") - @Consumes(MediaType.TEXT_XML) - public String putImageXml(@PathParam("modelName") String modelName, String imageText) { - Date startTime = new Date(); - LoggingUtils.setRequestContext("CldsService: PUT model image", getPrincipalName()); - isAuthorized(permissionUpdateCl); - logger.info("PUT iamgeText for modelName={}", modelName); - logger.info("PUT imageText={}", imageText); - CldsModel cldsModel = CldsModel.retrieve(cldsDao, modelName, true); - cldsModel.setImageText(imageText); - cldsModel.save(cldsDao, getUserId()); - // audit log - LoggingUtils.setTimeContext(startTime, new Date()); - LoggingUtils.setResponseContext("0", "Put model image success", this.getClass().getName()); - auditLogger.info("PUT model image completed"); - return "wrote imageText for modelName=" + modelName; - } - - /** * REST service that retrieves a CLDS model by name from the database. * * @param modelName @@ -349,7 +295,6 @@ public class CldsService extends SecureServiceBase { CldsModel cldsModel = CldsModel.retrieve(cldsDao, modelName, false); isAuthorizedForVf(cldsModel); cldsModel.setUserAuthorizedToUpdate(isAuthorizedNoException(permissionUpdateCl)); - /** * Checking condition whether our CLDS model can call INventory Method */ @@ -392,7 +337,12 @@ public class CldsService extends SecureServiceBase { logger.info("PUT propText={}", cldsModel.getPropText()); logger.info("PUT imageText={}", cldsModel.getImageText()); cldsModel.setName(modelName); - + try { + duplicateCheckforServiceVf(modelName, cldsModel.getPropText()); + } catch (IOException | BadRequestException e) { + logger.error("Exception occured during duplicate check for service and VF", e); + throw new CldsConfigException(e.getMessage(), e); + } if (cldsModel.getTemplateName() != null) { CldsTemplate template = cldsDao.getTemplate(cldsModel.getTemplateName()); if (template != null) { @@ -441,6 +391,7 @@ public class CldsService extends SecureServiceBase { * @return * @throws TransformerException * @throws ParseException + * @throws GeneralSecurityException */ @ApiOperation(value = "Saves and processes an action for a CLDS model by name", notes = "", response = String.class) @PUT @@ -449,7 +400,7 @@ public class CldsService extends SecureServiceBase { @Produces(MediaType.APPLICATION_JSON) public CldsModel putModelAndProcessAction(@PathParam("action") String action, @PathParam("modelName") String modelName, @QueryParam("test") String test, CldsModel model) - throws TransformerException, ParseException { + throws TransformerException, ParseException, GeneralSecurityException { Date startTime = new Date(); LoggingUtils.setRequestContext("CldsService: Process model action", getPrincipalName()); String actionCd = action.toUpperCase(); @@ -460,7 +411,6 @@ public class CldsService extends SecureServiceBase { String userid = getUserId(); String actionStateCd = CldsEvent.ACTION_STATE_INITIATED; String processDefinitionKey = "clds-process-action-wf"; - logger.info("PUT actionCd={}", actionCd); logger.info("PUT actionStateCd={}", actionStateCd); logger.info("PUT processDefinitionKey={}", processDefinitionKey); @@ -471,7 +421,6 @@ public class CldsService extends SecureServiceBase { logger.info("PUT userid={}", userid); logger.info("PUT getTypeId={}", model.getTypeId()); logger.info("PUT deploymentId={}", model.getDeploymentId()); - if (model.getTemplateName() != null) { CldsTemplate template = cldsDao.getTemplate(model.getTemplateName()); if (template != null) { @@ -483,16 +432,13 @@ public class CldsService extends SecureServiceBase { // save model to db model.setName(modelName); model.save(cldsDao, getUserId()); - // get vars and format if necessary String prop = model.getPropText(); String bpmn = model.getBpmnText(); String docText = model.getDocText(); String controlName = model.getControlName(); - String bpmnJson = cldsBpmnTransformer.doXslTransformToString(bpmn); logger.info("PUT bpmnJson={}", bpmnJson); - // Flag indicates whether it is triggered by Validation Test button from // UI boolean isTest = false; @@ -507,17 +453,14 @@ public class CldsService extends SecureServiceBase { } } logger.info("PUT isTest={}", isTest); - boolean isInsertTestEvent = false; String insertTestEvent = refProp.getStringValue("action.insert.test.event"); if (insertTestEvent != null && insertTestEvent.equalsIgnoreCase("true")) { isInsertTestEvent = true; } logger.info("PUT isInsertTestEvent={}", isInsertTestEvent); - // determine if requested action is permitted model.validateAction(actionCd); - // input variables to camunda process Map<String, Object> variables = new HashMap<>(); variables.put("actionCd", actionCd); @@ -531,17 +474,18 @@ public class CldsService extends SecureServiceBase { variables.put("isInsertTestEvent", isInsertTestEvent); logger.info("modelProp - " + prop); logger.info("docText - " + docText); - - // start camunda process - ProcessInstance pi = runtimeService.startProcessInstanceByKey(processDefinitionKey, variables); - - // log process info - logger.info("Started processDefinitionId={}, processInstanceId={}", pi.getProcessDefinitionId(), - pi.getProcessInstanceId()); - + try { + // start camunda process + ProcessInstance pi = runtimeService.startProcessInstanceByKey(processDefinitionKey, variables); + // log process info + logger.info("Started processDefinitionId={}, processInstanceId={}", pi.getProcessDefinitionId(), + pi.getProcessInstanceId()); + } catch (SdcCommunicationException | PolicyClientException | BadRequestException e) { + logger.error("Exception occured during invoking bpmn process", e); + throw new CldsConfigException(e.getMessage(), e); + } // refresh model info from db (get fresh event info) CldsModel retreivedModel = CldsModel.retrieve(cldsDao, modelName, false); - if (actionCd.equalsIgnoreCase(CldsEvent.ACTION_SUBMIT) || actionCd.equalsIgnoreCase(CldsEvent.ACTION_RESUBMIT)) { // To verify inventory status and modify model status to distribute @@ -552,7 +496,6 @@ public class CldsService extends SecureServiceBase { LoggingUtils.setTimeContext(startTime, new Date()); LoggingUtils.setResponseContext("0", "Process model action success", this.getClass().getName()); auditLogger.info("Process model action completed"); - return retreivedModel; } @@ -579,14 +522,12 @@ public class CldsService extends SecureServiceBase { isAuthorized(permissionEvent); userid = getUserId(); } - // Flag indicates whether it is triggered by Validation Test button from // UI boolean isTest = false; if (test != null && test.equalsIgnoreCase("true")) { isTest = true; } - int instanceCount = 0; if (dcaeEvent.getInstances() != null) { instanceCount = dcaeEvent.getInstances().size(); @@ -595,7 +536,6 @@ public class CldsService extends SecureServiceBase { + " resourceUUID=" + dcaeEvent.getResourceUUID() + " artifactName=" + dcaeEvent.getArtifactName() + " instance count=" + instanceCount + " isTest=" + isTest; logger.info("POST dcae event {}", msgInfo); - if (isTest) { logger.warn("Ignorning test event from DCAE"); } else { @@ -610,24 +550,24 @@ public class CldsService extends SecureServiceBase { LoggingUtils.setTimeContext(startTime, new Date()); LoggingUtils.setResponseContext("0", "Post dcae event success", this.getClass().getName()); auditLogger.info("Post dcae event completed"); - return msgInfo; } /** * REST service that retrieves sdc services + * + * @throws GeneralSecurityException + * In case of issue when decryting the SDC password * - * @throws Exception */ @ApiOperation(value = "Retrieves sdc services", notes = "", response = String.class) @GET @Path("/sdc/services") @Produces(MediaType.APPLICATION_JSON) - public String getSdcServices() { + public String getSdcServices() throws GeneralSecurityException { Date startTime = new Date(); LoggingUtils.setRequestContext("CldsService: GET sdc services", getPrincipalName()); String retStr; - String responseStr = sdcCatalogServices.getSdcServicesInformation(null); try { retStr = createUiServiceFormatJson(responseStr); @@ -635,7 +575,6 @@ public class CldsService extends SecureServiceBase { logger.error("IOException during SDC communication", e); throw new SdcCommunicationException("IOException during SDC communication", e); } - logger.info("value of sdcServices : {}", retStr); // audit log LoggingUtils.setTimeContext(startTime, new Date()); @@ -663,6 +602,9 @@ public class CldsService extends SecureServiceBase { * REST service that retrieves total properties by using invariantUUID based * on refresh and non refresh * + * @throws GeneralSecurityException + * In case of issue when decryting the SDC password + * */ @ApiOperation(value = "Retrieves total properties by using invariantUUID based on refresh and non refresh", notes = "", response = String.class) @GET @@ -670,12 +612,11 @@ public class CldsService extends SecureServiceBase { @Produces(MediaType.APPLICATION_JSON) public String getSdcPropertiesByServiceUUIDForRefresh( @PathParam("serviceInvariantUUID") String serviceInvariantUUID, - @DefaultValue("false") @QueryParam("refresh") String refresh) { + @DefaultValue("false") @QueryParam("refresh") String refresh) throws GeneralSecurityException { Date startTime = new Date(); LoggingUtils.setRequestContext("CldsService: GET sdc properties by uuid", getPrincipalName()); CldsServiceData cldsServiceData = new CldsServiceData(); cldsServiceData.setServiceInvariantUUID(serviceInvariantUUID); - boolean isCldsSdcDataExpired = true; // To getcldsService information from database cache using invariantUUID // only when refresh = false @@ -698,18 +639,14 @@ public class CldsService extends SecureServiceBase { cldsServiceData.setCldsServiceCache(cldsDao, cldsDBServiceCache); } } - // filter out VFs the user is not authorized for cldsServiceData.filterVfs(this); - // format retrieved data into properties json String sdcProperties = sdcCatalogServices.createPropertiesObjectByUUID(getGlobalCldsString(), cldsServiceData); - // audit log LoggingUtils.setTimeContext(startTime, new Date()); LoggingUtils.setResponseContext("0", "Get sdc properties by uuid success", this.getClass().getName()); auditLogger.info("GET sdc properties by uuid completed"); - return sdcProperties; } @@ -763,7 +700,6 @@ public class CldsService extends SecureServiceBase { logger.info("value of cldsserviceiNfolist: {}", rawList); if (rawList != null && !rawList.isEmpty()) { List<CldsSdcServiceInfo> cldsSdcServiceInfoList = sdcCatalogServices.removeDuplicateServices(rawList); - for (CldsSdcServiceInfo currCldsSdcServiceInfo : cldsSdcServiceInfoList) { if (currCldsSdcServiceInfo != null) { invariantIdServiceNode.put(currCldsSdcServiceInfo.getInvariantUUID(), @@ -785,7 +721,6 @@ public class CldsService extends SecureServiceBase { */ ObjectNode serviceObjectNode = createEmptyVfAlarmObject(mapper); ObjectNode vfObjectNode = mapper.createObjectNode(); - /** * to create json with vf and vfresourceId */ @@ -793,7 +728,6 @@ public class CldsService extends SecureServiceBase { serviceObjectNode.putPOJO(cldsSdcServiceDetail.getInvariantUUID(), vfObjectNode); ObjectNode byServiceBasicObjetNode = mapper.createObjectNode(); byServiceBasicObjetNode.putPOJO("byService", serviceObjectNode); - /** * to create json with VFC Node */ @@ -827,7 +761,6 @@ public class CldsService extends SecureServiceBase { List<CldsSdcResource> rawCldsSdcResourceList) { ObjectNode vfNode = mapper.createObjectNode(); vfNode.put("", ""); - // To remove repeated resource instance name from // resourceInstanceList List<CldsSdcResource> cldsSdcResourceList = sdcCatalogServices @@ -843,7 +776,6 @@ public class CldsService extends SecureServiceBase { } } vfObjectNode2.putPOJO("vf", vfNode); - /** * creating location json object using properties file value */ @@ -857,7 +789,6 @@ public class CldsService extends SecureServiceBase { "Unable to load ui.location.default JSON in clds-references.properties properly", e); } vfObjectNode2.putPOJO("location", locationJsonNode); - /** * creating alarm json object using properties file value */ @@ -872,7 +803,6 @@ public class CldsService extends SecureServiceBase { e); } vfObjectNode2.putPOJO("alarmCondition", alarmStringJsonNode); - } private ObjectNode createByVFCObjectNode(ObjectMapper mapper, List<CldsSdcResource> cldsSdcResourceList) { @@ -901,7 +831,13 @@ public class CldsService extends SecureServiceBase { @QueryParam("test") String test, CldsModel model) throws IOException { Date startTime = new Date(); LoggingUtils.setRequestContext("CldsService: Deploy model", getPrincipalName()); - String deploymentId = "closedLoop_" + UUID.randomUUID() + "_deploymentId"; + String deploymentId = ""; + // If model is already deployed then pass same deployment id + if (model.getDeploymentId() != null && !model.getDeploymentId().isEmpty()) { + deploymentId = model.getDeploymentId(); + } else { + deploymentId = "closedLoop_" + UUID.randomUUID() + "_deploymentId"; + } String createNewDeploymentStatusUrl = dcaeDispatcherServices.createNewDeployment(deploymentId, model.getTypeId()); String operationStatus = "processing"; @@ -995,4 +931,27 @@ public class CldsService extends SecureServiceBase { throw new CldsConfigException("Unable to load the globalClds due to an exception", e); } } + + private void duplicateCheckforServiceVf(String modelName, String modelPropText) throws IOException { + JsonNode modelJson = new ObjectMapper().readTree(modelPropText); + JsonNode globalNode = modelJson.get("global"); + String service = AbstractModelElement.getValueByName(globalNode, "service"); + List<String> resourceVf = AbstractModelElement.getValuesByName(globalNode, "vf"); + if (resourceVf != null && !resourceVf.isEmpty()) { + List<CldsModelProp> cldsModelPropList = cldsDao.getAllModelProperties(); + for (CldsModelProp cldsModelProp : cldsModelPropList) { + JsonNode currentJson = new ObjectMapper().readTree(cldsModelProp.getPropText()); + JsonNode currentNode = currentJson.get("global"); + String currentService = AbstractModelElement.getValueByName(currentNode, "service"); + List<String> currentVf = AbstractModelElement.getValuesByName(currentNode, "vf"); + if (currentVf != null && !currentVf.isEmpty()) { + if (!modelName.equalsIgnoreCase(cldsModelProp.getName()) && service.equalsIgnoreCase(currentService) + && resourceVf.get(0).equalsIgnoreCase(currentVf.get(0))) { + throw new BadRequestException("Same service/VF already exists in " + cldsModelProp.getName() + + " model, please select different service/VF."); + } + } + } + } + } } diff --git a/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java b/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java index acbd8bbd4..70ba32f58 100644 --- a/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java +++ b/src/main/java/org/onap/clamp/clds/service/SecureServiceBase.java @@ -27,6 +27,7 @@ import com.att.eelf.configuration.EELFLogger; import com.att.eelf.configuration.EELFManager; import java.security.Principal; +import java.util.Date; import javax.ws.rs.NotAuthorizedException; import javax.ws.rs.core.Context; @@ -40,6 +41,7 @@ import org.onap.clamp.clds.util.LoggingUtils; public abstract class SecureServiceBase { protected static final EELFLogger logger = EELFManager.getInstance().getLogger(SecureServiceBase.class); protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger(); + protected static final EELFLogger securityLogger = EELFManager.getInstance().getSecurityLogger(); // By default we'll set it to a default handler private static UserNameHandler userNameHandler = new DefaultUserNameHandler(); @@ -63,7 +65,10 @@ public abstract class SecureServiceBase { */ public String getUserName() { String name = userNameHandler.retrieveUserName(securityContext); - logger.debug("userName={}", name); + Date startTime = new Date(); + LoggingUtils.setTargetContext("CLDS", "getUserName"); + LoggingUtils.setTimeContext(startTime, new Date()); + securityLogger.debug("User logged into the CLDS system={}", name); return name; } @@ -100,30 +105,33 @@ public abstract class SecureServiceBase { */ public boolean isAuthorized(SecureServicePermission inPermission) throws NotAuthorizedException { boolean authorized = false; - logger.debug("checking if {} has permission: {}", getPrincipalName(), inPermission); + + Date startTime = new Date(); + LoggingUtils.setTargetContext("CLDS", "isAuthorized"); + LoggingUtils.setTimeContext(startTime, new Date()); + + securityLogger.debug("checking if {} has permission: {}", getPrincipalName(), inPermission); + // check if the user has the permission key or the permission key with a // combination of all instance and/or all action. if (securityContext.isUserInRole(inPermission.getKey())) { - logger.info("{} authorized for permission: {}", getPrincipalName(), inPermission.getKey()); + securityLogger.info("{} authorized for permission: {}", getPrincipalName(), inPermission.getKey()); authorized = true; // the rest of these don't seem to be required - isUserInRole method // appears to take * as a wildcard } else if (securityContext.isUserInRole(inPermission.getKeyAllInstance())) { - logger.info("{} authorized because user has permission with * for instance: {}", getPrincipalName(), - inPermission.getKey()); + securityLogger.info("{} authorized because user has permission with * for instance: {}", getPrincipalName(), inPermission.getKey()); authorized = true; } else if (securityContext.isUserInRole(inPermission.getKeyAllInstanceAction())) { - logger.info("{} authorized because user has permission with * for instance and * for action: {}", - getPrincipalName(), inPermission.getKey()); + securityLogger.info("{} authorized because user has permission with * for instance and * for action: {}", getPrincipalName(), inPermission.getKey()); authorized = true; } else if (securityContext.isUserInRole(inPermission.getKeyAllAction())) { - logger.info("{} authorized because user has permission with * for action: {}", getPrincipalName(), - inPermission.getKey()); + securityLogger.info("{} authorized because user has permission with * for action: {}", getPrincipalName(), inPermission.getKey()); authorized = true; } else { String msg = getPrincipalName() + " does not have permission: " + inPermission; LoggingUtils.setErrorContext("100", "Authorization Error"); - logger.warn(msg); + securityLogger.warn(msg); throw new NotAuthorizedException(msg); } return authorized; @@ -144,29 +152,32 @@ public abstract class SecureServiceBase { */ public boolean isAuthorizedNoException(SecureServicePermission inPermission) { boolean authorized = false; - logger.debug("checking if {} has permission: {}", getPrincipalName(), inPermission); + + securityLogger.debug("checking if {} has permission: {}", getPrincipalName(), inPermission); + Date startTime = new Date(); + LoggingUtils.setTargetContext("CLDS", "isAuthorizedNoException"); + LoggingUtils.setTimeContext(startTime, new Date()); + // check if the user has the permission key or the permission key with a // combination of all instance and/or all action. if (securityContext.isUserInRole(inPermission.getKey())) { - logger.info("{} authorized for permission: {}", getPrincipalName(), inPermission.getKey()); + securityLogger.info("{} authorized for permission: {}", getPrincipalName(), inPermission.getKey()); authorized = true; // the rest of these don't seem to be required - isUserInRole method // appears to take * as a wildcard } else if (securityContext.isUserInRole(inPermission.getKeyAllInstance())) { - logger.info("{} authorized because user has permission with * for instance: {}", getPrincipalName(), - inPermission.getKey()); + securityLogger.info("{} authorized because user has permission with * for instance: {}", getPrincipalName(),inPermission.getKey()); authorized = true; } else if (securityContext.isUserInRole(inPermission.getKeyAllInstanceAction())) { - logger.info("{} authorized because user has permission with * for instance and * for action: {}", - getPrincipalName(), inPermission.getKey()); + securityLogger.info("{} authorized because user has permission with * for instance and * for action: {}", getPrincipalName(), inPermission.getKey()); authorized = true; } else if (securityContext.isUserInRole(inPermission.getKeyAllAction())) { - logger.info("{} authorized because user has permission with * for action: {}", getPrincipalName(), - inPermission.getKey()); + securityLogger.info("{} authorized because user has permission with * for action: {}", getPrincipalName(), inPermission.getKey()); authorized = true; } else { String msg = getPrincipalName() + " does not have permission: " + inPermission; LoggingUtils.setErrorContext("100", "Authorization Error"); + securityLogger.warn(msg); logger.warn(msg); } return authorized; diff --git a/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java new file mode 100644 index 000000000..fd4d1b15c --- /dev/null +++ b/src/main/java/org/onap/clamp/clds/util/CryptoUtils.java @@ -0,0 +1,116 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP CLAMP + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights + * reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END============================================ + * =================================================================== + * ECOMP is a trademark and service mark of AT&T Intellectual Property. + */ + +package org.onap.clamp.clds.util; + +import java.security.GeneralSecurityException; + +import javax.annotation.PostConstruct; +import javax.crypto.Cipher; +import javax.crypto.spec.SecretKeySpec; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.core.env.Environment; +import org.springframework.stereotype.Component; + +/** + * CryptoUtils for encrypting/decrypting string based on a Key defined in + * application.properties (Spring config file). + * + */ +@Component("CryptoUtils") +public final class CryptoUtils { + public static final String AES = "AES"; + public static final String KEY_PARAM = "org.onap.clamp.encryption.aes.key"; + @Autowired + private Environment springEnv; + private SecretKeySpec secretKeySpec; + + /** + * Initialize Method + * + */ + @PostConstruct + public void init() { + secretKeySpec = getSecretKeySpec(springEnv.getProperty(KEY_PARAM)); + } + + /** + * Encrypt a value based on the Clamp Encryption Key. + * + * @param value + * @return The encrypted string + * @throws GeneralSecurityException + * In case of issue with the encryption + */ + public String encrypt(String value) throws GeneralSecurityException { + Cipher cipher = Cipher.getInstance(CryptoUtils.AES); + cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, cipher.getParameters()); + byte[] encrypted = cipher.doFinal(value.getBytes()); + return byteArrayToHexString(encrypted); + } + + /** + * Decrypt a value. + * + * @param message + * The encrypted string that must be decrypted using the Clamp + * Encryption Key + * @return The String decrypted + * @throws GeneralSecurityException + * In case of issue with the encryption + */ + public String decrypt(String message) throws GeneralSecurityException { + Cipher cipher = Cipher.getInstance(CryptoUtils.AES); + cipher.init(Cipher.DECRYPT_MODE, secretKeySpec); + byte[] decrypted = cipher.doFinal(hexStringToByteArray(message)); + return new String(decrypted); + } + + private SecretKeySpec getSecretKeySpec(String keyString) { + byte[] key = hexStringToByteArray(keyString); + return new SecretKeySpec(key, CryptoUtils.AES); + } + + private String byteArrayToHexString(byte[] b) { + StringBuilder sb = new StringBuilder(b.length * 2); + for (int i = 0; i < b.length; i++) { + int v = b[i] & 0xff; + if (v < 16) { + sb.append('0'); + } + sb.append(Integer.toHexString(v)); + } + return sb.toString().toUpperCase(); + } + + private byte[] hexStringToByteArray(String s) { + byte[] b = new byte[s.length() / 2]; + for (int i = 0; i < b.length; i++) { + int index = i * 2; + int v = Integer.parseInt(s.substring(index, index + 2), 16); + b[i] = (byte) v; + } + return b; + } +} diff --git a/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java b/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java index 19bdcaf98..a5d84bb64 100644 --- a/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java +++ b/src/main/java/org/onap/clamp/clds/workflow/ProcessRequestDelegate.java @@ -21,35 +21,21 @@ * ECOMP is a trademark and service mark of AT&T Intellectual Property. */ -/* Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - package org.onap.clamp.clds.workflow; +import com.att.eelf.configuration.EELFLogger; +import com.att.eelf.configuration.EELFManager; + import org.camunda.bpm.engine.delegate.DelegateExecution; import org.camunda.bpm.engine.delegate.JavaDelegate; import org.springframework.stereotype.Component; -import com.att.eelf.configuration.EELFLogger; -import com.att.eelf.configuration.EELFManager; - @Component public class ProcessRequestDelegate implements JavaDelegate { - protected static final EELFLogger logger = EELFManager.getInstance().getLogger(ProcessRequestDelegate.class); + protected static final EELFLogger logger = EELFManager.getInstance().getLogger(ProcessRequestDelegate.class); protected static final EELFLogger auditLogger = EELFManager.getInstance().getAuditLogger(); - // @Override @Override public void execute(DelegateExecution execution) throws Exception { logger.info("Processing request by '" + execution.getVariable("customerId") + "'..."); |