From 203a14a0c5397096f4b6918cd587248ea275e245 Mon Sep 17 00:00:00 2001
From: liamfallon <liam.fallon@est.tech>
Date: Tue, 31 Jan 2023 12:35:17 +0000
Subject: Upgrade and clean up dependencies

- Upgrade Hibernate
- Upgrade Mockito
- Upgrade Mockserver
- Remove Powermock (no longer supported) and replace with spring-test ReflectionTestUtils
- Upgrade Spring Framework
- Add spring-security to allow authentication on unit tests using MockMVC

Minor clean-up
- Replace deprecated authorization configuraiton on spring boot applications with SecurityFilterChain bean
- Change @LocalPort include on tests to use test include rather than runtime include
- Remove unused imports
- Remove unused constants and variables
- Add deprecation annotations where required

Issue-ID: POLICY-4482
Change-Id: I7356d60696330e868d4f67195ba55b80987f85b9
Signed-off-by: liamfallon <liam.fallon@est.tech>
---
 .../clamp/acm/element/config/SecurityConfig.java   | 34 ++++++++++++++--------
 1 file changed, 22 insertions(+), 12 deletions(-)

(limited to 'participant/participant-impl/participant-impl-acelement/src/main/java/org/onap')

diff --git a/participant/participant-impl/participant-impl-acelement/src/main/java/org/onap/policy/clamp/acm/element/config/SecurityConfig.java b/participant/participant-impl/participant-impl-acelement/src/main/java/org/onap/policy/clamp/acm/element/config/SecurityConfig.java
index b2609d358..ecb127580 100644
--- a/participant/participant-impl/participant-impl-acelement/src/main/java/org/onap/policy/clamp/acm/element/config/SecurityConfig.java
+++ b/participant/participant-impl/participant-impl-acelement/src/main/java/org/onap/policy/clamp/acm/element/config/SecurityConfig.java
@@ -1,6 +1,6 @@
 /*-
  * ============LICENSE_START=======================================================
- *  Copyright (C) 2021-2022 Nordix Foundation.
+ *  Copyright (C) 2021-2023 Nordix Foundation.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -20,20 +20,30 @@
 
 package org.onap.policy.clamp.acm.element.config;
 
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.web.SecurityFilterChain;
 
+/**
+ * Configure how access to this module's REST end points is secured.
+ */
 @Configuration
-public class SecurityConfig extends WebSecurityConfigurerAdapter {
-
-    @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        // @formatter:off
-        http.authorizeRequests()
-            .antMatchers().authenticated()
-            .anyRequest().authenticated()
-            .and().httpBasic().and().csrf().disable();
-        // @formatter:on
+public class SecurityConfig {
+    /**
+     * Return the configuration of how access to this module's REST end points is secured.
+     *
+     * @param http the HTTP security settings
+     * @return the HTTP security settings
+     */
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+            .httpBasic()
+            .and()
+            .authorizeHttpRequests().anyRequest().authenticated()
+            .and()
+            .csrf().disable();
+        return http.build();
     }
 }
-- 
cgit 1.2.3-korg