diff options
author | Jim Hahn <jrh3@att.com> | 2018-04-21 01:07:34 -0400 |
---|---|---|
committer | Jim Hahn <jrh3@att.com> | 2018-04-23 10:47:33 -0400 |
commit | 49bccdce3e434e2e05d0f36ab5e4f2163184825b (patch) | |
tree | 2e2c27fad59671bb6fe0df23fba8688b7a090f14 | |
parent | d548b61bd5e657a4e2c47fb98da8c28e0a69cf42 (diff) |
Send credentials to AAI
Per this link: http://www.baeldung.com/httpclient-4-basic-authentication
apache HttpClient does not send the credentials by default,
but instead waits for the server to issue a challenge before
sending them. Modified RESTManager to construct and send the
Authorization header always instead of waiting for the
challenge.
Remove unused imports.
Also add Authorization header for POST request.
Change error message to match original error message when
username is null.
Preempt sonar issue.
Allow null user name, which indicates that the Authorization header
should not be sent. Note: this only impacts the RESTManager class;
invoking classes (e.g., AaiManager) still enforce that the user name
exists in the properties.
Fix license dates in modified test code.
Change-Id: I3cb26e76562db746939631437775727809553390
Issue-ID: POLICY-754
Signed-off-by: Jim Hahn <jrh3@att.com>
3 files changed, 37 insertions, 24 deletions
diff --git a/controlloop/common/model-impl/rest/src/main/java/org/onap/policy/rest/RESTManager.java b/controlloop/common/model-impl/rest/src/main/java/org/onap/policy/rest/RESTManager.java index dae31c39a..6b8b6f09a 100644 --- a/controlloop/common/model-impl/rest/src/main/java/org/onap/policy/rest/RESTManager.java +++ b/controlloop/common/model-impl/rest/src/main/java/org/onap/policy/rest/RESTManager.java @@ -1,8 +1,8 @@ -/*- +/* * ============LICENSE_START======================================================= * rest * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,18 +21,16 @@ package org.onap.policy.rest; import java.io.IOException; +import java.nio.charset.Charset; import java.util.Map; import java.util.Map.Entry; - +import javax.xml.bind.DatatypeConverter; +import org.apache.http.HttpHeaders; import org.apache.http.HttpResponse; -import org.apache.http.auth.AuthScope; -import org.apache.http.auth.UsernamePasswordCredentials; -import org.apache.http.client.CredentialsProvider; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpPost; import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.apache.http.entity.StringEntity; -import org.apache.http.impl.client.BasicCredentialsProvider; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClientBuilder; import org.apache.http.util.EntityUtils; @@ -55,9 +53,8 @@ public class RESTManager { public Pair<Integer, String> post(String url, String username, String password, Map<String, String> headers, String contentType, String body) { - CredentialsProvider credentials = new BasicCredentialsProvider(); - credentials.setCredentials(AuthScope.ANY, - new UsernamePasswordCredentials(username, password)); + + String authHeader = makeAuthHeader(username, password); logger.debug("HTTP REQUEST: {} -> {} {} -> {}", url, username, ((password != null) ? password.length() : "-"), contentType); @@ -71,7 +68,6 @@ public class RESTManager { HttpClientBuilder .create() .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE) - .setDefaultCredentialsProvider(credentials) .build()) { HttpPost post = new HttpPost(url); @@ -80,7 +76,10 @@ public class RESTManager { post.addHeader(entry.getKey(), headers.get(entry.getKey())); } } - post.addHeader("Content-Type", contentType); + post.addHeader("Content-Type", contentType); + if(authHeader != null) { + post.setHeader(HttpHeaders.AUTHORIZATION, authHeader); + } StringEntity input = new StringEntity(body); input.setContentType(contentType); @@ -111,15 +110,12 @@ public class RESTManager { public Pair<Integer, String> get(String url, String username, String password, Map<String, String> headers) { - CredentialsProvider credentials = new BasicCredentialsProvider(); - credentials.setCredentials(AuthScope.ANY, - new UsernamePasswordCredentials(username, password)); + String authHeader = makeAuthHeader(username, password); try (CloseableHttpClient client = HttpClientBuilder .create() .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE) - .setDefaultCredentialsProvider(credentials) .build()) { HttpGet get = new HttpGet(url); @@ -127,6 +123,9 @@ public class RESTManager { for (Entry<String, String> entry : headers.entrySet()) { get.addHeader(entry.getKey(), headers.get(entry.getKey())); } + } + if(authHeader != null) { + get.setHeader(HttpHeaders.AUTHORIZATION, authHeader); } HttpResponse response = client.execute(get); @@ -145,4 +144,13 @@ public class RESTManager { return null; } } + + private String makeAuthHeader(String username, String password) { + if (username == null) { + return null; + } + + String auth = username + ":" + (password == null ? "" : password); + return "Basic " + DatatypeConverter.printBase64Binary(auth.getBytes(Charset.forName("ISO-8859-1"))); + } } diff --git a/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestGet.java b/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestGet.java index 0bf1da8d5..a2252a046 100755 --- a/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestGet.java +++ b/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestGet.java @@ -1,8 +1,8 @@ -/*- +/* * ============LICENSE_START======================================================= * rest * ================================================================================ - * + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -34,10 +34,14 @@ public class TestGet { mgr.get(null, "user", null, null); } - @Test(expected = IllegalArgumentException.class) + @Test public void testUsernameNull() { RESTManager mgr = new RESTManager(); - mgr.get("nothing", null, null, null); + + Pair<Integer, String> result = mgr.get("http://www.example.org", null, null, null); + assertEquals((Integer)200, result.a); + assertTrue(result.b != null); + assertTrue(result.b.length() > 0); } @Test diff --git a/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestPost.java b/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestPost.java index 1cdde22e8..de44dec6b 100755 --- a/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestPost.java +++ b/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestPost.java @@ -1,8 +1,8 @@ -/*- +/* * ============LICENSE_START======================================================= * rest * ================================================================================ - * + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -27,10 +27,11 @@ import org.onap.policy.rest.RESTManager.Pair; public class TestPost { - @Test(expected = IllegalArgumentException.class) + @Test public void testUsernameNull() { RESTManager mgr = new RESTManager(); - mgr.post("nothing", null, null, null, null, null); + Pair<Integer, String> result = mgr.post("http://www.example.org", null, null, null, null, null); + assertEquals(null, result); } @Test |