Send credentials to AAI

Per this link: http://www.baeldung.com/httpclient-4-basic-authentication apache HttpClient does not send the credentials by default, but instead waits for the server to issue a challenge before sending them. Modified RESTManager to construct and send the Authorization header always instead of waiting for the challenge. Remove unused imports. Also add Authorization header for POST request. Change error message to match original error message when username is null. Preempt sonar issue. Allow null user name, which indicates that the Authorization header should not be sent. Note: this only impacts the RESTManager class; invoking classes (e.g., AaiManager) still enforce that the user name exists in the properties. Fix license dates in modified test code. Change-Id: I3cb26e76562db746939631437775727809553390 Issue-ID: POLICY-754 Signed-off-by: Jim Hahn <jrh3@att.com>
author: Jim Hahn <jrh3@att.com> 2018-04-21 01:07:34 -0400
committer: Jim Hahn <jrh3@att.com> 2018-04-23 10:47:33 -0400
commit: 49bccdce3e434e2e05d0f36ab5e4f2163184825b (patch)
tree: 2e2c27fad59671bb6fe0df23fba8688b7a090f14 /controlloop/common/model-impl/rest/src
parent: d548b61bd5e657a4e2c47fb98da8c28e0a69cf42 (diff)
3 files changed, 37 insertions, 24 deletions
diff --git a/controlloop/common/model-impl/rest/src/main/java/org/onap/policy/rest/RESTManager.java b/controlloop/common/model-impl/rest/src/main/java/org/onap/policy/rest/RESTManager.java
index dae31c39a..6b8b6f09a 100644
--- a/controlloop/common/model-impl/rest/src/main/java/org/onap/policy/rest/RESTManager.java
+++ b/controlloop/common/model-impl/rest/src/main/java/org/onap/policy/rest/RESTManager.java
@@ -1,8 +1,8 @@
-/*-
+/*
  * ============LICENSE_START=======================================================
  * rest
  * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -21,18 +21,16 @@
 package org.onap.policy.rest;
 
 import java.io.IOException;
+import java.nio.charset.Charset;
 import java.util.Map;
 import java.util.Map.Entry;
-
+import javax.xml.bind.DatatypeConverter;
+import org.apache.http.HttpHeaders;
 import org.apache.http.HttpResponse;
-import org.apache.http.auth.AuthScope;
-import org.apache.http.auth.UsernamePasswordCredentials;
-import org.apache.http.client.CredentialsProvider;
 import org.apache.http.client.methods.HttpGet;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.conn.ssl.NoopHostnameVerifier;
 import org.apache.http.entity.StringEntity;
-import org.apache.http.impl.client.BasicCredentialsProvider;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClientBuilder;
 import org.apache.http.util.EntityUtils;
@@ -55,9 +53,8 @@ public class RESTManager {
 
     public Pair<Integer, String> post(String url, String username, String password,
             Map<String, String> headers, String contentType, String body) {
-        CredentialsProvider credentials = new BasicCredentialsProvider();
-        credentials.setCredentials(AuthScope.ANY,
-                new UsernamePasswordCredentials(username, password));
+
+        String authHeader = makeAuthHeader(username, password);
 
         logger.debug("HTTP REQUEST: {} -> {} {} -> {}", url, username,
                 ((password != null) ? password.length() : "-"), contentType);
@@ -71,7 +68,6 @@ public class RESTManager {
                 HttpClientBuilder
                         .create()
                         .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
-                        .setDefaultCredentialsProvider(credentials)
                         .build()) {
 
             HttpPost post = new HttpPost(url);
@@ -80,7 +76,10 @@ public class RESTManager {
                     post.addHeader(entry.getKey(), headers.get(entry.getKey()));
                 }
             }
-            post.addHeader("Content-Type", contentType);
+            post.addHeader("Content-Type", contentType);            
+            if(authHeader != null) {
+                post.setHeader(HttpHeaders.AUTHORIZATION, authHeader);
+            }
 
             StringEntity input = new StringEntity(body);
             input.setContentType(contentType);
@@ -111,15 +110,12 @@ public class RESTManager {
     public Pair<Integer, String> get(String url, String username, String password,
             Map<String, String> headers) {
 
-        CredentialsProvider credentials = new BasicCredentialsProvider();
-        credentials.setCredentials(AuthScope.ANY,
-                new UsernamePasswordCredentials(username, password));
+        String authHeader = makeAuthHeader(username, password);
 
         try (CloseableHttpClient client =
                 HttpClientBuilder
                         .create()
                         .setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
-                        .setDefaultCredentialsProvider(credentials)
                         .build()) {
 
             HttpGet get = new HttpGet(url);
@@ -127,6 +123,9 @@ public class RESTManager {
                 for (Entry<String, String> entry : headers.entrySet()) {
                     get.addHeader(entry.getKey(), headers.get(entry.getKey()));
                 }
+            }           
+            if(authHeader != null) {
+                get.setHeader(HttpHeaders.AUTHORIZATION, authHeader);
             }
 
             HttpResponse response = client.execute(get);
@@ -145,4 +144,13 @@ public class RESTManager {
             return null;
         }
     }
+
+    private String makeAuthHeader(String username, String password) {
+        if (username == null) {
+            return null;
+        }
+
+        String auth = username + ":" + (password == null ? "" : password);
+        return "Basic " + DatatypeConverter.printBase64Binary(auth.getBytes(Charset.forName("ISO-8859-1")));
+    }
 }
diff --git a/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestGet.java b/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestGet.java
index 0bf1da8d5..a2252a046 100755
--- a/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestGet.java
+++ b/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestGet.java
@@ -1,8 +1,8 @@
-/*-
+/*
  * ============LICENSE_START=======================================================
  * rest
  * ================================================================================
- * 
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -34,10 +34,14 @@ public class TestGet {
         mgr.get(null, "user", null, null);
     }
 
-    @Test(expected = IllegalArgumentException.class)
+    @Test
     public void testUsernameNull() {
         RESTManager mgr = new RESTManager();
-        mgr.get("nothing", null, null, null);
+
+        Pair<Integer, String> result = mgr.get("http://www.example.org", null, null, null);
+        assertEquals((Integer)200, result.a);
+        assertTrue(result.b != null);
+        assertTrue(result.b.length() > 0);
     }
 
     @Test
diff --git a/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestPost.java b/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestPost.java
index 1cdde22e8..de44dec6b 100755
--- a/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestPost.java
+++ b/controlloop/common/model-impl/rest/src/test/java/org/onap/policy/rest/TestPost.java
@@ -1,8 +1,8 @@
-/*-
+/*
  * ============LICENSE_START=======================================================
  * rest
  * ================================================================================
- * 
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -27,10 +27,11 @@ import org.onap.policy.rest.RESTManager.Pair;
 
 public class TestPost {
 
-    @Test(expected = IllegalArgumentException.class)
+    @Test
     public void testUsernameNull() {
         RESTManager mgr = new RESTManager();
-        mgr.post("nothing", null, null, null, null, null);
+        Pair<Integer, String> result = mgr.post("http://www.example.org", null, null, null, null, null);
+        assertEquals(null, result);
     }
 
     @Test
author	Jim Hahn <jrh3@att.com>	2018-04-21 01:07:34 -0400
committer	Jim Hahn <jrh3@att.com>	2018-04-23 10:47:33 -0400
commit	49bccdce3e434e2e05d0f36ab5e4f2163184825b (patch)
tree	2e2c27fad59671bb6fe0df23fba8688b7a090f14 /controlloop/common/model-impl/rest/src
parent	d548b61bd5e657a4e2c47fb98da8c28e0a69cf42 (diff)