diff options
Diffstat (limited to 'ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config')
-rw-r--r-- | ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java | 94 | ||||
-rw-r--r-- | ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPRestConfig.java | 211 |
2 files changed, 150 insertions, 155 deletions
diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java index 246f5a26d..163298186 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPApiAuth.java @@ -2,14 +2,14 @@ * ============LICENSE_START======================================================= * ONAP-PDP-REST * ================================================================================ - * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2019 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -17,8 +17,10 @@ * limitations under the License. * ============LICENSE_END========================================================= */ + package org.onap.policy.pdp.rest.config; +import com.att.research.xacml.util.XACMLProperties; import java.io.FileInputStream; import java.io.IOException; import java.io.InputStream; @@ -33,7 +35,6 @@ import java.util.List; import java.util.Map; import java.util.Properties; import java.util.StringTokenizer; - import org.onap.policy.api.PolicyEngineException; import org.onap.policy.common.logging.eelf.MessageCodes; import org.onap.policy.common.logging.flexlogger.FlexLogger; @@ -41,21 +42,20 @@ import org.onap.policy.common.logging.flexlogger.Logger; import org.onap.policy.rest.XACMLRestProperties; import org.onap.policy.utils.AAFPolicyClient; import org.onap.policy.utils.AAFPolicyException; +import org.onap.policy.utils.PeCryptoUtils; import org.onap.policy.utils.PolicyUtils; import org.onap.policy.xacml.api.XACMLErrorConstants; -import com.att.research.xacml.util.XACMLProperties; - public class PDPApiAuth { private static final Logger LOGGER = FlexLogger.getLogger(PDPApiAuth.class); private static String environment = null; private static Path clientPath = null; - private static Map<String,ArrayList<String>> clientMap = null; + private static Map<String, ArrayList<String>> clientMap = null; private static Long oldModified = null; private static AAFPolicyClient aafClient = null; - private PDPApiAuth(){ + private PDPApiAuth() { // Private Constructor } @@ -65,7 +65,7 @@ public class PDPApiAuth { public static void setProperty() { environment = XACMLProperties.getProperty("ENVIRONMENT", "DEVL"); String clientFile = XACMLProperties.getProperty(XACMLRestProperties.PROP_PEP_IDFILE); - if(clientFile!=null){ + if (clientFile != null) { clientPath = Paths.get(clientFile); } try { @@ -76,84 +76,84 @@ public class PDPApiAuth { } /* - * Return Environment value of the PDP servlet. + * Return Environment value of the PDP servlet. */ public static String getEnvironment() { - if(environment==null){ + if (environment == null) { setProperty(); } return environment; } /* - * Security check for authentication and authorizations. + * Security check for authentication and authorizations. */ - public static boolean checkPermissions(String clientEncoding, String requestID, - String resource) { - try{ + public static boolean checkPermissions(String clientEncoding, String requestID, String resource) { + try { String[] userNamePass = PolicyUtils.decodeBasicEncoding(clientEncoding); - if(userNamePass==null || userNamePass.length==0){ + if (userNamePass == null || userNamePass.length == 0) { String usernameAndPassword = null; byte[] decodedBytes = Base64.getDecoder().decode(clientEncoding); usernameAndPassword = new String(decodedBytes, "UTF-8"); StringTokenizer tokenizer = new StringTokenizer(usernameAndPassword, ":"); String username = tokenizer.nextToken(); String password = tokenizer.nextToken(); - userNamePass= new String[]{username, password}; + userNamePass = new String[] {username, password}; } LOGGER.info("User " + userNamePass[0] + " is Accessing Policy Engine API."); Boolean result = false; - // Check Backward Compatibility. - try{ + // Check Backward Compatibility. + try { /* - * If AAF is NOT enabled in the properties we will allow the user to - * continue to use the client.properties file to authenticate. - * Note: Disabling AAF is for testing purposes and not intended for production. + * If AAF is NOT enabled in the properties we will allow the user to continue to use the + * client.properties file to authenticate. Note: Disabling AAF is for testing purposes and not intended + * for production. */ if ("false".equals(XACMLProperties.getProperty("enable_aaf"))) { result = clientAuth(userNamePass); } - }catch(Exception e){ + } catch (Exception e) { LOGGER.error(MessageCodes.ERROR_PERMISSIONS, e); } - if(!result){ + if (!result) { String aafPolicyNameSpace = XACMLProperties.getProperty("policy.aaf.namespace"); String aafResource = XACMLProperties.getProperty("policy.aaf.root.permission"); String type = null; - if(!userNamePass[0].contains("@") && aafPolicyNameSpace!= null){ + if (!userNamePass[0].contains("@") && aafPolicyNameSpace != null) { userNamePass[0] = userNamePass[0] + "@" + reverseNamespace(aafPolicyNameSpace); - }else{ + } else { LOGGER.info("No AAF NameSpace specified in properties"); } - if(aafResource != null){ + if (aafResource != null) { type = aafResource + "." + resource; - }else{ + } else { LOGGER.warn("No AAF Resource specified in properties"); return false; } - LOGGER.info("Contacting AAF in : " + environment); + LOGGER.info("Contacting AAF in : " + environment); result = aafClient.checkAuthPerm(userNamePass[0], userNamePass[1], type, environment, "*"); } return result; - }catch(Exception e){ + } catch (Exception e) { LOGGER.error(MessageCodes.ERROR_PERMISSIONS, e); return false; } } - private static Boolean clientAuth(String[] userNamePass){ - if(clientPath==null){ + private static Boolean clientAuth(String[] userNamePass) { + if (clientPath == null) { setProperty(); } if (!clientPath.toFile().exists()) { return false; - }else if(clientPath.toString().endsWith(".properties")) { + } else if (clientPath.toString().endsWith(".properties")) { try { readProps(clientPath); - if (clientMap.containsKey(userNamePass[0]) && clientMap.get(userNamePass[0]).get(0).equals(userNamePass[1])) { + if (clientMap.containsKey(userNamePass[0]) + && clientMap.get(userNamePass[0]).get(0).equals(userNamePass[1])) { return true; } - }catch(PolicyEngineException e){ + } catch (PolicyEngineException e) { LOGGER.error(MessageCodes.ERROR_PERMISSIONS, e); return false; } @@ -163,12 +163,12 @@ public class PDPApiAuth { private static String reverseNamespace(String namespace) { final List<String> components = Arrays.asList(namespace.split("\\.")); - Collections.reverse(components); + Collections.reverse(components); return String.join(".", components); } - private static Map<String, ArrayList<String>> readProps(Path clientPath) throws PolicyEngineException{ - if(oldModified!=null){ + private static Map<String, ArrayList<String>> readProps(Path clientPath) throws PolicyEngineException { + if (oldModified != null) { Long newModified = clientPath.toFile().lastModified(); if (newModified == oldModified) { return clientMap; @@ -180,27 +180,31 @@ public class PDPApiAuth { in = new FileInputStream(clientPath.toFile()); clientProp.load(in); } catch (IOException e) { - LOGGER.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR , e); - throw new PolicyEngineException(XACMLErrorConstants.ERROR_SYSTEM_ERROR +"Cannot Load the Properties file", e); + LOGGER.error(XACMLErrorConstants.ERROR_SYSTEM_ERROR, e); + throw new PolicyEngineException(XACMLErrorConstants.ERROR_SYSTEM_ERROR + "Cannot Load the Properties file", + e); } // Read the Properties and Load the Clients and their scopes. clientMap = new HashMap<>(); - // + // for (Object propKey : clientProp.keySet()) { - String clientID = (String)propKey; + String clientID = (String) propKey; String clientValue = clientProp.getProperty(clientID); if (clientValue != null && clientValue.contains(",")) { ArrayList<String> clientValues = new ArrayList<>(Arrays.asList(clientValue.split("\\s*,\\s*"))); - if(clientValues.get(0)!=null || clientValues.get(1)!=null || clientValues.get(0).isEmpty() || clientValues.get(1).isEmpty()){ + if (clientValues.get(0) != null || clientValues.get(1) != null || clientValues.get(0).isEmpty() + || clientValues.get(1).isEmpty()) { + clientValues.set(0, PeCryptoUtils.decrypt(clientValues.get(0))); clientMap.put(clientID, clientValues); } } } if (clientMap.isEmpty()) { - LOGGER.debug(XACMLErrorConstants.ERROR_PERMISSIONS + "No Clients ID , Client Key and Scopes are available. Cannot serve any Clients !!"); + LOGGER.debug(XACMLErrorConstants.ERROR_PERMISSIONS + + "No Clients ID , Client Key and Scopes are available. Cannot serve any Clients !!"); throw new PolicyEngineException("Empty Client file"); } oldModified = clientPath.toFile().lastModified(); return clientMap; } -}
\ No newline at end of file +} diff --git a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPRestConfig.java b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPRestConfig.java index b563c6cce..9c3213bef 100644 --- a/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPRestConfig.java +++ b/ONAP-PDP-REST/src/main/java/org/onap/policy/pdp/rest/config/PDPRestConfig.java @@ -2,14 +2,14 @@ * ============LICENSE_START======================================================= * ONAP-PDP-REST * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017,2019 AT&T Intellectual Property. All rights reserved. * ================================================================================ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -17,23 +17,21 @@ * limitations under the License. * ============LICENSE_END========================================================= */ + package org.onap.policy.pdp.rest.config; import java.io.FileInputStream; -import java.io.IOException; import java.io.InputStream; import java.util.Properties; - import javax.annotation.PostConstruct; import javax.servlet.MultipartConfigElement; import javax.sql.DataSource; - import org.apache.tomcat.dbcp.dbcp2.BasicDataSource; import org.hibernate.SessionFactory; import org.onap.policy.common.logging.eelf.PolicyLogger; import org.onap.policy.common.logging.flexlogger.FlexLogger; import org.onap.policy.common.logging.flexlogger.Logger; -import org.onap.policy.pdp.rest.api.controller.PolicyEngineServices; +import org.onap.policy.utils.PeCryptoUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; @@ -43,7 +41,6 @@ import org.springframework.orm.hibernate4.LocalSessionFactoryBuilder; import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; - import springfox.documentation.builders.ApiInfoBuilder; import springfox.documentation.builders.PathSelectors; import springfox.documentation.builders.RequestHandlerSelectors; @@ -55,124 +52,118 @@ import springfox.documentation.swagger2.annotations.EnableSwagger2; @Configuration @EnableWebMvc @EnableSwagger2 -@ComponentScan(basePackages = { "org.onap.*", "com.*" }) -public class PDPRestConfig extends WebMvcConfigurerAdapter{ - - private static final Logger LOGGER = FlexLogger.getLogger(PDPRestConfig.class); - - private static String dbDriver = null; - private static String dbUrl = null; - private static String dbUserName = null; - private static String dbPassword = null; - - @PostConstruct - public void init(){ - Properties prop = new Properties(); - try (InputStream input = new FileInputStream("xacml.pdp.properties")){ - // load a properties file - prop.load(input); - setDbDriver(prop.getProperty("javax.persistence.jdbc.driver")); - setDbUrl(prop.getProperty("javax.persistence.jdbc.url")); - setDbUserName(prop.getProperty("javax.persistence.jdbc.user")); - setDbPassword(prop.getProperty("javax.persistence.jdbc.password")); - }catch(Exception e){ - LOGGER.error("Exception Occured while loading properties file"+e); - } - } - - @Override +@ComponentScan(basePackages = {"org.onap.*", "com.*"}) +public class PDPRestConfig extends WebMvcConfigurerAdapter { + + private static final Logger LOGGER = FlexLogger.getLogger(PDPRestConfig.class); + + private static String dbDriver = null; + private static String dbUrl = null; + private static String dbUserName = null; + private static String dbPassword = null; + + @PostConstruct + public void init() { + Properties prop = new Properties(); + try (InputStream input = new FileInputStream("xacml.pdp.properties")) { + // load a properties file + prop.load(input); + setDbDriver(prop.getProperty("javax.persistence.jdbc.driver")); + setDbUrl(prop.getProperty("javax.persistence.jdbc.url")); + setDbUserName(prop.getProperty("javax.persistence.jdbc.user")); + PeCryptoUtils.initAesKey(prop.getProperty("org.onap.policy.encryption.aes.key")); + setDbPassword(PeCryptoUtils.decrypt(prop.getProperty("javax.persistence.jdbc.password"))); + } catch (Exception e) { + LOGGER.error("Exception Occured while loading properties file" + e); + } + } + + @Override public void addResourceHandlers(ResourceHandlerRegistry registry) { registry.addResourceHandler("swagger-ui.html").addResourceLocations("classpath:/META-INF/resources/"); registry.addResourceHandler("/webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/"); } - - private ApiInfo apiInfo(){ - return new ApiInfoBuilder() - .title("Policy Engine REST API") - .description("This API helps to make queries against Policy Engine") - .version("3.0") - .build(); + + private ApiInfo apiInfo() { + return new ApiInfoBuilder().title("Policy Engine REST API") + .description("This API helps to make queries against Policy Engine").version("3.0").build(); } - + @Bean - public Docket policyAPI(){ + public Docket policyAPI() { PolicyLogger.info("Setting up Swagger... "); - return new Docket(DocumentationType.SWAGGER_2) - .select() - .apis(RequestHandlerSelectors.basePackage("org.onap.policy.pdp.rest.api")) - .paths(PathSelectors.any()) - .build() - .apiInfo(apiInfo()); - } - - @Bean(name = "dataSource") - public DataSource getDataSource() { - BasicDataSource dataSource = new BasicDataSource(); - dataSource.setDriverClassName(PDPRestConfig.getDbDriver()); - dataSource.setUrl(PDPRestConfig.getDbUrl()); - dataSource.setUsername(PDPRestConfig.getDbUserName()); - dataSource.setPassword(PDPRestConfig.getDbPassword()); - return dataSource; - } - - @Autowired - @Bean(name = "sessionFactory") - public SessionFactory getSessionFactory(DataSource dataSource) { - LocalSessionFactoryBuilder sessionBuilder = new LocalSessionFactoryBuilder(dataSource); - sessionBuilder.scanPackages("org.onap.*", "com.*"); - sessionBuilder.addProperties(getHibernateProperties()); - return sessionBuilder.buildSessionFactory(); - } - - private Properties getHibernateProperties() { - Properties properties = new Properties(); - properties.put("hibernate.show_sql", "true"); - properties.put("hibernate.dialect", "org.hibernate.dialect.MySQLDialect"); - return properties; - } - - @Autowired - @Bean(name = "transactionManager") - public HibernateTransactionManager getTransactionManager(SessionFactory sessionFactory) { - return new HibernateTransactionManager(sessionFactory); - } - + return new Docket(DocumentationType.SWAGGER_2).select() + .apis(RequestHandlerSelectors.basePackage("org.onap.policy.pdp.rest.api")).paths(PathSelectors.any()) + .build().apiInfo(apiInfo()); + } + + @Bean(name = "dataSource") + public DataSource getDataSource() { + BasicDataSource dataSource = new BasicDataSource(); + dataSource.setDriverClassName(PDPRestConfig.getDbDriver()); + dataSource.setUrl(PDPRestConfig.getDbUrl()); + dataSource.setUsername(PDPRestConfig.getDbUserName()); + dataSource.setPassword(PDPRestConfig.getDbPassword()); + return dataSource; + } + + @Autowired + @Bean(name = "sessionFactory") + public SessionFactory getSessionFactory(DataSource dataSource) { + LocalSessionFactoryBuilder sessionBuilder = new LocalSessionFactoryBuilder(dataSource); + sessionBuilder.scanPackages("org.onap.*", "com.*"); + sessionBuilder.addProperties(getHibernateProperties()); + return sessionBuilder.buildSessionFactory(); + } + + private Properties getHibernateProperties() { + Properties properties = new Properties(); + properties.put("hibernate.show_sql", "true"); + properties.put("hibernate.dialect", "org.hibernate.dialect.MySQLDialect"); + return properties; + } + + @Autowired + @Bean(name = "transactionManager") + public HibernateTransactionManager getTransactionManager(SessionFactory sessionFactory) { + return new HibernateTransactionManager(sessionFactory); + } + @Bean - public MultipartConfigElement multipartConfigElement(){ + public MultipartConfigElement multipartConfigElement() { String location = System.getProperty("java.io.tmpdir"); - MultipartConfigElement mp = new MultipartConfigElement(location); - return mp; + return new MultipartConfigElement(location); } - public static String getDbDriver() { - return dbDriver; - } + public static String getDbDriver() { + return dbDriver; + } - public static void setDbDriver(String dbDriver) { - PDPRestConfig.dbDriver = dbDriver; - } + public static void setDbDriver(String dbDriver) { + PDPRestConfig.dbDriver = dbDriver; + } - public static String getDbUrl() { - return dbUrl; - } + public static String getDbUrl() { + return dbUrl; + } - public static void setDbUrl(String dbUrl) { - PDPRestConfig.dbUrl = dbUrl; - } + public static void setDbUrl(String dbUrl) { + PDPRestConfig.dbUrl = dbUrl; + } - public static String getDbUserName() { - return dbUserName; - } + public static String getDbUserName() { + return dbUserName; + } - public static void setDbUserName(String dbUserName) { - PDPRestConfig.dbUserName = dbUserName; - } + public static void setDbUserName(String dbUserName) { + PDPRestConfig.dbUserName = dbUserName; + } - public static String getDbPassword() { - return dbPassword; - } + public static String getDbPassword() { + return dbPassword; + } - public static void setDbPassword(String dbPassword) { - PDPRestConfig.dbPassword = dbPassword; - } + public static void setDbPassword(String dbPassword) { + PDPRestConfig.dbPassword = dbPassword; + } } |