diff options
Diffstat (limited to 'ecomp-portal-BE-os')
4 files changed, 36 insertions, 33 deletions
diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/ECOMPLogoutController.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/ECOMPLogoutController.java index 54fcf3af..eaf3a133 100644 --- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/ECOMPLogoutController.java +++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/controller/ECOMPLogoutController.java @@ -52,7 +52,7 @@ import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.context.annotation.Profile; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.context.request.RequestContextHolder; import org.springframework.web.context.request.ServletRequestAttributes; import org.springframework.web.servlet.ModelAndView; @@ -69,7 +69,7 @@ public class ECOMPLogoutController extends EPUnRestrictedBaseController { EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ECOMPLogoutController.class); @EPAuditLog - @RequestMapping(value = { "/logout.htm" }, method = RequestMethod.GET) + @GetMapping(value = { "/logout.htm" }) public ModelAndView logOut(HttpServletRequest request, HttpServletResponse response) throws Exception { diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/service/RemoteWebServiceCallServiceImpl.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/service/RemoteWebServiceCallServiceImpl.java index b8edb5ce..c0f944e9 100644 --- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/service/RemoteWebServiceCallServiceImpl.java +++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/service/RemoteWebServiceCallServiceImpl.java @@ -38,12 +38,12 @@ package org.onap.portalapp.service; import java.util.List; - import org.onap.portalapp.portal.domain.EPApp; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.onboarding.util.CipherUtil; +import org.onap.portalsdk.core.onboarding.util.KeyConstants; +import org.onap.portalsdk.core.onboarding.util.KeyProperties; import org.onap.portalsdk.core.service.WebServiceCallServiceImpl; -import org.onap.portalsdk.core.util.SystemProperties; import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -67,11 +67,10 @@ public class RemoteWebServiceCallServiceImpl extends WebServiceCallServiceImpl i logger.warn(EELFLoggerDelegate.errorLogger, "Failed to find application with UEB key " + requestUebKey); return false; } - - String encryptedPwdDB = appRecord.getAppPassword(); - String appUserName = appRecord.getUsername(); - String decryptedPwd = CipherUtil.decryptPKC(encryptedPwdDB, - secretKey == null ? SystemProperties.getProperty(SystemProperties.Decryption_Key) : secretKey); + + String encryptedPwdDB = appRecord.getAppBasicAuthPassword(); + String appUserName = appRecord.getAppBasicAuthUsername(); + String decryptedPwd = CipherUtil.decryptPKC(encryptedPwdDB,secretKey == null ? KeyProperties.getProperty(KeyConstants.CIPHER_ENCRYPTION_KEY) : secretKey); if (decryptedPwd.equals(requestPassword) && appUserName.equals(requestAppName)) return true; else diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/util/SessionCookieUtil.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/util/SessionCookieUtil.java index 1a347e07..05765021 100644 --- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/util/SessionCookieUtil.java +++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/util/SessionCookieUtil.java @@ -43,7 +43,8 @@ import javax.servlet.http.HttpServletResponse; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalsdk.core.onboarding.util.CipherUtil; -import org.onap.portalsdk.core.util.SystemProperties; +import org.onap.portalsdk.core.onboarding.util.KeyConstants; +import org.onap.portalsdk.core.onboarding.util.KeyProperties; public class SessionCookieUtil extends CommonSessionCookieUtil{ @@ -72,7 +73,7 @@ public class SessionCookieUtil extends CommonSessionCookieUtil{ HttpServletResponse response,String userId) throws Exception { logger.info("************** session cookie util set up UserId cookie begins"); userId = CipherUtil.encrypt(userId, - SystemProperties.getProperty(SystemProperties.Decryption_Key)); + KeyProperties.getProperty(KeyConstants.CIPHER_ENCRYPTION_KEY)); Cookie cookie1 = new Cookie(USER_ID, userId); cookie1.setSecure(true); cookie1.setMaxAge(cookieMaxAge); @@ -93,7 +94,7 @@ public class SessionCookieUtil extends CommonSessionCookieUtil{ userIdcookie = cookie; if(userIdcookie!=null){ userId = CipherUtil.decrypt(userIdcookie.getValue(), - SystemProperties.getProperty(SystemProperties.Decryption_Key)); + KeyProperties.getProperty(KeyConstants.CIPHER_ENCRYPTION_KEY)); } logger.info("************** session cookie util set up EP cookie completed"); diff --git a/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/service/RemoteWebServiceCallServiceImplTest.java b/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/service/RemoteWebServiceCallServiceImplTest.java index 88ccf5d1..1f346459 100644 --- a/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/service/RemoteWebServiceCallServiceImplTest.java +++ b/ecomp-portal-BE-os/src/test/java/org/onap/portalapp/portal/service/RemoteWebServiceCallServiceImplTest.java @@ -57,6 +57,8 @@ import org.onap.portalapp.portal.domain.EPApp; import org.onap.portalapp.portal.framework.MockitoTestSuite; import org.onap.portalapp.service.RemoteWebServiceCallServiceImpl; import org.onap.portalsdk.core.onboarding.util.CipherUtil; +import org.onap.portalsdk.core.onboarding.util.KeyConstants; +import org.onap.portalsdk.core.onboarding.util.KeyProperties; import org.onap.portalsdk.core.service.DataAccessService; import org.onap.portalsdk.core.util.SystemProperties; import org.powermock.api.mockito.PowerMockito; @@ -64,7 +66,7 @@ import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; @RunWith(PowerMockRunner.class) -@PrepareForTest({ CipherUtil.class , SystemProperties.class}) +@PrepareForTest({ CipherUtil.class , SystemProperties.class, KeyProperties.class, KeyConstants.class}) public class RemoteWebServiceCallServiceImplTest { @@ -93,17 +95,17 @@ public class RemoteWebServiceCallServiceImplTest { public void verifyRESTCredentialTest() throws Exception { PowerMockito.mockStatic(CipherUtil.class); - PowerMockito.mockStatic(SystemProperties.class); + PowerMockito.mockStatic(KeyProperties.class); + PowerMockito.mockStatic(KeyConstants.class); String criteria= " where ueb_key = 'requestUebKey'"; List<EPApp> appList = new ArrayList<>(); EPApp app = new EPApp(); - app.setAppPassword("password"); + app.setAppBasicAuthPassword("password"); appList.add(app); Mockito.when(dataAccessService.getList(EPApp.class, criteria.toString(), null, null)).thenReturn(appList); String secretKey = null; - Mockito.when(SystemProperties.getProperty(SystemProperties.Decryption_Key)).thenReturn(secretKey); - Mockito.when(CipherUtil.decryptPKC("password", - secretKey == null ? null : secretKey)).thenReturn("pwd"); + Mockito.when(KeyProperties.getProperty(KeyConstants.CIPHER_ENCRYPTION_KEY)).thenReturn(secretKey); + Mockito.when(CipherUtil.decryptPKC("password",secretKey == null ? null : secretKey)).thenReturn("pwd"); assertFalse(remoteWebServiceCallServiceImpl.verifyRESTCredential(secretKey,"requestUebKey","requestAppName","requestPassword")); } @@ -111,18 +113,18 @@ public class RemoteWebServiceCallServiceImplTest { public void verifyRESTCredentialExceptionTest() throws Exception { PowerMockito.mockStatic(CipherUtil.class); - PowerMockito.mockStatic(SystemProperties.class); + PowerMockito.mockStatic(KeyProperties.class); + PowerMockito.mockStatic(KeyConstants.class); String criteria= " where ueb_key = 'requestUebKey'"; List<EPApp> appList = new ArrayList<>(); EPApp app = new EPApp(); - app.setAppPassword("password"); - app.setUsername("requestAppName"); + app.setAppBasicAuthPassword("password"); + app.setAppBasicAuthUsername("requestAppName"); appList.add(app); Mockito.when(dataAccessService.getList(EPApp.class, criteria.toString(), null, null)).thenReturn(appList); String secretKey = null; - Mockito.when(SystemProperties.getProperty(SystemProperties.Decryption_Key)).thenReturn(secretKey); - Mockito.when(CipherUtil.decryptPKC("password", - secretKey == null ? null : secretKey)).thenReturn("pwd"); + Mockito.when(KeyProperties.getProperty(KeyConstants.CIPHER_ENCRYPTION_KEY)).thenReturn(secretKey); + Mockito.when(CipherUtil.decryptPKC("password",secretKey == null ? null : secretKey)).thenReturn("pwd"); assertTrue(remoteWebServiceCallServiceImpl.verifyRESTCredential(secretKey,"requestUebKey","requestAppName","pwd")); } @@ -131,17 +133,18 @@ public class RemoteWebServiceCallServiceImplTest { { PowerMockito.mockStatic(CipherUtil.class); PowerMockito.mockStatic(SystemProperties.class); + PowerMockito.mockStatic(KeyProperties.class); + PowerMockito.mockStatic(KeyConstants.class); String criteria= " where ueb_key = 'requestUebKey'"; List<EPApp> appList = new ArrayList<>(); EPApp app = new EPApp(); - app.setAppPassword("password"); - app.setUsername("requestAppName"); + app.setAppBasicAuthPassword("password"); + app.setAppBasicAuthUsername("requestAppName"); appList.add(app); Mockito.when(dataAccessService.getList(EPApp.class, criteria.toString(), null, null)).thenReturn(null); String secretKey = null; - Mockito.when(SystemProperties.getProperty(SystemProperties.Decryption_Key)).thenReturn(secretKey); - Mockito.when(CipherUtil.decryptPKC("password", - secretKey == null ? null : secretKey)).thenReturn("pwd"); + Mockito.when(KeyProperties.getProperty(KeyConstants.CIPHER_ENCRYPTION_KEY)).thenReturn(secretKey); + Mockito.when(CipherUtil.decryptPKC("password",secretKey == null ? null : secretKey)).thenReturn("pwd"); assertFalse(remoteWebServiceCallServiceImpl.verifyRESTCredential(secretKey,"requestUebKey","requestAppName","pwd")); } @@ -160,8 +163,8 @@ public class RemoteWebServiceCallServiceImplTest { // String criteria= " where ueb_key = 'requestUebKey'"; List<EPApp> appList = new ArrayList<>(); EPApp app = new EPApp(); - app.setAppPassword("password"); - app.setUsername("requestAppName"); + app.setAppBasicAuthPassword("password"); + app.setAppBasicAuthUsername("requestAppName"); appList.add(app); Mockito.when(dataAccessService.getList(EPApp.class, criteria.toString(), null, null)).thenReturn(null); assertFalse(remoteWebServiceCallServiceImpl.verifyAppKeyCredential("test")); @@ -175,8 +178,8 @@ public class RemoteWebServiceCallServiceImplTest { String criteria= " where ueb_key = 'test'"; List<EPApp> appList = new ArrayList<>(); EPApp app = new EPApp(); - app.setAppPassword("password"); - app.setUsername("requestAppName"); + app.setAppBasicAuthPassword("password"); + app.setAppBasicAuthUsername("requestAppName"); appList.add(app); Mockito.when(dataAccessService.getList(EPApp.class, criteria.toString(), null, null)).thenReturn(appList); assertTrue(remoteWebServiceCallServiceImpl.verifyAppKeyCredential("test")); |