From 7246eabfd23d6cadc9f658f666df62b93f30ed70 Mon Sep 17 00:00:00 2001 From: st782s Date: Tue, 20 Nov 2018 07:31:32 -0500 Subject: CADI Integration Issue-ID: PORTAL-474 System to system authorization using CADI Change-Id: I76487f8155a36fca8283669fe5e28ec7d5aec91d Signed-off-by: st782s --- .../authorization/service/AAFRestServiceImpl.java | 225 ++++++++++++ .../external/authorization/service/AAFService.java | 60 ++++ .../service/LoginExternalAuthService.java | 80 ----- .../service/LoginExternalAuthServiceImpl.java | 254 -------------- .../authorization/service/UserApiService.java | 87 ----- .../authorization/service/UserApiServiceImpl.java | 385 --------------------- .../authorization/util/EcompExternalAuthUtils.java | 16 +- .../service/LoginExternalAuthServiceImplTest.java | 185 ---------- .../service/UserApiServiceImplTest.java | 353 ------------------- .../util/EcompExternalAuthUtilsTest.java | 4 +- 10 files changed, 287 insertions(+), 1362 deletions(-) create mode 100644 ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFRestServiceImpl.java create mode 100644 ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFService.java delete mode 100644 ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java delete mode 100644 ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java delete mode 100644 ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiService.java delete mode 100644 ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java delete mode 100644 ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImplTest.java delete mode 100644 ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImplTest.java (limited to 'ecomp-sdk/epsdk-aaf/src') diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFRestServiceImpl.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFRestServiceImpl.java new file mode 100644 index 00000000..f37af6fa --- /dev/null +++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFRestServiceImpl.java @@ -0,0 +1,225 @@ +/*- + * ============LICENSE_START========================================== + * ONAP Portal SDK + * =================================================================== + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * ECOMP is a trademark and service mark of AT&T Intellectual Property. + */ +package org.onap.portalsdk.external.authorization.service; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.List; + +import javax.servlet.http.HttpServletRequest; + +import org.json.JSONArray; +import org.json.JSONObject; +import org.onap.portalsdk.core.domain.RoleFunction; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalsdk.external.authorization.domain.ExternalAccessPerms; +//import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalsdk.external.authorization.util.EcompExternalAuthProperties; +import org.onap.portalsdk.external.authorization.util.EcompExternalAuthUtils; +import org.springframework.http.HttpEntity; +import org.springframework.http.HttpHeaders; +import org.springframework.http.HttpMethod; +import org.springframework.http.ResponseEntity; +import org.springframework.web.client.RestTemplate; + +import com.fasterxml.jackson.core.JsonParseException; +import com.fasterxml.jackson.databind.JsonMappingException; +import com.fasterxml.jackson.databind.ObjectMapper; + +public class AAFRestServiceImpl implements AAFService { + + private static final String PASSCODE = "password"; + + private static final String ID = "id"; + + private static final String EXTERNAL_AUTH_GET_USER_ROLES_ENDPOINT = "authz/roles/user/"; + + private static final String EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT = "authz/perms/user/"; + + private static final String EXTERNAL_AUTH_POST_CREDENTIALS_ENDPOINT = "authn/validate"; + RestTemplate template = new RestTemplate(); + + private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AAFRestServiceImpl.class); + + @Override + public String getUser(String orgUserId, HttpServletRequest request, HttpHeaders headers) throws Exception { + + HttpEntity entity = new HttpEntity<>(headers); + logger.debug(EELFLoggerDelegate.debugLogger, "getUserRoles: Connecting to external auth system for user {}", + orgUserId); + String endPoint = EXTERNAL_AUTH_GET_USER_ROLES_ENDPOINT + orgUserId + + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN); + ResponseEntity getResponse = template.exchange( + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint, + HttpMethod.GET, entity, String.class); + if (getResponse.getStatusCode().value() == 200) { + logger.debug(EELFLoggerDelegate.debugLogger, + "getUserRoles: Finished GET user app roles from external auth system and body: {}", + getResponse.getBody()); + } + String userRoles = getResponse.getBody(); + return userRoles; + + } + + @Override + public ResponseEntity checkUserExists(String username, String password, String appPass) throws Exception { + username = changeIfUserDomainNotAppended(username); + HttpHeaders headers = EcompExternalAuthUtils.base64encodeKeyForAAFBasicAuth(username, password); + String appUsername = EcompExternalAuthProperties + .getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_NAME); + JSONObject credentials = new JSONObject(); + credentials.put(ID, appUsername); + credentials.put(PASSCODE, appPass); + HttpEntity entity = new HttpEntity<>(credentials.toString(), headers); + logger.debug(EELFLoggerDelegate.debugLogger, "checkUserExists: Connecting to external auth system for user {}", + username); + ResponseEntity getResponse = template + .exchange(EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + + EXTERNAL_AUTH_POST_CREDENTIALS_ENDPOINT, HttpMethod.POST, entity, String.class); + if (getResponse.getStatusCode().value() == 200) { + logger.debug(EELFLoggerDelegate.debugLogger, + "checkUserExists: Finished POST from external auth system to validate credentials and status: {}", + getResponse.getStatusCode().value()); + } + return getResponse; + } + + private String changeIfUserDomainNotAppended(String username) { + if (!EcompExternalAuthUtils.validate(username)) { + username = username + + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN); + } + return username; + } + + @Override + public List getIfUserPermsExists(String username, HttpHeaders headers) throws Exception { + + HttpEntity entity = new HttpEntity<>(headers); + logger.debug(EELFLoggerDelegate.debugLogger, + "getIfUserPermsExists: Connecting to external auth system for user {}", username); + username = changeIfUserDomainNotAppended(username); + String endPoint = EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT + username; + ResponseEntity getResponse = getPermsFromExternalAuthSystem(entity, endPoint); + return convertPermsJSONArrayToExternalAccessPerms(new ObjectMapper(), getResponse.getBody()); + } + + private ResponseEntity getPermsFromExternalAuthSystem(HttpEntity entity, String endPoint) { + ResponseEntity getResponse = template.exchange( + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint, + HttpMethod.GET, entity, String.class); + if (getResponse.getStatusCode().value() == 200) { + logger.debug(EELFLoggerDelegate.debugLogger, + "getPermsFromExternalAuthSystem: Finished GET user perms from external auth system and body: {}", + getResponse.getBody()); + } + return getResponse; + } + + private List convertPermsJSONArrayToExternalAccessPerms(ObjectMapper mapper, String userPerms) + throws IOException, JsonParseException, JsonMappingException { + JSONObject userPermsJsonObj = null; + JSONArray userPermsJsonArray = null; + List extPermsList = new ArrayList<>(); + if (!userPerms.equals(EcompExternalAuthUtils.EXT_EMPTY_JSON_STRING)) { + userPermsJsonObj = new JSONObject(userPerms); + userPermsJsonArray = userPermsJsonObj.getJSONArray(EcompExternalAuthUtils.EXT_PERM_FIELD); + for (int i = 0; i < userPermsJsonArray.length(); i++) { + JSONObject permJsonObj = userPermsJsonArray.getJSONObject(i); + if (!permJsonObj.getString(EcompExternalAuthUtils.EXT_PERM_FIELD_TYPE) + .endsWith(EcompExternalAuthUtils.EXT_PERM_ACCESS)) { + ExternalAccessPerms perm = mapper.readValue(permJsonObj.toString(), ExternalAccessPerms.class); + extPermsList.add(perm); + } + } + } + return extPermsList; + } + + @Override + public List getRoleFunctions(String orgUserId, HttpHeaders headers) throws Exception { + ObjectMapper mapper = new ObjectMapper(); + + HttpEntity entity = new HttpEntity<>(headers); + logger.debug(EELFLoggerDelegate.debugLogger, "getRoleFunctions: Connecting to external auth system for user {}", + orgUserId); + String endPoint = EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT + orgUserId + + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN); + ResponseEntity getResponse = template.exchange( + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint, + HttpMethod.GET, entity, String.class); + if (getResponse.getStatusCode().value() == 200) { + logger.debug(EELFLoggerDelegate.debugLogger, + "getRoleFunctions: Finished GET user perms from external system and body: {}", + getResponse.getBody()); + } + String userPerms = getResponse.getBody(); + List extPermsList = convertPermsJSONArrayToExternalAccessPerms(mapper, userPerms); + return convertToRoleFunctionList(extPermsList); + } + + private List convertToRoleFunctionList(List extPermsList) { + List roleFunctions = new ArrayList<>(); + String namespace = EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_NAMESPACE); + for (ExternalAccessPerms extPerm : extPermsList) { + RoleFunction roleFunction = new RoleFunction(); + roleFunction.setCode(extPerm.getInstance()); + roleFunction.setAction(extPerm.getAction()); + if (extPerm.getDescription() != null + && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { + roleFunction.setName(extPerm.getDescription()); + } else if (extPerm.getDescription() == null + && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { + roleFunction.setName(extPerm.getType().substring(namespace.length() + 1) + "|" + extPerm.getInstance() + + "|" + extPerm.getAction()); + } else if (extPerm.getDescription() == null + && !EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { + roleFunction.setName(extPerm.getType() + "|" + extPerm.getInstance() + "|" + extPerm.getAction()); + } + if (EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { + roleFunction.setType(extPerm.getType().substring(namespace.length() + 1)); + } else { + roleFunction.setType(extPerm.getType()); + } + roleFunctions.add(roleFunction); + } + return roleFunctions; + } + +} \ No newline at end of file diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFService.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFService.java new file mode 100644 index 00000000..758c0647 --- /dev/null +++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/AAFService.java @@ -0,0 +1,60 @@ + +/*- + * ============LICENSE_START========================================== + * ONAP Portal SDK + * =================================================================== + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ +package org.onap.portalsdk.external.authorization.service; + +import java.util.List; + +import javax.servlet.http.HttpServletRequest; + +import org.onap.portalsdk.core.domain.RoleFunction; +import org.onap.portalsdk.external.authorization.domain.ExternalAccessPerms; +import org.springframework.http.HttpHeaders; +import org.springframework.http.ResponseEntity; + +public interface AAFService { + + + public String getUser(String orgUserId, HttpServletRequest request,HttpHeaders headers) throws Exception; + + public ResponseEntity checkUserExists(String username, String password, String appPassword) throws Exception; + + public List getIfUserPermsExists(String username,HttpHeaders headers) throws Exception ; + + List getRoleFunctions(String orgUserId,HttpHeaders headers) throws Exception; +} \ No newline at end of file diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java deleted file mode 100644 index 0ad02460..00000000 --- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthService.java +++ /dev/null @@ -1,80 +0,0 @@ -/*- - * ============LICENSE_START========================================== - * ONAP Portal SDK - * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * =================================================================== - * - * Unless otherwise specified, all software contained herein is licensed - * under the Apache License, Version 2.0 (the "License"); - * you may not use this software except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * Unless otherwise specified, all documentation contained herein is licensed - * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); - * you may not use this documentation except in compliance with the License. - * You may obtain a copy of the License at - * - * https://creativecommons.org/licenses/by/4.0/ - * - * Unless required by applicable law or agreed to in writing, documentation - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ============LICENSE_END============================================ - * - * - */ -package org.onap.portalsdk.external.authorization.service; - -import java.io.IOException; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; - -import org.onap.portalsdk.core.command.LoginBean; -import org.onap.portalsdk.core.domain.User; - -public interface LoginExternalAuthService { - - /** - * validate user exists in the system - * @param bean - * @param menuPropertiesFilename - * @param additionalParams - * @return returns login user bean - * @throws IOException - */ - @SuppressWarnings("rawtypes") - LoginBean findUser(LoginBean bean, String menuPropertiesFilename, Map additionalParams, HttpServletRequest request) throws Exception; - - /** - * - * @param bean - * @param menuPropertiesFilename - * @param additionalParams - * @param matchPassword - * @return returns login user bean - * @throws IOException - */ - @SuppressWarnings("rawtypes") - LoginBean findUser(LoginBean bean, String menuPropertiesFilename, Map additionalParams, boolean matchPassword, HttpServletRequest request) - throws Exception; - - /** - * - * @param orgUserId - * @return - */ - User findUserWithoutPwd(String orgUserId); -} diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java deleted file mode 100644 index 173e9e7d..00000000 --- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java +++ /dev/null @@ -1,254 +0,0 @@ -/*- - * ============LICENSE_START========================================== - * ONAP Portal SDK - * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * =================================================================== - * - * Unless otherwise specified, all software contained herein is licensed - * under the Apache License, Version 2.0 (the "License"); - * you may not use this software except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * Unless otherwise specified, all documentation contained herein is licensed - * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); - * you may not use this documentation except in compliance with the License. - * You may obtain a copy of the License at - * - * https://creativecommons.org/licenses/by/4.0/ - * - * Unless required by applicable law or agreed to in writing, documentation - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ============LICENSE_END============================================ - * - * - */ -package org.onap.portalsdk.external.authorization.service; - -import java.util.Date; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import javax.servlet.http.HttpServletRequest; - -import org.onap.portalsdk.core.command.LoginBean; -import org.onap.portalsdk.core.domain.Role; -import org.onap.portalsdk.core.domain.User; -import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.onap.portalsdk.core.menu.MenuBuilder; -import org.onap.portalsdk.core.service.DataAccessService; -import org.onap.portalsdk.core.service.LoginServiceCentralizedImpl; -import org.onap.portalsdk.core.util.SystemProperties; -import org.onap.portalsdk.core.web.support.AppUtils; -import org.onap.portalsdk.core.web.support.UserUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; -import org.springframework.transaction.annotation.Transactional; - -@Service("loginExternalAuthService") -public class LoginExternalAuthServiceImpl implements LoginExternalAuthService { - - private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginServiceCentralizedImpl.class); - - @Autowired - private DataAccessService dataAccessService; - - @Autowired - private UserApiService userApiService; - - @Override - public LoginBean findUser(LoginBean bean, String menuPropertiesFilename, - @SuppressWarnings("rawtypes") Map additionalParams, HttpServletRequest request) throws Exception { - return findUser(bean, menuPropertiesFilename, additionalParams, true, request); - } - - @Override - @SuppressWarnings("rawtypes") - @Transactional - public LoginBean findUser(LoginBean bean, String menuPropertiesFilename, Map additionalParams, - boolean matchPassword, HttpServletRequest request) throws Exception { - - User user; - if (bean.getUserid() != null) { - user = findUser(bean, request); - } else { - if (matchPassword) - user = findUser(bean.getLoginId(), bean.getLoginPwd()); - else - user = findUserWithoutPwd(bean.getLoginId()); - } - - if (user != null) { - if (AppUtils.isApplicationLocked() - && !UserUtils.hasRole(user, SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID))) { - bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_APPLICATION_LOCKED); - } - - // raise an error if the user is inactive - if (!user.getActive()) { - bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE); - } - - if (!userHasActiveRoles(user)) { - bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE); - } - // only login the user if no errors have occurred - if (bean.getLoginErrorMessage() == null) { - - // this will be a snapshot of the user's information as - // retrieved from the database - User userCopy = null; - try { - userCopy = (User) user.clone(); - } catch (CloneNotSupportedException ex) { - // Never happens - logger.error(EELFLoggerDelegate.errorLogger, "findUser failed", ex); - } - - User appuser = findUserWithoutPwd(user.getLoginId()); - - if (appuser == null && userHasRoleFunctions(user)) { - createUserIfNecessary(user); - } else { - appuser.setLastLoginDate(new Date()); - - // update the last logged in date for the user - dataAccessService.saveDomainObject(appuser, additionalParams); - } - // update the audit log of the user - // Check for the client device type and set log attributes - // appropriately - - // save the above changes to the User and their audit trail - - // create the application menu based on the user's privileges - - Set appMenu = getMenuBuilder().getMenu( - SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_SET_NAME), dataAccessService); - bean.setMenu(appMenu != null ? appMenu : new HashSet()); - Set businessDirectMenu = getMenuBuilder().getMenu( - SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_SET_NAME), - dataAccessService); - bean.setBusinessDirectMenu(businessDirectMenu != null ? businessDirectMenu : new HashSet()); - - bean.setUser(userCopy); - } - } - - return bean; - } - - private void createUserIfNecessary(User user) { - logger.debug(EELFLoggerDelegate.debugLogger, "createUser: " + user.getOrgUserId()); - User user1 = new User(); - user1.setEmail(user.getEmail()); - user1.setEmail(user.getEmail()); - user1.setFirstName(user.getFirstName()); - user1.setHrid(user.getHrid()); - user1.setJobTitle(user.getJobTitle()); - user1.setLastName(user.getLastName()); - user1.setLoginId(user.getLoginId()); - user1.setOrgManagerUserId(user.getOrgManagerUserId()); - user1.setMiddleInitial(user.getMiddleInitial()); - user1.setOrgCode(user.getOrgCode()); - user1.setOrgId(user.getOrgId()); - user1.setPhone(user.getPhone()); - user1.setOrgUserId(user.getOrgUserId()); - user1.setActive(user.getActive()); - user1.setLastLoginDate(new Date()); - - try { - dataAccessService.saveDomainObject(user1, null); - logger.debug(EELFLoggerDelegate.debugLogger, "createdUser Successfully: " + user.getOrgUserId()); - } catch (Exception ex) { - logger.error(EELFLoggerDelegate.errorLogger, "createUserIfNecessary failed", ex); - } - - } - - private boolean userHasActiveRoles(User user) { - boolean hasActiveRole = false; - @SuppressWarnings("rawtypes") - Iterator roles = user.getRoles().iterator(); - while (roles.hasNext()) { - Role role = (Role) roles.next(); - if (role.getActive()) { - hasActiveRole = true; - break; - } - } - return hasActiveRole; - } - - private boolean userHasRoleFunctions(User user) { - boolean hasRoleFunctions = false; - @SuppressWarnings("rawtypes") - Iterator roles = user.getRoles().iterator(); - while (roles.hasNext()) { - Role role = (Role) roles.next(); - if (role.getActive() && role.getRoleFunctions() != null && !role.getRoleFunctions().isEmpty()) { - hasRoleFunctions = true; - break; - } - } - return hasRoleFunctions; - } - - private User findUser(LoginBean bean, HttpServletRequest request) throws Exception { - User user = userApiService.getUser(bean.getUserid(), request); - user.setId(getUserIdByOrgUserId(user.getOrgUserId())); - user.setLoginId(bean.getUserid()); - logger.debug(EELFLoggerDelegate.debugLogger, "findUser: Returning final user roles and permissions", user.toString()); - return user; - } - - private Long getUserIdByOrgUserId(String orgUserId) { - Map params = new HashMap<>(); - params.put("orgUserId", orgUserId); - @SuppressWarnings("rawtypes") - List list = dataAccessService.executeNamedQuery("getUserIdByorgUserId", params, null); - Long userId = null; - if (list != null && !list.isEmpty()) - userId = (Long) list.get(0); - return userId; - } - - @SuppressWarnings("rawtypes") - private User findUser(String loginId, String password) { - Map params = new HashMap<>(); - params.put("login_id", loginId); - params.put("login_pwd", password); - List list = dataAccessService.executeNamedQuery("getUserByLoginIdLoginPwd", params, new HashMap()); - return (list == null || list.isEmpty()) ? null : (User) list.get(0); - } - - @SuppressWarnings("rawtypes") - @Override - public User findUserWithoutPwd(String loginId) { - Map params = new HashMap<>(); - params.put("org_user_id", loginId); - List list = dataAccessService.executeNamedQuery("getUserByOrgUserId", params, new HashMap()); - return (list == null || list.isEmpty()) ? null : (User) list.get(0); - } - - private MenuBuilder getMenuBuilder() { - return new MenuBuilder(); - } - -} diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiService.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiService.java deleted file mode 100644 index 3d112268..00000000 --- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiService.java +++ /dev/null @@ -1,87 +0,0 @@ -/*- - * ============LICENSE_START========================================== - * ONAP Portal SDK - * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * =================================================================== - * - * Unless otherwise specified, all software contained herein is licensed - * under the Apache License, Version 2.0 (the "License"); - * you may not use this software except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * Unless otherwise specified, all documentation contained herein is licensed - * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); - * you may not use this documentation except in compliance with the License. - * You may obtain a copy of the License at - * - * https://creativecommons.org/licenses/by/4.0/ - * - * Unless required by applicable law or agreed to in writing, documentation - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ============LICENSE_END============================================ - * - * - */ -package org.onap.portalsdk.external.authorization.service; - -import java.util.List; - -import javax.servlet.http.HttpServletRequest; - -import org.onap.portalsdk.core.domain.RoleFunction; -import org.onap.portalsdk.core.domain.User; -import org.onap.portalsdk.external.authorization.domain.ExternalAccessPerms; -import org.onap.portalsdk.external.authorization.exception.UserNotFoundException; -import org.springframework.http.ResponseEntity; - -public interface UserApiService { - - /** - * Gets list of all roles associated to user from external system - * - * @param orgUserId - * @return - * @throws Exception - */ - User getUser(String orgUserId, HttpServletRequest request) throws UserNotFoundException; - - /** - * - * @param OrgUserId - * @return - */ - List getRoleFunctions(String orgUserId) throws Exception; - - /** - * Check if user exist in external auth system - * - * @param username - * @param password - * @return Response - * @throws Exception - */ - ResponseEntity checkUserExists(String username, String password) throws Exception; - - /** - * Get if user has any perms - * - * @param username - * @param password - * @return List - * @throws Exception - */ - List getIfUserPermsExists(String username) throws Exception; -} diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java deleted file mode 100644 index 14d8a5e2..00000000 --- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java +++ /dev/null @@ -1,385 +0,0 @@ -/*- - * ============LICENSE_START========================================== - * ONAP Portal SDK - * =================================================================== - * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. - * =================================================================== - * - * Unless otherwise specified, all software contained herein is licensed - * under the Apache License, Version 2.0 (the "License"); - * you may not use this software except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * Unless otherwise specified, all documentation contained herein is licensed - * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); - * you may not use this documentation except in compliance with the License. - * You may obtain a copy of the License at - * - * https://creativecommons.org/licenses/by/4.0/ - * - * Unless required by applicable law or agreed to in writing, documentation - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ============LICENSE_END============================================ - * - * - */ -package org.onap.portalsdk.external.authorization.service; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; -import java.util.Set; -import java.util.TreeSet; - -import javax.naming.NamingException; -import javax.servlet.http.HttpServletRequest; - -import org.json.JSONArray; -import org.json.JSONObject; -import org.onap.portalsdk.core.command.PostSearchBean; -import org.onap.portalsdk.core.command.support.SearchResult; -import org.onap.portalsdk.core.domain.App; -import org.onap.portalsdk.core.domain.Role; -import org.onap.portalsdk.core.domain.RoleFunction; -import org.onap.portalsdk.core.domain.User; -import org.onap.portalsdk.core.domain.UserApp; -import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.onap.portalsdk.core.service.AppService; -import org.onap.portalsdk.core.service.DataAccessService; -import org.onap.portalsdk.core.service.LdapService; -import org.onap.portalsdk.core.service.PostSearchService; -import org.onap.portalsdk.external.authorization.domain.ExternalAccessPerms; -import org.onap.portalsdk.external.authorization.domain.ExternalAccessRole; -import org.onap.portalsdk.external.authorization.domain.ExternalAccessRoleDescription; -import org.onap.portalsdk.external.authorization.domain.ExternalAccessUserRoleDetail; -import org.onap.portalsdk.external.authorization.exception.UserNotFoundException; -import org.onap.portalsdk.external.authorization.util.EcompExternalAuthProperties; -import org.onap.portalsdk.external.authorization.util.EcompExternalAuthUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpHeaders; -import org.springframework.http.HttpMethod; -import org.springframework.http.ResponseEntity; -import org.springframework.stereotype.Service; -import org.springframework.web.client.RestTemplate; - -import com.fasterxml.jackson.core.JsonParseException; -import com.fasterxml.jackson.databind.JsonMappingException; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.type.TypeFactory; - -@Service("userApiService") -public class UserApiServiceImpl implements UserApiService { - - private static final String PASSCODE = "password"; - - private static final String ID = "id"; - - private static final String EXTERNAL_AUTH_GET_USER_ROLES_ENDPOINT = "authz/roles/user/"; - - private static final String EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT = "authz/perms/user/"; - - private static final String EXTERNAL_AUTH_POST_CREDENTIALS_ENDPOINT = "authn/validate"; - - private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserApiServiceImpl.class); - - @Autowired - private LoginExternalAuthService loginAAFService; - - @Autowired - private LdapService ldapService; - - @Autowired - private PostSearchService postSearchService; - - @Autowired - private DataAccessService dataAccessService; - - RestTemplate template = new RestTemplate(); - - @Autowired - private AppService appService; - - @Override - public User getUser(String orgUserId, HttpServletRequest request) throws UserNotFoundException { - User user = null; - try { - String namespace = EcompExternalAuthProperties - .getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_NAMESPACE); - HttpHeaders headers = getBasicAuthHeaders(); - HttpEntity entity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, "getUserRoles: Connecting to external auth system for user {}", - orgUserId); - String endPoint = EXTERNAL_AUTH_GET_USER_ROLES_ENDPOINT + orgUserId - + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN); - ResponseEntity getResponse = template.exchange( - EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint, - HttpMethod.GET, entity, String.class); - if (getResponse.getStatusCode().value() == 200) { - logger.debug(EELFLoggerDelegate.debugLogger, - "getUserRoles: Finished GET user app roles from external auth system and body: {}", - getResponse.getBody()); - } - String userRoles = getResponse.getBody(); - ObjectMapper mapper = new ObjectMapper(); - List userRoleDetailList = setExternalAccessUserRoles(namespace, userRoles, - mapper); - - if (userRoleDetailList.isEmpty()) { - throw new UserNotFoundException("User roles not found!"); - } else { - user = convertAAFUserRolesToEcompSDKUser(userRoleDetailList, orgUserId, namespace, request); - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "getUser: Failed! ", e); - } - return user; - - } - - private List setExternalAccessUserRoles(String namespace, String userRoles, - ObjectMapper mapper) throws IOException, JsonParseException, JsonMappingException, UserNotFoundException { - JSONObject userJsonObj; - JSONArray userJsonArray; - List userRoleDetailList = new ArrayList<>(); - if (!userRoles.equals(EcompExternalAuthUtils.EXT_EMPTY_JSON_STRING)) { - userJsonObj = new JSONObject(userRoles); - userJsonArray = userJsonObj.getJSONArray(EcompExternalAuthUtils.EXT_ROLE_FIELD); - ExternalAccessUserRoleDetail userRoleDetail = null; - for (int i = 0; i < userJsonArray.length(); i++) { - JSONObject role = userJsonArray.getJSONObject(i); - if (!role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME) - .endsWith(EcompExternalAuthUtils.EXT_ROLE_FIELD_ADMIN) - && !role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME) - .endsWith(EcompExternalAuthUtils.EXT_ROLE_FIELD_OWNER)) { - ExternalAccessRoleDescription ecDesc = new ExternalAccessRoleDescription(); - if (role.has(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION) && EcompExternalAuthUtils - .isJSONValid(role.getString(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION))) { - ecDesc = mapper.readValue(role.getString(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION), - ExternalAccessRoleDescription.class); - } - List ecPerms = new ArrayList<>(); - if (role.has(EcompExternalAuthUtils.EXT_FIELD_PERMS)) { - JSONArray perms = role.getJSONArray(EcompExternalAuthUtils.EXT_FIELD_PERMS); - ecPerms = mapper.readValue(perms.toString(), TypeFactory.defaultInstance() - .constructCollectionType(List.class, ExternalAccessPerms.class)); - } - ExternalAccessRole ecRole = new ExternalAccessRole( - role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME), ecPerms, ecDesc); - userRoleDetail = new ExternalAccessUserRoleDetail(ecRole); - userRoleDetailList.add(userRoleDetail); - } - } - } else { - throw new UserNotFoundException("User roles not found!"); - } - return userRoleDetailList; - } - - private User convertAAFUserRolesToEcompSDKUser(List userRoleDetailList, - String orgUserId, String namespace, HttpServletRequest request) throws Exception { - User user = loginAAFService.findUserWithoutPwd(orgUserId); - PostSearchBean postSearchBean = new PostSearchBean(); - if (user == null) { - postSearchBean.setOrgUserId(orgUserId); - postSearchService.process(request, postSearchBean); - postSearchBean.setSearchResult(loadSearchResultData(postSearchBean)); - user = (User) postSearchBean.getSearchResult().get(0); - user.setActive(true); - user.setLoginId(orgUserId); - dataAccessService.saveDomainObject(user, null); - } - App app = appService.getApp(1l); - try { - Set userApps = setUserApps(userRoleDetailList, namespace, user, app); - user.setUserApps(userApps); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "createEPUser: createEPUser failed", e); - throw e; - } - - return user; - } - - @SuppressWarnings({ "rawtypes", "unchecked" }) - private Set setUserApps(List userRoleDetailList, String namespace, User user, - App app) { - Set userApps = new TreeSet(); - for (ExternalAccessUserRoleDetail userRoleDetail : userRoleDetailList) { - ExternalAccessRole ecRole = userRoleDetail.getRole(); - ExternalAccessRoleDescription roleDesc = ecRole.getDescription(); - UserApp userApp = new UserApp(); - Role role = new Role(); - Set roleFunctions = new TreeSet<>(); - if (roleDesc.getName() == null) { - role.setActive(true); - role.setName(ecRole.getName()); - } else { - role.setActive(Boolean.valueOf(roleDesc.getActive())); - role.setId(Long.valueOf(roleDesc.getAppRoleId())); - role.setName(roleDesc.getName()); - if (!roleDesc.getPriority().equals(EcompExternalAuthUtils.EXT_NULL_VALUE)) { - role.setPriority(Integer.valueOf(roleDesc.getPriority())); - } - } - for (ExternalAccessPerms extPerm : ecRole.getPerms()) { - RoleFunction roleFunction = new RoleFunction(); - roleFunction.setCode(extPerm.getInstance()); - roleFunction.setAction(extPerm.getAction()); - if (extPerm.getDescription() != null) { - roleFunction.setName(extPerm.getDescription()); - } - roleFunction.setType(extPerm.getType()); - roleFunctions.add(roleFunction); - } - role.setRoleFunctions(roleFunctions); - userApp.setApp(app); - userApp.setRole(role); - userApp.setUserId(user.getId()); - userApps.add(userApp); - } - return userApps; - } - - @Override - public List getRoleFunctions(String orgUserId) throws Exception { - ObjectMapper mapper = new ObjectMapper(); - HttpHeaders headers = getBasicAuthHeaders(); - HttpEntity entity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, "getRoleFunctions: Connecting to external auth system for user {}", - orgUserId); - String endPoint = EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT + orgUserId - + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN); - ResponseEntity getResponse = template.exchange( - EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint, - HttpMethod.GET, entity, String.class); - if (getResponse.getStatusCode().value() == 200) { - logger.debug(EELFLoggerDelegate.debugLogger, - "getRoleFunctions: Finished GET user perms from external system and body: {}", - getResponse.getBody()); - } - String userPerms = getResponse.getBody(); - List extPermsList = convertPermsJSONArrayToExternalAccessPerms(mapper, userPerms); - return convertToRoleFunctionList(extPermsList); - } - - private List convertPermsJSONArrayToExternalAccessPerms(ObjectMapper mapper, String userPerms) - throws IOException, JsonParseException, JsonMappingException { - JSONObject userPermsJsonObj = null; - JSONArray userPermsJsonArray = null; - List extPermsList = new ArrayList<>(); - if (!userPerms.equals(EcompExternalAuthUtils.EXT_EMPTY_JSON_STRING)) { - userPermsJsonObj = new JSONObject(userPerms); - userPermsJsonArray = userPermsJsonObj.getJSONArray(EcompExternalAuthUtils.EXT_PERM_FIELD); - for (int i = 0; i < userPermsJsonArray.length(); i++) { - JSONObject permJsonObj = userPermsJsonArray.getJSONObject(i); - if (!permJsonObj.getString(EcompExternalAuthUtils.EXT_PERM_FIELD_TYPE) - .endsWith(EcompExternalAuthUtils.EXT_PERM_ACCESS)) { - ExternalAccessPerms perm = mapper.readValue(permJsonObj.toString(), ExternalAccessPerms.class); - extPermsList.add(perm); - } - } - } - return extPermsList; - } - - private ResponseEntity getPermsFromExternalAuthSystem(HttpEntity entity, String endPoint) { - ResponseEntity getResponse = template.exchange( - EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + endPoint, - HttpMethod.GET, entity, String.class); - if (getResponse.getStatusCode().value() == 200) { - logger.debug(EELFLoggerDelegate.debugLogger, - "getPermsFromExternalAuthSystem: Finished GET user perms from external auth system and body: {}", - getResponse.getBody()); - } - return getResponse; - } - - private HttpHeaders getBasicAuthHeaders() throws Exception { - String userName = EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_NAME); - String encryptedPass = EcompExternalAuthProperties - .getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_PASSWORD); - String decryptedPass = EcompExternalAuthUtils.decryptPass(encryptedPass); - return EcompExternalAuthUtils.base64encodeKeyForAAFBasicAuth(userName, decryptedPass); - } - - private List convertToRoleFunctionList(List extPermsList) { - List roleFunctions = new ArrayList<>(); - String namespace = EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_NAMESPACE); - for (ExternalAccessPerms extPerm : extPermsList) { - RoleFunction roleFunction = new RoleFunction(); - roleFunction.setCode(extPerm.getInstance()); - roleFunction.setAction(extPerm.getAction()); - if (extPerm.getDescription() != null) { - roleFunction.setName(extPerm.getDescription()); - } - roleFunction.setType(extPerm.getType()); - roleFunctions.add(roleFunction); - } - return roleFunctions; - } - - private SearchResult loadSearchResultData(PostSearchBean searchCriteria) throws NamingException { - return ldapService.searchPost(searchCriteria.getUser(), searchCriteria.getSortBy1(), - searchCriteria.getSortBy2(), searchCriteria.getSortBy3(), searchCriteria.getPageNo(), - searchCriteria.getNewDataSize(), 1); - } - - @Override - public ResponseEntity checkUserExists(String username, String password) throws Exception { - username = changeIfUserDomainNotAppended(username); - HttpHeaders headers = EcompExternalAuthUtils.base64encodeKeyForAAFBasicAuth(username, password); - String appUsername = EcompExternalAuthProperties - .getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_NAME); - String appPass = EcompExternalAuthUtils.decryptPass( - EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_PASSWORD)); - JSONObject credentials = new JSONObject(); - credentials.put(ID, appUsername); - credentials.put(PASSCODE, appPass); - HttpEntity entity = new HttpEntity<>(credentials.toString(), headers); - logger.debug(EELFLoggerDelegate.debugLogger, "checkUserExists: Connecting to external auth system for user {}", - username); - ResponseEntity getResponse = template - .exchange(EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) - + EXTERNAL_AUTH_POST_CREDENTIALS_ENDPOINT, HttpMethod.POST, entity, String.class); - if (getResponse.getStatusCode().value() == 200) { - logger.debug(EELFLoggerDelegate.debugLogger, - "checkUserExists: Finished POST from external auth system to validate credentials and status: {}", - getResponse.getStatusCode().value()); - } - return getResponse; - } - - private String changeIfUserDomainNotAppended(String username) { - if (!EcompExternalAuthUtils.validate(username)) { - username = username - + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN); - } - return username; - } - - @Override - public List getIfUserPermsExists(String username) throws Exception { - HttpHeaders headers = getBasicAuthHeaders(); - HttpEntity entity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, - "getIfUserPermsExists: Connecting to external auth system for user {}", username); - username = changeIfUserDomainNotAppended(username); - String endPoint = EXTERNAL_AUTH_GET_USER_PERMS_ENDPOINT + username; - ResponseEntity getResponse = getPermsFromExternalAuthSystem(entity, endPoint); - return convertPermsJSONArrayToExternalAccessPerms(new ObjectMapper(), getResponse.getBody()); - } - -} diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java index dc6559ab..8a2c1206 100644 --- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java +++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtils.java @@ -44,8 +44,6 @@ import java.util.regex.Pattern; import javax.xml.bind.DatatypeConverter; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.onap.portalsdk.core.onboarding.util.CipherUtil; -import org.onap.portalsdk.core.util.SystemProperties; import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; @@ -79,19 +77,7 @@ public class EcompExternalAuthUtils { return headers; } - public static String decryptPass(String encrypted) throws Exception { - String result = ""; - if (encrypted != null && encrypted.length() > 0) { - try { - result = CipherUtil.decryptPKC(encrypted, - SystemProperties.getProperty(SystemProperties.Decryption_Key)); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger,"decryptedPassword failed", e); - throw e; - } - } - return result; - } + /** * Validates, if given username has fully domain address diff --git a/ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImplTest.java b/ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImplTest.java deleted file mode 100644 index ae6eb975..00000000 --- a/ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImplTest.java +++ /dev/null @@ -1,185 +0,0 @@ -/*- - * ============LICENSE_START========================================== - * ONAP Portal SDK - * =================================================================== - * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. - * =================================================================== - * - * Unless otherwise specified, all software contained herein is licensed - * under the Apache License, Version 2.0 (the "License"); - * you may not use this software except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * Unless otherwise specified, all documentation contained herein is licensed - * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); - * you may not use this documentation except in compliance with the License. - * You may obtain a copy of the License at - * - * https://creativecommons.org/licenses/by/4.0/ - * - * Unless required by applicable law or agreed to in writing, documentation - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ============LICENSE_END============================================ - * - * - */ -package org.onap.portalsdk.external.authorization.service; - -import static org.junit.Assert.assertNotNull; - -import java.util.ArrayList; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.TreeSet; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.onap.portalsdk.core.command.LoginBean; -import org.onap.portalsdk.core.domain.App; -import org.onap.portalsdk.core.domain.Role; -import org.onap.portalsdk.core.domain.RoleFunction; -import org.onap.portalsdk.core.domain.User; -import org.onap.portalsdk.core.domain.UserApp; -import org.onap.portalsdk.core.service.DataAccessService; -import org.onap.portalsdk.core.util.SystemProperties; -import org.onap.portalsdk.core.web.support.AppUtils; -import org.onap.portalsdk.core.web.support.UserUtils; -import org.onap.portalsdk.external.framework.MockitoTestSuite; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; - -@SuppressWarnings({ "unchecked", "rawtypes" }) -@RunWith(PowerMockRunner.class) -@PrepareForTest({AppUtils.class, UserUtils.class, SystemProperties.class}) -public class LoginExternalAuthServiceImplTest { - - @InjectMocks - private LoginExternalAuthServiceImpl loginExternalAuthServiceImpl; - - @Mock - private DataAccessService dataAccessService; - - @Mock - private UserApiService userApiService; - - MockitoTestSuite mockitoTestSuite = new MockitoTestSuite(); - - HttpServletRequest mockedRequest = mockitoTestSuite.getMockedRequest(); - HttpServletResponse mockedResponse = mockitoTestSuite.getMockedResponse(); - - @Before - public void setup() { - PowerMockito.mockStatic(AppUtils.class); - PowerMockito.mockStatic(UserUtils.class); - PowerMockito.mockStatic(SystemProperties.class); - } - - private User userObj() { - User user = new User(); - user.setEmail("test@mail.com"); - user.setFirstName("Test_firstname"); - user.setHrid("test_hrid"); - user.setJobTitle("test_jobtitle"); - user.setLastName("test_lastname"); - user.setLoginId("test123"); - user.setOrgManagerUserId("test456"); - user.setMiddleInitial("test_middlename"); - user.setOrgCode("testcode"); - user.setOrgId(1l); - user.setOrgUserId("test123"); - user.setActive(true); - user.setLastLoginDate(new Date()); - RoleFunction roleFunction = new RoleFunction(); - roleFunction.setId(12L); - roleFunction.setName("Role Function"); - - Set roleFunctions = new TreeSet(); - roleFunctions.add(roleFunction); - - Role role = new Role(); - role.setName("Role"); - role.setActive(true); - role.setRoleFunctions(roleFunctions); - Set userApps = new TreeSet(); - UserApp userApp = new UserApp(); - userApp.setUserId(1L); - userApp.setApp(getApp()); - userApp.setRole(role); - userApps.add(userApp); - user.setUserApps(userApps); - return user; - } - - public App getApp() { - App app = new App(); - app.setId(new Long(1)); - app.setName("Default"); - return app; - } - - @Test - public void findUserTest() throws Exception { - LoginBean bean = new LoginBean(); - bean.setUserid("test123"); - Map additionalParams = new HashMap<>(); - User user = userObj(); - user.setId(1l); - List usersId = new ArrayList<>(); - usersId.add(user.getId()); - List users = new ArrayList<>(); - users.add(user); - Mockito.when(userApiService.getUser(bean.getUserid(), mockedRequest)).thenReturn(user); - Map params = new HashMap<>(); - params.put("orgUserId", "test123"); - Mockito.when(dataAccessService.executeNamedQuery("getUserIdByorgUserId", params, null)).thenReturn(usersId); - Map params2 = new HashMap<>(); - params.put("org_user_id", "test123"); - Mockito.when(dataAccessService.executeNamedQuery("getUserByOrgUserId", params2, new HashMap())).thenReturn(users); - LoginBean expected = loginExternalAuthServiceImpl.findUser(bean, "menu", additionalParams, mockedRequest); - assertNotNull(expected); - } - - @Test - public void findUserForNewUserTest() throws Exception { - LoginBean bean = new LoginBean(); - bean.setUserid("test123"); - Map additionalParams = new HashMap<>(); - User user = userObj(); - List usersId = new ArrayList<>(); - usersId.add(user.getId()); - List users = new ArrayList<>(); - users.add(user); - Mockito.when(userApiService.getUser(bean.getUserid(), mockedRequest)).thenReturn(user); - Map params = new HashMap<>(); - params.put("orgUserId", "test123"); - Mockito.when(dataAccessService.executeNamedQuery("getUserIdByorgUserId", params, null)).thenReturn(usersId); - Map params2 = new HashMap<>(); - params.put("org_user_id", "test123"); - Mockito.when(dataAccessService.executeNamedQuery("getUserByOrgUserId", params2, new HashMap())).thenReturn(null); - LoginBean expected = loginExternalAuthServiceImpl.findUser(bean, "menu", additionalParams, mockedRequest); - assertNotNull(expected); - } -} diff --git a/ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImplTest.java b/ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImplTest.java deleted file mode 100644 index 9836c5f1..00000000 --- a/ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImplTest.java +++ /dev/null @@ -1,353 +0,0 @@ -/*- - * ============LICENSE_START========================================== - * ONAP Portal SDK - * =================================================================== - * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. - * =================================================================== - * - * Unless otherwise specified, all software contained herein is licensed - * under the Apache License, Version 2.0 (the "License"); - * you may not use this software except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * Unless otherwise specified, all documentation contained herein is licensed - * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); - * you may not use this documentation except in compliance with the License. - * You may obtain a copy of the License at - * - * https://creativecommons.org/licenses/by/4.0/ - * - * Unless required by applicable law or agreed to in writing, documentation - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ============LICENSE_END============================================ - * - * - */ -package org.onap.portalsdk.external.authorization.service; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotNull; -import static org.junit.Assert.assertNull; - -import java.util.ArrayList; -import java.util.Date; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.TreeSet; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.json.JSONObject; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; -import org.mockito.InjectMocks; -import org.mockito.Matchers; -import org.mockito.Mock; -import org.mockito.Mockito; -import org.mockito.MockitoAnnotations; -import org.onap.portalsdk.core.command.PostSearchBean; -import org.onap.portalsdk.core.command.support.SearchResult; -import org.onap.portalsdk.core.domain.App; -import org.onap.portalsdk.core.domain.Role; -import org.onap.portalsdk.core.domain.RoleFunction; -import org.onap.portalsdk.core.domain.User; -import org.onap.portalsdk.core.domain.UserApp; -import org.onap.portalsdk.core.service.AppService; -import org.onap.portalsdk.core.service.DataAccessService; -import org.onap.portalsdk.core.service.LdapService; -import org.onap.portalsdk.core.service.PostSearchService; -import org.onap.portalsdk.core.util.SystemProperties; -import org.onap.portalsdk.external.authorization.util.EcompExternalAuthProperties; -import org.onap.portalsdk.external.authorization.util.EcompExternalAuthUtils; -import org.onap.portalsdk.external.framework.MockitoTestSuite; -import org.powermock.api.mockito.PowerMockito; -import org.powermock.core.classloader.annotations.PrepareForTest; -import org.powermock.modules.junit4.PowerMockRunner; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpHeaders; -import org.springframework.http.HttpMethod; -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; -import org.springframework.web.client.HttpClientErrorException; -import org.springframework.web.client.RestTemplate; - -import com.fasterxml.jackson.databind.ObjectMapper; - -@SuppressWarnings({ "rawtypes", "unchecked" }) -@RunWith(PowerMockRunner.class) -@PrepareForTest({ EcompExternalAuthProperties.class, EcompExternalAuthUtils.class }) -public class UserApiServiceImplTest { - - private static final String APP_ID = "appId"; - - private static final String PRIORITY = "priority"; - - private static final String ACTIVE = "active"; - - private static final String ROLE_NAME = "name"; - - private static final String APP_ROLE_ID = "appRoleId"; - - private static final String ID = "id"; - - @InjectMocks - private UserApiServiceImpl UserApiServiceImpl; - - @Mock - private DataAccessService dataAccessService; - - @Mock - private LoginExternalAuthService loginAAFService; - - @Mock - private LdapService ldapService; - - @Mock - private PostSearchService postSearchService; - - @Mock - private AppService appService; - - @Mock - RestTemplate template = new RestTemplate(); - - @Before - public void setup() throws Exception { - PowerMockito.mockStatic(EcompExternalAuthProperties.class); - PowerMockito.mockStatic(EcompExternalAuthUtils.class); - PowerMockito.mockStatic(SystemProperties.class); - Mockito.when(EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_NAMESPACE)) - .thenReturn("com.test.app2"); - Mockito.when(EcompExternalAuthUtils.base64encodeKeyForAAFBasicAuth(Matchers.anyString(), Matchers.anyString())).thenReturn(new HttpHeaders()); - Mockito.when(EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN)) - .thenReturn("@test.com"); - MockitoAnnotations.initMocks(this); - } - - MockitoTestSuite mockitoTestSuite = new MockitoTestSuite(); - - HttpServletRequest mockedRequest = mockitoTestSuite.getMockedRequest(); - HttpServletResponse mockedResponse = mockitoTestSuite.getMockedResponse(); - - private User userObj() { - User user = new User(); - user.setEmail("test@mail.com"); - user.setFirstName("Test_firstname"); - user.setHrid("test_hrid"); - user.setJobTitle("test_jobtitle"); - user.setLastName("test_lastname"); - user.setLoginId("test123"); - user.setOrgManagerUserId("test456"); - user.setMiddleInitial("test_middlename"); - user.setOrgCode("testcode"); - user.setOrgId(1l); - user.setOrgUserId("test123"); - user.setActive(true); - user.setLastLoginDate(new Date()); - RoleFunction roleFunction = new RoleFunction(); - roleFunction.setId(12L); - roleFunction.setName("Role Function"); - - Set roleFunctions = new TreeSet(); - roleFunctions.add(roleFunction); - - Role role = new Role(); - role.setName("Role"); - role.setActive(true); - role.setRoleFunctions(roleFunctions); - Set userApps = new TreeSet(); - UserApp userApp = new UserApp(); - userApp.setUserId(1L); - userApp.setApp(getApp()); - userApp.setRole(role); - userApps.add(userApp); - user.setUserApps(userApps); - return user; - } - - public App getApp() { - App app = new App(); - app.setId(new Long(1)); - app.setName("Default"); - return app; - } - - @Test - public void getUserTest() throws Exception { - ObjectMapper mapper = new ObjectMapper(); - Map roleDesc = new LinkedHashMap<>(); - roleDesc.put(ID, "1"); - roleDesc.put(ROLE_NAME, "test_role"); - roleDesc.put(ACTIVE, String.valueOf(true)); - roleDesc.put(PRIORITY, String.valueOf(1)); - roleDesc.put(APP_ID, String.valueOf(1)); - roleDesc.put(APP_ROLE_ID, String.valueOf(1l)); - String addDesc = mapper.writeValueAsString(roleDesc); - JSONObject mockJsonObjectRole = new JSONObject(); - JSONObject mockJsonObjectRole2 = new JSONObject(); - JSONObject mockJsonObjectRole3 = new JSONObject(); - JSONObject mockJsonObjectRole4 = new JSONObject(); - JSONObject mockJsonObjectRole5 = new JSONObject(); - JSONObject mockJsonObjectPerm1 = new JSONObject(); - JSONObject mockJsonObjectPerm2 = new JSONObject(); - mockJsonObjectPerm1.put("type", "com.test.app2.test_type"); - mockJsonObjectPerm1.put("instance", "test_instance"); - mockJsonObjectPerm1.put("action", "*"); - mockJsonObjectPerm2.put("type", "com.test.app.test_type2"); - mockJsonObjectPerm2.put("instance", "test_instance2"); - mockJsonObjectPerm2.put("action", "*"); - List permsList = new ArrayList<>(); - permsList.add(mockJsonObjectPerm1); - permsList.add(mockJsonObjectPerm2); - mockJsonObjectRole.put("name", "com.test.app2.test_role"); - mockJsonObjectRole2.put("name", "com.test.app2.test_role2"); - mockJsonObjectRole2.put("perms", permsList); - mockJsonObjectRole2.put("description", addDesc); - mockJsonObjectRole3.put("name", "com.test.app2.Account_Administrator"); - mockJsonObjectRole4.put("name", "com.test.app2.admin"); - mockJsonObjectRole5.put("name", "com.test.app2.owner"); - List userRolesList = new ArrayList<>(); - JSONObject mockJsonObjectFinalUserRole = new JSONObject(); - userRolesList.add(mockJsonObjectRole); - userRolesList.add(mockJsonObjectRole2); - userRolesList.add(mockJsonObjectRole3); - userRolesList.add(mockJsonObjectRole4); - userRolesList.add(mockJsonObjectRole5); - mockJsonObjectFinalUserRole.put("role", userRolesList); - Mockito.when(EcompExternalAuthUtils.isJSONValid(addDesc)).thenReturn(true); - ResponseEntity response = new ResponseEntity<>(mockJsonObjectFinalUserRole.toString(), HttpStatus.OK); - Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.GET), - Matchers.>any(), Matchers.eq(String.class))).thenReturn(response); - Mockito.when(EcompExternalAuthUtils.checkNameSpaceMatching(Matchers.anyString(), Matchers.anyString())) - .thenReturn(true); - Mockito.when(loginAAFService.findUserWithoutPwd("test123")).thenReturn(userObj()); - Mockito.when(appService.getApp(1l)).thenReturn(getApp()); - User actual = UserApiServiceImpl.getUser("test123", mockedRequest); - assertNotNull(actual); - } - - @Test - public void getNewUserNullExceptionTest() throws Exception { - JSONObject mockJsonObjectRole = new JSONObject(); - JSONObject mockJsonObjectRole2 = new JSONObject(); - JSONObject mockJsonObjectRole3 = new JSONObject(); - JSONObject mockJsonObjectPerm1 = new JSONObject(); - JSONObject mockJsonObjectPerm2 = new JSONObject(); - mockJsonObjectPerm1.put("type", "com.test.app2.test_type"); - mockJsonObjectPerm1.put("instance", "test_instance"); - mockJsonObjectPerm1.put("action", "*"); - mockJsonObjectPerm2.put("type", "com.test.app.test_type2"); - mockJsonObjectPerm2.put("instance", "test_instance2"); - mockJsonObjectPerm2.put("action", "*"); - List permsList = new ArrayList<>(); - permsList.add(mockJsonObjectPerm1); - permsList.add(mockJsonObjectPerm2); - mockJsonObjectRole.put("name", "com.test.app2.test_role"); - mockJsonObjectRole2.put("name", "com.test.app2.test_role2"); - mockJsonObjectRole2.put("perms", permsList); - mockJsonObjectRole3.put("name", "com.test.app2.Account_Administrator"); - List userRolesList = new ArrayList<>(); - JSONObject mockJsonObjectFinalUserRole = new JSONObject(); - userRolesList.add(mockJsonObjectRole); - userRolesList.add(mockJsonObjectRole2); - userRolesList.add(mockJsonObjectRole3); - mockJsonObjectFinalUserRole.put("role", userRolesList); - ResponseEntity response = new ResponseEntity<>(mockJsonObjectFinalUserRole.toString(), HttpStatus.OK); - Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.GET), - Matchers.>any(), Matchers.eq(String.class))).thenReturn(response); - Mockito.when(EcompExternalAuthUtils.checkNameSpaceMatching(Matchers.anyString(), Matchers.anyString())) - .thenReturn(true); - Mockito.when(loginAAFService.findUserWithoutPwd("test123")).thenReturn(null); - Mockito.when(appService.getApp(1l)).thenReturn(getApp()); - PostSearchBean postSearchBean = new PostSearchBean(); - postSearchBean.setOrgUserId("test123"); - SearchResult result = new SearchResult(); - result.add(userObj()); - Mockito.when(ldapService.searchPost(postSearchBean.getUser(), postSearchBean.getSortBy1(), - postSearchBean.getSortBy2(), postSearchBean.getSortBy3(), postSearchBean.getPageNo(), - postSearchBean.getNewDataSize(), 1)).thenReturn(result); - User user = UserApiServiceImpl.getUser("test123", mockedRequest); - assertNull(user); - } - - @Test - public void getRoleFunctionsTest() throws Exception { - JSONObject mockJsonObjectPerms = mockUserPerms(); - ResponseEntity response = new ResponseEntity<>(mockJsonObjectPerms.toString(), HttpStatus.OK); - Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.GET), - Matchers.>any(), Matchers.eq(String.class))).thenReturn(response); - List actual = UserApiServiceImpl.getRoleFunctions("test123"); - assertNotNull(actual); - } - - private JSONObject mockUserPerms() { - JSONObject mockJsonObjectPerms = new JSONObject(); - JSONObject mockJsonObjectPerm1 = new JSONObject(); - JSONObject mockJsonObjectPerm2 = new JSONObject(); - JSONObject mockJsonObjectPerm3 = new JSONObject(); - mockJsonObjectPerm1.put("type", "com.test.app2.test_type"); - mockJsonObjectPerm1.put("instance", "test_instance"); - mockJsonObjectPerm1.put("action", "*"); - mockJsonObjectPerm2.put("type", "com.test.app2.test_type2"); - mockJsonObjectPerm2.put("instance", "test_instance2"); - mockJsonObjectPerm2.put("action", "*"); - mockJsonObjectPerm2.put("description", "test_name"); - mockJsonObjectPerm3.put("type", "com.test.app3.test_type3"); - mockJsonObjectPerm3.put("instance", "test_instance3"); - mockJsonObjectPerm3.put("action", "*"); - List permsList = new ArrayList<>(); - permsList.add(mockJsonObjectPerm1); - permsList.add(mockJsonObjectPerm2); - mockJsonObjectPerms.put("perm", permsList); - return mockJsonObjectPerms; - } - - @Test - public void checkUserExistsTest() throws Exception { - ResponseEntity response = new ResponseEntity<>(HttpStatus.OK); - Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.POST), - Matchers.>any(), Matchers.eq(String.class))).thenReturn(response); - ResponseEntity actual = UserApiServiceImpl.checkUserExists("test", "test"); - assertNotNull(actual); - } - - @Test(expected = HttpClientErrorException.class) - public void checkUserExistsExceptionTest() throws Exception { - Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.POST), - Matchers.>any(), Matchers.eq(String.class))).thenThrow(new HttpClientErrorException(HttpStatus.UNAUTHORIZED)); - UserApiServiceImpl.checkUserExists("test", "test"); - } - - @Test - public void getIfUserPermsExistsTest() throws Exception { - JSONObject mockJsonObjectPerms = mockUserPerms(); - ResponseEntity response = new ResponseEntity<>(mockJsonObjectPerms.toString(), HttpStatus.OK); - Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.GET), - Matchers.>any(), Matchers.eq(String.class))).thenReturn(response); - UserApiServiceImpl.getIfUserPermsExists("test123@test.com"); - } - - @Test(expected = HttpClientErrorException.class) - public void getIfUserPermsExistsInvalidUserTest() throws Exception { - Mockito.when(template.exchange(Matchers.anyString(), Matchers.eq(HttpMethod.GET), - Matchers.>any(), Matchers.eq(String.class))).thenThrow(new HttpClientErrorException(HttpStatus.UNAUTHORIZED)); - UserApiServiceImpl.getIfUserPermsExists("test1"); - } - -} diff --git a/ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtilsTest.java b/ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtilsTest.java index 4357b0a5..98260e20 100644 --- a/ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtilsTest.java +++ b/ecomp-sdk/epsdk-aaf/src/test/java/org/onap/portalsdk/external/authorization/util/EcompExternalAuthUtilsTest.java @@ -48,14 +48,13 @@ import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mockito; import org.mockito.MockitoAnnotations; -import org.onap.portalsdk.core.onboarding.util.CipherUtil; import org.powermock.api.mockito.PowerMockito; import org.powermock.core.classloader.annotations.PrepareForTest; import org.powermock.modules.junit4.PowerMockRunner; import org.springframework.http.HttpHeaders; @RunWith(PowerMockRunner.class) -@PrepareForTest({ EcompExternalAuthProperties.class, CipherUtil.class, DatatypeConverter.class }) +@PrepareForTest({ EcompExternalAuthProperties.class, DatatypeConverter.class }) public class EcompExternalAuthUtilsTest { public static final String EXT_EMPTY_JSON_STRING = "{}"; @@ -73,7 +72,6 @@ public class EcompExternalAuthUtilsTest { @Before public void setup() { PowerMockito.mockStatic(EcompExternalAuthProperties.class); - PowerMockito.mockStatic(CipherUtil.class); PowerMockito.mockStatic(DatatypeConverter.class); Mockito.when(EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_NAME)) .thenReturn("test_username"); -- cgit 1.2.3-korg