diff options
author | JvD_Ericsson <jeff.van.dam@est.tech> | 2022-01-20 09:59:31 +0000 |
---|---|---|
committer | Michael Morris <michael.morris@est.tech> | 2022-01-28 14:38:40 +0000 |
commit | fa5b6ac34fc3f8ebe9e91d8363a0dbb6841d3c03 (patch) | |
tree | 9b791c16c5f49e61cd78dd2812616a214b7da38c | |
parent | 9bd18657d2048d3396d15a394b4493b283c47e4d (diff) |
Fix decrypt errors in sdc-be logs
Will check if userId is a base64 encoding before trying to decrypt
Issue-ID: SDC-3851
Signed-off-by: JvD_Ericsson <jeff.van.dam@est.tech>
Change-Id: I437bf9cc5952f4d21e5bda60875ada27dcc9cd66
-rw-r--r-- | catalog-be/src/main/java/org/openecomp/sdc/be/user/UserBusinessLogic.java | 13 | ||||
-rw-r--r-- | catalog-be/src/test/java/org/openecomp/sdc/be/user/UserBusinessLogicTest.java | 23 |
2 files changed, 35 insertions, 1 deletions
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/user/UserBusinessLogic.java b/catalog-be/src/main/java/org/openecomp/sdc/be/user/UserBusinessLogic.java index 62232beaf5..89b0fe65bc 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/user/UserBusinessLogic.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/user/UserBusinessLogic.java @@ -30,6 +30,7 @@ import java.util.HashSet; import java.util.List; import java.util.Objects; import java.util.stream.Collectors; +import org.apache.commons.codec.binary.Base64; import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang3.StringUtils; import org.apache.tinkerpop.gremlin.structure.Edge; @@ -84,7 +85,7 @@ public class UserBusinessLogic { } private String decryptUserId(final String userId) { - if (StringUtils.isNotEmpty(userId)) { + if (StringUtils.isNotEmpty(userId) && isUserBase64Encoded(userId)) { try { return CipherUtil.decryptPKC(userId); } catch (final Exception e) { @@ -94,6 +95,16 @@ public class UserBusinessLogic { return userId; } + boolean isUserBase64Encoded(String userId){ + try { + byte[] decodedUserId = Base64.decodeBase64(userId.getBytes()); + byte[] reEncodedUserId = Base64.encodeBase64(decodedUserId); + return userId.equals(new String(reEncodedUserId)); + } catch (Exception e) { + return false; + } + } + public User getUser(String userId) { userId = decryptUserId(userId); UserContext userContext = ThreadLocalsHolder.getUserContext(); diff --git a/catalog-be/src/test/java/org/openecomp/sdc/be/user/UserBusinessLogicTest.java b/catalog-be/src/test/java/org/openecomp/sdc/be/user/UserBusinessLogicTest.java index 3663076564..3fe8e03565 100644 --- a/catalog-be/src/test/java/org/openecomp/sdc/be/user/UserBusinessLogicTest.java +++ b/catalog-be/src/test/java/org/openecomp/sdc/be/user/UserBusinessLogicTest.java @@ -750,4 +750,27 @@ public class UserBusinessLogicTest { ThreadLocalsHolder.setUserContext(originalUserContext); } } + + @Test + public void testIsUserBase64EncodedTrueUserIdBase64Encoded() { + String userId = "bW9jaw=="; + assertThat(testSubject.isUserBase64Encoded(userId)).isTrue(); + } + + @Test + public void testIsUserBase64EncodedFalseUserIdNotBase64Encoded() { + String userId = "mockId"; + assertThat(testSubject.isUserBase64Encoded(userId)).isFalse(); + } + + @Test + public void testIsUserBase64EncodedFalseUserIdIsNull() { + assertThat(testSubject.isUserBase64Encoded(null)).isFalse(); + } + + @Test + public void testIsUserBase64EncodedFalseInvalidBase64Characters() { + String userId = "%not£valid*"; + assertThat(testSubject.isUserBase64Encoded(userId)).isFalse(); + } } |