From 27fa75194efcf77c93b645ef7b412668ac3f5d38 Mon Sep 17 00:00:00 2001 From: xuegao Date: Wed, 9 Dec 2020 16:01:22 +0100 Subject: Add basic auth Adding basic auth for SDC apis. Issue-ID: OJSI-90 Signed-off-by: xuegao Change-Id: Ie84e6bab8d8526f7f4d21a36bba52d8fe9abebbb Signed-off-by: xuegao --- .../cookbooks/sdc-catalog-fe/attributes/default.rb | 5 +++++ .../recipes/FE_2_setup_configuration.rb | 3 +++ .../templates/default/FE-configuration.yaml.erb | 5 +++++ .../openecomp/sdc/fe/servlets/FeProxyServlet.java | 23 ++++++++++++++-------- 4 files changed, 28 insertions(+), 8 deletions(-) (limited to 'catalog-fe') diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb index 4d65cf72c5..7f66138f92 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb @@ -18,3 +18,8 @@ default['ONBOARDING_BE'][:https_port] = 8445 default['DCAE']['FE'][:http_port] = 8183 default['DCAE']['FE'][:https_port] = 9444 default['DCAE_FE_VIP'] = "dcaed-fe" + +#BasicAuth +default['basic_auth']['enabled'] = true +default['basic_auth'][:user_name] = "testName" +default['basic_auth'][:user_pass] = "testPass" \ No newline at end of file diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb index 7de9dbc3d5..640b5b8d77 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb @@ -10,6 +10,9 @@ template "catalog-fe-config" do :kb_host_ip => node['Nodes']['KB'], :catalog_port => node['BE'][:http_port], :ssl_port => node['BE'][:https_port], + :basic_auth_flag => node['basic_auth']['enabled'], + :user_name => node['basic_auth'][:user_name], + :user_pass => node['basic_auth'][:user_pass], :dcae_fe_vip => node['DCAE_FE_VIP'] }) end diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb index fcdc45ecf4..688bdedb3c 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb @@ -39,6 +39,11 @@ healthCheckSocketTimeoutInMs: 5000 healthCheckIntervalInSeconds: 5 +basicAuth: + enabled: <%= @basic_auth_flag %> + userName: <%= @user_name %> + userPass: <%= @user_pass %> + onboarding: hostFe: <%= @fe_host_ip %> <% if node[:disableHttp] -%> diff --git a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java index 8f76cb95ab..337a8ae100 100644 --- a/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java +++ b/catalog-fe/src/main/java/org/openecomp/sdc/fe/servlets/FeProxyServlet.java @@ -21,13 +21,17 @@ package org.openecomp.sdc.fe.servlets; import com.google.common.annotations.VisibleForTesting; +import java.util.Base64; import org.apache.commons.lang3.NotImplementedException; import org.apache.commons.lang3.StringUtils; +import org.eclipse.jetty.client.api.Request; import org.eclipse.jetty.client.api.Response; +import org.eclipse.jetty.http.HttpHeader; import org.openecomp.sdc.common.api.Constants; import org.openecomp.sdc.common.log.enums.EcompLoggerErrorCode; import org.openecomp.sdc.common.log.wrappers.Logger; import org.openecomp.sdc.fe.config.Configuration; +import org.openecomp.sdc.fe.config.Configuration.BasicAuthConfig; import org.openecomp.sdc.fe.config.Configuration.CatalogFacadeMsConfig; import org.openecomp.sdc.fe.config.ConfigurationManager; import org.openecomp.sdc.fe.config.FeEcompErrorManager; @@ -37,7 +41,6 @@ import org.openecomp.sdc.fe.impl.LogHandler; import org.openecomp.sdc.fe.utils.BeProtocol; import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; import java.net.MalformedURLException; import java.net.URL; @@ -96,14 +99,18 @@ public class FeProxyServlet extends SSLProxyServlet { } @Override - protected void onProxyResponseSuccess(HttpServletRequest request, HttpServletResponse proxyResponse, Response response) { - try { - logFeResponse(request, response); - } catch (Exception e) { - FeEcompErrorManager.getInstance().logFeHttpLoggingError("FE Response"); - log.error(EcompLoggerErrorCode.UNKNOWN_ERROR,"FeProxyServlet onProxyResponseSuccess", "sdc-FE", "Unexpected FE response logging error: ", e); + protected void addProxyHeaders(HttpServletRequest clientRequest, Request proxyRequest) + { + Configuration config = getConfiguration(clientRequest); + if (config == null) { + log.error("failed to retrieve configuration."); + } + BasicAuthConfig basicAuth = config.getBasicAuth(); + if (basicAuth.getEnabled()) { + proxyRequest.header(HttpHeader.AUTHORIZATION, + "Basic " + Base64.getEncoder().encodeToString((basicAuth.getUserName() + ":" + basicAuth.getUserPass()).getBytes())); } - super.onProxyResponseSuccess(request, proxyResponse, response); + super.addProxyHeaders(clientRequest, proxyRequest); } private void logFeRequest(HttpServletRequest httpRequest){ -- cgit 1.2.3-korg