summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com>2018-08-15 10:26:43 -0400
committerMohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com>2018-08-15 10:29:42 -0400
commit705c39c8274ceefebe0d8fd6c7bcd741e1bb6797 (patch)
treec634d51de2f937ea896662a0fae301dbd75b2706
parent41a3f1b3b0e14fb1df40273adb4b4b1937c5a977 (diff)
Added code for password obfuscation(v2)
Issue-ID: SDNC-317 Change-Id: Ic6125feb917878f8edaf34a1f396826401173022 Signed-off-by: Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com>
-rw-r--r--pomba/network-discovery/config/application.properties2
-rw-r--r--pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/Application.java7
-rw-r--r--pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java8
-rw-r--r--pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/JettyPasswordDecoder.java34
-rw-r--r--pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PasswordDecoder.java26
-rw-r--r--pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PropertyPasswordConfiguration.java80
-rw-r--r--pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java9
-rw-r--r--pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java11
-rw-r--r--pomba/service-decomposition/config/application.properties2
-rw-r--r--pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java5
-rw-r--r--pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java8
-rw-r--r--pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java34
-rw-r--r--pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java26
-rw-r--r--pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java81
-rw-r--r--pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java11
-rw-r--r--pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java16
16 files changed, 319 insertions, 41 deletions
diff --git a/pomba/network-discovery/config/application.properties b/pomba/network-discovery/config/application.properties
index 1536110..ba631b6 100644
--- a/pomba/network-discovery/config/application.properties
+++ b/pomba/network-discovery/config/application.properties
@@ -20,7 +20,7 @@ server.context_parameters.p-name=value #context parameter with p-name as key and
# Basic Authentication
basicAuth.username=admin
-basicAuth.password=OBF:1u2a1toa1w8v1tok1u30
+basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)
# A&AI Enircher REST Client Configuration
enricher.url=https://d2enrichment:9505
diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/Application.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/Application.java
index eb2d9fd..82916e9 100644
--- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/Application.java
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/Application.java
@@ -15,6 +15,7 @@
* limitations under the License.
* ============LICENSE_END=====================================================
*/
+
package org.onap.sdnc.apps.pomba.networkdiscovery;
import org.springframework.boot.SpringApplication;
@@ -38,7 +39,7 @@ public class Application extends SpringBootServletInitializer {
}
public static void main(String[] args) throws Exception {
- SpringApplication.run(Application.class, args);
+ SpringApplication app = new SpringApplication(Application.class);
+ app.addInitializers(new PropertyPasswordConfiguration());
}
-
-}
+} \ No newline at end of file
diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java
index c767e44..0196e49 100644
--- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java
@@ -19,7 +19,6 @@
package org.onap.sdnc.apps.pomba.networkdiscovery;
import java.util.Base64;
-import org.eclipse.jetty.util.security.Password;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
@@ -30,12 +29,11 @@ public class AuthorizationConfiguration {
@Value("${basicAuth.username:admin}")
private String username;
- @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}")
+ @Value("${basicAuth.password:admin}")
private String password;
- @Bean(name="networkDiscoveryBasicAuthHeader")
+ @Bean(name="basicAuthHeader")
public String getNdBasicAuthHeader() {
- String auth = new String(this.username + ":" + Password.deobfuscate(this.password));
- return "Basic " + Base64.getEncoder().encodeToString(auth.getBytes());
+ return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes());
}
}
diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/JettyPasswordDecoder.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/JettyPasswordDecoder.java
new file mode 100644
index 0000000..10db0ef
--- /dev/null
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/JettyPasswordDecoder.java
@@ -0,0 +1,34 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.networkdiscovery;
+
+import org.eclipse.jetty.util.security.Password;
+
+public class JettyPasswordDecoder implements PasswordDecoder {
+
+ @Override
+ public String decode(String input) {
+ if (input.startsWith("OBF:")) {
+ return Password.deobfuscate(input);
+ }
+ return Password.deobfuscate("OBF:" + input);
+ }
+} \ No newline at end of file
diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PasswordDecoder.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PasswordDecoder.java
new file mode 100644
index 0000000..9bbabd0
--- /dev/null
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PasswordDecoder.java
@@ -0,0 +1,26 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.networkdiscovery;
+
+public interface PasswordDecoder {
+
+ String decode(String input);
+} \ No newline at end of file
diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PropertyPasswordConfiguration.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PropertyPasswordConfiguration.java
new file mode 100644
index 0000000..be99ebf
--- /dev/null
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PropertyPasswordConfiguration.java
@@ -0,0 +1,80 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.networkdiscovery;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.core.env.ConfigurableEnvironment;
+import org.springframework.core.env.EnumerablePropertySource;
+import org.springframework.core.env.MapPropertySource;
+import org.springframework.core.env.PropertySource;
+import org.springframework.stereotype.Component;
+
+@Component
+public class PropertyPasswordConfiguration implements ApplicationContextInitializer<ConfigurableApplicationContext>
+{
+ private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)");
+
+ private PasswordDecoder passwordDecoder = new JettyPasswordDecoder();
+
+ @Override
+ public void initialize(ConfigurableApplicationContext applicationContext) {
+ ConfigurableEnvironment environment = applicationContext.getEnvironment();
+ for (PropertySource<?> propertySource : environment.getPropertySources()) {
+ Map<String, Object> propertyOverrides = new LinkedHashMap<>();
+ decodePasswords(propertySource, propertyOverrides);
+ if (!propertyOverrides.isEmpty()) {
+ PropertySource<?> decodedProperties = new MapPropertySource("decoded "+ propertySource.getName(), propertyOverrides);
+ environment.getPropertySources().addBefore(propertySource.getName(), decodedProperties);
+ }
+ }
+ }
+
+ private void decodePasswords(PropertySource<?> source, Map<String, Object> propertyOverrides) {
+ if (source instanceof EnumerablePropertySource) {
+ EnumerablePropertySource<?> enumerablePropertySource = (EnumerablePropertySource<?>) source;
+ for (String key : enumerablePropertySource.getPropertyNames()) {
+ Object rawValue = source.getProperty(key);
+ if (rawValue instanceof String) {
+ String decodedValue = decodePasswordsInString((String) rawValue);
+ propertyOverrides.put(key, decodedValue);
+ }
+ }
+ }
+ }
+
+ private String decodePasswordsInString(String input) {
+ if (input == null) return null;
+ StringBuffer output = new StringBuffer();
+ Matcher matcher = decodePasswordPattern.matcher(input);
+ while (matcher.find()) {
+ String replacement = passwordDecoder.decode(matcher.group(1));
+ matcher.appendReplacement(output, replacement);
+ }
+ matcher.appendTail(output);
+ return output.toString();
+ }
+} \ No newline at end of file
diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java
index 666e308..7447e67 100644
--- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java
@@ -15,6 +15,7 @@
* limitations under the License.
* ============LICENSE_END=====================================================
*/
+
package org.onap.sdnc.apps.pomba.networkdiscovery.service.rs;
import static org.onap.sdnc.apps.pomba.networkdiscovery.ApplicationException.Error.GENERAL_FAILURE;
@@ -48,8 +49,8 @@ public class RestServiceImpl implements RestService {
@Autowired
private SpringService service;
- @Resource(name="networkDiscoveryBasicAuthHeader")
- private String networkDiscoveryBasicAuthHeader;
+ @Resource(name="basicAuthHeader")
+ private String basicAuthHeader;
@Override
public Response findbyResourceIdAndType(HttpServletRequest request,
@@ -73,7 +74,7 @@ public class RestServiceImpl implements RestService {
version = "v1";
}
- if (authorization == null || !this.networkDiscoveryBasicAuthHeader.equals(authorization)) {
+ if (authorization == null || !this.basicAuthHeader.equals(authorization)) {
throw new ApplicationException(UNAUTHORIZED, Status.UNAUTHORIZED);
}
if ((fromAppId == null) || fromAppId.trim().isEmpty()) {
@@ -123,7 +124,5 @@ public class RestServiceImpl implements RestService {
} finally {
adapter.exiting();
}
-
}
-
}
diff --git a/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java b/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java
index 100c671..cd65b25 100644
--- a/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java
+++ b/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java
@@ -46,13 +46,14 @@ import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
-import org.eclipse.jetty.util.security.Password;
import org.junit.After;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.onap.logging.ref.slf4j.ONAPLogConstants;
+import org.onap.sdnc.apps.pomba.networkdiscovery.Application;
+import org.onap.sdnc.apps.pomba.networkdiscovery.PropertyPasswordConfiguration;
import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.Attribute;
import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.DataQuality;
import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.NetworkDiscoveryNotification;
@@ -65,6 +66,7 @@ import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.core.env.Environment;
+import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
@@ -76,8 +78,9 @@ import org.springframework.test.context.web.WebAppConfiguration;
@TestPropertySource(properties = {
"enricher.url=http://localhost:9505",
"basicAuth.username=admin",
- "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30"
+ "basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)"
})
+@ContextConfiguration(initializers = PropertyPasswordConfiguration.class, classes = Application.class)
public class NetworkDiscoveryTest {
private static final String V1 = "v1";
private static final String APP = "junit";
@@ -85,8 +88,7 @@ public class NetworkDiscoveryTest {
private static final String RESOURCE_TYPE_VSERVER = "vserver";
private static final String CALLBACK_PATH = "/callback";
- private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString((
- "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes());
+ private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(("admin:admin").getBytes());
@Autowired
private Environment environment;
@@ -189,7 +191,6 @@ public class NetworkDiscoveryTest {
}
}
-
@Test
public void testVerifyResourceType() throws Exception {
// no resource type
diff --git a/pomba/service-decomposition/config/application.properties b/pomba/service-decomposition/config/application.properties
index c60a369..cd118f0 100644
--- a/pomba/service-decomposition/config/application.properties
+++ b/pomba/service-decomposition/config/application.properties
@@ -16,7 +16,7 @@ server.tomcat.min-Spare-Threads=25
server.tomcat.max-idle-time=60000
basicAuth.username=admin
-basicAuth.password=OBF:1u2a1toa1w8v1tok1u30
+basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)
# AAI REST Client Configuration
aai.host=135.63.125.59
diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java
index 58b00d8..8bf108c 100644
--- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java
+++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java
@@ -15,6 +15,7 @@
* limitations under the License.
* ============LICENSE_END=====================================================
*/
+
package org.onap.sdnc.apps.pomba.servicedecomposition;
import org.springframework.boot.SpringApplication;
@@ -38,7 +39,7 @@ public class Application extends SpringBootServletInitializer {
}
public static void main(String[] args) throws Exception {
- SpringApplication.run(Application.class, args);
+ SpringApplication app = new SpringApplication(Application.class);
+ app.addInitializers(new PropertyPasswordConfiguration());
}
-
}
diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java
index 7cac0cd..4bea962 100644
--- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java
+++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java
@@ -19,7 +19,6 @@
package org.onap.sdnc.apps.pomba.servicedecomposition;
import java.util.Base64;
-import org.eclipse.jetty.util.security.Password;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
@@ -30,12 +29,11 @@ public class AuthorizationConfiguration {
@Value("${basicAuth.username:admin}")
private String username;
- @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}")
+ @Value("${basicAuth.password:admin}")
private String password;
- @Bean(name="serviceDecompositionBasicAuthHeader")
+ @Bean(name="basicAuthHeader")
public String getSdBasicAuthHeader() {
- String auth = new String(this.username + ":" + Password.deobfuscate(this.password));
- return "Basic " + Base64.getEncoder().encodeToString(auth.getBytes());
+ return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes());
}
}
diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java
new file mode 100644
index 0000000..de6820b
--- /dev/null
+++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java
@@ -0,0 +1,34 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.servicedecomposition;
+
+import org.eclipse.jetty.util.security.Password;
+
+public class JettyPasswordDecoder implements PasswordDecoder {
+
+ @Override
+ public String decode(String input) {
+ if (input.startsWith("OBF:")) {
+ return Password.deobfuscate(input);
+ }
+ return Password.deobfuscate("OBF:" + input);
+ }
+} \ No newline at end of file
diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java
new file mode 100644
index 0000000..627d382
--- /dev/null
+++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java
@@ -0,0 +1,26 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.servicedecomposition;
+
+public interface PasswordDecoder {
+
+ String decode(String input);
+} \ No newline at end of file
diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java
new file mode 100644
index 0000000..6232c32
--- /dev/null
+++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java
@@ -0,0 +1,81 @@
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.servicedecomposition;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.core.env.ConfigurableEnvironment;
+import org.springframework.core.env.EnumerablePropertySource;
+import org.springframework.core.env.MapPropertySource;
+import org.springframework.core.env.PropertySource;
+import org.springframework.stereotype.Component;
+
+@Component
+public class PropertyPasswordConfiguration implements ApplicationContextInitializer<ConfigurableApplicationContext>
+{
+
+ private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)");
+
+ private PasswordDecoder passwordDecoder = new JettyPasswordDecoder();
+
+ @Override
+ public void initialize(ConfigurableApplicationContext applicationContext) {
+ ConfigurableEnvironment environment = applicationContext.getEnvironment();
+ for (PropertySource<?> propertySource : environment.getPropertySources()) {
+ Map<String, Object> propertyOverrides = new LinkedHashMap<>();
+ decodePasswords(propertySource, propertyOverrides);
+ if (!propertyOverrides.isEmpty()) {
+ PropertySource<?> decodedProperties = new MapPropertySource("decoded "+ propertySource.getName(), propertyOverrides);
+ environment.getPropertySources().addBefore(propertySource.getName(), decodedProperties);
+ }
+ }
+ }
+
+ private void decodePasswords(PropertySource<?> source, Map<String, Object> propertyOverrides) {
+ if (source instanceof EnumerablePropertySource) {
+ EnumerablePropertySource<?> enumerablePropertySource = (EnumerablePropertySource<?>) source;
+ for (String key : enumerablePropertySource.getPropertyNames()) {
+ Object rawValue = source.getProperty(key);
+ if (rawValue instanceof String) {
+ String decodedValue = decodePasswordsInString((String) rawValue);
+ propertyOverrides.put(key, decodedValue);
+ }
+ }
+ }
+ }
+
+ private String decodePasswordsInString(String input) {
+ if (input == null) return null;
+ StringBuffer output = new StringBuffer();
+ Matcher matcher = decodePasswordPattern.matcher(input);
+ while (matcher.find()) {
+ String replacement = passwordDecoder.decode(matcher.group(1));
+ matcher.appendReplacement(output, replacement);
+ }
+ matcher.appendTail(output);
+ return output.toString();
+ }
+} \ No newline at end of file
diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java
index 5ec6bca..6840b82 100644
--- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java
+++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java
@@ -15,6 +15,7 @@
* limitations under the License.
* ============LICENSE_END=====================================================
*/
+
package org.onap.sdnc.apps.pomba.servicedecomposition.service.rs;
import static org.onap.sdnc.apps.pomba.servicedecomposition.exception.DiscoveryException.Error.*;
@@ -45,8 +46,8 @@ public class RestServiceImpl implements RestService {
@Autowired
private SpringService service;
- @Resource(name="serviceDecompositionBasicAuthHeader")
- private String serviceDecompositionBasicAuthHeader;
+ @Resource(name="basicAuthHeader")
+ private String basicAuthHeader;
public RestServiceImpl() {}
@@ -61,7 +62,7 @@ public class RestServiceImpl implements RestService {
adapter.getServiceDescriptor().setServiceName(SERVICE_NAME);
adapter.entering(request);
try {
- if (authorization == null || !this.serviceDecompositionBasicAuthHeader.equals(authorization)) {
+ if (authorization == null || !this.basicAuthHeader.equals(authorization)) {
throw new DiscoveryException(UNAUTHORIZED, Status.UNAUTHORIZED);
}
@@ -102,7 +103,5 @@ public class RestServiceImpl implements RestService {
} finally {
adapter.exiting();
}
-
}
-
-}
+} \ No newline at end of file
diff --git a/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java
index 771ca99..67ad98b 100644
--- a/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java
+++ b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java
@@ -36,19 +36,21 @@ import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
-import org.eclipse.jetty.util.security.Password;
import org.json.JSONArray;
import org.json.JSONObject;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.onap.logging.ref.slf4j.ONAPLogConstants;
+import org.onap.sdnc.apps.pomba.servicedecomposition.Application;
+import org.onap.sdnc.apps.pomba.servicedecomposition.PropertyPasswordConfiguration;
import org.onap.sdnc.apps.pomba.servicedecomposition.service.rs.RestService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
@@ -62,12 +64,12 @@ import org.springframework.test.context.web.WebAppConfiguration;
"aai.host=localhost",
"aai.port=8081",
"basicAuth.username=admin",
- "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30"
- })
+ "basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)"
+})
+@ContextConfiguration(initializers = PropertyPasswordConfiguration.class, classes = Application.class)
public class ServiceDecompositionTest {
- private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString((
- "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes());
+ private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(("admin:admin").getBytes());
// TODO missing code coverage for VNFC resources
@@ -226,13 +228,11 @@ public class ServiceDecompositionTest {
fail("Did not find " + field + "=" + value + " in " + arrayName + " array");
}
-
private void addResponse(String path, String classpathResource) throws IOException {
String payload = readFully(ClassLoader.getSystemResourceAsStream(classpathResource));
aai.stubFor(get(path).willReturn(okJson(payload)));
}
-
private String readFully(InputStream in) throws IOException {
char[] cbuf = new char[1024];
StringBuilder content = new StringBuilder();
@@ -244,4 +244,4 @@ public class ServiceDecompositionTest {
}
return content.toString();
}
-}
+} \ No newline at end of file