diff options
author | Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com> | 2018-08-15 10:26:43 -0400 |
---|---|---|
committer | Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com> | 2018-08-15 10:29:42 -0400 |
commit | 705c39c8274ceefebe0d8fd6c7bcd741e1bb6797 (patch) | |
tree | c634d51de2f937ea896662a0fae301dbd75b2706 | |
parent | 41a3f1b3b0e14fb1df40273adb4b4b1937c5a977 (diff) |
Added code for password obfuscation(v2)
Issue-ID: SDNC-317
Change-Id: Ic6125feb917878f8edaf34a1f396826401173022
Signed-off-by: Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com>
16 files changed, 319 insertions, 41 deletions
diff --git a/pomba/network-discovery/config/application.properties b/pomba/network-discovery/config/application.properties index 1536110..ba631b6 100644 --- a/pomba/network-discovery/config/application.properties +++ b/pomba/network-discovery/config/application.properties @@ -20,7 +20,7 @@ server.context_parameters.p-name=value #context parameter with p-name as key and # Basic Authentication basicAuth.username=admin -basicAuth.password=OBF:1u2a1toa1w8v1tok1u30 +basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30) # A&AI Enircher REST Client Configuration enricher.url=https://d2enrichment:9505 diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/Application.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/Application.java index eb2d9fd..82916e9 100644 --- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/Application.java +++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/Application.java @@ -15,6 +15,7 @@ * limitations under the License. * ============LICENSE_END===================================================== */ + package org.onap.sdnc.apps.pomba.networkdiscovery; import org.springframework.boot.SpringApplication; @@ -38,7 +39,7 @@ public class Application extends SpringBootServletInitializer { } public static void main(String[] args) throws Exception { - SpringApplication.run(Application.class, args); + SpringApplication app = new SpringApplication(Application.class); + app.addInitializers(new PropertyPasswordConfiguration()); } - -} +}
\ No newline at end of file diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java index c767e44..0196e49 100644 --- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java +++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java @@ -19,7 +19,6 @@ package org.onap.sdnc.apps.pomba.networkdiscovery; import java.util.Base64; -import org.eclipse.jetty.util.security.Password; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.stereotype.Component; @@ -30,12 +29,11 @@ public class AuthorizationConfiguration { @Value("${basicAuth.username:admin}") private String username; - @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}") + @Value("${basicAuth.password:admin}") private String password; - @Bean(name="networkDiscoveryBasicAuthHeader") + @Bean(name="basicAuthHeader") public String getNdBasicAuthHeader() { - String auth = new String(this.username + ":" + Password.deobfuscate(this.password)); - return "Basic " + Base64.getEncoder().encodeToString(auth.getBytes()); + return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes()); } } diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/JettyPasswordDecoder.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/JettyPasswordDecoder.java new file mode 100644 index 0000000..10db0ef --- /dev/null +++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/JettyPasswordDecoder.java @@ -0,0 +1,34 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.sdnc.apps.pomba.networkdiscovery; + +import org.eclipse.jetty.util.security.Password; + +public class JettyPasswordDecoder implements PasswordDecoder { + + @Override + public String decode(String input) { + if (input.startsWith("OBF:")) { + return Password.deobfuscate(input); + } + return Password.deobfuscate("OBF:" + input); + } +}
\ No newline at end of file diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PasswordDecoder.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PasswordDecoder.java new file mode 100644 index 0000000..9bbabd0 --- /dev/null +++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PasswordDecoder.java @@ -0,0 +1,26 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.sdnc.apps.pomba.networkdiscovery; + +public interface PasswordDecoder { + + String decode(String input); +}
\ No newline at end of file diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PropertyPasswordConfiguration.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PropertyPasswordConfiguration.java new file mode 100644 index 0000000..be99ebf --- /dev/null +++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/PropertyPasswordConfiguration.java @@ -0,0 +1,80 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.sdnc.apps.pomba.networkdiscovery; + +import java.util.LinkedHashMap; +import java.util.Map; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import org.springframework.context.ApplicationContextInitializer; +import org.springframework.context.ConfigurableApplicationContext; +import org.springframework.core.env.ConfigurableEnvironment; +import org.springframework.core.env.EnumerablePropertySource; +import org.springframework.core.env.MapPropertySource; +import org.springframework.core.env.PropertySource; +import org.springframework.stereotype.Component; + +@Component +public class PropertyPasswordConfiguration implements ApplicationContextInitializer<ConfigurableApplicationContext> +{ + private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)"); + + private PasswordDecoder passwordDecoder = new JettyPasswordDecoder(); + + @Override + public void initialize(ConfigurableApplicationContext applicationContext) { + ConfigurableEnvironment environment = applicationContext.getEnvironment(); + for (PropertySource<?> propertySource : environment.getPropertySources()) { + Map<String, Object> propertyOverrides = new LinkedHashMap<>(); + decodePasswords(propertySource, propertyOverrides); + if (!propertyOverrides.isEmpty()) { + PropertySource<?> decodedProperties = new MapPropertySource("decoded "+ propertySource.getName(), propertyOverrides); + environment.getPropertySources().addBefore(propertySource.getName(), decodedProperties); + } + } + } + + private void decodePasswords(PropertySource<?> source, Map<String, Object> propertyOverrides) { + if (source instanceof EnumerablePropertySource) { + EnumerablePropertySource<?> enumerablePropertySource = (EnumerablePropertySource<?>) source; + for (String key : enumerablePropertySource.getPropertyNames()) { + Object rawValue = source.getProperty(key); + if (rawValue instanceof String) { + String decodedValue = decodePasswordsInString((String) rawValue); + propertyOverrides.put(key, decodedValue); + } + } + } + } + + private String decodePasswordsInString(String input) { + if (input == null) return null; + StringBuffer output = new StringBuffer(); + Matcher matcher = decodePasswordPattern.matcher(input); + while (matcher.find()) { + String replacement = passwordDecoder.decode(matcher.group(1)); + matcher.appendReplacement(output, replacement); + } + matcher.appendTail(output); + return output.toString(); + } +}
\ No newline at end of file diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java index 666e308..7447e67 100644 --- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java +++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java @@ -15,6 +15,7 @@ * limitations under the License. * ============LICENSE_END===================================================== */ + package org.onap.sdnc.apps.pomba.networkdiscovery.service.rs; import static org.onap.sdnc.apps.pomba.networkdiscovery.ApplicationException.Error.GENERAL_FAILURE; @@ -48,8 +49,8 @@ public class RestServiceImpl implements RestService { @Autowired private SpringService service; - @Resource(name="networkDiscoveryBasicAuthHeader") - private String networkDiscoveryBasicAuthHeader; + @Resource(name="basicAuthHeader") + private String basicAuthHeader; @Override public Response findbyResourceIdAndType(HttpServletRequest request, @@ -73,7 +74,7 @@ public class RestServiceImpl implements RestService { version = "v1"; } - if (authorization == null || !this.networkDiscoveryBasicAuthHeader.equals(authorization)) { + if (authorization == null || !this.basicAuthHeader.equals(authorization)) { throw new ApplicationException(UNAUTHORIZED, Status.UNAUTHORIZED); } if ((fromAppId == null) || fromAppId.trim().isEmpty()) { @@ -123,7 +124,5 @@ public class RestServiceImpl implements RestService { } finally { adapter.exiting(); } - } - } diff --git a/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java b/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java index 100c671..cd65b25 100644 --- a/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java +++ b/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java @@ -46,13 +46,14 @@ import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; -import org.eclipse.jetty.util.security.Password; import org.junit.After; import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.onap.logging.ref.slf4j.ONAPLogConstants; +import org.onap.sdnc.apps.pomba.networkdiscovery.Application; +import org.onap.sdnc.apps.pomba.networkdiscovery.PropertyPasswordConfiguration; import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.Attribute; import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.DataQuality; import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.NetworkDiscoveryNotification; @@ -65,6 +66,7 @@ import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration; import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.core.env.Environment; +import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -76,8 +78,9 @@ import org.springframework.test.context.web.WebAppConfiguration; @TestPropertySource(properties = { "enricher.url=http://localhost:9505", "basicAuth.username=admin", - "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30" + "basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)" }) +@ContextConfiguration(initializers = PropertyPasswordConfiguration.class, classes = Application.class) public class NetworkDiscoveryTest { private static final String V1 = "v1"; private static final String APP = "junit"; @@ -85,8 +88,7 @@ public class NetworkDiscoveryTest { private static final String RESOURCE_TYPE_VSERVER = "vserver"; private static final String CALLBACK_PATH = "/callback"; - private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(( - "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes()); + private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(("admin:admin").getBytes()); @Autowired private Environment environment; @@ -189,7 +191,6 @@ public class NetworkDiscoveryTest { } } - @Test public void testVerifyResourceType() throws Exception { // no resource type diff --git a/pomba/service-decomposition/config/application.properties b/pomba/service-decomposition/config/application.properties index c60a369..cd118f0 100644 --- a/pomba/service-decomposition/config/application.properties +++ b/pomba/service-decomposition/config/application.properties @@ -16,7 +16,7 @@ server.tomcat.min-Spare-Threads=25 server.tomcat.max-idle-time=60000 basicAuth.username=admin -basicAuth.password=OBF:1u2a1toa1w8v1tok1u30 +basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30) # AAI REST Client Configuration aai.host=135.63.125.59 diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java index 58b00d8..8bf108c 100644 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java @@ -15,6 +15,7 @@ * limitations under the License. * ============LICENSE_END===================================================== */ + package org.onap.sdnc.apps.pomba.servicedecomposition; import org.springframework.boot.SpringApplication; @@ -38,7 +39,7 @@ public class Application extends SpringBootServletInitializer { } public static void main(String[] args) throws Exception { - SpringApplication.run(Application.class, args); + SpringApplication app = new SpringApplication(Application.class); + app.addInitializers(new PropertyPasswordConfiguration()); } - } diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java index 7cac0cd..4bea962 100644 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java @@ -19,7 +19,6 @@ package org.onap.sdnc.apps.pomba.servicedecomposition; import java.util.Base64; -import org.eclipse.jetty.util.security.Password; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.stereotype.Component; @@ -30,12 +29,11 @@ public class AuthorizationConfiguration { @Value("${basicAuth.username:admin}") private String username; - @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}") + @Value("${basicAuth.password:admin}") private String password; - @Bean(name="serviceDecompositionBasicAuthHeader") + @Bean(name="basicAuthHeader") public String getSdBasicAuthHeader() { - String auth = new String(this.username + ":" + Password.deobfuscate(this.password)); - return "Basic " + Base64.getEncoder().encodeToString(auth.getBytes()); + return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes()); } } diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java new file mode 100644 index 0000000..de6820b --- /dev/null +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java @@ -0,0 +1,34 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.sdnc.apps.pomba.servicedecomposition; + +import org.eclipse.jetty.util.security.Password; + +public class JettyPasswordDecoder implements PasswordDecoder { + + @Override + public String decode(String input) { + if (input.startsWith("OBF:")) { + return Password.deobfuscate(input); + } + return Password.deobfuscate("OBF:" + input); + } +}
\ No newline at end of file diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java new file mode 100644 index 0000000..627d382 --- /dev/null +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java @@ -0,0 +1,26 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.sdnc.apps.pomba.servicedecomposition; + +public interface PasswordDecoder { + + String decode(String input); +}
\ No newline at end of file diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java new file mode 100644 index 0000000..6232c32 --- /dev/null +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java @@ -0,0 +1,81 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.sdnc.apps.pomba.servicedecomposition; + +import java.util.LinkedHashMap; +import java.util.Map; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import org.springframework.context.ApplicationContextInitializer; +import org.springframework.context.ConfigurableApplicationContext; +import org.springframework.core.env.ConfigurableEnvironment; +import org.springframework.core.env.EnumerablePropertySource; +import org.springframework.core.env.MapPropertySource; +import org.springframework.core.env.PropertySource; +import org.springframework.stereotype.Component; + +@Component +public class PropertyPasswordConfiguration implements ApplicationContextInitializer<ConfigurableApplicationContext> +{ + + private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)"); + + private PasswordDecoder passwordDecoder = new JettyPasswordDecoder(); + + @Override + public void initialize(ConfigurableApplicationContext applicationContext) { + ConfigurableEnvironment environment = applicationContext.getEnvironment(); + for (PropertySource<?> propertySource : environment.getPropertySources()) { + Map<String, Object> propertyOverrides = new LinkedHashMap<>(); + decodePasswords(propertySource, propertyOverrides); + if (!propertyOverrides.isEmpty()) { + PropertySource<?> decodedProperties = new MapPropertySource("decoded "+ propertySource.getName(), propertyOverrides); + environment.getPropertySources().addBefore(propertySource.getName(), decodedProperties); + } + } + } + + private void decodePasswords(PropertySource<?> source, Map<String, Object> propertyOverrides) { + if (source instanceof EnumerablePropertySource) { + EnumerablePropertySource<?> enumerablePropertySource = (EnumerablePropertySource<?>) source; + for (String key : enumerablePropertySource.getPropertyNames()) { + Object rawValue = source.getProperty(key); + if (rawValue instanceof String) { + String decodedValue = decodePasswordsInString((String) rawValue); + propertyOverrides.put(key, decodedValue); + } + } + } + } + + private String decodePasswordsInString(String input) { + if (input == null) return null; + StringBuffer output = new StringBuffer(); + Matcher matcher = decodePasswordPattern.matcher(input); + while (matcher.find()) { + String replacement = passwordDecoder.decode(matcher.group(1)); + matcher.appendReplacement(output, replacement); + } + matcher.appendTail(output); + return output.toString(); + } +}
\ No newline at end of file diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java index 5ec6bca..6840b82 100644 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java @@ -15,6 +15,7 @@ * limitations under the License. * ============LICENSE_END===================================================== */ + package org.onap.sdnc.apps.pomba.servicedecomposition.service.rs; import static org.onap.sdnc.apps.pomba.servicedecomposition.exception.DiscoveryException.Error.*; @@ -45,8 +46,8 @@ public class RestServiceImpl implements RestService { @Autowired private SpringService service; - @Resource(name="serviceDecompositionBasicAuthHeader") - private String serviceDecompositionBasicAuthHeader; + @Resource(name="basicAuthHeader") + private String basicAuthHeader; public RestServiceImpl() {} @@ -61,7 +62,7 @@ public class RestServiceImpl implements RestService { adapter.getServiceDescriptor().setServiceName(SERVICE_NAME); adapter.entering(request); try { - if (authorization == null || !this.serviceDecompositionBasicAuthHeader.equals(authorization)) { + if (authorization == null || !this.basicAuthHeader.equals(authorization)) { throw new DiscoveryException(UNAUTHORIZED, Status.UNAUTHORIZED); } @@ -102,7 +103,5 @@ public class RestServiceImpl implements RestService { } finally { adapter.exiting(); } - } - -} +}
\ No newline at end of file diff --git a/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java index 771ca99..67ad98b 100644 --- a/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java +++ b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java @@ -36,19 +36,21 @@ import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; -import org.eclipse.jetty.util.security.Password; import org.json.JSONArray; import org.json.JSONObject; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.onap.logging.ref.slf4j.ONAPLogConstants; +import org.onap.sdnc.apps.pomba.servicedecomposition.Application; +import org.onap.sdnc.apps.pomba.servicedecomposition.PropertyPasswordConfiguration; import org.onap.sdnc.apps.pomba.servicedecomposition.service.rs.RestService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration; import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration; import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -62,12 +64,12 @@ import org.springframework.test.context.web.WebAppConfiguration; "aai.host=localhost", "aai.port=8081", "basicAuth.username=admin", - "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30" - }) + "basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)" +}) +@ContextConfiguration(initializers = PropertyPasswordConfiguration.class, classes = Application.class) public class ServiceDecompositionTest { - private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(( - "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes()); + private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(("admin:admin").getBytes()); // TODO missing code coverage for VNFC resources @@ -226,13 +228,11 @@ public class ServiceDecompositionTest { fail("Did not find " + field + "=" + value + " in " + arrayName + " array"); } - private void addResponse(String path, String classpathResource) throws IOException { String payload = readFully(ClassLoader.getSystemResourceAsStream(classpathResource)); aai.stubFor(get(path).willReturn(okJson(payload))); } - private String readFully(InputStream in) throws IOException { char[] cbuf = new char[1024]; StringBuilder content = new StringBuilder(); @@ -244,4 +244,4 @@ public class ServiceDecompositionTest { } return content.toString(); } -} +}
\ No newline at end of file |