Added code for password obfuscation

Issue-ID: SDNC-317 Change-Id: I5114f1dd7dd093e9df6ebd3d91c3cbd47ef31ef9 Signed-off-by: Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com>
author: Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com> 2018-08-13 16:37:33 -0400
committer: Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com> 2018-08-13 16:58:18 -0400
commit: 41a3f1b3b0e14fb1df40273adb4b4b1937c5a977 (patch)
tree: b9b120e75e4489932b894a36493cd35b7cf3ad71 /pomba/network-discovery/src/main/java/org/onap
parent: e80c1047cfd31742c8f876b06a99a738969c8c3d (diff)
3 files changed, 12 insertions, 11 deletions
diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java
index 5204a48..c767e44 100644
--- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java
@@ -19,6 +19,7 @@
 package org.onap.sdnc.apps.pomba.networkdiscovery;
 
 import java.util.Base64;
+import org.eclipse.jetty.util.security.Password;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.stereotype.Component;
@@ -29,13 +30,12 @@ public class AuthorizationConfiguration {
     @Value("${basicAuth.username:admin}")
     private String username;
 
-    @Value("${basicAuth.password:admin}")
+    @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}")
     private String password;
 
-    @Bean(name="basicAuthHeader")
-    public String getBasicAuthHeader() {
-        return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes());
+    @Bean(name="networkDiscoveryBasicAuthHeader")
+    public String getNdBasicAuthHeader() {
+        String auth = new String(this.username + ":" + Password.deobfuscate(this.password));
+        return "Basic " + Base64.getEncoder().encodeToString(auth.getBytes());
     }
-
-
 }
diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java
index 9b2db05..0fee505 100644
--- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java
@@ -38,7 +38,7 @@ public class EnricherConfiguration {
     @Value("${enricher.keyStorePath}")
     private String keyStorePath;
 
-    @Value("${enricher.keyStorePassword}")
+    @Value("${enricher.keyStorePassword:OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o}")
     private String keyStorePassword;
 
     @Value("${enricher.connectionTimeout:5000}")
@@ -55,7 +55,8 @@ public class EnricherConfiguration {
                 .connectTimeoutMs(this.connectionTimeout)
                 .readTimeoutMs(this.readTimeout)
                 .clientCertFile(this.keyStorePath)
-                .clientCertPassword(this.keyStorePassword);
+                .clientCertPassword(
+                        org.eclipse.jetty.util.security.Password.deobfuscate(this.keyStorePassword));
     }
 
     @Bean(name="enricherBaseUrl")
diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java
index 4e6fdcb..666e308 100644
--- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java
@@ -48,8 +48,8 @@ public class RestServiceImpl implements RestService {
     @Autowired
     private SpringService service;
 
-    @Resource(name="basicAuthHeader")
-    private String basicAuthHeader;
+    @Resource(name="networkDiscoveryBasicAuthHeader")
+    private String networkDiscoveryBasicAuthHeader;
 
     @Override
     public Response findbyResourceIdAndType(HttpServletRequest request,
@@ -73,7 +73,7 @@ public class RestServiceImpl implements RestService {
                 version = "v1";
             }
 
-            if (authorization == null || !this.basicAuthHeader.equals(authorization)) {
+            if (authorization == null || !this.networkDiscoveryBasicAuthHeader.equals(authorization)) {
                 throw new ApplicationException(UNAUTHORIZED, Status.UNAUTHORIZED);
             }
             if ((fromAppId == null) || fromAppId.trim().isEmpty()) {
author	Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com>	2018-08-13 16:37:33 -0400
committer	Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com>	2018-08-13 16:58:18 -0400
commit	41a3f1b3b0e14fb1df40273adb4b4b1937c5a977 (patch)
tree	b9b120e75e4489932b894a36493cd35b7cf3ad71 /pomba/network-discovery/src/main/java/org/onap
parent	e80c1047cfd31742c8f876b06a99a738969c8c3d (diff)