diff options
author | Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com> | 2018-08-21 10:28:05 -0400 |
---|---|---|
committer | Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com> | 2018-08-21 10:28:58 -0400 |
commit | a71801f323473b7d559b9282c8318b923ff94efa (patch) | |
tree | 9b7ab653a73480b0d88385e57139a7670d9eb024 /pomba/service-decomposition/src | |
parent | 2d70b42375f67247b54e9ee38b0da18b434e648f (diff) |
Roll-Back Password obfuscation(v2) for ND & SD
Issue-ID: SDNC-317
Change-Id: I859934dc231fb3f049b1e1911e314d1d61e31174
Signed-off-by: Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com>
Diffstat (limited to 'pomba/service-decomposition/src')
6 files changed, 9 insertions, 151 deletions
diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java index 8bf108c..18bf7c3 100644 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java @@ -39,7 +39,6 @@ public class Application extends SpringBootServletInitializer { } public static void main(String[] args) throws Exception { - SpringApplication app = new SpringApplication(Application.class); - app.addInitializers(new PropertyPasswordConfiguration()); + SpringApplication.run(Application.class, args); } } diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java index 4bea962..6a10ce7 100644 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java @@ -19,6 +19,7 @@ package org.onap.sdnc.apps.pomba.servicedecomposition; import java.util.Base64; +import org.eclipse.jetty.util.security.Password; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.stereotype.Component; @@ -29,11 +30,11 @@ public class AuthorizationConfiguration { @Value("${basicAuth.username:admin}") private String username; - @Value("${basicAuth.password:admin}") + @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}") private String password; @Bean(name="basicAuthHeader") public String getSdBasicAuthHeader() { - return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes()); + return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + Password.deobfuscate(this.password)).getBytes()); } } diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java deleted file mode 100644 index de6820b..0000000 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java +++ /dev/null @@ -1,34 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.sdnc.apps.pomba.servicedecomposition; - -import org.eclipse.jetty.util.security.Password; - -public class JettyPasswordDecoder implements PasswordDecoder { - - @Override - public String decode(String input) { - if (input.startsWith("OBF:")) { - return Password.deobfuscate(input); - } - return Password.deobfuscate("OBF:" + input); - } -}
\ No newline at end of file diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java deleted file mode 100644 index 627d382..0000000 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java +++ /dev/null @@ -1,26 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.sdnc.apps.pomba.servicedecomposition; - -public interface PasswordDecoder { - - String decode(String input); -}
\ No newline at end of file diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java deleted file mode 100644 index 6232c32..0000000 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java +++ /dev/null @@ -1,81 +0,0 @@ -/** - * ============LICENSE_START======================================================= - * org.onap.aai - * ================================================================================ - * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.sdnc.apps.pomba.servicedecomposition; - -import java.util.LinkedHashMap; -import java.util.Map; -import java.util.regex.Matcher; -import java.util.regex.Pattern; - -import org.springframework.context.ApplicationContextInitializer; -import org.springframework.context.ConfigurableApplicationContext; -import org.springframework.core.env.ConfigurableEnvironment; -import org.springframework.core.env.EnumerablePropertySource; -import org.springframework.core.env.MapPropertySource; -import org.springframework.core.env.PropertySource; -import org.springframework.stereotype.Component; - -@Component -public class PropertyPasswordConfiguration implements ApplicationContextInitializer<ConfigurableApplicationContext> -{ - - private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)"); - - private PasswordDecoder passwordDecoder = new JettyPasswordDecoder(); - - @Override - public void initialize(ConfigurableApplicationContext applicationContext) { - ConfigurableEnvironment environment = applicationContext.getEnvironment(); - for (PropertySource<?> propertySource : environment.getPropertySources()) { - Map<String, Object> propertyOverrides = new LinkedHashMap<>(); - decodePasswords(propertySource, propertyOverrides); - if (!propertyOverrides.isEmpty()) { - PropertySource<?> decodedProperties = new MapPropertySource("decoded "+ propertySource.getName(), propertyOverrides); - environment.getPropertySources().addBefore(propertySource.getName(), decodedProperties); - } - } - } - - private void decodePasswords(PropertySource<?> source, Map<String, Object> propertyOverrides) { - if (source instanceof EnumerablePropertySource) { - EnumerablePropertySource<?> enumerablePropertySource = (EnumerablePropertySource<?>) source; - for (String key : enumerablePropertySource.getPropertyNames()) { - Object rawValue = source.getProperty(key); - if (rawValue instanceof String) { - String decodedValue = decodePasswordsInString((String) rawValue); - propertyOverrides.put(key, decodedValue); - } - } - } - } - - private String decodePasswordsInString(String input) { - if (input == null) return null; - StringBuffer output = new StringBuffer(); - Matcher matcher = decodePasswordPattern.matcher(input); - while (matcher.find()) { - String replacement = passwordDecoder.decode(matcher.group(1)); - matcher.appendReplacement(output, replacement); - } - matcher.appendTail(output); - return output.toString(); - } -}
\ No newline at end of file diff --git a/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java index 67ad98b..94c73bf 100644 --- a/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java +++ b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java @@ -36,21 +36,19 @@ import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; +import org.eclipse.jetty.util.security.Password; import org.json.JSONArray; import org.json.JSONObject; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.onap.logging.ref.slf4j.ONAPLogConstants; -import org.onap.sdnc.apps.pomba.servicedecomposition.Application; -import org.onap.sdnc.apps.pomba.servicedecomposition.PropertyPasswordConfiguration; import org.onap.sdnc.apps.pomba.servicedecomposition.service.rs.RestService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration; import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration; import org.springframework.boot.test.context.SpringBootTest; -import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -64,12 +62,13 @@ import org.springframework.test.context.web.WebAppConfiguration; "aai.host=localhost", "aai.port=8081", "basicAuth.username=admin", - "basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)" + "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30" }) -@ContextConfiguration(initializers = PropertyPasswordConfiguration.class, classes = Application.class) + public class ServiceDecompositionTest { - private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(("admin:admin").getBytes()); + private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(( + "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes()); // TODO missing code coverage for VNFC resources |