diff options
Diffstat (limited to 'pomba/service-decomposition')
8 files changed, 161 insertions, 22 deletions
diff --git a/pomba/service-decomposition/config/application.properties b/pomba/service-decomposition/config/application.properties index c60a369..cd118f0 100644 --- a/pomba/service-decomposition/config/application.properties +++ b/pomba/service-decomposition/config/application.properties @@ -16,7 +16,7 @@ server.tomcat.min-Spare-Threads=25 server.tomcat.max-idle-time=60000 basicAuth.username=admin -basicAuth.password=OBF:1u2a1toa1w8v1tok1u30 +basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30) # AAI REST Client Configuration aai.host=135.63.125.59 diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java index 58b00d8..8bf108c 100644 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/Application.java @@ -15,6 +15,7 @@ * limitations under the License. * ============LICENSE_END===================================================== */ + package org.onap.sdnc.apps.pomba.servicedecomposition; import org.springframework.boot.SpringApplication; @@ -38,7 +39,7 @@ public class Application extends SpringBootServletInitializer { } public static void main(String[] args) throws Exception { - SpringApplication.run(Application.class, args); + SpringApplication app = new SpringApplication(Application.class); + app.addInitializers(new PropertyPasswordConfiguration()); } - } diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java index 7cac0cd..4bea962 100644 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java @@ -19,7 +19,6 @@ package org.onap.sdnc.apps.pomba.servicedecomposition; import java.util.Base64; -import org.eclipse.jetty.util.security.Password; import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.stereotype.Component; @@ -30,12 +29,11 @@ public class AuthorizationConfiguration { @Value("${basicAuth.username:admin}") private String username; - @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}") + @Value("${basicAuth.password:admin}") private String password; - @Bean(name="serviceDecompositionBasicAuthHeader") + @Bean(name="basicAuthHeader") public String getSdBasicAuthHeader() { - String auth = new String(this.username + ":" + Password.deobfuscate(this.password)); - return "Basic " + Base64.getEncoder().encodeToString(auth.getBytes()); + return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes()); } } diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java new file mode 100644 index 0000000..de6820b --- /dev/null +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/JettyPasswordDecoder.java @@ -0,0 +1,34 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.sdnc.apps.pomba.servicedecomposition; + +import org.eclipse.jetty.util.security.Password; + +public class JettyPasswordDecoder implements PasswordDecoder { + + @Override + public String decode(String input) { + if (input.startsWith("OBF:")) { + return Password.deobfuscate(input); + } + return Password.deobfuscate("OBF:" + input); + } +}
\ No newline at end of file diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java new file mode 100644 index 0000000..627d382 --- /dev/null +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PasswordDecoder.java @@ -0,0 +1,26 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.sdnc.apps.pomba.servicedecomposition; + +public interface PasswordDecoder { + + String decode(String input); +}
\ No newline at end of file diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java new file mode 100644 index 0000000..6232c32 --- /dev/null +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/PropertyPasswordConfiguration.java @@ -0,0 +1,81 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.sdnc.apps.pomba.servicedecomposition; + +import java.util.LinkedHashMap; +import java.util.Map; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import org.springframework.context.ApplicationContextInitializer; +import org.springframework.context.ConfigurableApplicationContext; +import org.springframework.core.env.ConfigurableEnvironment; +import org.springframework.core.env.EnumerablePropertySource; +import org.springframework.core.env.MapPropertySource; +import org.springframework.core.env.PropertySource; +import org.springframework.stereotype.Component; + +@Component +public class PropertyPasswordConfiguration implements ApplicationContextInitializer<ConfigurableApplicationContext> +{ + + private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)"); + + private PasswordDecoder passwordDecoder = new JettyPasswordDecoder(); + + @Override + public void initialize(ConfigurableApplicationContext applicationContext) { + ConfigurableEnvironment environment = applicationContext.getEnvironment(); + for (PropertySource<?> propertySource : environment.getPropertySources()) { + Map<String, Object> propertyOverrides = new LinkedHashMap<>(); + decodePasswords(propertySource, propertyOverrides); + if (!propertyOverrides.isEmpty()) { + PropertySource<?> decodedProperties = new MapPropertySource("decoded "+ propertySource.getName(), propertyOverrides); + environment.getPropertySources().addBefore(propertySource.getName(), decodedProperties); + } + } + } + + private void decodePasswords(PropertySource<?> source, Map<String, Object> propertyOverrides) { + if (source instanceof EnumerablePropertySource) { + EnumerablePropertySource<?> enumerablePropertySource = (EnumerablePropertySource<?>) source; + for (String key : enumerablePropertySource.getPropertyNames()) { + Object rawValue = source.getProperty(key); + if (rawValue instanceof String) { + String decodedValue = decodePasswordsInString((String) rawValue); + propertyOverrides.put(key, decodedValue); + } + } + } + } + + private String decodePasswordsInString(String input) { + if (input == null) return null; + StringBuffer output = new StringBuffer(); + Matcher matcher = decodePasswordPattern.matcher(input); + while (matcher.find()) { + String replacement = passwordDecoder.decode(matcher.group(1)); + matcher.appendReplacement(output, replacement); + } + matcher.appendTail(output); + return output.toString(); + } +}
\ No newline at end of file diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java index 5ec6bca..6840b82 100644 --- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java +++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java @@ -15,6 +15,7 @@ * limitations under the License. * ============LICENSE_END===================================================== */ + package org.onap.sdnc.apps.pomba.servicedecomposition.service.rs; import static org.onap.sdnc.apps.pomba.servicedecomposition.exception.DiscoveryException.Error.*; @@ -45,8 +46,8 @@ public class RestServiceImpl implements RestService { @Autowired private SpringService service; - @Resource(name="serviceDecompositionBasicAuthHeader") - private String serviceDecompositionBasicAuthHeader; + @Resource(name="basicAuthHeader") + private String basicAuthHeader; public RestServiceImpl() {} @@ -61,7 +62,7 @@ public class RestServiceImpl implements RestService { adapter.getServiceDescriptor().setServiceName(SERVICE_NAME); adapter.entering(request); try { - if (authorization == null || !this.serviceDecompositionBasicAuthHeader.equals(authorization)) { + if (authorization == null || !this.basicAuthHeader.equals(authorization)) { throw new DiscoveryException(UNAUTHORIZED, Status.UNAUTHORIZED); } @@ -102,7 +103,5 @@ public class RestServiceImpl implements RestService { } finally { adapter.exiting(); } - } - -} +}
\ No newline at end of file diff --git a/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java index 771ca99..67ad98b 100644 --- a/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java +++ b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java @@ -36,19 +36,21 @@ import javax.servlet.http.HttpServletRequest; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; -import org.eclipse.jetty.util.security.Password; import org.json.JSONArray; import org.json.JSONObject; import org.junit.Rule; import org.junit.Test; import org.junit.runner.RunWith; import org.onap.logging.ref.slf4j.ONAPLogConstants; +import org.onap.sdnc.apps.pomba.servicedecomposition.Application; +import org.onap.sdnc.apps.pomba.servicedecomposition.PropertyPasswordConfiguration; import org.onap.sdnc.apps.pomba.servicedecomposition.service.rs.RestService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration; import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration; import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.TestPropertySource; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; @@ -62,12 +64,12 @@ import org.springframework.test.context.web.WebAppConfiguration; "aai.host=localhost", "aai.port=8081", "basicAuth.username=admin", - "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30" - }) + "basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)" +}) +@ContextConfiguration(initializers = PropertyPasswordConfiguration.class, classes = Application.class) public class ServiceDecompositionTest { - private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(( - "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes()); + private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(("admin:admin").getBytes()); // TODO missing code coverage for VNFC resources @@ -226,13 +228,11 @@ public class ServiceDecompositionTest { fail("Did not find " + field + "=" + value + " in " + arrayName + " array"); } - private void addResponse(String path, String classpathResource) throws IOException { String payload = readFully(ClassLoader.getSystemResourceAsStream(classpathResource)); aai.stubFor(get(path).willReturn(okJson(payload))); } - private String readFully(InputStream in) throws IOException { char[] cbuf = new char[1024]; StringBuilder content = new StringBuilder(); @@ -244,4 +244,4 @@ public class ServiceDecompositionTest { } return content.toString(); } -} +}
\ No newline at end of file |