From 5730a1a4542805b9891cab4626a8196db842e411 Mon Sep 17 00:00:00 2001
From: Lukasz Rajewski <lukasz.rajewski@orange.com>
Date: Wed, 1 Sep 2021 22:32:13 +0200
Subject: Fixed callback authentication

Issue-ID: SO-3747
Signed-off-by: Lukasz Rajewski <lukasz.rajewski@orange.com>
Change-Id: Ia415b500b76c5f57efb70eb522f6d58f6649e0d0
---
 .../onap/so/adapters/cnf/BpmnInfraConfiguration.java    | 15 ---------------
 .../org/onap/so/adapters/cnf/MSOCnfApplication.java     |  2 +-
 .../onap/so/adapters/cnf/client/SoCallbackClient.java   | 17 ++++++++++++-----
 3 files changed, 13 insertions(+), 21 deletions(-)
 delete mode 100644 so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/BpmnInfraConfiguration.java

(limited to 'so-cnf-adapter-application/src/main/java/org/onap')

diff --git a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/BpmnInfraConfiguration.java b/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/BpmnInfraConfiguration.java
deleted file mode 100644
index a06ad92..0000000
--- a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/BpmnInfraConfiguration.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package org.onap.so.adapters.cnf;
-
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Configuration;
-
-@Configuration
-public class BpmnInfraConfiguration {
-
-    @Value("${mso.adapters.requestDb.auth}")
-    private String auth;
-
-    public String getAuth() {
-        return auth;
-    }
-}
diff --git a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/MSOCnfApplication.java b/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/MSOCnfApplication.java
index 0ba40e2..a569e9d 100644
--- a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/MSOCnfApplication.java
+++ b/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/MSOCnfApplication.java
@@ -34,7 +34,7 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.web.client.RestTemplate;
 
 @SpringBootApplication
-@ComponentScan(basePackages = {"org.onap.so.adapters.cnf"})
+@ComponentScan(basePackages = {"org.onap.so.adapters.cnf", "org.onap.so.security"})
 @EnableAutoConfiguration(exclude = {LiquibaseAutoConfiguration.class, HibernateJpaAutoConfiguration.class,
         DataSourceAutoConfiguration.class, DataSourceTransactionManagerAutoConfiguration.class,
         SecurityAutoConfiguration.class})
diff --git a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/client/SoCallbackClient.java b/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/client/SoCallbackClient.java
index 9372983..1deacad 100644
--- a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/client/SoCallbackClient.java
+++ b/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/client/SoCallbackClient.java
@@ -1,7 +1,8 @@
 package org.onap.so.adapters.cnf.client;
 
 import com.google.gson.Gson;
-import org.onap.so.adapters.cnf.BpmnInfraConfiguration;
+import org.onap.so.security.SoUserCredentialConfiguration;
+import org.onap.so.security.UserCredentials;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpHeaders;
@@ -21,12 +22,18 @@ public class SoCallbackClient {
     private final static Gson gson = new Gson();
 
     private final RestTemplate restTemplate;
-    private final BpmnInfraConfiguration bpmnInfraConfiguration;
+    private final SoUserCredentialConfiguration userCredentialConfiguration;
+    private final String role = "ACTUATOR";
+    private final UserCredentials credentials;
 
     @Autowired
-    public SoCallbackClient(RestTemplate restTemplate, BpmnInfraConfiguration bpmnInfraConfiguration) {
+    public SoCallbackClient(RestTemplate restTemplate, SoUserCredentialConfiguration userCredentialConfiguration) {
         this.restTemplate = restTemplate;
-        this.bpmnInfraConfiguration = bpmnInfraConfiguration;
+        this.userCredentialConfiguration = userCredentialConfiguration;
+        if (!userCredentialConfiguration.getRoles().contains(role))
+            throw new RuntimeException("Missing authentication role: " + role);
+        credentials = userCredentialConfiguration.getUsercredentials().stream().filter(
+                creds -> role.equals(creds.getRole())).findAny().orElse(null);
     }
 
     public ResponseEntity<String> sendPostCallback(String url, Object body) {
@@ -39,7 +46,7 @@ public class SoCallbackClient {
         acceptableMediaTypes.add(MediaType.APPLICATION_JSON);
         headers.setAccept(acceptableMediaTypes);
         headers.setContentType(MediaType.APPLICATION_JSON);
-        headers.add(HttpHeaders.AUTHORIZATION, bpmnInfraConfiguration.getAuth());
+        headers.setBasicAuth(credentials.getUsername(), credentials.getPassword());
 
         return new HttpEntity<>(gson.toJson(body), headers);
     }
-- 
cgit 1.2.3-korg