Adding sol003-adapter-adapter-application module

Change-Id: I87957d8f06fa108d1163c0fc2d69910f40206764
Issue-ID: SO-3486
Signed-off-by: waqas.ikram <waqas.ikram@est.tech>

9 files changed, 390 insertions, 0 deletions

diff --git a/so-etsi-sol003-adapter-application/Readme.txt b/so-etsi-sol003-adapter-application/Readme.txt
new file mode 100644
index 0000000..aaad603
--- /dev/null
+++ b/so-etsi-sol003-adapter-application/Readme.txt
@@ -0,0 +1,132 @@
+The following describes how to configure authentication for the VNFM adapter.

+

+TLS should always be configured to ensure secure communication between the VNFM-adapter <-> BPMN infra and VNFM-adapter <-> VNFM

+If two-way TLS is configured then there is no need for any further authentication (i.e. no need for token or basic auth).

+If two-way TLS is NOT configured then authentication is REQUIRED. Oauth token based authentication must be used for requests, while for notifications either oauth tokens or basic auth can be used.

+

+

+==========================================

+To confgure TLS

+==========================================

+

+---------------

+VNFM Adapter

+---------------

+The following parameters can be set to configure the certificate for the VNFM adapter

+server:

+  ssl:

+    key-alias: so@so.onap.org

+    key--store-password: 'ywsqCy:EEo#j}HJHM7z^Rk[L'

+    key-store: classpath:so-vnfm-adapter.p12

+    key-store-type: PKCS12

+The values shown above relate to the certificate included in the VNFM adapter jar which has been generated from AAF. If a different certificate is to be used then these values should be changed accordingly.

+

+The following paramters can be set to configure the trust store for the VNFM adapter:

+http:

+  client:

+    ssl:

+      trust-store: classpath:org.onap.so.trust.jks

+      trust-store-password: ',sx#.C*W)]wVgJC6ccFHI#:H'

+The values shown above relate to the trust store included in the VNFM adapter jar which has been generated from AAI. If a different trust store is to be used then these values should be changed accordingly.

+

+Ensure the value for the below parameter uses https instead of http

+vnfmadapter:

+  endpoint: http://so-vnfm-adapter.onap:9092

+  

+---------------

+bpmn-infra

+---------------

+For bpmn-infra, ensure the value for the below parameter uses https instead of http

+so:

+  vnfm:

+    adapter:

+      url: https://so-vnfm-adapter.onap:9092/so/vnfm-adapter/v1/

+

+

+==========================================

+To use two way TLS

+==========================================

+

+Ensure the value for username and password are empty in the AAI entry for the VNFM (The VNFM adapter will use oauth instead of two way TLS if the username/password is set).

+Ensure TLS has been configuered as detailed above.

+

+---------------

+VNFM adapter

+---------------

+Set the following parameter for the VNFM adapter:

+server:

+  ssl:

+    client-auth: need

+	

+---------------

+bpmn-infra:

+---------------

+Set the following paramters for bpmn-infra:

+rest:

+  http:

+    client:

+      configuration:

+        ssl:

+          keyStore: classpath:org.onap.so.p12

+          keyStorePassword: 'RLe5ExMWW;Kd6GTSt0WQz;.Y'

+          trustStore: classpath:org.onap.so.trust.jks

+          trustStorePassword: '6V%8oSU$,%WbYp3IUe;^mWt4'

+Ensure the value for the below parameter uses https instead of http

+so:

+  vnfm:

+    adapter:

+      url: https://so-vnfm-adapter.onap:9092/so/vnfm-adapter/v1/

+	  

+---------------	  

+VNFM simulator:

+---------------

+Set the following parameters for the VNFM simulator (if used):

+server:

+  ssl:

+    client-auth: need

+  request:

+    grant:

+      auth: twowaytls

+

+==========================================

+To use oauth token base authentication

+==========================================

+

+---------------	  

+VNFM adapter:

+---------------

+Ensure the value for username and password set set in the AAI entry for the VNFM. The VNFM adapter will use this username/password as the client credentials in the request for a token for the VNFM. The token endpoint

+for the VNFM will by default will be derived from the service url for the VNFM in AAI as follows: <base of service url>/oauth/token, e.g. if the service url is https://so-vnfm-simulator.onap/vnflcm/v1 then the token url will

+be taken to be https://so-vnfm-simulator.onap/oauth/token. This can be overriden using the following parameter for the VNFM adapter:

+vnfmadapter:

+  temp:

+    vnfm:

+	  oauth:

+	    endpoint:

+		

+The VNFM adapter exposes a token point at url: https://<hostname>:<port>/oauth/token e.g. https://so-vnfm-adapter.onap:9092/oauth/token. The VNFM can request a token from this endpoint for use in grant requests and notifications

+to the VNFM adapter. The username/password to be used in the token request are passed to the VNFM in a subscription request. The username/password sent by the VNFM adpater in the subscription request can be configuered using the 

+following parameter:

+vnfmadapter:

+  auth: <encoded value>

+where <encoded value> is '<username>:<password>' encoded using org.onap.so.utils.CryptoUtils with the key set by the paramter:

+mso:

+  key: <key>

+The default username:password is vnfm-adapter:123456 when vnfm-adapter.auth is not set.

+		  

+---------------	  

+VNFM simulator:

+---------------

+Set the following parameters for the simulator:

+spring:

+  profiles:

+    active: oauth-authentication

+server:

+  request:

+    grant:

+      auth: oauth

+		

+==========================================

+To use basic auth for notifications

+==========================================		

+The same username/password is used as for oauth token requests as describe above and passed to the VNFM in the subscription request.
\ No newline at end of file
diff --git a/so-etsi-sol003-adapter-application/pom.xml b/so-etsi-sol003-adapter-application/pom.xml
index 46809d9..3550616 100644
--- a/so-etsi-sol003-adapter-application/pom.xml
+++ b/so-etsi-sol003-adapter-application/pom.xml
@@ -8,4 +8,79 @@
     </parent>
     <artifactId>so-etsi-sol003-adapter-application</artifactId>
     <name>SO ETSI SOL003 Application Jar</name>
+    <build>
+        <finalName>${project.artifactId}-${project.version}</finalName>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+                <configuration>
+                    <mainClass>org.onap.so.adapters.etsisol003adapter.Application</mainClass>
+                </configuration>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>repackage</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>original</id>
+                    </execution>
+                </executions>
+            </plugin>
+            <plugin>
+                <groupId>org.jacoco</groupId>
+                <artifactId>jacoco-maven-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <configuration>
+                    <systemPropertyVariables>
+                        <so.log.level>DEBUG</so.log.level>
+                    </systemPropertyVariables>
+                    <rerunFailingTestsCount>2</rerunFailingTestsCount>
+                    <parallel>suites</parallel>
+                    <useUnlimitedThreads>false</useUnlimitedThreads>
+                    <threadCount>1</threadCount>
+                </configuration>
+            </plugin>
+        </plugins>
+        <resources>
+            <resource>
+                <directory>src/main/resources</directory>
+                <filtering>true</filtering>
+                <excludes>
+                    <exclude>**/*.p12</exclude>
+                    <exclude>**/*.jks</exclude>
+                </excludes>
+            </resource>
+            <resource>
+                <directory>src/main/resources</directory>
+                <filtering>false</filtering>
+                <includes>
+                    <include>**/*.p12</include>
+                    <include>**/*.jks</include>
+                </includes>
+            </resource>
+        </resources>
+    </build>
+    <dependencies>
+        <dependency>
+            <groupId>org.onap.so.adapters.so-etsi-sol003-adapter.lcm</groupId>
+            <artifactId>so-etsi-sol003-adapter-lcm-service</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.onap.so.adapters.so-etsi-sol003-adapter.pkgm</groupId>
+            <artifactId>so-etsi-sol003-adapter-pkgm-service</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
 </project>
\ No newline at end of file
diff --git a/so-etsi-sol003-adapter-application/src/main/java/org/onap/so/adapters/etsisol003adapter/Application.java b/so-etsi-sol003-adapter-application/src/main/java/org/onap/so/adapters/etsisol003adapter/Application.java
new file mode 100755
index 0000000..261d224
--- /dev/null
+++ b/so-etsi-sol003-adapter-application/src/main/java/org/onap/so/adapters/etsisol003adapter/Application.java
@@ -0,0 +1,57 @@
+/*-
+ * ============LICENSE_START=======================================================
+ *  Copyright (C) 2019 Nordix Foundation.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.so.adapters.etsisol003adapter;
+
+import static org.slf4j.LoggerFactory.getLogger;
+import org.onap.so.adapters.etsisol003adapter.lcm.rest.EtsiSol003AdapterController;
+import org.slf4j.Logger;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.jackson.JacksonAutoConfiguration;
+import org.springframework.cache.annotation.EnableCaching;
+
+/**
+ * The spring boot application for the ETSI SOL003 Adapter.
+ * <p>
+ * The ETSI SOL003 Adapter receives requests through its REST API {@link EtsiSol003AdapterController} which it adapts
+ * into ETSI SOL003 compliant LCM (Life Cycle Management) calls towards an ETSI compliant VNFM.
+ *
+ * @see <a href= "https://www.etsi.org/deliver/etsi_gs/NFV-SOL/001_099/003/02.05.01_60/gs_nfv-sol003v020501p.pdf">ETSI
+ *      SOL003 v2.5.1</a>
+ */
+@EnableCaching
+@SpringBootApplication(scanBasePackages = {"org.onap.so"})
+@EnableAutoConfiguration(exclude = {JacksonAutoConfiguration.class})
+public class Application {
+    private static final Logger logger = getLogger(Application.class);
+
+    /**
+     * Entry point for the Spring boot application
+     *
+     * @param args arguments for the application
+     */
+    public static void main(final String[] args) {
+        new SpringApplication(Application.class).run(args);
+        logger.info("VnfmAdapterApplication started!");
+    }
+
+}
diff --git a/so-etsi-sol003-adapter-application/src/main/java/org/onap/so/adapters/etsisol003adapter/EtsiSol003AdapterBasicHttpSecurityConfigurer.java b/so-etsi-sol003-adapter-application/src/main/java/org/onap/so/adapters/etsisol003adapter/EtsiSol003AdapterBasicHttpSecurityConfigurer.java
new file mode 100644
index 0000000..618b4f6
--- /dev/null
+++ b/so-etsi-sol003-adapter-application/src/main/java/org/onap/so/adapters/etsisol003adapter/EtsiSol003AdapterBasicHttpSecurityConfigurer.java
@@ -0,0 +1,63 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * ONAP - SO
+ * ================================================================================
+ * Copyright (C) 2017 - 2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.so.adapters.etsisol003adapter;
+
+import org.onap.so.adapters.etsi.sol003.adapter.common.CommonConstants;
+import org.onap.so.security.HttpSecurityConfigurer;
+import org.onap.so.security.SoUserCredentialConfiguration;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Primary;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+
+/**
+ * @author Waqas Ikram (waqas.ikram@est.tech)
+ * @author Gareth Roper (gareth.roper@est.tech)
+ */
+@Primary
+@Component
+public class EtsiSol003AdapterBasicHttpSecurityConfigurer implements HttpSecurityConfigurer {
+
+    @Autowired
+    private SoUserCredentialConfiguration soUserCredentialConfiguration;
+
+    @Value("${server.ssl.client-auth:none}")
+    private String clientAuth;
+
+    @Override
+    public void configure(final HttpSecurity http) throws Exception {
+        if (("need").equalsIgnoreCase(clientAuth)) {
+            http.csrf().disable().authorizeRequests().anyRequest().permitAll();
+        } else {
+            http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
+                    .antMatchers(HttpMethod.GET, CommonConstants.ETSI_SUBSCRIPTION_NOTIFICATION_BASE_URL).permitAll()
+                    .antMatchers("/**")
+                    .hasAnyRole(StringUtils.collectionToDelimitedString(soUserCredentialConfiguration.getRoles(), ","))
+                    .and().httpBasic();
+        }
+    }
+}
+
diff --git a/so-etsi-sol003-adapter-application/src/main/resources/application-aaf.yaml b/so-etsi-sol003-adapter-application/src/main/resources/application-aaf.yaml
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/so-etsi-sol003-adapter-application/src/main/resources/application-aaf.yaml
diff --git a/so-etsi-sol003-adapter-application/src/main/resources/application-basic.yaml b/so-etsi-sol003-adapter-application/src/main/resources/application-basic.yaml
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/so-etsi-sol003-adapter-application/src/main/resources/application-basic.yaml
diff --git a/so-etsi-sol003-adapter-application/src/main/resources/application.yaml b/so-etsi-sol003-adapter-application/src/main/resources/application.yaml
new file mode 100644
index 0000000..57dc08f
--- /dev/null
+++ b/so-etsi-sol003-adapter-application/src/main/resources/application.yaml
@@ -0,0 +1,63 @@
+# Copyright © 2019 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+spring:
+  security:
+    usercredentials:
+      - username: test
+        password: '$2a$12$Zi3AuYcZoZO/gBQyUtST2.F5N6HqcTtaNci2Et.ufsQhski56srIu'
+        role: BPEL-Client
+      - username: vnfm
+        password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
+        role: BPEL-Client
+  http:
+    converters:
+    preferred-json-mapper: gson
+  main:
+    allow-bean-definition-overriding: true
+     
+server:
+  port: 9092
+  tomcat:
+    max-threads: 50
+
+mso:
+  key: 07a7159d3bf51a0e53be7a8f89699be7
+
+aai:
+  auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
+  version: v15
+  endpoint: https://aai.onap:8443
+
+sdc:
+  username: sdcUser
+  password: sdcPassword
+  key: adadadadad
+  endpoint: http://sdc.onap/1234A
+  
+vnfmadapter:
+  endpoint: http://so-vnfm-adapter.onap:9092
+
+#Actuator
+management:
+  endpoints:
+    web:
+      base-path: /manage
+      exposure:
+        include: "*"
+  metrics:
+    se-global-registry: false
+    export:
+      prometheus:
+        enabled: true # Whether exporting of metrics to Prometheus is enabled.
+        step: 1m # Step size (i.e. reporting frequency) to use.
diff --git a/so-etsi-sol003-adapter-application/src/main/resources/org.onap.so.trust.jks b/so-etsi-sol003-adapter-application/src/main/resources/org.onap.so.trust.jks
new file mode 100644
index 0000000..4605a24
--- /dev/null
+++ b/so-etsi-sol003-adapter-application/src/main/resources/org.onap.so.trust.jks
diff --git a/so-etsi-sol003-adapter-application/src/main/resources/so-vnfm-adapter.p12 b/so-etsi-sol003-adapter-application/src/main/resources/so-vnfm-adapter.p12
new file mode 100644
index 0000000..6bd786d
--- /dev/null
+++ b/so-etsi-sol003-adapter-application/src/main/resources/so-vnfm-adapter.p12