summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSeshu Kumar M <seshu.kumar.m@huawei.com>2021-07-07 07:29:14 +0000
committerGerrit Code Review <gerrit@onap.org>2021-07-07 07:29:14 +0000
commitc6d26ca79dc70cdc8c133261897cfff1396be0d0 (patch)
treea44c7af6b32bcad7a4b01e7c693e04d9fcc712b9
parentfa22cfa93f7a2533fc2aa8a20e46bfd6a401579f (diff)
parent58dbebc1deb18b9df2d0685c7dcda36f289d9656 (diff)
Merge "ONAP Service Mesh compliant modification"
-rw-r--r--common/pom.xml12
-rw-r--r--common/src/main/java/org/onap/so/security/HttpHeaderForwarderConfig.java57
-rw-r--r--common/src/main/java/org/onap/so/security/HttpHeaderForwarderHandlerInterceptor.java68
-rw-r--r--common/src/main/java/org/onap/so/security/HttpHeaderForwarderRequestInterceptor.java47
-rw-r--r--common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java2
5 files changed, 185 insertions, 1 deletions
diff --git a/common/pom.xml b/common/pom.xml
index f42033b152..a6e8a79f56 100644
--- a/common/pom.xml
+++ b/common/pom.xml
@@ -15,6 +15,7 @@
<protobuf.version>3.10.0</protobuf.version>
<grpc.netty.version>4.1.30.Final</grpc.netty.version>
<ccsdk.version>1.1.2</ccsdk.version>
+ <spring-cloud-sleuth.version>2.0.2.RELEASE</spring-cloud-sleuth.version>
</properties>
<dependencies>
<dependency>
@@ -300,6 +301,10 @@
<groupId>org.ehcache</groupId>
<artifactId>ehcache</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.springframework.cloud</groupId>
+ <artifactId>spring-cloud-starter-sleuth</artifactId>
+ </dependency>
</dependencies>
<dependencyManagement>
<dependencies>
@@ -310,6 +315,13 @@
<type>pom</type>
<scope>import</scope>
</dependency>
+ <dependency>
+ <groupId>org.springframework.cloud</groupId>
+ <artifactId>spring-cloud-sleuth</artifactId>
+ <version>${spring-cloud-sleuth.version}</version>
+ <type>pom</type>
+ <scope>import</scope>
+ </dependency>
</dependencies>
</dependencyManagement>
<build>
diff --git a/common/src/main/java/org/onap/so/security/HttpHeaderForwarderConfig.java b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderConfig.java
new file mode 100644
index 0000000000..6340b1c6fb
--- /dev/null
+++ b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderConfig.java
@@ -0,0 +1,57 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * Copyright (C) 2021 Orange. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.so.security;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.http.client.ClientHttpRequestInterceptor;
+import org.springframework.util.CollectionUtils;
+import org.springframework.web.client.RestTemplate;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * @author Sheel Bajpai (sheel.bajpai@orange.com)
+ *
+ */
+@Configuration
+@Profile("serviceMesh")
+class HttpHeaderForwarderConfig implements WebMvcConfigurer {
+ @Bean
+ public RestTemplate restTemplate() {
+ RestTemplate restTemplate = new RestTemplate();
+
+ List<ClientHttpRequestInterceptor> interceptors = restTemplate.getInterceptors();
+ if (CollectionUtils.isEmpty(interceptors))
+ interceptors = new ArrayList<>();
+
+ interceptors.add(new HttpHeaderForwarderRequestInterceptor());
+ restTemplate.setInterceptors(interceptors);
+ return restTemplate;
+ }
+
+ @Override
+ public void addInterceptors(InterceptorRegistry registry) {
+ registry.addInterceptor(new HttpHeaderForwarderHandlerInterceptor());
+ }
+}
diff --git a/common/src/main/java/org/onap/so/security/HttpHeaderForwarderHandlerInterceptor.java b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderHandlerInterceptor.java
new file mode 100644
index 0000000000..da01e5e1cf
--- /dev/null
+++ b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderHandlerInterceptor.java
@@ -0,0 +1,68 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * Copyright (C) 2021 Orange. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.so.security;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+import com.google.common.collect.ImmutableSet;
+
+/**
+ * @author Sheel Bajpai (sheel.bajpai@orange.com)
+ *
+ */
+
+public class HttpHeaderForwarderHandlerInterceptor extends HandlerInterceptorAdapter {
+
+ private static final ThreadLocal<Map<String, List<String>>> HEADERS_THREAD_LOCAL = new ThreadLocal<>();
+
+ private static final Set<String> FORWARDED_HEADER_NAMES = ImmutableSet.of("authorization", "x-request-id",
+ "x-b3-traceid", "x-b3-spanid", "x-b3-parentspanid", "x-b3-sampled", "x-b3-flags", "x-ot-span-context");
+
+ @Override
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+ throws Exception {
+
+ Map<String, List<String>> headerMap = Collections.list(request.getHeaderNames()).stream()
+ .map(String::toLowerCase).filter(FORWARDED_HEADER_NAMES::contains)
+ .collect(Collectors.toMap(Function.identity(), h -> Collections.list(request.getHeaders(h))));
+
+ HEADERS_THREAD_LOCAL.set(headerMap);
+ return super.preHandle(request, response, handler);
+ }
+
+ @Override
+ public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
+ ModelAndView modelAndView) throws Exception {
+ HEADERS_THREAD_LOCAL.remove();
+ }
+
+ static Map<String, List<String>> getHeaders() {
+ return HEADERS_THREAD_LOCAL.get();
+ }
+
+}
diff --git a/common/src/main/java/org/onap/so/security/HttpHeaderForwarderRequestInterceptor.java b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderRequestInterceptor.java
new file mode 100644
index 0000000000..18a3f3deda
--- /dev/null
+++ b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderRequestInterceptor.java
@@ -0,0 +1,47 @@
+/*-
+ * ============LICENSE_START=======================================================
+ * Copyright (C) 2021 Orange. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.so.security;
+
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+import org.springframework.http.HttpRequest;
+import org.springframework.http.client.ClientHttpRequestExecution;
+import org.springframework.http.client.ClientHttpRequestInterceptor;
+import org.springframework.http.client.ClientHttpResponse;
+
+/**
+ * @author Sheel Bajpai (sheel.bajpai@orange.com)
+ *
+ */
+
+public class HttpHeaderForwarderRequestInterceptor implements ClientHttpRequestInterceptor {
+
+ @Override
+ public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution)
+ throws IOException {
+
+ Map<String, List<String>> headerMap = HttpHeaderForwarderHandlerInterceptor.getHeaders();
+ if (headerMap != null && !headerMap.isEmpty())
+ request.getHeaders().putAll(HttpHeaderForwarderHandlerInterceptor.getHeaders());
+ return execution.execute(request, body);
+ }
+
+}
diff --git a/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java b/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java
index b3e4842bbd..4a112b9687 100644
--- a/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java
+++ b/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java
@@ -34,7 +34,7 @@ import org.springframework.security.web.firewall.StrictHttpFirewall;
@EnableWebSecurity
@Configuration
@Order(2)
-@Profile({"aaf", "test"})
+@Profile({"aaf", "test", "serviceMesh"})
public class SoNoAuthWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
@Override
public void configure(final WebSecurity web) throws Exception {