Merge "ONAP Service Mesh compliant modification"

5 files changed, 185 insertions, 1 deletions

diff --git a/common/pom.xml b/common/pom.xml
index f42033b152..a6e8a79f56 100644
--- a/common/pom.xml
+++ b/common/pom.xml
@@ -15,6 +15,7 @@
     <protobuf.version>3.10.0</protobuf.version>
     <grpc.netty.version>4.1.30.Final</grpc.netty.version>
     <ccsdk.version>1.1.2</ccsdk.version>
+    <spring-cloud-sleuth.version>2.0.2.RELEASE</spring-cloud-sleuth.version>
   </properties>
   <dependencies>
     <dependency>
@@ -300,6 +301,10 @@
       <groupId>org.ehcache</groupId>
       <artifactId>ehcache</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.springframework.cloud</groupId>
+      <artifactId>spring-cloud-starter-sleuth</artifactId>
+    </dependency>
   </dependencies>
   <dependencyManagement>
     <dependencies>
@@ -310,6 +315,13 @@
         <type>pom</type>
         <scope>import</scope>
       </dependency>
+      <dependency>
+        <groupId>org.springframework.cloud</groupId>
+        <artifactId>spring-cloud-sleuth</artifactId>
+        <version>${spring-cloud-sleuth.version}</version>
+        <type>pom</type>
+        <scope>import</scope>
+      </dependency>
     </dependencies>
   </dependencyManagement>
   <build>
diff --git a/common/src/main/java/org/onap/so/security/HttpHeaderForwarderConfig.java b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderConfig.java
new file mode 100644
index 0000000000..6340b1c6fb
--- /dev/null
+++ b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderConfig.java
@@ -0,0 +1,57 @@
+/*-
+ * ============LICENSE_START=======================================================
+ *  Copyright (C) 2021 Orange. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * 
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.so.security;
+
+import java.util.ArrayList;
+import java.util.List;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.http.client.ClientHttpRequestInterceptor;
+import org.springframework.util.CollectionUtils;
+import org.springframework.web.client.RestTemplate;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * @author Sheel Bajpai (sheel.bajpai@orange.com)
+ *
+ */
+@Configuration
+@Profile("serviceMesh")
+class HttpHeaderForwarderConfig implements WebMvcConfigurer {
+    @Bean
+    public RestTemplate restTemplate() {
+        RestTemplate restTemplate = new RestTemplate();
+
+        List<ClientHttpRequestInterceptor> interceptors = restTemplate.getInterceptors();
+        if (CollectionUtils.isEmpty(interceptors))
+            interceptors = new ArrayList<>();
+
+        interceptors.add(new HttpHeaderForwarderRequestInterceptor());
+        restTemplate.setInterceptors(interceptors);
+        return restTemplate;
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(new HttpHeaderForwarderHandlerInterceptor());
+    }
+}
diff --git a/common/src/main/java/org/onap/so/security/HttpHeaderForwarderHandlerInterceptor.java b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderHandlerInterceptor.java
new file mode 100644
index 0000000000..da01e5e1cf
--- /dev/null
+++ b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderHandlerInterceptor.java
@@ -0,0 +1,68 @@
+/*-
+ * ============LICENSE_START=======================================================
+ *  Copyright (C) 2021 Orange. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * 
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.so.security;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.function.Function;
+import java.util.stream.Collectors;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+import com.google.common.collect.ImmutableSet;
+
+/**
+ * @author Sheel Bajpai (sheel.bajpai@orange.com)
+ *
+ */
+
+public class HttpHeaderForwarderHandlerInterceptor extends HandlerInterceptorAdapter {
+
+    private static final ThreadLocal<Map<String, List<String>>> HEADERS_THREAD_LOCAL = new ThreadLocal<>();
+
+    private static final Set<String> FORWARDED_HEADER_NAMES = ImmutableSet.of("authorization", "x-request-id",
+            "x-b3-traceid", "x-b3-spanid", "x-b3-parentspanid", "x-b3-sampled", "x-b3-flags", "x-ot-span-context");
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+            throws Exception {
+
+        Map<String, List<String>> headerMap = Collections.list(request.getHeaderNames()).stream()
+                .map(String::toLowerCase).filter(FORWARDED_HEADER_NAMES::contains)
+                .collect(Collectors.toMap(Function.identity(), h -> Collections.list(request.getHeaders(h))));
+
+        HEADERS_THREAD_LOCAL.set(headerMap);
+        return super.preHandle(request, response, handler);
+    }
+
+    @Override
+    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
+            ModelAndView modelAndView) throws Exception {
+        HEADERS_THREAD_LOCAL.remove();
+    }
+
+    static Map<String, List<String>> getHeaders() {
+        return HEADERS_THREAD_LOCAL.get();
+    }
+
+}
diff --git a/common/src/main/java/org/onap/so/security/HttpHeaderForwarderRequestInterceptor.java b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderRequestInterceptor.java
new file mode 100644
index 0000000000..18a3f3deda
--- /dev/null
+++ b/common/src/main/java/org/onap/so/security/HttpHeaderForwarderRequestInterceptor.java
@@ -0,0 +1,47 @@
+/*-
+ * ============LICENSE_START=======================================================
+ *  Copyright (C) 2021 Orange. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * 
+ * SPDX-License-Identifier: Apache-2.0
+ * ============LICENSE_END=========================================================
+ */
+package org.onap.so.security;
+
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+import org.springframework.http.HttpRequest;
+import org.springframework.http.client.ClientHttpRequestExecution;
+import org.springframework.http.client.ClientHttpRequestInterceptor;
+import org.springframework.http.client.ClientHttpResponse;
+
+/**
+ * @author Sheel Bajpai (sheel.bajpai@orange.com)
+ *
+ */
+
+public class HttpHeaderForwarderRequestInterceptor implements ClientHttpRequestInterceptor {
+
+    @Override
+    public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution)
+            throws IOException {
+
+        Map<String, List<String>> headerMap = HttpHeaderForwarderHandlerInterceptor.getHeaders();
+        if (headerMap != null && !headerMap.isEmpty())
+            request.getHeaders().putAll(HttpHeaderForwarderHandlerInterceptor.getHeaders());
+        return execution.execute(request, body);
+    }
+
+}
diff --git a/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java b/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java
index b3e4842bbd..4a112b9687 100644
--- a/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java
+++ b/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java
@@ -34,7 +34,7 @@ import org.springframework.security.web.firewall.StrictHttpFirewall;
 @EnableWebSecurity
 @Configuration
 @Order(2)
-@Profile({"aaf", "test"})
+@Profile({"aaf", "test", "serviceMesh"})
 public class SoNoAuthWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
     @Override
     public void configure(final WebSecurity web) throws Exception {