aboutsummaryrefslogtreecommitdiffstats
path: root/common/src/main/java/org/onap
diff options
context:
space:
mode:
authorBOSLET, CORY <cory.boslet@att.com>2021-03-10 17:22:28 -0500
committerAT&T Open Source <g22940@att.com>2021-03-10 17:22:29 -0500
commit39761146b77f58973612f8fdee3de9f987278edf (patch)
treeab96535b565898abf67e765b0141fb02fc0c6641 /common/src/main/java/org/onap
parent1d316a3c50f978313eca360c1a1636de68afee9d (diff)
add new sdnc interaction
Added Cors auth support option for sdnc interaction Issue-ID: SO-3580 Signed-off-by: AT&T Open Source <g22940@att.com> Change-Id: I54d17ea5e02a20114f5857940cc4dabc72854dea
Diffstat (limited to 'common/src/main/java/org/onap')
-rw-r--r--common/src/main/java/org/onap/so/constants/Status.java1
-rw-r--r--common/src/main/java/org/onap/so/security/BaseWebSecurityConfigurerAdapter.java44
-rw-r--r--common/src/main/java/org/onap/so/security/CorsBasicHttpSecurityConfigurer.java33
-rw-r--r--common/src/main/java/org/onap/so/security/CorsWebSecurityConfigurerAdapter.java24
-rw-r--r--common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java2
-rw-r--r--common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java41
6 files changed, 109 insertions, 36 deletions
diff --git a/common/src/main/java/org/onap/so/constants/Status.java b/common/src/main/java/org/onap/so/constants/Status.java
index b460418f0f..67c5ff0d40 100644
--- a/common/src/main/java/org/onap/so/constants/Status.java
+++ b/common/src/main/java/org/onap/so/constants/Status.java
@@ -27,6 +27,7 @@ package org.onap.so.constants;
public enum Status {
PENDING,
IN_PROGRESS,
+ WAIT_COMPLETION_NOTIF,
COMPLETE,
COMPLETED,
FAILED,
diff --git a/common/src/main/java/org/onap/so/security/BaseWebSecurityConfigurerAdapter.java b/common/src/main/java/org/onap/so/security/BaseWebSecurityConfigurerAdapter.java
new file mode 100644
index 0000000000..f494a6b812
--- /dev/null
+++ b/common/src/main/java/org/onap/so/security/BaseWebSecurityConfigurerAdapter.java
@@ -0,0 +1,44 @@
+package org.onap.so.security;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.firewall.StrictHttpFirewall;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+public abstract class BaseWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
+ private static final Logger LOGGER = LoggerFactory.getLogger(BaseWebSecurityConfigurerAdapter.class);
+
+ @Autowired
+ protected UserDetailsService userDetailsService;
+
+ @Autowired
+ protected BCryptPasswordEncoder passwordEncoder;
+
+ abstract HttpSecurityConfigurer getHttpSecurityConfigurer();
+
+ @Override
+ protected void configure(final HttpSecurity http) throws Exception {
+ HttpSecurityConfigurer httpSecurityConfigurer = getHttpSecurityConfigurer();
+ LOGGER.debug("Injecting {} configuration ...", httpSecurityConfigurer.getClass());
+
+ httpSecurityConfigurer.configure(http);
+ }
+
+ @Override
+ public void configure(final WebSecurity web) throws Exception {
+ super.configure(web);
+ final StrictHttpFirewall firewall = new MSOSpringFirewall();
+ web.httpFirewall(firewall);
+ }
+
+ @Override
+ protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
+ auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder);
+ }
+}
diff --git a/common/src/main/java/org/onap/so/security/CorsBasicHttpSecurityConfigurer.java b/common/src/main/java/org/onap/so/security/CorsBasicHttpSecurityConfigurer.java
new file mode 100644
index 0000000000..27c998f87d
--- /dev/null
+++ b/common/src/main/java/org/onap/so/security/CorsBasicHttpSecurityConfigurer.java
@@ -0,0 +1,33 @@
+package org.onap.so.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Profile;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.stereotype.Component;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import java.util.Arrays;
+
+@Component("cors")
+@Profile({"cors"})
+public class CorsBasicHttpSecurityConfigurer implements HttpSecurityConfigurer {
+
+ @Override
+ public void configure(final HttpSecurity http) throws Exception {
+ http.cors().and().csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll()
+ .antMatchers("/**").fullyAuthenticated().and().httpBasic();
+ }
+
+ @Bean
+ CorsConfigurationSource corsConfigurationSource() {
+ CorsConfiguration configuration = new CorsConfiguration();
+ configuration.setAllowedOrigins(Arrays.asList("*"));
+ configuration.setAllowedMethods(Arrays.asList("OPTIONS", "GET", "POST", "PATCH"));
+ configuration.setAllowCredentials(true);
+ configuration.setAllowedHeaders(Arrays.asList("*"));
+ UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+ source.registerCorsConfiguration("/**", configuration);
+ return source;
+ }
+}
diff --git a/common/src/main/java/org/onap/so/security/CorsWebSecurityConfigurerAdapter.java b/common/src/main/java/org/onap/so/security/CorsWebSecurityConfigurerAdapter.java
new file mode 100644
index 0000000000..08ecd0c578
--- /dev/null
+++ b/common/src/main/java/org/onap/so/security/CorsWebSecurityConfigurerAdapter.java
@@ -0,0 +1,24 @@
+package org.onap.so.security;
+
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+
+@EnableWebSecurity
+@Configuration
+@Order(1)
+@Profile({"cors"})
+public class CorsWebSecurityConfigurerAdapter extends BaseWebSecurityConfigurerAdapter {
+ @Autowired
+ @Qualifier("cors")
+ protected HttpSecurityConfigurer httpSecurityConfigurer;
+
+ @Override
+ HttpSecurityConfigurer getHttpSecurityConfigurer() {
+ return httpSecurityConfigurer;
+ }
+}
diff --git a/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java b/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java
index 9aceb03519..da989ee42a 100644
--- a/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java
+++ b/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java
@@ -28,7 +28,7 @@ import org.springframework.util.StringUtils;
* @author Waqas Ikram (waqas.ikram@est.tech)
*
*/
-@Component
+@Component("basic")
public class SoBasicHttpSecurityConfigurer implements HttpSecurityConfigurer {
@Autowired
diff --git a/common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java b/common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java
index 903d586ab1..c14ae47d89 100644
--- a/common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java
+++ b/common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java
@@ -19,20 +19,12 @@
*/
package org.onap.so.security;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.core.annotation.Order;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.web.firewall.StrictHttpFirewall;
/**
* @author Waqas Ikram (waqas.ikram@est.tech)
@@ -42,34 +34,13 @@ import org.springframework.security.web.firewall.StrictHttpFirewall;
@Configuration
@Order(1)
@Profile({"basic", "test"})
-public class SoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
- private static final Logger LOGGER = LoggerFactory.getLogger(SoWebSecurityConfigurerAdapter.class);
-
- @Autowired
- private HttpSecurityConfigurer httpSecurityConfigurer;
-
+public class SoWebSecurityConfigurerAdapter extends BaseWebSecurityConfigurerAdapter {
@Autowired
- private UserDetailsService userDetailsService;
-
- @Autowired
- private BCryptPasswordEncoder passwordEncoder;
-
- @Override
- protected void configure(final HttpSecurity http) throws Exception {
- LOGGER.debug("Injecting {} configuration ...", httpSecurityConfigurer.getClass());
-
- httpSecurityConfigurer.configure(http);
- }
-
- @Override
- public void configure(final WebSecurity web) throws Exception {
- super.configure(web);
- final StrictHttpFirewall firewall = new MSOSpringFirewall();
- web.httpFirewall(firewall);
- }
+ @Qualifier("basic")
+ protected HttpSecurityConfigurer httpSecurityConfigurer;
@Override
- protected void configure(final AuthenticationManagerBuilder auth) throws Exception {
- auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder);
+ HttpSecurityConfigurer getHttpSecurityConfigurer() {
+ return httpSecurityConfigurer;
}
}