diff options
14 files changed, 274 insertions, 28 deletions
diff --git a/adapters/mso-catalog-db-adapter/src/main/resources/db/migration/V6.1__AlterColumnActionCategoryControllerSelectionCategory.sql b/adapters/mso-catalog-db-adapter/src/main/resources/db/migration/V6.1__AlterColumnActionCategoryControllerSelectionCategory.sql new file mode 100644 index 0000000000..6f61b830f2 --- /dev/null +++ b/adapters/mso-catalog-db-adapter/src/main/resources/db/migration/V6.1__AlterColumnActionCategoryControllerSelectionCategory.sql @@ -0,0 +1,3 @@ +USE catalogdb; + +ALTER TABLE controller_selection_reference MODIFY ACTION_CATEGORY VARCHAR(50) NOT NULL; diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/MessageConverterConfiguration.java b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/MessageConverterConfiguration.java index d99b68846e..32c22356b3 100644 --- a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/MessageConverterConfiguration.java +++ b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/MessageConverterConfiguration.java @@ -20,14 +20,16 @@ package org.onap.so.adapters.vnfmadapter; import com.google.gson.Gson; +import com.google.gson.GsonBuilder; import java.util.ArrayList; import java.util.Collection; -import org.onap.so.adapters.vnfmadapter.extclients.vnfm.lcn.JSON; +import org.onap.so.adapters.vnfmadapter.oauth.OAuth2AccessTokenAdapter; import org.springframework.boot.autoconfigure.http.HttpMessageConverters; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.converter.HttpMessageConverter; import org.springframework.http.converter.json.GsonHttpMessageConverter; +import org.springframework.security.oauth2.common.OAuth2AccessToken; /** * Configures message converter @@ -38,7 +40,8 @@ public class MessageConverterConfiguration { @Bean public HttpMessageConverters customConverters() { final Collection<HttpMessageConverter<?>> messageConverters = new ArrayList<>(); - final Gson gson = new JSON().getGson(); + final Gson gson = new GsonBuilder() + .registerTypeHierarchyAdapter(OAuth2AccessToken.class, new OAuth2AccessTokenAdapter()).create(); final GsonHttpMessageConverter gsonHttpMessageConverter = new GsonHttpMessageConverter(gson); messageConverters.add(gsonHttpMessageConverter); return new HttpMessageConverters(true, messageConverters); diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/WebSecurityConfigImpl.java b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/WebSecurityConfigImpl.java index f0830139b7..2b33e8b11d 100644 --- a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/WebSecurityConfigImpl.java +++ b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/WebSecurityConfigImpl.java @@ -36,11 +36,9 @@ public class WebSecurityConfigImpl extends WebSecurityConfig { @Override protected void configure(final HttpSecurity http) throws Exception { - http.csrf().disable().authorizeRequests() - .antMatchers("/manage/health", "/manage/info", Constants.BASE_URL + "/lcn/**", - Constants.BASE_URL + "/grants/**") - .permitAll().antMatchers("/**").hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")) - .and().httpBasic(); + http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll() + .antMatchers("/**").hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")).and() + .httpBasic(); } @Override diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/extclients/vnfm/VnfmHelper.java b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/extclients/vnfm/VnfmHelper.java index 249cf74cb2..b4355efc20 100644 --- a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/extclients/vnfm/VnfmHelper.java +++ b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/extclients/vnfm/VnfmHelper.java @@ -41,6 +41,7 @@ import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.LccnSubscriptionRe import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.SubscriptionsAuthentication; import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.SubscriptionsAuthentication.AuthTypeEnum; import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.SubscriptionsAuthenticationParamsBasic; +import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.SubscriptionsAuthenticationParamsOauth2ClientCredentials; import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.SubscriptionsFilter; import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.SubscriptionsFilter.NotificationTypesEnum; import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.SubscriptionsFilterVnfInstanceSubscriptionFilter; @@ -194,12 +195,21 @@ public class VnfmHelper { } private SubscriptionsAuthentication getSubscriptionsAuthentication() throws GeneralSecurityException { - final SubscriptionsAuthenticationParamsBasic basicAuthParams = new SubscriptionsAuthenticationParamsBasic(); + final SubscriptionsAuthentication authentication = new SubscriptionsAuthentication(); + final String[] decrypedAuth = CryptoUtils.decrypt(vnfmAdapterAuth, msoEncryptionKey).split(":"); + + SubscriptionsAuthenticationParamsOauth2ClientCredentials oauthParams = + new SubscriptionsAuthenticationParamsOauth2ClientCredentials(); + oauthParams.setTokenEndpoint(vnfmAdapterEndoint + "/oauth/token"); + oauthParams.clientId(decrypedAuth[0]); + oauthParams.setClientPassword(decrypedAuth[1]); + authentication.addAuthTypeItem(AuthTypeEnum.OAUTH2_CLIENT_CREDENTIALS); + authentication.paramsOauth2ClientCredentials(oauthParams); + + final SubscriptionsAuthenticationParamsBasic basicAuthParams = new SubscriptionsAuthenticationParamsBasic(); basicAuthParams.setUserName(decrypedAuth[0]); basicAuthParams.setPassword(decrypedAuth[1]); - - final SubscriptionsAuthentication authentication = new SubscriptionsAuthentication(); authentication.addAuthTypeItem(AuthTypeEnum.BASIC); authentication.paramsBasic(basicAuthParams); return authentication; diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/AuthorizationServerConfig.java b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/AuthorizationServerConfig.java new file mode 100644 index 0000000000..7f71b2e9d6 --- /dev/null +++ b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/AuthorizationServerConfig.java @@ -0,0 +1,55 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.so.adapters.vnfmadapter.oauth; + +import org.onap.so.utils.CryptoUtils; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; +import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; + +@Configuration +@EnableAuthorizationServer +/** + * Configures the authorization server for oauth token based authentication. + */ +public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { + + private static final int ONE_DAY = 60 * 60 * 24; + + @Value("${vnfmadapter.auth:E39823AAB2739CC654C4E92B52C05BC34149342D0A46451B00CA508C8EDC62242CE4E9DA9445D3C01A3F13}") + private String vnfmAdapterAuth; + + @Value("${mso.key}") + private String msoEncryptionKey; + + @Override + public void configure(final ClientDetailsServiceConfigurer clients) throws Exception { + final String[] decrypedAuth = CryptoUtils.decrypt(vnfmAdapterAuth, msoEncryptionKey).split(":"); + BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); + clients.inMemory().withClient(decrypedAuth[0]).secret(passwordEncoder.encode(decrypedAuth[1])) + .authorizedGrantTypes("client_credentials").scopes("write").accessTokenValiditySeconds(ONE_DAY) + .refreshTokenValiditySeconds(ONE_DAY); + } + +} diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2AccessTokenAdapter.java b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2AccessTokenAdapter.java new file mode 100644 index 0000000000..2f51406e23 --- /dev/null +++ b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2AccessTokenAdapter.java @@ -0,0 +1,51 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.so.adapters.vnfmadapter.oauth; + +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonSerializationContext; +import com.google.gson.JsonSerializer; +import java.lang.reflect.Type; +import org.springframework.security.oauth2.common.OAuth2AccessToken; + +public class OAuth2AccessTokenAdapter implements JsonSerializer<OAuth2AccessToken> { + + @Override + public JsonElement serialize(final OAuth2AccessToken src, final Type typeOfSrc, + final JsonSerializationContext context) { + final JsonObject obj = new JsonObject(); + obj.addProperty(OAuth2AccessToken.ACCESS_TOKEN, src.getValue()); + obj.addProperty(OAuth2AccessToken.TOKEN_TYPE, src.getTokenType()); + if (src.getRefreshToken() != null) { + obj.addProperty(OAuth2AccessToken.REFRESH_TOKEN, src.getRefreshToken().getValue()); + } + obj.addProperty(OAuth2AccessToken.EXPIRES_IN, src.getExpiresIn()); + final JsonArray scopeObj = new JsonArray(); + for (final String scope : src.getScope()) { + scopeObj.add(scope); + } + obj.add(OAuth2AccessToken.SCOPE, scopeObj); + + return obj; + } +} diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2ResourceServer.java b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2ResourceServer.java new file mode 100644 index 0000000000..1f0594e811 --- /dev/null +++ b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2ResourceServer.java @@ -0,0 +1,52 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.so.adapters.vnfmadapter.oauth; + +import javax.servlet.http.HttpServletRequest; +import org.onap.so.adapters.vnfmadapter.Constants; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; +import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; +import org.springframework.security.web.util.matcher.RequestMatcher; + +@Configuration +@EnableResourceServer +/** + * Enforces oauth token based authentication when a token is provided in the request. + */ +public class OAuth2ResourceServer extends ResourceServerConfigurerAdapter { + + @Override + public void configure(final HttpSecurity http) throws Exception { + http.requestMatcher(new OAuth2ResourceServerRequestMatcher()).authorizeRequests() + .antMatchers(Constants.BASE_URL + "/grants/**", Constants.BASE_URL + "/lcn/**").authenticated(); + } + + private static class OAuth2ResourceServerRequestMatcher implements RequestMatcher { + @Override + public boolean matches(HttpServletRequest request) { + String auth = request.getHeader("Authorization"); + String uri = request.getRequestURI(); + return (auth != null && auth.startsWith("Bearer") && (uri.contains("/grants") || uri.contains("/lcn/"))); + } + } +} diff --git a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/test/java/org/onap/so/adapters/vnfmadapter/rest/VnfmAdapterControllerTest.java b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/test/java/org/onap/so/adapters/vnfmadapter/rest/VnfmAdapterControllerTest.java index b45a13362d..6cdabb9374 100644 --- a/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/test/java/org/onap/so/adapters/vnfmadapter/rest/VnfmAdapterControllerTest.java +++ b/adapters/mso-vnfm-adapter/mso-vnfm-etsi-adapter/src/test/java/org/onap/so/adapters/vnfmadapter/rest/VnfmAdapterControllerTest.java @@ -133,7 +133,7 @@ public class VnfmAdapterControllerTest { setUpVimInMockAai(); final String expectedsubscriptionRequest = - "{\"filter\":{\"vnfInstanceSubscriptionFilter\":{\"vnfInstanceIds\":[\"vnfId\"]},\"notificationTypes\":[\"VnfLcmOperationOccurrenceNotification\"]},\"callbackUri\":\"https://so-vnfm-adapter.onap:30406/so/vnfm-adapter/v1/lcn/VnfLcmOperationOccurrenceNotification\",\"authentication\":{\"authType\":[\"BASIC\"],\"paramsBasic\":{\"userName\":\"vnfm\",\"password\":\"password1$\"}}}"; + "{\"filter\":{\"vnfInstanceSubscriptionFilter\":{\"vnfInstanceIds\":[\"vnfId\"]},\"notificationTypes\":[\"VnfLcmOperationOccurrenceNotification\"]},\"callbackUri\":\"https://so-vnfm-adapter.onap:30406/so/vnfm-adapter/v1/lcn/VnfLcmOperationOccurrenceNotification\",\"authentication\":{\"authType\":[\"OAUTH2_CLIENT_CREDENTIALS\", \"BASIC\"],\"paramsOauth2ClientCredentials\":{\"clientId\":\"vnfm\",\"clientPassword\":\"password1$\",\"tokenEndpoint\":\"https://so-vnfm-adapter.onap:30406/oauth/token\"},\"paramsBasic\":{\"userName\":\"vnfm\",\"password\":\"password1$\"}}}"; final InlineResponse2001 subscriptionResponse = new InlineResponse2001(); final InlineResponse201 createResponse = createCreateResponse(); diff --git a/bpmn/MSOCommonBPMN/src/main/java/org/onap/so/bpmn/servicedecomposition/tasks/BBInputSetup.java b/bpmn/MSOCommonBPMN/src/main/java/org/onap/so/bpmn/servicedecomposition/tasks/BBInputSetup.java index 9a39334af1..433aa0c11a 100644 --- a/bpmn/MSOCommonBPMN/src/main/java/org/onap/so/bpmn/servicedecomposition/tasks/BBInputSetup.java +++ b/bpmn/MSOCommonBPMN/src/main/java/org/onap/so/bpmn/servicedecomposition/tasks/BBInputSetup.java @@ -1388,8 +1388,10 @@ public class BBInputSetup implements JavaDelegate { vnfs.getInstanceParams(), productFamilyId); } else if (bbName.contains(VF_MODULE) || bbName.contains(VOLUME_GROUP)) { Pair<Vnfs, VfModules> vnfsAndVfModules = getVfModulesAndItsVnfsByKey(key, resources); - vfModules = vnfsAndVfModules.getValue1(); - vnfs = vnfsAndVfModules.getValue0(); + if (vnfsAndVfModules != null) { + vfModules = vnfsAndVfModules.getValue1(); + vnfs = vnfsAndVfModules.getValue0(); + } lookupKeyMap.put(ResourceKey.GENERIC_VNF_ID, getVnfId(executeBB, lookupKeyMap)); if (vnfs == null) { throw new Exception("Could not find Vnf to orchestrate VfModule"); @@ -1410,8 +1412,10 @@ public class BBInputSetup implements JavaDelegate { } else if (bbName.contains(NETWORK)) { networks = findNetworksByKey(key, resources); String networkId = lookupKeyMap.get(ResourceKey.NETWORK_ID); - this.populateL3Network(networks.getInstanceName(), networks.getModelInfo(), service, bbName, - serviceInstance, lookupKeyMap, networkId, networks.getInstanceParams()); + if (networks != null) { + this.populateL3Network(networks.getInstanceName(), networks.getModelInfo(), service, bbName, + serviceInstance, lookupKeyMap, networkId, networks.getInstanceParams()); + } } else if (bbName.contains("Configuration")) { String configurationId = lookupKeyMap.get(ResourceKey.CONFIGURATION_ID); ModelInfo configurationModelInfo = new ModelInfo(); @@ -1608,8 +1612,10 @@ public class BBInputSetup implements JavaDelegate { protected void mapCatalogNetworkCollectionInstanceGroup(Service service, InstanceGroup instanceGroup, String key) { CollectionResourceCustomization collectionCust = this.findCatalogNetworkCollection(service, key); - org.onap.so.db.catalog.beans.InstanceGroup catalogInstanceGroup = - collectionCust.getCollectionResource().getInstanceGroup(); + org.onap.so.db.catalog.beans.InstanceGroup catalogInstanceGroup = null; + if (collectionCust != null) { + catalogInstanceGroup = collectionCust.getCollectionResource().getInstanceGroup(); + } instanceGroup.setModelInfoInstanceGroup( mapperLayer.mapCatalogInstanceGroupToInstanceGroup(collectionCust, catalogInstanceGroup)); } diff --git a/bpmn/mso-infrastructure-bpmn/src/test/java/org/onap/so/bpmn/common/WorkflowTest.java b/bpmn/mso-infrastructure-bpmn/src/test/java/org/onap/so/bpmn/common/WorkflowTest.java index 389f931901..e71404a2ff 100644 --- a/bpmn/mso-infrastructure-bpmn/src/test/java/org/onap/so/bpmn/common/WorkflowTest.java +++ b/bpmn/mso-infrastructure-bpmn/src/test/java/org/onap/so/bpmn/common/WorkflowTest.java @@ -350,10 +350,12 @@ public abstract class WorkflowTest { */ try { - msoRequestId = (String) injectedVariables.get("requestId"); - variables.put("mso-request-id", msoRequestId); - msoServiceInstanceId = (String) injectedVariables.get("serviceInstanceId"); - variables.put("mso-service-instance-id", msoServiceInstanceId); + if (injectedVariables != null) { + msoRequestId = (String) injectedVariables.get("requestId"); + variables.put("mso-request-id", msoRequestId); + msoServiceInstanceId = (String) injectedVariables.get("serviceInstanceId"); + variables.put("mso-service-instance-id", msoServiceInstanceId); + } } catch (Exception e) { } if (msoRequestId == null || msoRequestId.trim().equals("")) { diff --git a/common/src/main/java/org/onap/so/client/aai/AAIValidatorImpl.java b/common/src/main/java/org/onap/so/client/aai/AAIValidatorImpl.java index 95ed01ee94..96844ff1cb 100644 --- a/common/src/main/java/org/onap/so/client/aai/AAIValidatorImpl.java +++ b/common/src/main/java/org/onap/so/client/aai/AAIValidatorImpl.java @@ -47,10 +47,12 @@ public class AAIValidatorImpl implements AAIValidator { List<Pserver> pservers; boolean isLocked = false; pservers = client.getPhysicalServerByVnfId(vnfId); - for (Pserver pserver : pservers) { - if (pserver.isInMaint()) { - isLocked = true; - return isLocked; + if (pservers != null) { + for (Pserver pserver : pservers) { + if (pserver.isInMaint()) { + isLocked = true; + return isLocked; + } } } return isLocked; diff --git a/common/src/test/java/org/onap/so/client/aai/AAIValidatorTest.java b/common/src/test/java/org/onap/so/client/aai/AAIValidatorTest.java index 5fa2ff0295..b91d0e705a 100644 --- a/common/src/test/java/org/onap/so/client/aai/AAIValidatorTest.java +++ b/common/src/test/java/org/onap/so/client/aai/AAIValidatorTest.java @@ -91,6 +91,13 @@ public class AAIValidatorTest { } @Test + public void test_IsPhysicalServerLocked_NoServers_False() throws IOException { + when(client.getPhysicalServerByVnfId(vnfName)).thenReturn(null); + boolean locked = validator.isPhysicalServerLocked(vnfName); + assertEquals(false, locked); + } + + @Test public void test_IsVNFLocked_False() { when(client.getVnfByName(vnfName)).thenReturn(createGenericVnfs(false)); boolean locked = validator.isVNFLocked(vnfName); diff --git a/mso-api-handlers/mso-requests-db/src/main/java/org/onap/so/db/request/beans/InfraRequests.java b/mso-api-handlers/mso-requests-db/src/main/java/org/onap/so/db/request/beans/InfraRequests.java index 464cacb6b0..05845dd058 100644 --- a/mso-api-handlers/mso-requests-db/src/main/java/org/onap/so/db/request/beans/InfraRequests.java +++ b/mso-api-handlers/mso-requests-db/src/main/java/org/onap/so/db/request/beans/InfraRequests.java @@ -161,7 +161,7 @@ public abstract class InfraRequests implements java.io.Serializable { private String rollbackExtSystemErrorSource; @OneToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER) - @JoinColumn(name = "SO_REQUEST_ID", referencedColumnName = "REQUEST_ID") + @JoinColumn(name = "SO_REQUEST_ID", referencedColumnName = "REQUEST_ID", updatable = false) private List<CloudApiRequests> cloudApiRequests = new ArrayList<>(); @ResourceId diff --git a/vnfm-simulator/vnfm-service/src/main/java/org/onap/svnfm/simulator/services/OperationProgressor.java b/vnfm-simulator/vnfm-service/src/main/java/org/onap/svnfm/simulator/services/OperationProgressor.java index 83f079c376..eed62780c0 100644 --- a/vnfm-simulator/vnfm-service/src/main/java/org/onap/svnfm/simulator/services/OperationProgressor.java +++ b/vnfm-simulator/vnfm-service/src/main/java/org/onap/svnfm/simulator/services/OperationProgressor.java @@ -1,11 +1,17 @@ package org.onap.svnfm.simulator.services; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; +import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; +import java.io.InputStreamReader; +import java.net.URL; import java.nio.charset.StandardCharsets; import java.util.ArrayList; import java.util.List; import java.util.UUID; +import javax.net.ssl.HttpsURLConnection; import javax.ws.rs.core.MediaType; import org.apache.commons.codec.binary.Base64; import org.modelmapper.ModelMapper; @@ -30,6 +36,7 @@ import org.onap.so.adapters.vnfmadapter.extclients.vnfm.lcn.model.VnfLcmOperatio import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.InlineResponse200; import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.InlineResponse201InstantiatedVnfInfoVnfcResourceInfo; import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.SubscriptionsAuthenticationParamsBasic; +import org.onap.so.adapters.vnfmadapter.extclients.vnfm.model.SubscriptionsAuthenticationParamsOauth2ClientCredentials; import org.onap.svnfm.simulator.config.ApplicationConfig; import org.onap.svnfm.simulator.model.VnfOperation; import org.onap.svnfm.simulator.model.Vnfds; @@ -187,7 +194,8 @@ public abstract class OperationProgressor implements Runnable { final String auth = subscriptionAuthentication.getUserName() + ":" + subscriptionAuthentication.getPassword(); final byte[] encodedAuth = Base64.encodeBase64(auth.getBytes(StandardCharsets.ISO_8859_1)); - final String authHeader = "Basic " + new String(encodedAuth); + String authHeader = "Basic " + new String(encodedAuth); + notificationClient.lcnVnfLcmOperationOccurrenceNotificationPostWithHttpInfo(notification, MediaType.APPLICATION_JSON, authHeader); } catch (final ApiException exception) { @@ -235,8 +243,15 @@ public abstract class OperationProgressor implements Runnable { private InlineResponse201 sendGrantRequest(final GrantRequest grantRequest) { LOGGER.info("Sending grant request: {}", grantRequest); try { + + final SubscriptionsAuthenticationParamsOauth2ClientCredentials subscriptionAuthentication = + subscriptionService.getSubscriptions().iterator().next().getAuthentication() + .getParamsOauth2ClientCredentials(); + final String authHeader = + "Bearer " + getToken(notificationClient.getApiClient(), subscriptionAuthentication); + final ApiResponse<InlineResponse201> response = grantClient.grantsPostWithHttpInfo(grantRequest, - MediaType.APPLICATION_JSON, MediaType.APPLICATION_JSON, "Basic dm5mbTpwYXNzd29yZDEk"); + MediaType.APPLICATION_JSON, MediaType.APPLICATION_JSON, authHeader); LOGGER.info("Grant Response: {}", response); return response.getData(); } catch (final org.onap.so.adapters.vnfmadapter.extclients.vnfm.grant.ApiException exception) { @@ -257,4 +272,46 @@ public abstract class OperationProgressor implements Runnable { return applicationConfig.getBaseUrl() + "/vnflcm/v1"; } + private String getToken(final ApiClient apiClient, + final SubscriptionsAuthenticationParamsOauth2ClientCredentials oauthClientCredentials) { + final String basePath = apiClient.getBasePath().substring(0, apiClient.getBasePath().indexOf("/so/")); + final String tokenUrl = basePath + "/oauth/token?grant_type=client_credentials"; + + try { + URL url = new URL(tokenUrl); + HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); + connection.setRequestMethod("POST"); + final String authorizationHeader = getAuthorizationHeader(oauthClientCredentials); + connection.addRequestProperty("Authorization", authorizationHeader); + + connection.connect(); + + return getResponse(connection).get("access_token").getAsString(); + + } catch (IOException exception) { + LOGGER.error("Error getting token", exception); + return null; + } + } + + private String getAuthorizationHeader( + final SubscriptionsAuthenticationParamsOauth2ClientCredentials oauthClientCredentials) { + final String auth = oauthClientCredentials.getClientId() + ":" + oauthClientCredentials.getClientPassword(); + final byte[] encodedAuth = Base64.encodeBase64(auth.getBytes(StandardCharsets.UTF_8)); + return "Basic " + new String(encodedAuth); + } + + private JsonObject getResponse(HttpsURLConnection connection) throws IOException { + BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream())); + String line, data = ""; + while ((line = in.readLine()) != null) { + data += line; + } + in.close(); + connection.getInputStream().close(); + + JsonObject jsonObject = new JsonParser().parse(data).getAsJsonObject(); + return jsonObject; + } + } |