diff options
Diffstat (limited to 'adapters/mso-requests-db-adapter/src')
7 files changed, 202 insertions, 37 deletions
diff --git a/adapters/mso-requests-db-adapter/src/main/java/org/onap/so/adapters/requestsdb/WebSecurityConfigImpl.java b/adapters/mso-requests-db-adapter/src/main/java/org/onap/so/adapters/requestsdb/WebSecurityConfigImpl.java index b8bada298e..6cd7462299 100644 --- a/adapters/mso-requests-db-adapter/src/main/java/org/onap/so/adapters/requestsdb/WebSecurityConfigImpl.java +++ b/adapters/mso-requests-db-adapter/src/main/java/org/onap/so/adapters/requestsdb/WebSecurityConfigImpl.java @@ -24,27 +24,57 @@ package org.onap.so.adapters.requestsdb; import org.onap.so.security.MSOSpringFirewall; import org.onap.so.security.WebSecurityConfig; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.web.firewall.StrictHttpFirewall; import org.springframework.util.StringUtils; +@Configuration @EnableWebSecurity public class WebSecurityConfigImpl extends WebSecurityConfig { - @Override - protected void configure(HttpSecurity http) throws Exception { - http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll() - .antMatchers("/**").hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")).and() - .httpBasic(); + @Profile({"basic", "test"}) + @Bean + public WebSecurityConfigurerAdapter basicAuth() { + return new WebSecurityConfigurerAdapter() { + @Override + protected void configure(HttpSecurity http) throws Exception { + http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info", "/services") + .permitAll().antMatchers("/**") + .hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")).and().httpBasic(); + } + + @Override + public void configure(WebSecurity web) throws Exception { + super.configure(web); + StrictHttpFirewall firewall = new MSOSpringFirewall(); + web.httpFirewall(firewall); + } + + @Override + protected void configure(AuthenticationManagerBuilder auth) throws Exception { + auth.userDetailsService(WebSecurityConfigImpl.this.userDetailsService()) + .passwordEncoder(WebSecurityConfigImpl.this.passwordEncoder()); + } + + }; } - @Override - public void configure(WebSecurity web) throws Exception { - super.configure(web); - StrictHttpFirewall firewall = new MSOSpringFirewall(); - web.httpFirewall(firewall); + @Profile("aaf") + @Bean + public WebSecurityConfigurerAdapter noAuth() { + return new WebSecurityConfigurerAdapter() { + @Override + protected void configure(HttpSecurity http) throws Exception { + http.authorizeRequests().anyRequest().permitAll(); + } + }; } } diff --git a/adapters/mso-requests-db-adapter/src/main/java/org/onap/so/adapters/requestsdb/application/SecurityFilters.java b/adapters/mso-requests-db-adapter/src/main/java/org/onap/so/adapters/requestsdb/application/SecurityFilters.java new file mode 100644 index 0000000000..a422e6a60d --- /dev/null +++ b/adapters/mso-requests-db-adapter/src/main/java/org/onap/so/adapters/requestsdb/application/SecurityFilters.java @@ -0,0 +1,41 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP - SO + * ================================================================================ + * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.so.adapters.requestsdb.application; + +import org.springframework.boot.web.servlet.FilterRegistrationBean; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; +import org.springframework.core.Ordered; + +@Configuration +@Profile("aaf") +public class SecurityFilters { + + @Bean + public FilterRegistrationBean<SoCadiFilter> loginRegistrationBean() { + FilterRegistrationBean<SoCadiFilter> filterRegistrationBean = new FilterRegistrationBean<>(); + filterRegistrationBean.setFilter(new SoCadiFilter()); + filterRegistrationBean.setName("cadiFilter"); + filterRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE); + return filterRegistrationBean; + } +} diff --git a/adapters/mso-requests-db-adapter/src/main/java/org/onap/so/adapters/requestsdb/application/SoCadiFilter.java b/adapters/mso-requests-db-adapter/src/main/java/org/onap/so/adapters/requestsdb/application/SoCadiFilter.java new file mode 100644 index 0000000000..5e6ced077b --- /dev/null +++ b/adapters/mso-requests-db-adapter/src/main/java/org/onap/so/adapters/requestsdb/application/SoCadiFilter.java @@ -0,0 +1,117 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP SO + * ================================================================================ + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights + * reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END============================================ + * =================================================================== + * + */ +package org.onap.so.adapters.requestsdb.application; + +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.filter.CadiFilter; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Profile; +import org.springframework.stereotype.Component; + +@Component +@Profile("aaf") +public class SoCadiFilter extends CadiFilter { + + protected final Logger logger = LoggerFactory.getLogger(SoCadiFilter.class); + + private static String AFT_ENVIRONMENT_VAR = "AFT_ENVIRONMENT"; + private static String AAF_API_VERSION = "aaf_api_version"; + + @Value("${mso.config.cadi.cadiLoglevel:#{null}}") + private String cadiLoglevel; + + @Value("${mso.config.cadi.cadiKeyFile:#{null}}") + private String cadiKeyFile; + + @Value("${mso.config.cadi.cadiTruststorePassword:#{null}}") + private String cadiTrustStorePassword; + + @Value("${mso.config.cadi.cadiTrustStore:#{null}}") + private String cadiTrustStore; + + @Value("${mso.config.cadi.cadiLatitude:#{null}}") + private String cadiLatitude; + + @Value("${mso.config.cadi.cadiLongitude:#{null}}") + private String cadiLongitude; + + @Value("${mso.config.cadi.aafEnv:#{null}}") + private String aafEnv; + + @Value("${mso.config.cadi.aafApiVersion:#{null}}") + private String aafApiVersion; + + @Value("${mso.config.cadi.aafRootNs:#{null}}") + private String aafRootNs; + + @Value("${mso.config.cadi.aafId:#{null}}") + private String aafMechId; + + @Value("${mso.config.cadi.aafPassword:#{null}}") + private String aafMechIdPassword; + + @Value("${mso.config.cadi.aafLocateUrl:#{null}}") + private String aafLocateUrl; + + @Value("${mso.config.cadi.aafUrl:#{null}}") + private String aafUrl; + + @Value("${mso.config.cadi.apiEnforcement:#{null}}") + private String apiEnforcement; + + private void checkIfNullProperty(String key, String value) { + /* + * When value is null, it is not defined in application.yaml set nothing in System properties + */ + if (value != null) { + System.setProperty(key, value); + } + } + + @Override + public void init(FilterConfig filterConfig) throws ServletException { + checkIfNullProperty(Config.CADI_LOGLEVEL, cadiLoglevel); + checkIfNullProperty(Config.CADI_KEYFILE, cadiKeyFile); + checkIfNullProperty(Config.CADI_TRUSTSTORE, cadiTrustStore); + checkIfNullProperty(Config.CADI_TRUSTSTORE_PASSWORD, cadiTrustStorePassword); + checkIfNullProperty(Config.CADI_LATITUDE, cadiLatitude); + checkIfNullProperty(Config.CADI_LONGITUDE, cadiLongitude); + checkIfNullProperty(Config.AAF_ENV, aafEnv); + checkIfNullProperty(Config.AAF_API_VERSION, aafApiVersion); + checkIfNullProperty(Config.AAF_ROOT_NS, aafRootNs); + checkIfNullProperty(Config.AAF_APPID, aafMechId); + checkIfNullProperty(Config.AAF_APPPASS, aafMechIdPassword); + checkIfNullProperty(Config.AAF_LOCATE_URL, aafLocateUrl); + checkIfNullProperty(Config.AAF_URL, aafUrl); + checkIfNullProperty(Config.CADI_API_ENFORCEMENT, apiEnforcement); + // checkIfNullProperty(AFT_ENVIRONMENT_VAR, aftEnv); + logger.debug(" *** init Filter Config *** "); + super.init(filterConfig); + } + + +} diff --git a/adapters/mso-requests-db-adapter/src/main/resources/application-aaf.yaml b/adapters/mso-requests-db-adapter/src/main/resources/application-aaf.yaml new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/adapters/mso-requests-db-adapter/src/main/resources/application-aaf.yaml diff --git a/adapters/mso-requests-db-adapter/src/main/resources/application-basic.yaml b/adapters/mso-requests-db-adapter/src/main/resources/application-basic.yaml new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/adapters/mso-requests-db-adapter/src/main/resources/application-basic.yaml diff --git a/adapters/mso-requests-db-adapter/src/main/resources/db/migration/V7.2__Add_PNF_Column_Infra_Requests_archive_tables.sql b/adapters/mso-requests-db-adapter/src/main/resources/db/migration/V7.2__Add_PNF_Column_Infra_Requests_archive_tables.sql new file mode 100644 index 0000000000..dbdc925dae --- /dev/null +++ b/adapters/mso-requests-db-adapter/src/main/resources/db/migration/V7.2__Add_PNF_Column_Infra_Requests_archive_tables.sql @@ -0,0 +1,4 @@ +use requestdb; + +ALTER TABLE infra_active_requests ADD COLUMN IF NOT EXISTS PNF_ID varchar(45); +ALTER TABLE archived_infra_requests ADD COLUMN IF NOT EXISTS PNF_ID varchar(45);
\ No newline at end of file diff --git a/adapters/mso-requests-db-adapter/src/test/java/org/onap/so/adapters/requestsdb/adapters/MSORequestDBImplTest.java b/adapters/mso-requests-db-adapter/src/test/java/org/onap/so/adapters/requestsdb/adapters/MSORequestDBImplTest.java index 90f45b788e..fef9dbc22c 100644 --- a/adapters/mso-requests-db-adapter/src/test/java/org/onap/so/adapters/requestsdb/adapters/MSORequestDBImplTest.java +++ b/adapters/mso-requests-db-adapter/src/test/java/org/onap/so/adapters/requestsdb/adapters/MSORequestDBImplTest.java @@ -23,17 +23,14 @@ package org.onap.so.adapters.requestsdb.adapters; import static com.shazam.shazamcrest.MatcherAssert.assertThat; import static com.shazam.shazamcrest.matcher.Matchers.sameBeanAs; import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertNotNull; import static org.junit.Assert.fail; import java.util.ArrayList; import java.util.List; -import java.util.Map; import org.apache.cxf.jaxws.JaxWsProxyFactoryBean; import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.junit.rules.ExpectedException; -import org.onap.logging.ref.slf4j.ONAPLogConstants; import org.onap.so.adapters.requestsdb.MsoRequestsDbAdapter; import org.onap.so.adapters.requestsdb.RequestStatusType; import org.onap.so.adapters.requestsdb.RequestsAdapterBase; @@ -47,7 +44,6 @@ import org.onap.so.db.request.data.repository.ResourceOperationStatusRepository; import org.onap.so.requestsdb.RequestsDbConstant; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.web.server.LocalServerPort; -import ch.qos.logback.classic.spi.ILoggingEvent; public class MSORequestDBImplTest extends RequestsAdapterBase { @@ -423,28 +419,5 @@ public class MSORequestDBImplTest extends RequestsAdapterBase { ResourceOperationStatus actualResource = dbAdapter.getResourceOperationStatus(serviceId, operationId, "template1"); assertThat(actualResource, sameBeanAs(expectedResource)); - - for (ILoggingEvent logEvent : TestAppender.events) - if (logEvent.getLoggerName().equals("org.onap.so.logging.cxf.interceptor.SOAPLoggingInInterceptor") - && logEvent.getMarker().getName().equals("ENTRY")) { - Map<String, String> mdc = logEvent.getMDCPropertyMap(); - assertNotNull(mdc.get(ONAPLogConstants.MDCs.INSTANCE_UUID)); - assertNotNull(mdc.get(ONAPLogConstants.MDCs.REQUEST_ID)); - assertNotNull(mdc.get(ONAPLogConstants.MDCs.INVOCATION_ID)); - assertEquals("UNKNOWN", mdc.get(ONAPLogConstants.MDCs.PARTNER_NAME)); - assertEquals("/services/RequestsDbAdapter", mdc.get(ONAPLogConstants.MDCs.SERVICE_NAME)); - assertEquals("INPROGRESS", mdc.get(ONAPLogConstants.MDCs.RESPONSE_STATUS_CODE)); - } else if (logEvent.getLoggerName().equals("org.onap.so.logging.cxf.interceptor.SOAPLoggingOutInterceptor") - && logEvent.getMarker().getName().equals("EXIT")) { - Map<String, String> mdc = logEvent.getMDCPropertyMap(); - assertNotNull(mdc.get(ONAPLogConstants.MDCs.REQUEST_ID)); - assertNotNull(mdc.get(ONAPLogConstants.MDCs.INVOCATION_ID)); - assertEquals(null, mdc.get(ONAPLogConstants.MDCs.RESPONSE_CODE)); - assertEquals("UNKNOWN", mdc.get(ONAPLogConstants.MDCs.PARTNER_NAME)); - assertEquals("/services/RequestsDbAdapter", mdc.get(ONAPLogConstants.MDCs.SERVICE_NAME)); - assertEquals("COMPLETE", mdc.get(ONAPLogConstants.MDCs.RESPONSE_STATUS_CODE)); - } } - - } |