From 02887947e4755f9c01bb98b14e65a4e7e1f418f5 Mon Sep 17 00:00:00 2001 From: "waqas.ikram" Date: Tue, 14 Apr 2020 17:39:38 +0100 Subject: Refactor SOL003 Adapter to organize its modules based on functions Change-Id: I7a1c172974ab5910b0c6b069dcf8c48f9893de37 Issue-ID: SO-2771 Signed-off-by: waqas.ikram --- .../sol003/adapter/common/CommonConstants.java | 47 +++++++++ .../adapter/common/VnfmAdapterUrlProvider.java | 105 +++++++++++++++++++++ .../MessageConverterConfiguration.java | 49 ++++++++++ .../configuration/AuthorizationServerConfig.java | 55 +++++++++++ .../configuration/OAuth2AccessTokenAdapter.java | 51 ++++++++++ .../oauth/configuration/OAuth2ResourceServer.java | 53 +++++++++++ .../vnfmadapter/common/CommonConstants.java | 47 --------- .../vnfmadapter/common/VnfmAdapterUrlProvider.java | 105 --------------------- .../MessageConverterConfiguration.java | 49 ---------- .../oauth/AuthorizationServerConfig.java | 55 ----------- .../oauth/OAuth2AccessTokenAdapter.java | 51 ---------- .../vnfmadapter/oauth/OAuth2ResourceServer.java | 53 ----------- 12 files changed, 360 insertions(+), 360 deletions(-) create mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/CommonConstants.java create mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/VnfmAdapterUrlProvider.java create mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/configuration/MessageConverterConfiguration.java create mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/AuthorizationServerConfig.java create mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/OAuth2AccessTokenAdapter.java create mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/OAuth2ResourceServer.java delete mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/CommonConstants.java delete mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/VnfmAdapterUrlProvider.java delete mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/configuration/MessageConverterConfiguration.java delete mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/AuthorizationServerConfig.java delete mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2AccessTokenAdapter.java delete mode 100644 adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2ResourceServer.java (limited to 'adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main') diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/CommonConstants.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/CommonConstants.java new file mode 100644 index 0000000000..dbe4dac321 --- /dev/null +++ b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/CommonConstants.java @@ -0,0 +1,47 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.so.adapters.etsi.sol003.adapter.common; + +/** + * VNFM Adapter Common constants + * + * @author Waqas Ikram (waqas.ikram@est.tech) + * @author Gareth Roper (gareth.roper@est.tech) + */ +public class CommonConstants { + + public static final String SERVICE_NAME = "vnfm-adapter"; + public static final String SERVICE_VERSION = "v1"; + public static final String BASE_URL = "/so/" + SERVICE_NAME + "/" + SERVICE_VERSION; + + public static final String PACKAGE_MANAGEMENT_BASE_URL = BASE_URL + "/vnfpkgm/v1"; + + public static final String ETSI_CATALOG_MANAGER_BASE_ENDPOINT = "/etsicatalogmanager"; + public static final String ETSI_SUBSCRIPTION_NOTIFICATION_ENDPOINT = "/notification"; + public static final String ETSI_SUBSCRIPTION_NOTIFICATION_CONTROLLER_BASE_URL = + BASE_URL + ETSI_CATALOG_MANAGER_BASE_ENDPOINT; + public static final String ETSI_SUBSCRIPTION_NOTIFICATION_BASE_URL = + ETSI_SUBSCRIPTION_NOTIFICATION_CONTROLLER_BASE_URL + ETSI_SUBSCRIPTION_NOTIFICATION_ENDPOINT; + + public static final String OPERATION_NOTIFICATION_ENDPOINT = "/lcn/VnfLcmOperationOccurrenceNotification"; + + private CommonConstants() {} +} diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/VnfmAdapterUrlProvider.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/VnfmAdapterUrlProvider.java new file mode 100644 index 0000000000..855b5a454f --- /dev/null +++ b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/VnfmAdapterUrlProvider.java @@ -0,0 +1,105 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2020 Ericsson. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ +package org.onap.so.adapters.etsi.sol003.adapter.common; + +import static org.onap.so.adapters.etsi.sol003.adapter.common.CommonConstants.BASE_URL; +import static org.onap.so.adapters.etsi.sol003.adapter.common.CommonConstants.ETSI_SUBSCRIPTION_NOTIFICATION_BASE_URL; +import static org.onap.so.adapters.etsi.sol003.adapter.common.CommonConstants.OPERATION_NOTIFICATION_ENDPOINT; +import static org.onap.so.adapters.etsi.sol003.adapter.common.CommonConstants.PACKAGE_MANAGEMENT_BASE_URL; +import static org.slf4j.LoggerFactory.getLogger; +import java.net.URI; +import java.security.GeneralSecurityException; +import org.apache.commons.lang3.tuple.ImmutablePair; +import org.onap.so.utils.CryptoUtils; +import org.slf4j.Logger; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Configuration; + + +/** + * Provides VNFM Adapter endpoint URLs + * + * @author Waqas Ikram (waqas.ikram@est.tech) + * + */ +@Configuration +public class VnfmAdapterUrlProvider { + + private static final Logger logger = getLogger(VnfmAdapterUrlProvider.class); + private static final String COLON = ":"; + private static final int LIMIT = 2; + + private final String vnfmAdapterEndpoint; + private final String msoKeyString; + private final String vnfmAdapterAuth; + + @Autowired + public VnfmAdapterUrlProvider(@Value("${vnfmadapter.endpoint}") final String vnfmAdapterEndpoint, + @Value("${mso.key}") final String msoKeyString, + @Value("${vnfmadapter.auth:BF29BA36F0CFE1C05507781F6B97EFBCA7EFAC9F595954D465FC43F646883EF585C20A58CBB02528A6FAAC}") final String vnfmAdapterAuth) { + this.vnfmAdapterEndpoint = vnfmAdapterEndpoint; + this.msoKeyString = msoKeyString; + this.vnfmAdapterAuth = vnfmAdapterAuth; + } + + public String getEtsiSubscriptionNotificationBaseUrl() { + return vnfmAdapterEndpoint + ETSI_SUBSCRIPTION_NOTIFICATION_BASE_URL; + } + + public URI getSubscriptionUri(final String subscriptionId) { + return URI.create(getSubscriptionUriString(subscriptionId)); + } + + public ImmutablePair getDecryptAuth() throws GeneralSecurityException { + final String decryptedAuth = CryptoUtils.decrypt(vnfmAdapterAuth, msoKeyString); + final String[] auth = decryptedAuth.split(COLON, LIMIT); + if (auth.length > 1) { + return ImmutablePair.of(auth[0], auth[1]); + } + logger.error("Unexpected auth value: {}", vnfmAdapterAuth); + return ImmutablePair.nullPair(); + } + + public String getSubscriptionUriString(final String subscriptionId) { + return vnfmAdapterEndpoint + PACKAGE_MANAGEMENT_BASE_URL + "/subscriptions/" + subscriptionId; + } + + public String getVnfLcmOperationOccurrenceNotificationUrl() { + return vnfmAdapterEndpoint + BASE_URL + OPERATION_NOTIFICATION_ENDPOINT; + } + + public String getVnfPackageUrl(final String vnfPkgId) { + return vnfmAdapterEndpoint + PACKAGE_MANAGEMENT_BASE_URL + "/vnf_packages/" + vnfPkgId; + } + + public String getVnfPackageVnfdUrl(final String vnfPkgId) { + return getVnfPackageUrl(vnfPkgId) + "/vnfd"; + } + + public String getVnfPackageContentUrl(final String vnfPkgId) { + return getVnfPackageUrl(vnfPkgId) + "/package_content"; + } + + public String getOauthTokenUrl() { + return vnfmAdapterEndpoint + "/oauth/token"; + } + +} diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/configuration/MessageConverterConfiguration.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/configuration/MessageConverterConfiguration.java new file mode 100644 index 0000000000..25c37b9016 --- /dev/null +++ b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/common/configuration/MessageConverterConfiguration.java @@ -0,0 +1,49 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ +package org.onap.so.adapters.etsi.sol003.adapter.common.configuration; + +import java.util.ArrayList; +import java.util.Collection; +import org.onap.so.adapters.etsi.sol003.adapter.oauth.configuration.OAuth2AccessTokenAdapter; +import org.springframework.boot.autoconfigure.http.HttpMessageConverters; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.http.converter.HttpMessageConverter; +import org.springframework.http.converter.json.GsonHttpMessageConverter; +import org.springframework.security.oauth2.common.OAuth2AccessToken; +import com.google.gson.Gson; +import com.google.gson.GsonBuilder; + +/** + * Configures message converter + */ +@Configuration +public class MessageConverterConfiguration { + + @Bean + public HttpMessageConverters customConverters() { + final Collection> messageConverters = new ArrayList<>(); + final Gson gson = new GsonBuilder() + .registerTypeHierarchyAdapter(OAuth2AccessToken.class, new OAuth2AccessTokenAdapter()).create(); + final GsonHttpMessageConverter gsonHttpMessageConverter = new GsonHttpMessageConverter(gson); + messageConverters.add(gsonHttpMessageConverter); + return new HttpMessageConverters(true, messageConverters); + } +} diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/AuthorizationServerConfig.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/AuthorizationServerConfig.java new file mode 100644 index 0000000000..3a3287535e --- /dev/null +++ b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/AuthorizationServerConfig.java @@ -0,0 +1,55 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.so.adapters.etsi.sol003.adapter.oauth.configuration; + +import org.onap.so.utils.CryptoUtils; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; +import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; + +@Configuration +@EnableAuthorizationServer +/** + * Configures the authorization server for oauth token based authentication. + */ +public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { + + private static final int ONE_DAY = 60 * 60 * 24; + + @Value("${vnfmadapter.auth:E39823AAB2739CC654C4E92B52C05BC34149342D0A46451B00CA508C8EDC62242CE4E9DA9445D3C01A3F13}") + private String vnfmAdapterAuth; + + @Value("${mso.key}") + private String msoEncryptionKey; + + @Override + public void configure(final ClientDetailsServiceConfigurer clients) throws Exception { + final String[] decrypedAuth = CryptoUtils.decrypt(vnfmAdapterAuth, msoEncryptionKey).split(":"); + final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); + clients.inMemory().withClient(decrypedAuth[0]).secret(passwordEncoder.encode(decrypedAuth[1])) + .authorizedGrantTypes("client_credentials").scopes("write").accessTokenValiditySeconds(ONE_DAY) + .refreshTokenValiditySeconds(ONE_DAY); + } + +} diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/OAuth2AccessTokenAdapter.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/OAuth2AccessTokenAdapter.java new file mode 100644 index 0000000000..4be5b8a86a --- /dev/null +++ b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/OAuth2AccessTokenAdapter.java @@ -0,0 +1,51 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.so.adapters.etsi.sol003.adapter.oauth.configuration; + +import com.google.gson.JsonArray; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonSerializationContext; +import com.google.gson.JsonSerializer; +import java.lang.reflect.Type; +import org.springframework.security.oauth2.common.OAuth2AccessToken; + +public class OAuth2AccessTokenAdapter implements JsonSerializer { + + @Override + public JsonElement serialize(final OAuth2AccessToken src, final Type typeOfSrc, + final JsonSerializationContext context) { + final JsonObject obj = new JsonObject(); + obj.addProperty(OAuth2AccessToken.ACCESS_TOKEN, src.getValue()); + obj.addProperty(OAuth2AccessToken.TOKEN_TYPE, src.getTokenType()); + if (src.getRefreshToken() != null) { + obj.addProperty(OAuth2AccessToken.REFRESH_TOKEN, src.getRefreshToken().getValue()); + } + obj.addProperty(OAuth2AccessToken.EXPIRES_IN, src.getExpiresIn()); + final JsonArray scopeObj = new JsonArray(); + for (final String scope : src.getScope()) { + scopeObj.add(scope); + } + obj.add(OAuth2AccessToken.SCOPE, scopeObj); + + return obj; + } +} diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/OAuth2ResourceServer.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/OAuth2ResourceServer.java new file mode 100644 index 0000000000..2dcfea4045 --- /dev/null +++ b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/etsi/sol003/adapter/oauth/configuration/OAuth2ResourceServer.java @@ -0,0 +1,53 @@ +/*- + * ============LICENSE_START======================================================= + * Copyright (C) 2019 Nordix Foundation. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * ============LICENSE_END========================================================= + */ + +package org.onap.so.adapters.etsi.sol003.adapter.oauth.configuration; + +import javax.servlet.http.HttpServletRequest; +import org.onap.so.adapters.etsi.sol003.adapter.common.CommonConstants; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; +import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; +import org.springframework.security.web.util.matcher.RequestMatcher; + +@Configuration +@EnableResourceServer +/** + * Enforces oauth token based authentication when a token is provided in the request. + */ +public class OAuth2ResourceServer extends ResourceServerConfigurerAdapter { + + @Override + public void configure(final HttpSecurity http) throws Exception { + http.requestMatcher(new OAuth2ResourceServerRequestMatcher()).authorizeRequests() + .antMatchers(CommonConstants.BASE_URL + "/grants/**", CommonConstants.BASE_URL + "/lcn/**") + .authenticated(); + } + + private static class OAuth2ResourceServerRequestMatcher implements RequestMatcher { + @Override + public boolean matches(HttpServletRequest request) { + String auth = request.getHeader("Authorization"); + String uri = request.getRequestURI(); + return (auth != null && auth.startsWith("Bearer") && (uri.contains("/grants") || uri.contains("/lcn/"))); + } + } +} diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/CommonConstants.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/CommonConstants.java deleted file mode 100644 index 963bd512da..0000000000 --- a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/CommonConstants.java +++ /dev/null @@ -1,47 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * Copyright (C) 2019 Nordix Foundation. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * ============LICENSE_END========================================================= - */ - -package org.onap.so.adapters.vnfmadapter.common; - -/** - * VNFM Adapter Common constants - * - * @author Waqas Ikram (waqas.ikram@est.tech) - * @author Gareth Roper (gareth.roper@est.tech) - */ -public class CommonConstants { - - public static final String SERVICE_NAME = "vnfm-adapter"; - public static final String SERVICE_VERSION = "v1"; - public static final String BASE_URL = "/so/" + SERVICE_NAME + "/" + SERVICE_VERSION; - - public static final String PACKAGE_MANAGEMENT_BASE_URL = BASE_URL + "/vnfpkgm/v1"; - - public static final String ETSI_CATALOG_MANAGER_BASE_ENDPOINT = "/etsicatalogmanager"; - public static final String ETSI_SUBSCRIPTION_NOTIFICATION_ENDPOINT = "/notification"; - public static final String ETSI_SUBSCRIPTION_NOTIFICATION_CONTROLLER_BASE_URL = - BASE_URL + ETSI_CATALOG_MANAGER_BASE_ENDPOINT; - public static final String ETSI_SUBSCRIPTION_NOTIFICATION_BASE_URL = - ETSI_SUBSCRIPTION_NOTIFICATION_CONTROLLER_BASE_URL + ETSI_SUBSCRIPTION_NOTIFICATION_ENDPOINT; - - public static final String OPERATION_NOTIFICATION_ENDPOINT = "/lcn/VnfLcmOperationOccurrenceNotification"; - - private CommonConstants() {} -} diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/VnfmAdapterUrlProvider.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/VnfmAdapterUrlProvider.java deleted file mode 100644 index 99611ad3db..0000000000 --- a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/VnfmAdapterUrlProvider.java +++ /dev/null @@ -1,105 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * Copyright (C) 2020 Ericsson. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * ============LICENSE_END========================================================= - */ -package org.onap.so.adapters.vnfmadapter.common; - -import static org.onap.so.adapters.vnfmadapter.common.CommonConstants.BASE_URL; -import static org.onap.so.adapters.vnfmadapter.common.CommonConstants.ETSI_SUBSCRIPTION_NOTIFICATION_BASE_URL; -import static org.onap.so.adapters.vnfmadapter.common.CommonConstants.OPERATION_NOTIFICATION_ENDPOINT; -import static org.onap.so.adapters.vnfmadapter.common.CommonConstants.PACKAGE_MANAGEMENT_BASE_URL; -import static org.slf4j.LoggerFactory.getLogger; -import java.net.URI; -import java.security.GeneralSecurityException; -import org.apache.commons.lang3.tuple.ImmutablePair; -import org.onap.so.utils.CryptoUtils; -import org.slf4j.Logger; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Configuration; - - -/** - * Provides VNFM Adapter endpoint URLs - * - * @author Waqas Ikram (waqas.ikram@est.tech) - * - */ -@Configuration -public class VnfmAdapterUrlProvider { - - private static final Logger logger = getLogger(VnfmAdapterUrlProvider.class); - private static final String COLON = ":"; - private static final int LIMIT = 2; - - private final String vnfmAdapterEndpoint; - private final String msoKeyString; - private final String vnfmAdapterAuth; - - @Autowired - public VnfmAdapterUrlProvider(@Value("${vnfmadapter.endpoint}") final String vnfmAdapterEndpoint, - @Value("${mso.key}") final String msoKeyString, - @Value("${vnfmadapter.auth:BF29BA36F0CFE1C05507781F6B97EFBCA7EFAC9F595954D465FC43F646883EF585C20A58CBB02528A6FAAC}") final String vnfmAdapterAuth) { - this.vnfmAdapterEndpoint = vnfmAdapterEndpoint; - this.msoKeyString = msoKeyString; - this.vnfmAdapterAuth = vnfmAdapterAuth; - } - - public String getEtsiSubscriptionNotificationBaseUrl() { - return vnfmAdapterEndpoint + ETSI_SUBSCRIPTION_NOTIFICATION_BASE_URL; - } - - public URI getSubscriptionUri(final String subscriptionId) { - return URI.create(getSubscriptionUriString(subscriptionId)); - } - - public ImmutablePair getDecryptAuth() throws GeneralSecurityException { - final String decryptedAuth = CryptoUtils.decrypt(vnfmAdapterAuth, msoKeyString); - final String[] auth = decryptedAuth.split(COLON, LIMIT); - if (auth.length > 1) { - return ImmutablePair.of(auth[0], auth[1]); - } - logger.error("Unexpected auth value: {}", vnfmAdapterAuth); - return ImmutablePair.nullPair(); - } - - public String getSubscriptionUriString(final String subscriptionId) { - return vnfmAdapterEndpoint + PACKAGE_MANAGEMENT_BASE_URL + "/subscriptions/" + subscriptionId; - } - - public String getVnfLcmOperationOccurrenceNotificationUrl() { - return vnfmAdapterEndpoint + BASE_URL + OPERATION_NOTIFICATION_ENDPOINT; - } - - public String getVnfPackageUrl(final String vnfPkgId) { - return vnfmAdapterEndpoint + PACKAGE_MANAGEMENT_BASE_URL + "/vnf_packages/" + vnfPkgId; - } - - public String getVnfPackageVnfdUrl(final String vnfPkgId) { - return getVnfPackageUrl(vnfPkgId) + "/vnfd"; - } - - public String getVnfPackageContentUrl(final String vnfPkgId) { - return getVnfPackageUrl(vnfPkgId) + "/package_content"; - } - - public String getOauthTokenUrl() { - return vnfmAdapterEndpoint + "/oauth/token"; - } - -} diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/configuration/MessageConverterConfiguration.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/configuration/MessageConverterConfiguration.java deleted file mode 100644 index 6f3e0dafd5..0000000000 --- a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/common/configuration/MessageConverterConfiguration.java +++ /dev/null @@ -1,49 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * Copyright (C) 2019 Nordix Foundation. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * ============LICENSE_END========================================================= - */ -package org.onap.so.adapters.vnfmadapter.common.configuration; - -import java.util.ArrayList; -import java.util.Collection; -import org.onap.so.adapters.vnfmadapter.oauth.OAuth2AccessTokenAdapter; -import org.springframework.boot.autoconfigure.http.HttpMessageConverters; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.http.converter.HttpMessageConverter; -import org.springframework.http.converter.json.GsonHttpMessageConverter; -import org.springframework.security.oauth2.common.OAuth2AccessToken; -import com.google.gson.Gson; -import com.google.gson.GsonBuilder; - -/** - * Configures message converter - */ -@Configuration -public class MessageConverterConfiguration { - - @Bean - public HttpMessageConverters customConverters() { - final Collection> messageConverters = new ArrayList<>(); - final Gson gson = new GsonBuilder() - .registerTypeHierarchyAdapter(OAuth2AccessToken.class, new OAuth2AccessTokenAdapter()).create(); - final GsonHttpMessageConverter gsonHttpMessageConverter = new GsonHttpMessageConverter(gson); - messageConverters.add(gsonHttpMessageConverter); - return new HttpMessageConverters(true, messageConverters); - } -} diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/AuthorizationServerConfig.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/AuthorizationServerConfig.java deleted file mode 100644 index 83534ff4bb..0000000000 --- a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/AuthorizationServerConfig.java +++ /dev/null @@ -1,55 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * Copyright (C) 2019 Nordix Foundation. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * ============LICENSE_END========================================================= - */ - -package org.onap.so.adapters.vnfmadapter.oauth; - -import org.onap.so.utils.CryptoUtils; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; -import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; -import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; - -@Configuration -@EnableAuthorizationServer -/** - * Configures the authorization server for oauth token based authentication. - */ -public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { - - private static final int ONE_DAY = 60 * 60 * 24; - - @Value("${vnfmadapter.auth:E39823AAB2739CC654C4E92B52C05BC34149342D0A46451B00CA508C8EDC62242CE4E9DA9445D3C01A3F13}") - private String vnfmAdapterAuth; - - @Value("${mso.key}") - private String msoEncryptionKey; - - @Override - public void configure(final ClientDetailsServiceConfigurer clients) throws Exception { - final String[] decrypedAuth = CryptoUtils.decrypt(vnfmAdapterAuth, msoEncryptionKey).split(":"); - final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); - clients.inMemory().withClient(decrypedAuth[0]).secret(passwordEncoder.encode(decrypedAuth[1])) - .authorizedGrantTypes("client_credentials").scopes("write").accessTokenValiditySeconds(ONE_DAY) - .refreshTokenValiditySeconds(ONE_DAY); - } - -} diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2AccessTokenAdapter.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2AccessTokenAdapter.java deleted file mode 100644 index 2f51406e23..0000000000 --- a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2AccessTokenAdapter.java +++ /dev/null @@ -1,51 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * Copyright (C) 2019 Nordix Foundation. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * ============LICENSE_END========================================================= - */ - -package org.onap.so.adapters.vnfmadapter.oauth; - -import com.google.gson.JsonArray; -import com.google.gson.JsonElement; -import com.google.gson.JsonObject; -import com.google.gson.JsonSerializationContext; -import com.google.gson.JsonSerializer; -import java.lang.reflect.Type; -import org.springframework.security.oauth2.common.OAuth2AccessToken; - -public class OAuth2AccessTokenAdapter implements JsonSerializer { - - @Override - public JsonElement serialize(final OAuth2AccessToken src, final Type typeOfSrc, - final JsonSerializationContext context) { - final JsonObject obj = new JsonObject(); - obj.addProperty(OAuth2AccessToken.ACCESS_TOKEN, src.getValue()); - obj.addProperty(OAuth2AccessToken.TOKEN_TYPE, src.getTokenType()); - if (src.getRefreshToken() != null) { - obj.addProperty(OAuth2AccessToken.REFRESH_TOKEN, src.getRefreshToken().getValue()); - } - obj.addProperty(OAuth2AccessToken.EXPIRES_IN, src.getExpiresIn()); - final JsonArray scopeObj = new JsonArray(); - for (final String scope : src.getScope()) { - scopeObj.add(scope); - } - obj.add(OAuth2AccessToken.SCOPE, scopeObj); - - return obj; - } -} diff --git a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2ResourceServer.java b/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2ResourceServer.java deleted file mode 100644 index 9c871db79c..0000000000 --- a/adapters/etsi-sol003-adapter/etsi-sol003-adapter-common/src/main/java/org/onap/so/adapters/vnfmadapter/oauth/OAuth2ResourceServer.java +++ /dev/null @@ -1,53 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * Copyright (C) 2019 Nordix Foundation. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * SPDX-License-Identifier: Apache-2.0 - * ============LICENSE_END========================================================= - */ - -package org.onap.so.adapters.vnfmadapter.oauth; - -import javax.servlet.http.HttpServletRequest; -import org.onap.so.adapters.vnfmadapter.common.CommonConstants; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; -import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; -import org.springframework.security.web.util.matcher.RequestMatcher; - -@Configuration -@EnableResourceServer -/** - * Enforces oauth token based authentication when a token is provided in the request. - */ -public class OAuth2ResourceServer extends ResourceServerConfigurerAdapter { - - @Override - public void configure(final HttpSecurity http) throws Exception { - http.requestMatcher(new OAuth2ResourceServerRequestMatcher()).authorizeRequests() - .antMatchers(CommonConstants.BASE_URL + "/grants/**", CommonConstants.BASE_URL + "/lcn/**") - .authenticated(); - } - - private static class OAuth2ResourceServerRequestMatcher implements RequestMatcher { - @Override - public boolean matches(HttpServletRequest request) { - String auth = request.getHeader("Authorization"); - String uri = request.getRequestURI(); - return (auth != null && auth.startsWith("Bearer") && (uri.contains("/grants") || uri.contains("/lcn/"))); - } - } -} -- cgit 1.2.3-korg