From cd0fa5da3dd92649adc837ca774459fea2fd08c4 Mon Sep 17 00:00:00 2001 From: "r.bogacki" Date: Wed, 10 Jul 2019 10:38:42 +0200 Subject: Vulnerability fixes in ServicePluginFactory Sonar vulnerability fixes in ServicePluginFactory. -Moved hardcoded IP addresses to the property file. -Added junit test. Issue-ID: SO-2106 Signed-off-by: Robert Bogacki Change-Id: Id33e17f7845c106212bbf4d4a8ca78641cea1396 --- .../workflow/service/ServicePluginFactory.java | 24 +++++++++++++++------- .../src/main/resources/application.properties | 3 +++ .../workflow/service/ServicePluginFactoryTest.java | 18 ++++++++++++++++ 3 files changed, 38 insertions(+), 7 deletions(-) create mode 100644 bpmn/so-bpmn-infrastructure-common/src/main/resources/application.properties (limited to 'bpmn/so-bpmn-infrastructure-common') diff --git a/bpmn/so-bpmn-infrastructure-common/src/main/java/org/onap/so/bpmn/infrastructure/workflow/service/ServicePluginFactory.java b/bpmn/so-bpmn-infrastructure-common/src/main/java/org/onap/so/bpmn/infrastructure/workflow/service/ServicePluginFactory.java index 22c4f95a6f..8fe7e4f868 100644 --- a/bpmn/so-bpmn-infrastructure-common/src/main/java/org/onap/so/bpmn/infrastructure/workflow/service/ServicePluginFactory.java +++ b/bpmn/so-bpmn-infrastructure-common/src/main/java/org/onap/so/bpmn/infrastructure/workflow/service/ServicePluginFactory.java @@ -26,6 +26,7 @@ import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.SerializationFeature; import java.io.IOException; +import java.io.InputStream; import java.net.SocketTimeoutException; import java.util.ArrayList; import java.util.Collections; @@ -34,6 +35,7 @@ import java.util.List; import java.util.Map; import java.util.Map.Entry; import java.util.Optional; +import java.util.Properties; import org.apache.commons.lang3.StringUtils; import org.apache.http.HttpResponse; import org.apache.http.ParseException; @@ -73,13 +75,9 @@ import org.springframework.web.util.UriUtils; public class ServicePluginFactory { - // SOTN calculate route - public static final String OOF_DEFAULT_ENDPOINT = "http://192.168.1.223:8443/oof/sotncalc"; - - public static final String THIRD_SP_DEFAULT_ENDPOINT = "http://192.168.1.223:8443/sp/resourcemgr/querytps"; - - public static final String INVENTORY_OSS_DEFAULT_ENDPOINT = "http://192.168.1.199:8443/oss/inventory"; - + private static String OOF_DEFAULT_ENDPOINT; + private static String THIRD_SP_DEFAULT_ENDPOINT; + private static String INVENTORY_OSS_DEFAULT_ENDPOINT; private static final int DEFAULT_TIME_OUT = 60000; static JsonUtils jsonUtil = new JsonUtils(); @@ -88,6 +86,17 @@ public class ServicePluginFactory { private static ServicePluginFactory instance; + static { + try (InputStream is = ClassLoader.class.getResourceAsStream("/application.properties")) { + Properties prop = new Properties(); + prop.load(is); + OOF_DEFAULT_ENDPOINT = prop.getProperty("oof.default.endpoint"); + THIRD_SP_DEFAULT_ENDPOINT = prop.getProperty("third.sp.default.endpoint"); + INVENTORY_OSS_DEFAULT_ENDPOINT = prop.getProperty("inventory.oss.default.endpoint"); + } catch (IOException e) { + e.printStackTrace(); + } + } public static synchronized ServicePluginFactory getInstance() { if (null == instance) { @@ -802,4 +811,5 @@ public class ServicePluginFactory { } } } + } diff --git a/bpmn/so-bpmn-infrastructure-common/src/main/resources/application.properties b/bpmn/so-bpmn-infrastructure-common/src/main/resources/application.properties new file mode 100644 index 0000000000..87af45139c --- /dev/null +++ b/bpmn/so-bpmn-infrastructure-common/src/main/resources/application.properties @@ -0,0 +1,3 @@ +oof.default.endpoint=http://192.168.1.223:8443/oof/sotncalc +third.sp.default.endpoint=http://192.168.1.223:8443/sp/resourcemgr/querytps +inventory.oss.default.endpoint=http://192.168.1.199:8443/oss/inventory diff --git a/bpmn/so-bpmn-infrastructure-common/src/test/java/org/onap/so/bpmn/infrastructure/workflow/service/ServicePluginFactoryTest.java b/bpmn/so-bpmn-infrastructure-common/src/test/java/org/onap/so/bpmn/infrastructure/workflow/service/ServicePluginFactoryTest.java index 0b4050beec..1a75f125f6 100644 --- a/bpmn/so-bpmn-infrastructure-common/src/test/java/org/onap/so/bpmn/infrastructure/workflow/service/ServicePluginFactoryTest.java +++ b/bpmn/so-bpmn-infrastructure-common/src/test/java/org/onap/so/bpmn/infrastructure/workflow/service/ServicePluginFactoryTest.java @@ -20,6 +20,7 @@ package org.onap.so.bpmn.infrastructure.workflow.service; import static org.mockito.Mockito.doReturn; +import org.apache.commons.lang.reflect.FieldUtils; import org.junit.Assert; import org.junit.Test; import org.junit.runner.RunWith; @@ -154,4 +155,21 @@ public class ServicePluginFactoryTest { String result = servicePluginFactory.doServiceHoming(null, invalidJsonWithOnlyNeededValues); Assert.assertEquals(result, invalidJsonWithOnlyNeededValues); } + + @Test + public void verifyExternalConfigurationLoading() throws IllegalAccessException { + + ServicePluginFactory servicePluginFactory = ServicePluginFactory.getInstance(); + + String oofDefaultEndpoint = (String) FieldUtils.readField(servicePluginFactory, "OOF_DEFAULT_ENDPOINT", true); + Assert.assertNotNull(oofDefaultEndpoint); + + String thirdSpDefaultEndpoint = + (String) FieldUtils.readField(servicePluginFactory, "THIRD_SP_DEFAULT_ENDPOINT", true); + Assert.assertNotNull(thirdSpDefaultEndpoint); + + String inventoryOssDefaultEndpoint = + (String) FieldUtils.readField(servicePluginFactory, "INVENTORY_OSS_DEFAULT_ENDPOINT", true); + Assert.assertNotNull(inventoryOssDefaultEndpoint); + } } -- cgit 1.2.3-korg