From 39761146b77f58973612f8fdee3de9f987278edf Mon Sep 17 00:00:00 2001 From: "BOSLET, CORY" Date: Wed, 10 Mar 2021 17:22:28 -0500 Subject: add new sdnc interaction Added Cors auth support option for sdnc interaction Issue-ID: SO-3580 Signed-off-by: AT&T Open Source Change-Id: I54d17ea5e02a20114f5857940cc4dabc72854dea --- .../main/java/org/onap/so/constants/Status.java | 1 + .../security/BaseWebSecurityConfigurerAdapter.java | 44 ++++++++++++++++++++++ .../security/CorsBasicHttpSecurityConfigurer.java | 33 ++++++++++++++++ .../security/CorsWebSecurityConfigurerAdapter.java | 24 ++++++++++++ .../so/security/SoBasicHttpSecurityConfigurer.java | 2 +- .../security/SoWebSecurityConfigurerAdapter.java | 41 +++----------------- 6 files changed, 109 insertions(+), 36 deletions(-) create mode 100644 common/src/main/java/org/onap/so/security/BaseWebSecurityConfigurerAdapter.java create mode 100644 common/src/main/java/org/onap/so/security/CorsBasicHttpSecurityConfigurer.java create mode 100644 common/src/main/java/org/onap/so/security/CorsWebSecurityConfigurerAdapter.java (limited to 'common') diff --git a/common/src/main/java/org/onap/so/constants/Status.java b/common/src/main/java/org/onap/so/constants/Status.java index b460418f0f..67c5ff0d40 100644 --- a/common/src/main/java/org/onap/so/constants/Status.java +++ b/common/src/main/java/org/onap/so/constants/Status.java @@ -27,6 +27,7 @@ package org.onap.so.constants; public enum Status { PENDING, IN_PROGRESS, + WAIT_COMPLETION_NOTIF, COMPLETE, COMPLETED, FAILED, diff --git a/common/src/main/java/org/onap/so/security/BaseWebSecurityConfigurerAdapter.java b/common/src/main/java/org/onap/so/security/BaseWebSecurityConfigurerAdapter.java new file mode 100644 index 0000000000..f494a6b812 --- /dev/null +++ b/common/src/main/java/org/onap/so/security/BaseWebSecurityConfigurerAdapter.java @@ -0,0 +1,44 @@ +package org.onap.so.security; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.builders.WebSecurity; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.web.firewall.StrictHttpFirewall; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +public abstract class BaseWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { + private static final Logger LOGGER = LoggerFactory.getLogger(BaseWebSecurityConfigurerAdapter.class); + + @Autowired + protected UserDetailsService userDetailsService; + + @Autowired + protected BCryptPasswordEncoder passwordEncoder; + + abstract HttpSecurityConfigurer getHttpSecurityConfigurer(); + + @Override + protected void configure(final HttpSecurity http) throws Exception { + HttpSecurityConfigurer httpSecurityConfigurer = getHttpSecurityConfigurer(); + LOGGER.debug("Injecting {} configuration ...", httpSecurityConfigurer.getClass()); + + httpSecurityConfigurer.configure(http); + } + + @Override + public void configure(final WebSecurity web) throws Exception { + super.configure(web); + final StrictHttpFirewall firewall = new MSOSpringFirewall(); + web.httpFirewall(firewall); + } + + @Override + protected void configure(final AuthenticationManagerBuilder auth) throws Exception { + auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder); + } +} diff --git a/common/src/main/java/org/onap/so/security/CorsBasicHttpSecurityConfigurer.java b/common/src/main/java/org/onap/so/security/CorsBasicHttpSecurityConfigurer.java new file mode 100644 index 0000000000..27c998f87d --- /dev/null +++ b/common/src/main/java/org/onap/so/security/CorsBasicHttpSecurityConfigurer.java @@ -0,0 +1,33 @@ +package org.onap.so.security; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Profile; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.stereotype.Component; +import org.springframework.web.cors.CorsConfiguration; +import org.springframework.web.cors.CorsConfigurationSource; +import org.springframework.web.cors.UrlBasedCorsConfigurationSource; +import java.util.Arrays; + +@Component("cors") +@Profile({"cors"}) +public class CorsBasicHttpSecurityConfigurer implements HttpSecurityConfigurer { + + @Override + public void configure(final HttpSecurity http) throws Exception { + http.cors().and().csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll() + .antMatchers("/**").fullyAuthenticated().and().httpBasic(); + } + + @Bean + CorsConfigurationSource corsConfigurationSource() { + CorsConfiguration configuration = new CorsConfiguration(); + configuration.setAllowedOrigins(Arrays.asList("*")); + configuration.setAllowedMethods(Arrays.asList("OPTIONS", "GET", "POST", "PATCH")); + configuration.setAllowCredentials(true); + configuration.setAllowedHeaders(Arrays.asList("*")); + UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); + source.registerCorsConfiguration("/**", configuration); + return source; + } +} diff --git a/common/src/main/java/org/onap/so/security/CorsWebSecurityConfigurerAdapter.java b/common/src/main/java/org/onap/so/security/CorsWebSecurityConfigurerAdapter.java new file mode 100644 index 0000000000..08ecd0c578 --- /dev/null +++ b/common/src/main/java/org/onap/so/security/CorsWebSecurityConfigurerAdapter.java @@ -0,0 +1,24 @@ +package org.onap.so.security; + + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; +import org.springframework.core.annotation.Order; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; + +@EnableWebSecurity +@Configuration +@Order(1) +@Profile({"cors"}) +public class CorsWebSecurityConfigurerAdapter extends BaseWebSecurityConfigurerAdapter { + @Autowired + @Qualifier("cors") + protected HttpSecurityConfigurer httpSecurityConfigurer; + + @Override + HttpSecurityConfigurer getHttpSecurityConfigurer() { + return httpSecurityConfigurer; + } +} diff --git a/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java b/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java index 9aceb03519..da989ee42a 100644 --- a/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java +++ b/common/src/main/java/org/onap/so/security/SoBasicHttpSecurityConfigurer.java @@ -28,7 +28,7 @@ import org.springframework.util.StringUtils; * @author Waqas Ikram (waqas.ikram@est.tech) * */ -@Component +@Component("basic") public class SoBasicHttpSecurityConfigurer implements HttpSecurityConfigurer { @Autowired diff --git a/common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java b/common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java index 903d586ab1..c14ae47d89 100644 --- a/common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java +++ b/common/src/main/java/org/onap/so/security/SoWebSecurityConfigurerAdapter.java @@ -19,20 +19,12 @@ */ package org.onap.so.security; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Profile; import org.springframework.core.annotation.Order; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import org.springframework.security.web.firewall.StrictHttpFirewall; /** * @author Waqas Ikram (waqas.ikram@est.tech) @@ -42,34 +34,13 @@ import org.springframework.security.web.firewall.StrictHttpFirewall; @Configuration @Order(1) @Profile({"basic", "test"}) -public class SoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { - private static final Logger LOGGER = LoggerFactory.getLogger(SoWebSecurityConfigurerAdapter.class); - - @Autowired - private HttpSecurityConfigurer httpSecurityConfigurer; - +public class SoWebSecurityConfigurerAdapter extends BaseWebSecurityConfigurerAdapter { @Autowired - private UserDetailsService userDetailsService; - - @Autowired - private BCryptPasswordEncoder passwordEncoder; - - @Override - protected void configure(final HttpSecurity http) throws Exception { - LOGGER.debug("Injecting {} configuration ...", httpSecurityConfigurer.getClass()); - - httpSecurityConfigurer.configure(http); - } - - @Override - public void configure(final WebSecurity web) throws Exception { - super.configure(web); - final StrictHttpFirewall firewall = new MSOSpringFirewall(); - web.httpFirewall(firewall); - } + @Qualifier("basic") + protected HttpSecurityConfigurer httpSecurityConfigurer; @Override - protected void configure(final AuthenticationManagerBuilder auth) throws Exception { - auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder); + HttpSecurityConfigurer getHttpSecurityConfigurer() { + return httpSecurityConfigurer; } } -- cgit 1.2.3-korg