From c8b4ff6dfea3e28ec4d505022453f0730f707a66 Mon Sep 17 00:00:00 2001 From: "Benjamin, Max (mb388a)" Date: Thu, 24 Jan 2019 17:33:54 -0500 Subject: use encrypted auth for dmaap remove deobfuscate as crypto is already used. update based on the feedback to use crypto utils to decrypt Re-Factor DMAAP Credentials to use encrypted auth credential Change-Id: I2ac5be84594d84f0f24ae554d99cef274dbb6c16 Issue-ID: SO-1425 Signed-off-by: Benjamin, Max (mb388a) --- .../java/org/onap/so/client/dmaap/DmaapClient.java | 39 +++++++++++++--------- .../onap/so/client/dmaap/rest/DMaaPRestClient.java | 27 ++++++++------- .../onap/so/client/dmaap/rest/PropertiesBean.java | 32 +++++++++--------- .../onap/so/client/dmaap/rest/RestConsumer.java | 2 +- .../onap/so/client/dmaap/rest/RestPublisher.java | 2 +- .../dmaap/RubyCreateTicketRequestPublisher.java | 8 ++--- .../sdno/dmaap/SDNOHealthCheckDmaapConsumer.java | 8 ++--- .../sdno/dmaap/SDNOHealthCheckDmaapPublisher.java | 8 ++--- .../onap/so/client/dmaap/DmaapPublisherTest.java | 8 ++--- common/src/test/resources/dmaap.properties | 5 ++- 10 files changed, 77 insertions(+), 62 deletions(-) (limited to 'common') diff --git a/common/src/main/java/org/onap/so/client/dmaap/DmaapClient.java b/common/src/main/java/org/onap/so/client/dmaap/DmaapClient.java index dde0b31c90..dea00dd08f 100644 --- a/common/src/main/java/org/onap/so/client/dmaap/DmaapClient.java +++ b/common/src/main/java/org/onap/so/client/dmaap/DmaapClient.java @@ -17,10 +17,11 @@ * limitations under the License. * ============LICENSE_END========================================================= */ - + package org.onap.so.client.dmaap; import java.io.IOException; +import java.security.GeneralSecurityException; import java.util.Base64; import java.util.Map; import java.util.Optional; @@ -31,13 +32,14 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.Resource; - +import org.onap.so.utils.CryptoUtils; public abstract class DmaapClient { - + protected static Logger logger = LoggerFactory.getLogger(DmaapClient.class); protected final Map msoProperties; protected final Properties properties; + public DmaapClient(String filepath) throws IOException { Resource resource = new ClassPathResource(filepath); DmaapProperties dmaapProperties = DmaapPropertiesLoader.getInstance().getNewImpl(); @@ -48,27 +50,34 @@ public abstract class DmaapClient { this.msoProperties = dmaapProperties.getProperties(); this.properties = new Properties(); this.properties.load(resource.getInputStream()); - this.properties.put("password", this.deobfuscatePassword(this.getPassword())); - this.properties.put("username", this.getUserName()); + try { + this.properties.put("auth", CryptoUtils.decrypt(this.getAuth(), this.getKey()).getBytes()); + } catch (GeneralSecurityException e) { + logger.error(e.getMessage(), e); + } + this.properties.put("key", this.getKey()); this.properties.put("topic", this.getTopic()); Optional host = this.getHost(); if (host.isPresent()) { this.properties.put("host", host.get()); } } - protected String deobfuscatePassword(String password) { - + + protected String deobfuscatePassword(String decrypted_key) { + try { - return new String(Base64.getDecoder().decode(password.getBytes())); - } catch(IllegalArgumentException iae) { - logger.error("llegal Arguments",iae); - return password; + return new String(Base64.getDecoder().decode(decrypted_key.getBytes())); + } catch (IllegalArgumentException iae) { + logger.error("llegal Arguments", iae); + return decrypted_key; } } - - - public abstract String getUserName(); - public abstract String getPassword(); + + public abstract String getKey(); + + public abstract String getAuth(); + public abstract String getTopic(); + public abstract Optional getHost(); } diff --git a/common/src/main/java/org/onap/so/client/dmaap/rest/DMaaPRestClient.java b/common/src/main/java/org/onap/so/client/dmaap/rest/DMaaPRestClient.java index 0438ff237a..9fd8c05cb5 100644 --- a/common/src/main/java/org/onap/so/client/dmaap/rest/DMaaPRestClient.java +++ b/common/src/main/java/org/onap/so/client/dmaap/rest/DMaaPRestClient.java @@ -17,34 +17,37 @@ * limitations under the License. * ============LICENSE_END========================================================= */ - + package org.onap.so.client.dmaap.rest; import java.net.URL; -import java.util.Base64; import java.util.Map; import org.onap.so.client.RestClient; +import org.onap.so.utils.CryptoUtils; import org.onap.so.utils.TargetEntity; public class DMaaPRestClient extends RestClient { - private final String username; - private final String password; - public DMaaPRestClient(URL url, String contentType, String username, String password) { + private final String auth; + private final String key; + + public DMaaPRestClient(URL url, String contentType, String auth, String key) { super(url, contentType); - this.username = username; - this.password = password; + this.auth = auth; + this.key = key; } - @Override - public TargetEntity getTargetEntity(){ - return TargetEntity.DMAAP; - } + @Override + public TargetEntity getTargetEntity() { + return TargetEntity.DMAAP; + } @Override protected void initializeHeaderMap(Map headerMap) { - headerMap.put("Authorization", "Basic " + Base64.getEncoder().encodeToString((username + ":" + password).getBytes())); + if (auth != null && !auth.isEmpty() && key != null && !key.isEmpty()) { + addBasicAuthHeader(auth, key); + } } } diff --git a/common/src/main/java/org/onap/so/client/dmaap/rest/PropertiesBean.java b/common/src/main/java/org/onap/so/client/dmaap/rest/PropertiesBean.java index f43c65808a..18849217f8 100644 --- a/common/src/main/java/org/onap/so/client/dmaap/rest/PropertiesBean.java +++ b/common/src/main/java/org/onap/so/client/dmaap/rest/PropertiesBean.java @@ -24,8 +24,8 @@ import java.util.Properties; public class PropertiesBean { - private String username; - private String password; + private String auth; + private String key; private String environment; private String partition; private String contentType; @@ -35,8 +35,8 @@ public class PropertiesBean { public PropertiesBean(Properties properties) { - this.withUsername(properties.getProperty("username")) - .withPassword(properties.getProperty("password")) + this.withAuth(properties.getProperty("auth")) + .withKey(properties.getProperty("key")) .withTopic(properties.getProperty("topic")) .withEnvironment(properties.getProperty("environment")) .withHost(properties.getProperty("host")) @@ -44,24 +44,24 @@ public class PropertiesBean { .withPartition(properties.getProperty("partition")) .withContentType(properties.getProperty("contentType", "application/json")); } - public String getUsername() { - return username; + public String getAuth() { + return auth; } - public void setUsername(String username) { - this.username = username; + public void setAuth(String auth) { + this.auth = auth; } - public PropertiesBean withUsername(String username) { - this.username = username; + public PropertiesBean withAuth(String auth) { + this.auth = auth; return this; } - public String getPassword() { - return password; + public String getKey() { + return key; } - public void setPassword(String password) { - this.password = password; + public void setKey(String key) { + this.key = key; } - public PropertiesBean withPassword(String password) { - this.password = password; + public PropertiesBean withKey(String key) { + this.key = key; return this; } public String getEnvironment() { diff --git a/common/src/main/java/org/onap/so/client/dmaap/rest/RestConsumer.java b/common/src/main/java/org/onap/so/client/dmaap/rest/RestConsumer.java index 39af15635a..bee5a0c2ca 100644 --- a/common/src/main/java/org/onap/so/client/dmaap/rest/RestConsumer.java +++ b/common/src/main/java/org/onap/so/client/dmaap/rest/RestConsumer.java @@ -37,7 +37,7 @@ public class RestConsumer implements Consumer { private final RestClient client; public RestConsumer(Properties properties) { PropertiesBean bean = new PropertiesBean(properties); - client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getUsername(), bean.getPassword()); + client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getAuth(), bean.getKey()); } private URL createURL(PropertiesBean properties) { diff --git a/common/src/main/java/org/onap/so/client/dmaap/rest/RestPublisher.java b/common/src/main/java/org/onap/so/client/dmaap/rest/RestPublisher.java index 090e50543b..af660c2aa4 100644 --- a/common/src/main/java/org/onap/so/client/dmaap/rest/RestPublisher.java +++ b/common/src/main/java/org/onap/so/client/dmaap/rest/RestPublisher.java @@ -35,7 +35,7 @@ public class RestPublisher implements Publisher { public RestPublisher(Properties properties) { PropertiesBean bean = new PropertiesBean(properties); - client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getUsername(), bean.getPassword()); + client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getAuth(), bean.getKey()); } private URL createURL(PropertiesBean properties) { diff --git a/common/src/main/java/org/onap/so/client/ruby/dmaap/RubyCreateTicketRequestPublisher.java b/common/src/main/java/org/onap/so/client/ruby/dmaap/RubyCreateTicketRequestPublisher.java index 1d4e014300..93a2d96c5e 100644 --- a/common/src/main/java/org/onap/so/client/ruby/dmaap/RubyCreateTicketRequestPublisher.java +++ b/common/src/main/java/org/onap/so/client/ruby/dmaap/RubyCreateTicketRequestPublisher.java @@ -32,13 +32,13 @@ public class RubyCreateTicketRequestPublisher extends DmaapPublisher{ } @Override - public String getUserName() { - return msoProperties.get("ruby.create-ticket-request.dmaap.username"); + public String getAuth() { + return msoProperties.get("ruby.create-ticket-request.dmaap.auth"); } @Override - public String getPassword() { - return msoProperties.get("ruby.create-ticket-request.dmaap.password"); + public String getKey() { + return msoProperties.get("mso.msoKey"); } @Override diff --git a/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapConsumer.java b/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapConsumer.java index 8154b9137d..a76c47c805 100644 --- a/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapConsumer.java +++ b/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapConsumer.java @@ -42,13 +42,13 @@ public class SDNOHealthCheckDmaapConsumer extends DmaapConsumer { } @Override - public String getUserName() { - return msoProperties.get("sdno.health-check.dmaap.username"); + public String getAuth() { + return msoProperties.get("sdno.health-check.dmaap.auth"); } @Override - public String getPassword() { - return msoProperties.get("sdno.health-check.dmaap.password"); + public String getKey() { + return msoProperties.get("mso.msoKey"); } @Override diff --git a/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapPublisher.java b/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapPublisher.java index 2556e67e3c..f4af2052ac 100644 --- a/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapPublisher.java +++ b/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapPublisher.java @@ -33,13 +33,13 @@ public class SDNOHealthCheckDmaapPublisher extends DmaapPublisher { } @Override - public String getUserName() { - return msoProperties.get("sdno.health-check.dmaap.username"); + public String getAuth() { + return msoProperties.get("sdno.health-check.dmaap.auth"); } @Override - public String getPassword() { - return msoProperties.get("sdno.health-check.dmaap.password"); + public String getKey() { + return msoProperties.get("sdno.health-check.dmaap.msoKey"); } @Override diff --git a/common/src/test/java/org/onap/so/client/dmaap/DmaapPublisherTest.java b/common/src/test/java/org/onap/so/client/dmaap/DmaapPublisherTest.java index c0633c1cca..0836ed23eb 100644 --- a/common/src/test/java/org/onap/so/client/dmaap/DmaapPublisherTest.java +++ b/common/src/test/java/org/onap/so/client/dmaap/DmaapPublisherTest.java @@ -29,13 +29,13 @@ public class DmaapPublisherTest { DmaapPublisher dmaapPublisher = new DmaapPublisher(120) { @Override - public String getUserName() { - return "test"; + public String getAuth() { + return "8F73A1691F6271E769329C176EE3EA48F52786AF12A3E16259007EED2A0F0CC3CB965F4AB5318483015723CCE1C0B48AB6C4DED6E251869393B01E4EC532FC88D4A128B92F4CDB34719B171923"; } @Override - public String getPassword() { - return "test"; + public String getKey() { + return "07a7159d3bf51a0e53be7a8f89699be7"; } @Override diff --git a/common/src/test/resources/dmaap.properties b/common/src/test/resources/dmaap.properties index 7ce101996c..5593455da3 100644 --- a/common/src/test/resources/dmaap.properties +++ b/common/src/test/resources/dmaap.properties @@ -4,4 +4,7 @@ sdno.health-check.dmaap.subscriber.topic=com.att.sdno.test-health-diagnostic-v02 sdno.health-check.dmaap.publisher.topic=com.att.sdno.test-health-diagnostic-v02 ruby.create-ticket-request.dmaap.username=testuser ruby.create-ticket-request.dmaap.password=eHQ1cUJrOUc -ruby.create-ticket-request.publisher.topic=com.att.pdas.st1.msoCMFallout-v1 \ No newline at end of file +ruby.create-ticket-request.publisher.topic=com.att.pdas.st1.msoCMFallout-v1 +ruby.create-ticket-request.dmaap.auth=81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54 +sdno.health-check.dmaap.auth=81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54 +mso.msoKey=07a7159d3bf51a0e53be7a8f89699be7 \ No newline at end of file -- cgit 1.2.3-korg