summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDenes Nemeth <denes.nemeth@nokia.com>2018-03-20 11:19:03 +0100
committerDenes Nemeth <denes.nemeth@nokia.com>2018-03-20 16:07:45 +0100
commit16352314819e03143e91d76b3157a125d3e49f8d (patch)
tree1aa8432c06aa017304feef11bdfacd506bd097f9
parenteabd611557229b92fdf0f84da9628e5a72801dc3 (diff)
Add spring security to mitigate cve-2017-4995
Change-Id: Iad2a48353e3cd0eb79daa10b0f274c83c89f3c93 Signed-off-by: Denes Nemeth <denes.nemeth@nokia.com> Issue-ID: VFC-728
-rw-r--r--nokiav2/driver/pom.xml16
-rw-r--r--nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/onap/direct/notification/VnfcManager.java12
-rw-r--r--nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/packagetransformer/OnapVnfdBuilder.java30
-rw-r--r--nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/SecurityConfig.java48
-rw-r--r--nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/CbamSecurityProvider.java2
-rw-r--r--nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/LifecycleManager.java52
-rw-r--r--nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/ct/CTDirectReal.java3
-rw-r--r--nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/onap/vfc/TestVfcRestApiProvider.java30
-rw-r--r--nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/TestSecurityConfig.java51
-rw-r--r--nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/HttpTestServer.java2
-rw-r--r--nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/TestLifecycleManager.java3
-rw-r--r--nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/notification/TestLifecycleChangeNotificationManager.java24
-rw-r--r--nokiav2/driverwar/pom.xml11
-rw-r--r--nokiav2/generatedapis/pom.xml40
-rw-r--r--nokiav2/pom.xml4
15 files changed, 264 insertions, 64 deletions
diff --git a/nokiav2/driver/pom.xml b/nokiav2/driver/pom.xml
index 53c602a9..fd4c2da5 100644
--- a/nokiav2/driver/pom.xml
+++ b/nokiav2/driver/pom.xml
@@ -42,6 +42,22 @@
<artifactId>spring-boot-starter-web</artifactId>
<version>${spring.boot.version}</version>
<scope>provided</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-tomcat</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-jetty</artifactId>
+ <version>${spring.boot.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-security</artifactId>
+ <version>${spring.boot.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
diff --git a/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/onap/direct/notification/VnfcManager.java b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/onap/direct/notification/VnfcManager.java
index 8a4dbdd1..e1d1197b 100644
--- a/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/onap/direct/notification/VnfcManager.java
+++ b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/onap/direct/notification/VnfcManager.java
@@ -15,12 +15,10 @@
*/
package org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.onap.direct.notification;
-import com.google.common.base.Splitter;
import org.onap.aai.domain.yang.v11.RelationshipList;
import org.onap.aai.domain.yang.v11.Vnfc;
import org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.onap.direct.AAIRestApiProvider;
import org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.spring.Conditions;
-import org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.util.CbamUtils;
import org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.vnfm.CbamRestApiProvider;
import org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.vnfm.DriverProperties;
import org.slf4j.Logger;
@@ -45,15 +43,15 @@ public class VnfcManager extends AbstractManager {
super(aaiRestApiProvider, cbamRestApiProvider, driverProperties);
}
+ /**
+ * @param vnfId the identifier of the VNF
+ * @param cbamVnfcId the identifier of the VNFC in CBAM
+ * @return the URL of the VNFC
+ */
public static String buildUrl(String vnfId, String cbamVnfcId) {
return format("/vnfcs/vnfc/%s", buildId(vnfId, cbamVnfcId));
}
- public static String getCbamVnfcId(String vnfcId) {
- String vnfId = Splitter.on(CbamUtils.SEPARATOR).split(vnfcId).iterator().next();
- return vnfcId.replaceFirst(vnfId + SEPARATOR, "");
- }
-
private static String buildId(String vnfId, String cbamVnfcId) {
return vnfId + SEPARATOR + cbamVnfcId;
}
diff --git a/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/packagetransformer/OnapVnfdBuilder.java b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/packagetransformer/OnapVnfdBuilder.java
index 8d658310..701b42eb 100644
--- a/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/packagetransformer/OnapVnfdBuilder.java
+++ b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/packagetransformer/OnapVnfdBuilder.java
@@ -64,24 +64,18 @@ public class OnapVnfdBuilder {
StringBuilder body = new StringBuilder();
for (Map.Entry<String, JsonElement> node : nodeTemplates) {
String type = childElement(node.getValue().getAsJsonObject(), "type").getAsString();
- switch (type) {
- case "tosca.nodes.nfv.VDU":
- body.append(buildVdu(node.getKey(), node.getValue().getAsJsonObject(), nodeTemplates));
- break;
- case "tosca.nodes.nfv.VirtualStorage":
- body.append(buildVolume(node.getKey(), node.getValue().getAsJsonObject()));
- break;
- case "tosca.nodes.nfv.VL":
- body.append(buildVl(node.getKey()));
- break;
- case "tosca.nodes.nfv.ICP":
- body.append(buildIcp(node.getKey(), node.getValue().getAsJsonObject()));
- break;
- case "tosca.nodes.nfv.ECP":
- body.append(buildEcp(node.getKey(), node.getValue(), nodeTemplates));
- break;
- default:
- logger.warn("The {} type is not converted", type);
+ if ("tosca.nodes.nfv.VDU".equals(type)) {
+ body.append(buildVdu(node.getKey(), node.getValue().getAsJsonObject(), nodeTemplates));
+ } else if ("tosca.nodes.nfv.VirtualStorage".equals(type)) {
+ body.append(buildVolume(node.getKey(), node.getValue().getAsJsonObject()));
+ } else if ("tosca.nodes.nfv.VL".equals(type)) {
+ body.append(buildVl(node.getKey()));
+ } else if ("tosca.nodes.nfv.ICP".equals(type)) {
+ body.append(buildIcp(node.getKey(), node.getValue().getAsJsonObject()));
+ } else if ("tosca.nodes.nfv.ECP".equals(type)) {
+ body.append(buildEcp(node.getKey(), node.getValue(), nodeTemplates));
+ } else {
+ logger.warn("The {} type is not converted", type);
}
}
return buildHeader(topologyTemplate) + body.toString();
diff --git a/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/SecurityConfig.java b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/SecurityConfig.java
new file mode 100644
index 00000000..e3dd0714
--- /dev/null
+++ b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/SecurityConfig.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2016-2017, Nokia Corporation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.spring;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+/**
+ * Responsible for initializing the Spring security
+ */
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+ /**
+ * Does not configure security, but solves the https://pivotal.io/security/cve-2017-4995
+ * "The fix ensures that by default only explicitly mapped classes will be deserialized.
+ * The effect of using explicitly mapped classes is to create a whitelist which works with all
+ * supported versions of Jackson. If users explicitly opt into global default typing, the previous
+ * potentially dangerous configuration is restored."
+ *
+ * @param http the security configuration
+ */
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http
+ .authorizeRequests()
+ .anyRequest()
+ .permitAll();
+ }
+
+}
diff --git a/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/CbamSecurityProvider.java b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/CbamSecurityProvider.java
index c2358cf1..6c70c26d 100644
--- a/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/CbamSecurityProvider.java
+++ b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/CbamSecurityProvider.java
@@ -83,7 +83,7 @@ public class CbamSecurityProvider {
} catch (Exception e) {
throw buildFatalFailure(logger, "The trustedCertificates must be a base64 encoded collection of PEM certificates", e);
}
- if (trustedPems.size() == 0) {
+ if (trustedPems.isEmpty()) {
throw buildFatalFailure(logger, "No certificate can be extracted from " + content);
}
try {
diff --git a/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/LifecycleManager.java b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/LifecycleManager.java
index d543f3ce..36df12a6 100644
--- a/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/LifecycleManager.java
+++ b/nokiav2/driver/src/main/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/LifecycleManager.java
@@ -427,7 +427,6 @@ public class LifecycleManager {
logOperationInput(vnfId, "termination", request);
return scheduleExecution(vnfId, httpResponse, "terminate", jobInfo -> {
TerminateVnfRequest cbamRequest = new TerminateVnfRequest();
- //cbamRequest.setAdditionalParams(jobInfo);
if (request.getTerminationType() == null) {
cbamRequest.setTerminationType(TerminationType.FORCEFUL);
} else {
@@ -518,37 +517,28 @@ public class LifecycleManager {
*/
public JobInfo scaleVnf(String vnfmId, String vnfId, VnfScaleRequest request, HttpServletResponse httpResponse) {
logOperationInput(vnfId, SCALE_OPERATION_NAME, request);
- return scheduleExecution(vnfId, httpResponse, SCALE_OPERATION_NAME, new AsynchronousExecution() {
- @Override
- public void execute(JobInfo jobInfo) {
- ScaleVnfRequest cbamRequest = new ScaleVnfRequest();
- cbamRequest.setAspectId(request.getAspectId());
- cbamRequest.setNumberOfSteps(Integer.valueOf(request.getNumberOfSteps()));
- cbamRequest.setType(convert(request.getType()));
- com.nokia.cbam.lcm.v32.model.VnfInfo vnf = cbamRestApiProvider.getCbamLcmApi(vnfmId).vnfsVnfInstanceIdGet(vnfId, NOKIA_LCM_API_VERSION).blockingFirst();
- JsonObject root = new Gson().toJsonTree(jobInfo).getAsJsonObject();
- com.nokia.cbam.lcm.v32.model.VnfInfo cbamVnfInfo = cbamRestApiProvider.getCbamLcmApi(vnfmId).vnfsVnfInstanceIdGet(vnfId, NOKIA_LCM_API_VERSION).blockingFirst();
- String vnfdContent = catalogManager.getCbamVnfdContent(vnfmId, cbamVnfInfo.getVnfdId());
- Set<Map.Entry<String, JsonElement>> acceptableOperationParameters = getAcceptableOperationParameters(vnfdContent, "Basic", SCALE_OPERATION_NAME);
- buildAdditionalParameters(request, root, acceptableOperationParameters);
- cbamRequest.setAdditionalParams(root);
- grantManager.requestGrantForScale(vnfmId, vnfId, getVimIdFromInstantiationRequest(vnfmId, vnf), getVnfdIdFromModifyableAttributes(vnf), request, jobInfo.getJobId());
- OperationExecution operationExecution = cbamRestApiProvider.getCbamLcmApi(vnfmId).vnfsVnfInstanceIdScalePost(vnfId, cbamRequest, NOKIA_LCM_API_VERSION).blockingFirst();
- waitForOperationToFinish(vnfmId, vnfId, operationExecution.getId());
- }
+ return scheduleExecution(vnfId, httpResponse, SCALE_OPERATION_NAME, jobInfo -> {
+ ScaleVnfRequest cbamRequest = new ScaleVnfRequest();
+ cbamRequest.setAspectId(request.getAspectId());
+ cbamRequest.setNumberOfSteps(Integer.valueOf(request.getNumberOfSteps()));
+ cbamRequest.setType(convert(request.getType()));
+ com.nokia.cbam.lcm.v32.model.VnfInfo vnf = cbamRestApiProvider.getCbamLcmApi(vnfmId).vnfsVnfInstanceIdGet(vnfId, NOKIA_LCM_API_VERSION).blockingFirst();
+ JsonObject root = new Gson().toJsonTree(jobInfo).getAsJsonObject();
+ com.nokia.cbam.lcm.v32.model.VnfInfo cbamVnfInfo = cbamRestApiProvider.getCbamLcmApi(vnfmId).vnfsVnfInstanceIdGet(vnfId, NOKIA_LCM_API_VERSION).blockingFirst();
+ String vnfdContent = catalogManager.getCbamVnfdContent(vnfmId, cbamVnfInfo.getVnfdId());
+ Set<Map.Entry<String, JsonElement>> acceptableOperationParameters = getAcceptableOperationParameters(vnfdContent, "Basic", SCALE_OPERATION_NAME);
+ buildAdditionalParameters(request, root, acceptableOperationParameters);
+ cbamRequest.setAdditionalParams(root);
+ grantManager.requestGrantForScale(vnfmId, vnfId, getVimIdFromInstantiationRequest(vnfmId, vnf), getVnfdIdFromModifyableAttributes(vnf), request, jobInfo.getJobId());
+ OperationExecution operationExecution = cbamRestApiProvider.getCbamLcmApi(vnfmId).vnfsVnfInstanceIdScalePost(vnfId, cbamRequest, NOKIA_LCM_API_VERSION).blockingFirst();
+ waitForOperationToFinish(vnfmId, vnfId, operationExecution.getId());
});
}
private void buildAdditionalParameters(VnfScaleRequest request, JsonObject root, Set<Map.Entry<String, JsonElement>> acceptableOperationParameters) {
if (request.getAdditionalParam() != null) {
for (Map.Entry<String, JsonElement> item : new Gson().toJsonTree(request.getAdditionalParam()).getAsJsonObject().entrySet()) {
- boolean found = false;
- for (Map.Entry<String, JsonElement> acceptableOperationParameter : acceptableOperationParameters) {
- if (acceptableOperationParameter.getKey().equals(item.getKey())) {
- found = true;
- }
- }
- if (found) {
+ if (isParameterAccepted(acceptableOperationParameters, item)) {
root.add(item.getKey(), item.getValue());
}
}
@@ -557,6 +547,16 @@ public class LifecycleManager {
}
}
+ private boolean isParameterAccepted(Set<Map.Entry<String, JsonElement>> acceptableOperationParameters, Map.Entry<String, JsonElement> item) {
+ boolean found = false;
+ for (Map.Entry<String, JsonElement> acceptableOperationParameter : acceptableOperationParameters) {
+ if (acceptableOperationParameter.getKey().equals(item.getKey())) {
+ found = true;
+ }
+ }
+ return found;
+ }
+
/**
* Heal the VNF
*
diff --git a/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/ct/CTDirectReal.java b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/ct/CTDirectReal.java
index a428ee90..78939fdf 100644
--- a/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/ct/CTDirectReal.java
+++ b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/ct/CTDirectReal.java
@@ -23,6 +23,7 @@ import org.junit.runner.RunWith;
import org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.NokiaSvnfmApplication;
import org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.onap.direct.AAIExternalSystemInfoProvider;
import org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.onap.direct.notification.AAINotificationProcessor;
+import org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.util.SystemFunctions;
import org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.vnfm.notification.ReportedAffectedConnectionPoints;
import org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.vnfm.notification.ReportedAffectedCp;
import org.onap.vnfmdriver.model.VimInfo;
@@ -87,7 +88,7 @@ public class CTDirectReal {
addedCp.setCpdId("cpdId");
affectedConnectionPoints.getPost().add(addedCp);
notificationProcessor.processNotification(recievedNot, null, of(affectedConnectionPoints), "Nokia_RegionOne");
- Thread.sleep(10000000 * 1000L);
+ SystemFunctions.systemFunctions().sleep(10000000 * 1000L);
}
JsonObject additionalData(String key, String value) {
diff --git a/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/onap/vfc/TestVfcRestApiProvider.java b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/onap/vfc/TestVfcRestApiProvider.java
index 9881749e..45f694ea 100644
--- a/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/onap/vfc/TestVfcRestApiProvider.java
+++ b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/onap/vfc/TestVfcRestApiProvider.java
@@ -47,6 +47,18 @@ public class TestVfcRestApiProvider extends TestBase {
}
/**
+ * the / is added to the base URL
+ */
+ @Test
+ public void testNsLcmApiMissingSlash() throws Exception {
+ when(msbApiProvider.getMicroServiceUrl(VfcRestApiProvider.NSLCM_API_SERVICE_NAME, VfcRestApiProvider.NSLCM_API_VERION)).thenReturn("http://1.2.3.4:1234/nslcm/v1/lead");
+ //when
+ org.onap.vnfmdriver.ApiClient apiClient = vfcRestApiProvider.buildNslcmApiClient();
+ //verify
+ assertEquals("http://1.2.3.4:1234/lead/", apiClient.getAdapterBuilder().build().baseUrl().toString());
+ }
+
+ /**
* the base URL of the Catalog API is set
*/
@Test
@@ -58,6 +70,21 @@ public class TestVfcRestApiProvider extends TestBase {
assertEquals("http://1.2.3.4:1234/lead/", apiClient.getAdapterBuilder().build().baseUrl().toString());
}
+ /**
+ * test / is added to the end of the base URL if missing
+ */
+ @Test
+ public void testMissingSlash() throws Exception {
+ when(msbApiProvider.getMicroServiceUrl(VfcRestApiProvider.NSCATALOG_SERVICE_NAME, VfcRestApiProvider.NSCATALOG_API_VERSION)).thenReturn("http://1.2.3.4:1234/lead");
+ //when
+ ApiClient apiClient = vfcRestApiProvider.buildCatalogApiClient();
+ //verify
+ assertEquals("http://1.2.3.4:1234/lead/", apiClient.getAdapterBuilder().build().baseUrl().toString());
+ }
+
+ /**
+ * test NS LCM API is wrapped
+ */
@Test
public void testNsLcm() {
when(msbApiProvider.getMicroServiceUrl(VfcRestApiProvider.NSLCM_API_SERVICE_NAME, VfcRestApiProvider.NSLCM_API_VERION)).thenReturn("http://1.2.3.4:1234/nslcm/v1/lead/");
@@ -66,6 +93,9 @@ public class TestVfcRestApiProvider extends TestBase {
assertNotNull(vfcRestApiProvider.getNsLcmApi());
}
+ /**
+ * test NS catalog API is wrapped
+ */
@Test
public void testNsCatalog() {
when(msbApiProvider.getMicroServiceUrl(VfcRestApiProvider.NSCATALOG_SERVICE_NAME, VfcRestApiProvider.NSCATALOG_API_VERSION)).thenReturn("http://1.2.3.4:1234/lead/");
diff --git a/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/TestSecurityConfig.java b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/TestSecurityConfig.java
new file mode 100644
index 00000000..5d0d88b7
--- /dev/null
+++ b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/spring/TestSecurityConfig.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2016-2017, Nokia Corporation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.vfc.nfvo.driver.vnfm.svnfm.nokia.spring;
+
+import org.junit.Test;
+import org.mockito.Mockito;
+import org.springframework.security.config.annotation.ObjectPostProcessor;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
+import org.springframework.security.web.util.matcher.AnyRequestMatcher;
+import org.springframework.security.web.util.matcher.RequestMatcher;
+import org.springframework.test.util.ReflectionTestUtils;
+
+import java.util.HashMap;
+import java.util.List;
+
+import static junit.framework.TestCase.assertTrue;
+
+public class TestSecurityConfig {
+
+ /**
+ * verify that not authentication is performed
+ * this can only fully be tested from CT by starting the web service
+ */
+ @Test
+ public void testSpringBootApplicationInit() throws Exception {
+ HttpSecurity http = new HttpSecurity(Mockito.mock(ObjectPostProcessor.class), Mockito.mock(AuthenticationManagerBuilder.class), new HashMap<>());
+ //when
+ new SecurityConfig().configure(http);
+ //verify
+ ExpressionUrlAuthorizationConfigurer<HttpSecurity>.AuthorizedUrl authorizedUrl = http.authorizeRequests().anyRequest();
+ List<? extends RequestMatcher> requestMatchers = (List<? extends RequestMatcher>) ReflectionTestUtils.getField(authorizedUrl, "requestMatchers");
+ assertTrue(AnyRequestMatcher.class.isAssignableFrom(requestMatchers.get(0).getClass()));
+ }
+
+}
diff --git a/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/HttpTestServer.java b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/HttpTestServer.java
index 9b032824..4109b132 100644
--- a/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/HttpTestServer.java
+++ b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/HttpTestServer.java
@@ -47,6 +47,8 @@ public class HttpTestServer {
startServer();
}
+ //the server starts up asynchronously there is no other way to wait for the server to be up and running
+ @SuppressWarnings("squid:S2925")
private void startServer() throws Exception {
requests.clear();
codes.clear();
diff --git a/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/TestLifecycleManager.java b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/TestLifecycleManager.java
index 1a622151..9095eea3 100644
--- a/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/TestLifecycleManager.java
+++ b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/TestLifecycleManager.java
@@ -286,7 +286,7 @@ public class TestLifecycleManager extends TestBase {
@Test
public void testInstantiationV2WithSsl() throws Exception {
VnfInstantiateRequest instantiationRequest = prepareInstantiationRequest(VimInfo.VimInfoTypeEnum.OPENSTACK_V2_INFO);
-
+ when(logger.isInfoEnabled()).thenReturn(false);
when(vnfApi.vnfsPost(createRequest.capture(), eq(NOKIA_LCM_API_VERSION))).thenReturn(buildObservable(vnfInfo));
additionalParam.setInstantiationLevel(INSTANTIATION_LEVEL);
when(vfcGrantManager.requestGrantForInstantiate(VNFM_ID, VNF_ID, VIM_ID, ONAP_CSAR_ID, INSTANTIATION_LEVEL, cbamVnfdContent, JOB_ID)).thenReturn(grantResponse);
@@ -312,6 +312,7 @@ public class TestLifecycleManager extends TestBase {
assertTrue(!actualVim.getInterfaceInfo().isSkipCertificateVerification());
assertTrue(!actualVim.getInterfaceInfo().isSkipCertificateHostnameCheck());
verify(logger).warn("No additional parameters were specified for the operation");
+ verify(logger, never()).info(eq("Starting {} operation on VNF with {} identifier with {} parameter"), anyString(), anyString(), anyString());
}
/**
diff --git a/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/notification/TestLifecycleChangeNotificationManager.java b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/notification/TestLifecycleChangeNotificationManager.java
index bf85dedd..dc1b8ddf 100644
--- a/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/notification/TestLifecycleChangeNotificationManager.java
+++ b/nokiav2/driver/src/test/java/org/onap/vfc/nfvo/driver/vnfm/svnfm/nokia/vnfm/notification/TestLifecycleChangeNotificationManager.java
@@ -294,10 +294,10 @@ public class TestLifecycleChangeNotificationManager extends TestBase {
}
/**
- * if unable to send LCN to VF-C the error is propagated
+ * if unable to query all operation executions from CBAM the error is propagated
*/
@Test
- public void testUnableToQueryCurrentOperation() throws Exception {
+ public void testUnableToQueryCurrentOperations() throws Exception {
recievedLcn.setOperation(OperationType.TERMINATE);
recievedLcn.setStatus(OperationStatus.FINISHED);
RuntimeException expectedException = new RuntimeException();
@@ -314,6 +314,26 @@ public class TestLifecycleChangeNotificationManager extends TestBase {
}
/**
+ * if unable to query the given operation execution from CBAM the error is propagated
+ */
+ @Test
+ public void testUnableToQueryCurrentOperation() throws Exception {
+ recievedLcn.setOperation(OperationType.TERMINATE);
+ recievedLcn.setStatus(OperationStatus.FINISHED);
+ RuntimeException expectedException = new RuntimeException();
+ when(operationExecutionApi.operationExecutionsOperationExecutionIdGet(recievedLcn.getLifecycleOperationOccurrenceId(), NOKIA_LCM_API_VERSION)).thenThrow(expectedException);
+ //when
+ try {
+ lifecycleChangeNotificationManager.handleLcn(recievedLcn);
+ fail();
+ } catch (Exception e) {
+ //verify
+ assertEquals(expectedException, e.getCause());
+ verify(logger).error("Unable to retrieve the operation execution with instantiationOperationExecutionId identifier", e.getCause());
+ }
+ }
+
+ /**
* test that waitForTerminationToBeProcessed outwaits the successfull processing of the termination notification
*/
@Test
diff --git a/nokiav2/driverwar/pom.xml b/nokiav2/driverwar/pom.xml
index d9c4a686..2d078126 100644
--- a/nokiav2/driverwar/pom.xml
+++ b/nokiav2/driverwar/pom.xml
@@ -42,6 +42,17 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
<version>${spring.boot.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>org.springframework.boot</groupId>
+ <artifactId>spring-boot-starter-tomcat</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.springframework.boot</groupId>
+ <version>${spring.boot.version}</version>
+ <artifactId>spring-boot-starter-jetty</artifactId>
</dependency>
</dependencies>
<build>
diff --git a/nokiav2/generatedapis/pom.xml b/nokiav2/generatedapis/pom.xml
index 21114bc3..a62606cf 100644
--- a/nokiav2/generatedapis/pom.xml
+++ b/nokiav2/generatedapis/pom.xml
@@ -37,6 +37,34 @@
<build>
<plugins>
<plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-dependency-plugin</artifactId>
+ <executions>
+ <execution>
+ <id>unpack</id>
+ <phase>pre</phase>
+ <goals>
+ <goal>unpack</goal>
+ </goals>
+ <configuration>
+ <artifactItems>
+ <artifactItem>
+ <groupId>org.onap.aai.aai-common</groupId>
+ <artifactId>aai-schema</artifactId>
+ <version>1.2.0</version>
+ <type>jar</type>
+ <destFileName>aai.json</destFileName>
+ <includes>**/aai_swagger_v11.yaml</includes>
+ </artifactItem>
+ </artifactItems>
+ <outputDirectory>${project.basedir}/src/main/resources</outputDirectory>
+ <overWriteReleases>true</overWriteReleases>
+ <overWriteSnapshots>true</overWriteSnapshots>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
<groupId>io.swagger</groupId>
<artifactId>swagger-codegen-maven-plugin</artifactId>
<version>2.3.1</version>
@@ -135,19 +163,19 @@
</configOptions>
</configuration>
</execution>
-<!--
+ <!--
<execution>
- <id>soadapter</id>
+ <id>aai</id>
<goals>
<goal>generate</goal>
</goals>
<configuration>
- <inputSpec>${basedir}/src/main/resources/so.vnfm.json</inputSpec>
+ <inputSpec>${basedir}/src/main/resources/aai_swagger_yaml/aai_swagger_v11.yaml</inputSpec>
<language>java</language>
<library>retrofit2</library>
- <output>${project.build.directory}/generated-sources/soadapter</output>
- <apiPackage>org.onap.soadapter.api</apiPackage>
- <modelPackage>org.onap.soadapter.model</modelPackage>
+ <output>${project.build.directory}/generated-sources/aai</output>
+ <apiPackage>org.onap.aai.api</apiPackage>
+ <modelPackage>org.onap.aai.model</modelPackage>
<configOptions>
<generateSupportingFiles>false</generateSupportingFiles>
<sourceFolder>src/gen/java/main</sourceFolder>
diff --git a/nokiav2/pom.xml b/nokiav2/pom.xml
index 879ac373..49e94a9c 100644
--- a/nokiav2/pom.xml
+++ b/nokiav2/pom.xml
@@ -30,7 +30,7 @@
<jacoco.version>0.8.0</jacoco.version>
<spring.boot.version>2.0.0.RELEASE</spring.boot.version>
</properties>
- <!--
+<!-- used to test dependency convergence locally
<build>
<plugins>
<plugin>
@@ -44,7 +44,7 @@
<rules>
<DependencyConvergence/>
</rules>
- <fail>false</fail>
+ <fail>true</fail>
</configuration>
<goals>
<goal>enforce</goal>