From 1cfb08779ea0e00be69e072a940b3063e049fe6b Mon Sep 17 00:00:00 2001 From: Ofir Sonsino Date: Wed, 31 Jan 2018 17:19:00 +0200 Subject: org.onap migration Change-Id: I52f0b2851f2c765752b6d21f49b32136d7d72a3d Issue-ID: VID-86 Signed-off-by: Ofir Sonsino --- .../java/org/onap/vid/client/FakeHttpSession.java | 224 +++++++++++++++++++++ .../java/org/onap/vid/client/HttpBasicClient.java | 67 ++++++ .../java/org/onap/vid/client/HttpsBasicClient.java | 143 +++++++++++++ 3 files changed, 434 insertions(+) create mode 100644 vid-app-common/src/main/java/org/onap/vid/client/FakeHttpSession.java create mode 100644 vid-app-common/src/main/java/org/onap/vid/client/HttpBasicClient.java create mode 100644 vid-app-common/src/main/java/org/onap/vid/client/HttpsBasicClient.java (limited to 'vid-app-common/src/main/java/org/onap/vid/client') diff --git a/vid-app-common/src/main/java/org/onap/vid/client/FakeHttpSession.java b/vid-app-common/src/main/java/org/onap/vid/client/FakeHttpSession.java new file mode 100644 index 000000000..69ce11f4b --- /dev/null +++ b/vid-app-common/src/main/java/org/onap/vid/client/FakeHttpSession.java @@ -0,0 +1,224 @@ +package org.onap.vid.client; + +import org.apache.commons.io.IOUtils; +import org.json.JSONArray; +import org.json.JSONObject; +import org.json.JSONTokener; + +import javax.servlet.ServletContext; +import javax.servlet.http.HttpSession; +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.util.Collections; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.Map; + +/** + * Created by pickjonathan on 03/07/2017. + */ +public class FakeHttpSession implements HttpSession { + + /** + * Setup the creation time + */ + public FakeHttpSession() { + File file = new File("resources/roles.json"); + + String rolesInputStream = null; + try { + rolesInputStream = IOUtils.toString(FakeHttpSession.class.getClassLoader().getResourceAsStream("roles.json"),"UTF8"); + } catch (IOException e) { + e.printStackTrace(); + } + JSONTokener tokener = new JSONTokener(rolesInputStream); + JSONObject roles = new JSONObject(tokener); + + JSONArray rolesArray = roles.getJSONArray("roles"); + + //set permissions to the roles from file. + this.setAttribute("role", rolesArray); + + creationTime = System.currentTimeMillis(); + } + + + /** + * Setup the creation time + * @param id The new session id + */ + public FakeHttpSession(String id) + { + this.id = id; + creationTime = System.currentTimeMillis(); + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#getCreationTime() + */ + public long getCreationTime() + { + return creationTime; + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#getId() + */ + public String getId() + { + if (id == null) + { + System.out.println("Inventing data in FakeHttpSession.getId() to remain plausible."); + id = "fake"; + } + + return id; + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#getLastAccessedTime() + */ + public long getLastAccessedTime() + { + return creationTime; + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#getServletContext() + */ + public ServletContext getServletContext() + { + return null; + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#setMaxInactiveInterval(int) + */ + public void setMaxInactiveInterval(int maxInactiveInterval) + { + this.maxInactiveInterval = maxInactiveInterval; + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#getMaxInactiveInterval() + */ + public int getMaxInactiveInterval() + { + return maxInactiveInterval; + } + + /** + * @see javax.servlet.http.HttpSession#getSessionContext() + * @deprecated + */ + @SuppressWarnings({"UnnecessaryFullyQualifiedName"}) + @Deprecated + public javax.servlet.http.HttpSessionContext getSessionContext() + { + return null; + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#getAttribute(java.lang.String) + */ + public Object getAttribute(String name) + { + return attributes.get(name); + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#getValue(java.lang.String) + */ + @Deprecated + public Object getValue(String name) + { + return attributes.get(name); + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#getAttributeNames() + */ + public Enumeration getAttributeNames() + { + return Collections.enumeration(attributes.keySet()); + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#getValueNames() + */ + @Deprecated + public String[] getValueNames() + { + return attributes.keySet().toArray(new String[attributes.keySet().size()]); + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#setAttribute(java.lang.String, java.lang.Object) + */ + public void setAttribute(String name, Object value) + { + attributes.put(name, value); + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#putValue(java.lang.String, java.lang.Object) + */ + @Deprecated + public void putValue(String name, Object value) + { + attributes.put(name, value); + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#removeAttribute(java.lang.String) + */ + public void removeAttribute(String name) + { + attributes.remove(name); + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#removeValue(java.lang.String) + */ + @Deprecated + public void removeValue(String name) + { + attributes.remove(name); + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#invalidate() + */ + public void invalidate() + { + } + + /* (non-Javadoc) + * @see javax.servlet.http.HttpSession#isNew() + */ + public boolean isNew() + { + return true; + } + + /** + * The session id + */ + private String id = null; + + /** + * The list of attributes + */ + private Map attributes = new HashMap(); + + /** + * When were we created + */ + private long creationTime; + + /** + * How long before we timeout? + */ + private int maxInactiveInterval = 30 * 60 * 1000; +} diff --git a/vid-app-common/src/main/java/org/onap/vid/client/HttpBasicClient.java b/vid-app-common/src/main/java/org/onap/vid/client/HttpBasicClient.java new file mode 100644 index 000000000..d0a34ce38 --- /dev/null +++ b/vid-app-common/src/main/java/org/onap/vid/client/HttpBasicClient.java @@ -0,0 +1,67 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.client; + + +import java.text.DateFormat; +import java.text.SimpleDateFormat; + +import javax.servlet.ServletContext; +import javax.ws.rs.client.Client; +import javax.ws.rs.client.ClientBuilder; + +import org.glassfish.jersey.client.ClientConfig; +import org.glassfish.jersey.client.ClientProperties; +import org.springframework.beans.factory.annotation.Autowired; + +import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; + +/** + * General HTTP client. + */ + +public class HttpBasicClient{ + + /** The servlet context. */ + @Autowired + private ServletContext servletContext; + + /** The logger. */ + EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpBasicClient.class); + + /** The Constant dateFormat. */ + final static DateFormat dateFormat = new SimpleDateFormat("HH:mm:ss:SSSS"); + + /** + * Obtain a basic HTTP client . + * + * @return Client client object + * @throws Exception the exception + */ + public static Client getClient() throws Exception { + + ClientConfig config = new ClientConfig(); + config.property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true); + + return ClientBuilder.newClient(config) + .register(org.onap.vid.aai.util.CustomJacksonJaxBJsonProvider.class); + } +} diff --git a/vid-app-common/src/main/java/org/onap/vid/client/HttpsBasicClient.java b/vid-app-common/src/main/java/org/onap/vid/client/HttpsBasicClient.java new file mode 100644 index 000000000..28a4d0f9f --- /dev/null +++ b/vid-app-common/src/main/java/org/onap/vid/client/HttpsBasicClient.java @@ -0,0 +1,143 @@ +/*- + * ============LICENSE_START======================================================= + * VID + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.vid.client; + +import java.io.File; +import java.text.DateFormat; +import java.text.SimpleDateFormat; +import java.util.Date; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.ws.rs.client.Client; +import javax.ws.rs.client.ClientBuilder; + +import org.eclipse.jetty.util.security.Password; +import org.glassfish.jersey.client.ClientConfig; +import org.glassfish.jersey.client.ClientProperties; +import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.openecomp.portalsdk.core.util.SystemProperties; +import org.onap.vid.properties.VidProperties; + + /** + * General SSL client using the VID tomcat keystore. It doesn't use client certificates. + */ + +public class HttpsBasicClient{ + + /** The logger. */ + static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpsBasicClient.class); + + /** The Constant dateFormat. */ + final static DateFormat dateFormat = new SimpleDateFormat("HH:mm:ss:SSSS"); + + /** + * Retrieve an SSL client. + * + * @return Client The SSL client + * @throws Exception the exception + */ + public static Client getClient() throws Exception { + String methodName = "getClient"; + ClientConfig config = new ClientConfig(); + //config.getFeatures().put(JSONConfiguration.FEATURE_POJO_MAPPING, Boolean.TRUE); + //config.getClasses().add(org.openecomp.aai.util.CustomJacksonJaxBJsonProvider.class); + + SSLContext ctx = null; + + try { + + config.property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true); + + String truststore_path = SystemProperties.getProperty(VidProperties.VID_TRUSTSTORE_FILENAME); + logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " truststore_path=" + truststore_path); + String truststore_password = SystemProperties.getProperty(VidProperties.VID_TRUSTSTORE_PASSWD_X); + + + String decrypted_truststore_password = Password.deobfuscate(truststore_password); + //logger.debug(dateFormat.format(new Date()) + " " + methodName + " decrypted_truststore_password=" + decrypted_truststore_password); + + File tr = new File (truststore_path); + logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " absolute truststore path=" + tr.getAbsolutePath()); + + //String keystore_path = certFilePath + AAIProperties.FILESEPARTOR + SystemProperties.getProperty(AAIProperties.AAI_KEYSTORE_FILENAME); + //String keystore_password = SystemProperties.getProperty(AAIProperties.AAI_KEYSTORE_PASSWD_X); + //String decrypted_keystore_password = EncryptedPropValue.decryptTriple(keystore_password); + + System.setProperty("javax.net.ssl.trustStore", truststore_path); + System.setProperty("javax.net.ssl.trustStorePassword", decrypted_truststore_password); + HttpsURLConnection.setDefaultHostnameVerifier( new HostnameVerifier(){ + public boolean verify(String string,SSLSession ssls) { + return true; + } + }); + + //May need to make the algorithm a parameter. MSO requires TLSv1.1 or TLSv1.2 + ctx = SSLContext.getInstance("TLSv1.2"); + + /* + KeyManagerFactory kmf = null; + try { + kmf = KeyManagerFactory.getInstance("SunX509"); + FileInputStream fin = new FileInputStream(keystore_path); + KeyStore ks = KeyStore.getInstance("PKCS12"); + char[] pwd = decrypted_keystore_password.toCharArray(); + ks.load(fin, pwd); + kmf.init(ks, pwd); + } catch (Exception e) { + System.out.println("Error setting up kmf: exiting"); + e.printStackTrace(); + System.exit(1); + } + + ctx.init(kmf.getKeyManagers(), null, null); + */ + ctx.init(null, null, null); + //config.getProperties().put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, + // new HTTPSProperties( , ctx)); + + return ClientBuilder.newBuilder() + .sslContext(ctx) + .hostnameVerifier(new HostnameVerifier() { + @Override + public boolean verify( String s, SSLSession sslSession ) { + return true; + } + }).withConfig(config) + .build() + .register(org.onap.vid.aai.util.CustomJacksonJaxBJsonProvider.class); + + } catch (Exception e) { + logger.debug(EELFLoggerDelegate.debugLogger, "Error setting up config: exiting"); + //System.out.println("Error setting up config: exiting"); + e.printStackTrace(); + return null; + } + + //Client client = ClientBuilder.newClient(config); + // uncomment this line to get more logging for the request/response + // client.addFilter(new LoggingFilter(System.out)); + + //return client; + } +} -- cgit 1.2.3-korg