2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.onap.aai.schemaservice.config;
24 import java.io.FileInputStream;
25 import java.io.IOException;
26 import java.io.InputStream;
27 import java.util.LinkedHashMap;
29 import java.util.Properties;
30 import java.util.regex.Matcher;
31 import java.util.regex.Pattern;
32 import org.apache.commons.io.IOUtils;
33 import org.slf4j.Logger;
34 import org.slf4j.LoggerFactory;
35 import org.springframework.context.ApplicationContextInitializer;
36 import org.springframework.context.ConfigurableApplicationContext;
37 import org.springframework.core.env.ConfigurableEnvironment;
38 import org.springframework.core.env.EnumerablePropertySource;
39 import org.springframework.core.env.MapPropertySource;
40 import org.springframework.core.env.PropertySource;
42 public class PropertyPasswordConfiguration
43 implements ApplicationContextInitializer<ConfigurableApplicationContext> {
45 private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)");
46 private PasswordDecoder passwordDecoder = new JettyPasswordDecoder();
47 private static final Logger logger =
48 LoggerFactory.getLogger(PropertyPasswordConfiguration.class.getName());
51 public void initialize(ConfigurableApplicationContext applicationContext) {
53 ConfigurableEnvironment environment = applicationContext.getEnvironment();
54 String certPath = environment.getProperty("server.certs.location");
55 Map<String, Object> sslProps = new LinkedHashMap<>();
57 // Override the passwords from application.properties if we find AAF certman files
58 if (certPath != null) {
59 File passwordFile = new File(certPath + ".password");
60 try (InputStream passwordStream = new FileInputStream(passwordFile)) {
61 String keystorePassword = null;
63 keystorePassword = IOUtils.toString(passwordStream);
64 if (keystorePassword != null) {
65 keystorePassword = keystorePassword.trim();
66 sslProps.put("server.ssl.key-store-password", keystorePassword);
68 logger.warn("Keystore password is null in AAF Certman password file");
70 } catch (IOException e) {
72 "Not using AAF Certman password file " + passwordFile.getName() + " e=" +
76 File passphrasesFile = new File(certPath + ".passphrases");
77 try (InputStream passphrasesStream = new FileInputStream(passphrasesFile)) {
78 String truststorePassword = null;
79 Properties passphrasesProps = new Properties();
80 passphrasesProps.load(passphrasesStream);
81 truststorePassword = passphrasesProps.getProperty("cadi_truststore_password");
82 if (truststorePassword != null) {
83 truststorePassword = truststorePassword.trim();
84 sslProps.put("server.ssl.trust-store-password", truststorePassword);
86 logger.warn("Truststore password is null in AAF Certman passphrases file");
88 } catch (IOException e) {
90 "Not using AAF Certman passphrases file " + passphrasesFile.getName() + " e=" +
94 for (PropertySource<?> propertySource : environment.getPropertySources()) {
95 Map<String, Object> propertyOverrides = new LinkedHashMap<>();
96 decodePasswords(propertySource, propertyOverrides);
97 if (!propertyOverrides.isEmpty()) {
98 PropertySource<?> decodedProperties =
99 new MapPropertySource("decoded " + propertySource.getName(), propertyOverrides);
100 environment.getPropertySources()
101 .addBefore(propertySource.getName(), decodedProperties);
105 if (!sslProps.isEmpty()) {
106 logger.info("Using AAF Certman files");
107 PropertySource<?> additionalProperties =
108 new MapPropertySource("additionalProperties", sslProps);
109 environment.getPropertySources().addFirst(additionalProperties);
114 private void decodePasswords(PropertySource<?> source, Map<String, Object> propertyOverrides) {
115 if (source instanceof EnumerablePropertySource) {
116 EnumerablePropertySource<?> enumerablePropertySource =
117 (EnumerablePropertySource<?>) source;
118 for (String key : enumerablePropertySource.getPropertyNames()) {
119 Object rawValue = source.getProperty(key);
120 if (rawValue instanceof String) {
121 String decodedValue = decodePasswordsInString((String) rawValue);
122 propertyOverrides.put(key, decodedValue);
128 private String decodePasswordsInString(String input) {
132 StringBuffer output = new StringBuffer();
133 Matcher matcher = decodePasswordPattern.matcher(input);
134 while (matcher.find()) {
135 String replacement = passwordDecoder.decode(matcher.group(1));
136 matcher.appendReplacement(output, replacement);
138 matcher.appendTail(output);
139 return output.toString();