Fix Fortify Scan Issue:

[policy/engine.git] / POLICY-SDK-APP / src / main / java / org / onap / policy / admin / RESTfulPAPEngine.java
diff --git a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/RESTfulPAPEngine.java b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/RESTfulPAPEngine.java

index 234d28f..a8831ea 100644 (file)
--- a/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/RESTfulPAPEngine.java
+++ b/POLICY-SDK-APP/src/main/java/org/onap/policy/admin/RESTfulPAPEngine.java
@@ -2,7 +2,7 @@
   * ============LICENSE_START=======================================================
   * ONAP Policy Engine
   * ================================================================================
- * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved.
   * ================================================================================
   * Licensed under the Apache License, Version 2.0 (the "License");
   * you may not use this file except in compliance with the License.
@@ -41,6 +41,7 @@ import java.util.Set;
  import org.apache.commons.io.IOUtils;
  import org.onap.policy.rest.XACMLRestProperties;
  import org.onap.policy.rest.adapter.PolicyRestAdapter;
+import org.onap.policy.utils.CryptoUtils;
  import org.onap.policy.xacml.api.XACMLErrorConstants;
  import org.onap.policy.xacml.api.pap.OnapPDP;
  import org.onap.policy.xacml.api.pap.OnapPDPGroup;
@@ -51,6 +52,7 @@ import org.onap.policy.xacml.std.pap.StdPDPGroup;
  import org.onap.policy.xacml.std.pap.StdPDPItemSetChangeNotifier;
  import org.onap.policy.xacml.std.pap.StdPDPPolicy;
  import org.onap.policy.xacml.std.pap.StdPDPStatus;
+
  import com.att.research.xacml.api.pap.PAPException;
  import com.att.research.xacml.api.pap.PDPPolicy;
  import com.att.research.xacml.api.pap.PDPStatus;
@@ -58,6 +60,7 @@ import com.att.research.xacml.util.XACMLProperties;
  import com.fasterxml.jackson.databind.DeserializationFeature;
  import com.fasterxml.jackson.databind.ObjectMapper;
  import com.fasterxml.jackson.databind.type.CollectionType;
+
  import org.onap.policy.common.logging.flexlogger.FlexLogger; 
  import org.onap.policy.common.logging.flexlogger.Logger;
  
@@ -81,7 +84,7 @@ public class RESTfulPAPEngine extends StdPDPItemSetChangeNotifier implements PAP
          * Set up link with PAP Servlet and get our initial set of Groups
          * @throws Exception 
          */
-       public RESTfulPAPEngine (String myURLString) throws PAPException, IOException  {
+       public RESTfulPAPEngine (String myURLString) throws PAPException  {
                 //
                 // Get our URL to the PAP servlet
                 //
@@ -139,7 +142,7 @@ public class RESTfulPAPEngine extends StdPDPItemSetChangeNotifier implements PAP
  
         @Override
         public void newGroup(String name, String description)
-                       throws PAPException, NullPointerException {
+                       throws PAPException {
                 String escapedName = null;
                 String escapedDescription = null;
                 try {
@@ -190,7 +193,7 @@ public class RESTfulPAPEngine extends StdPDPItemSetChangeNotifier implements PAP
         
         @Override
         public void removeGroup(OnapPDPGroup group, OnapPDPGroup newGroup)
-                       throws PAPException, NullPointerException {
+                       throws PAPException {
                 String moveToGroupString = null;
                 if (newGroup != null) {
                         moveToGroupString = "movePDPsToGroupId=" + newGroup.getId();
@@ -214,8 +217,7 @@ public class RESTfulPAPEngine extends StdPDPItemSetChangeNotifier implements PAP
         }
         
         @Override
-       public void newPDP(String id, OnapPDPGroup group, String name, String description, int jmxport) throws PAPException,
-                       NullPointerException {
+       public void newPDP(String id, OnapPDPGroup group, String name, String description, int jmxport) throws PAPException {
                 StdPDP newPDP = new StdPDP(id, name, description, jmxport);
                 sendToPAP("PUT", newPDP, null, null, groupID + group.getId(), "pdpId=" + id);
                 return;
@@ -351,7 +353,7 @@ public class RESTfulPAPEngine extends StdPDPItemSetChangeNotifier implements PAP
                 HttpURLConnection connection = null;
                 String papID = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_USERID);
                 LOGGER.info("User Id is " + papID);
-               String papPass = XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS);
+               String papPass = CryptoUtils.decryptTxtNoExStr(XACMLProperties.getProperty(XACMLRestProperties.PROP_PAP_PASS));
                 Base64.Encoder encoder = Base64.getEncoder();
                 String encoding = encoder.encodeToString((papID+":"+papPass).getBytes(StandardCharsets.UTF_8));
                 Object contentObj = content;
@@ -359,9 +361,9 @@ public class RESTfulPAPEngine extends StdPDPItemSetChangeNotifier implements PAP
                 try {
                         String fullURL = papServletURLString;
                         if (parameters != null && parameters.length > 0) {
-                               String queryString = "";
+                               StringBuilder queryString = new StringBuilder();
                                 for (String p : parameters) {
-                                       queryString += "&" + p;
+                                       queryString.append("&" + p);
                                 }
                                 fullURL += "?" + queryString.substring(1);
                         }
@@ -467,10 +469,10 @@ public class RESTfulPAPEngine extends StdPDPItemSetChangeNotifier implements PAP
                                 final CollectionType javaType = 
                                       mapper.getTypeFactory().constructCollectionType(collectionTypeClass, responseContentClass);
         
-                               return (Object)mapper.readValue(json, javaType);
+                               return mapper.readValue(json, javaType);
                             } else {
                                 // single value object expected
-                                   return (Object)mapper.readValue(json, responseContentClass);
+                                   return mapper.readValue(json, responseContentClass);
                             }
                 }
  
@@ -481,7 +483,7 @@ public class RESTfulPAPEngine extends StdPDPItemSetChangeNotifier implements PAP
                         LOGGER.error("No Location header to redirect to when response code="+connection.getResponseCode());
                         throw new IOException("No redirect Location header when response code="+connection.getResponseCode());
                 }
-               int qIndex = newURL.indexOf("?");
+               int qIndex = newURL.indexOf('?');
                 if (qIndex > 0) {
                         newURL = newURL.substring(0, qIndex);
                 }