import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
+import java.lang.reflect.Method;
import java.util.Optional;
import java.util.Properties;
import java.util.Vector;
import org.onap.ccsdk.sli.core.utils.common.BundleContextFileResolver;
import org.onap.ccsdk.sli.core.utils.common.CoreDefaultFileResolver;
import org.onap.ccsdk.sli.core.utils.common.SdncConfigEnvVarFileResolver;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.FrameworkUtil;
+import org.osgi.framework.ServiceReference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
* <li>A directory identified by the JRE argument <code>dblib.properties</code></li>
* <li>A <code>dblib.properties</code> file located in the karaf root directory</li>
* </ol>
+ *
+ * Encryption Support
+ * <ol>
+ * <li>Uses ecryption provided by <code>AAAEncryptionService</code></li>
+ * <li>AAA Configuration file is <code>aaa-cert-config.xml</code></li>
+ * </ol>
+ *
*/
public class AAIServiceProvider implements UtilsProvider {
*/
private static final String AAISEERVICE_PROP_FILE_NAME = "aaiclient.properties";
+ /**
+ * The name of the pwd key
+ */
+ private static final String AAICLIENT_PROPERTY_NAME = "org.onap.ccsdk.sli.adaptors.aai.client.psswd";
+
/**
* A prioritized list of strategies for resolving dblib properties files.
*/
- private Vector<PropertiesFileResolver> dblibPropertiesFileResolvers = new Vector();
+ private Vector<PropertiesFileResolver> dblibPropertiesFileResolvers = new Vector<>();
/**
* The configuration properties for the db connection.
try(FileInputStream fileInputStream = new FileInputStream(propertiesFile)) {
properties = new Properties();
properties.load(fileInputStream);
+
+ if(properties.containsKey(AAICLIENT_PROPERTY_NAME)) {
+ String sensitive = properties.getProperty(AAICLIENT_PROPERTY_NAME);
+ if(sensitive != null && sensitive.startsWith("ENC:")) {
+ try {
+ sensitive = sensitive.substring(4);
+ String postsense = decrypt(sensitive);
+ properties.setProperty(AAICLIENT_PROPERTY_NAME, postsense);
+ } catch(Exception exc) {
+ LOG.error("Failed to translate property", exc);
+ }
+ }
+ }
} catch (final IOException e) {
LOG.error("Failed to load properties for file: {}", propertiesFile.toString(),
new AAIServiceException("Failed to load properties for file: "
}
}
+ /**
+ *
+ * @param value
+ * @return decrypted string if successful or the original value if unsuccessful
+ */
+ private String decrypt(String value) {
+ try {
+ BundleContext bctx = FrameworkUtil.getBundle(this.getClass()).getBundleContext();
+
+ ServiceReference sref = bctx.getServiceReference("org.opendaylight.aaa.encrypt.AAAEncryptionService");
+ if(sref == null) {
+ LOG.warn("Could not acquire service reference for 'org.opendaylight.aaa.encrypt.AAAEncryptionService'");
+ return value;
+ }
+ Object encrSvc = bctx.getService(sref);
+ if(encrSvc == null) {
+ LOG.warn("Could not access service for 'org.opendaylight.aaa.encrypt.AAAEncryptionService'");
+ return value;
+ }
+
+ Method gs2Method = encrSvc.getClass().getMethod("decrypt", new Class[] { "".getClass() });
+ Object unmasked = gs2Method.invoke(encrSvc, new Object[] { value });
+ return unmasked.toString();
+
+ } catch (Exception exc) {
+ LOG.error("Failure", exc);
+ return value;
+ }
+ }
+
/**
* Extract db config properties.
*
Code Review / ccsdk / sli / adaptors.git / blobdiff