X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Forg%2Fonap%2Faai%2Fsa%2Fsearchdbabstraction%2Felasticsearch%2Fconfig%2FElasticSearchConfig.java;h=f5cb9dafc88362404626de9a5916199eba2d65da;hb=392d41cdfc989d08cf5b79ea9a20e1f82665b447;hp=1bf1db787580a9e0f58c7fa85e8f1af9cbf15cfb;hpb=ecd35f117eb0118f9cbd96fe132a1c359214bfc7;p=aai%2Fsearch-data-service.git diff --git a/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/config/ElasticSearchConfig.java b/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/config/ElasticSearchConfig.java index 1bf1db7..f5cb9da 100644 --- a/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/config/ElasticSearchConfig.java +++ b/src/main/java/org/onap/aai/sa/searchdbabstraction/elasticsearch/config/ElasticSearchConfig.java @@ -20,9 +20,22 @@ */ package org.onap.aai.sa.searchdbabstraction.elasticsearch.config; +import java.nio.charset.StandardCharsets; +import java.util.Base64; +import java.util.Optional; import java.util.Properties; +import org.eclipse.jetty.util.security.Password; +import org.onap.aai.sa.searchdbabstraction.util.SearchDbConstants; public class ElasticSearchConfig { + + private String uriScheme; + private String trustStore; + private String trustStorePassword; + private String keyStore; + private String keyStorePassword; + private String authUser; + private String authPassword; private String ipAddress; private String httpPort; private String javaApiPort; @@ -31,15 +44,33 @@ public class ElasticSearchConfig { public static final String ES_CLUSTER_NAME = "es.cluster-name"; public static final String ES_IP_ADDRESS = "es.ip-address"; public static final String ES_HTTP_PORT = "es.http-port"; - + public static final String ES_URI_SCHEME = "es.uri-scheme"; + public static final String ES_TRUST_STORE = "es.trust-store"; + public static final String ES_TRUST_STORE_ENC = "es.trust-store-password"; + public static final String ES_KEY_STORE = "es.key-store"; + public static final String ES_KEY_STORE_ENC = "es.key-store-password"; + public static final String ES_AUTH_USER = "es.auth-user"; + public static final String ES_AUTH_ENC = "es.auth-password"; + + private static final String DEFAULT_URI_SCHEME = "http"; private static final String JAVA_API_PORT_DEFAULT = "9300"; + private String authValue; public ElasticSearchConfig(Properties props) { - + setUriScheme(props.getProperty(ES_URI_SCHEME)); + if (getUriScheme().equals("https")) { + initializeHttpsProperties(props); + } setClusterName(props.getProperty(ES_CLUSTER_NAME)); setIpAddress(props.getProperty(ES_IP_ADDRESS)); setHttpPort(props.getProperty(ES_HTTP_PORT)); setJavaApiPort(JAVA_API_PORT_DEFAULT); + initializeAuthValues(props); + } + + + public String getUriScheme() { + return this.uriScheme; } public String getIpAddress() { @@ -74,10 +105,105 @@ public class ElasticSearchConfig { this.clusterName = clusterName; } + public void setKeyStore(String keyStore) { + this.keyStore = keyStore; + } + + public void setKeyStorePassword(String keyStorePassword) { + this.keyStorePassword = keyStorePassword; + } + + public String getKeyStorePath() { + return keyStore; + } + + public String getKeyStorePassword() { + return keyStorePassword; + } + + public String getTrustStorePath() { + return trustStore; + } + + public void setTrustStore(String trustStore) { + this.trustStore = trustStore; + } + + public void setTrustStorePassword(String trustStorePassword) { + this.trustStorePassword = trustStorePassword; + } + + public String getTrustStorePassword() { + return trustStorePassword; + } + + public void setAuthUser(String authUser) { + this.authUser = authUser; + } + + public String getAuthUser() { + return authUser; + } + + public void setAuthPassword(String authPassword) { + this.authPassword = authPassword; + } + + public String getAuthPassword() { + return authPassword; + } + + public boolean useAuth() { + return getAuthUser() != null || getAuthPassword() != null; + } + + public String getAuthValue() { + return authValue; + } + @Override public String toString() { - return "ElasticSearchConfig [ipAddress=" + ipAddress + ", httpPort=" + httpPort + ", javaApiPort=" + javaApiPort - + ", clusterName=" + clusterName + "]"; + return String.format( + "%s://%s:%s (cluster=%s) (API port=%s)%nauth=%s%ntrustStore=%s (passwd %s)%nkeyStore=%s (passwd %s)", + uriScheme, ipAddress, httpPort, clusterName, javaApiPort, useAuth(), trustStore, + trustStorePassword != null, keyStore, keyStorePassword != null); } + private void initializeAuthValues(Properties props) { + setAuthUser(props.getProperty(ES_AUTH_USER)); + Optional passwordValue = Optional.ofNullable(props.getProperty(ES_AUTH_ENC)); + if (passwordValue.isPresent()) { + setAuthPassword(Password.deobfuscate(passwordValue.get())); + } + if (useAuth()) { + authValue = "Basic " + Base64.getEncoder() + .encodeToString((getAuthUser() + ":" + getAuthPassword()).getBytes(StandardCharsets.UTF_8)); + } + } + + private void initializeHttpsProperties(Properties props) { + Optional trustStoreFile = Optional.ofNullable(props.getProperty(ES_TRUST_STORE)); + if (trustStoreFile.isPresent()) { + setTrustStore(SearchDbConstants.SDB_SPECIFIC_CONFIG + trustStoreFile.get()); + } + + Optional passwordValue = Optional.ofNullable(props.getProperty(ES_TRUST_STORE_ENC)); + if (passwordValue.isPresent()) { + setTrustStorePassword(Password.deobfuscate(passwordValue.get())); + } + + Optional keyStoreFile = Optional.ofNullable(props.getProperty(ES_KEY_STORE)); + if (keyStoreFile.isPresent()) { + setKeyStore(SearchDbConstants.SDB_SPECIFIC_CONFIG + keyStoreFile.get()); + } + + passwordValue = Optional.ofNullable(props.getProperty(ES_KEY_STORE_ENC)); + if (passwordValue.isPresent()) { + setKeyStorePassword(Password.deobfuscate(passwordValue.get())); + } + } + + private void setUriScheme(String uriScheme) { + this.uriScheme = Optional.ofNullable(uriScheme).orElse(DEFAULT_URI_SCHEME); + } }