Added code for password obfuscation

Issue-ID: SDNC-317

Change-Id: I5114f1dd7dd093e9df6ebd3d91c3cbd47ef31ef9
Signed-off-by: Mohammadreza Pasandideh <mohammadreza.pasandideh@amdocs.com>

diff --git a/pomba/network-discovery/config/application.properties b/pomba/network-discovery/config/application.properties
index 6997061..1536110 100644 (file)
--- a/pomba/network-discovery/config/application.properties
+++ b/pomba/network-discovery/config/application.properties
@@ -20,14 +20,14 @@ server.context_parameters.p-name=value #context parameter with p-name as key and
 
 # Basic Authentication
 basicAuth.username=admin
-basicAuth.password=admin
+basicAuth.password=OBF:1u2a1toa1w8v1tok1u30
 
 # A&AI Enircher REST Client Configuration
 enricher.url=https://d2enrichment:9505
 enricher.connectionTimeout=5000
 enricher.readTimeout=60000
 enricher.keyStorePath=config/auth/enricher-client-cert.p12
-enricher.keyStorePassword=aaiDomain2
+enricher.keyStorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
 
 enricher.types = vserver, l3-network
 enricher.type.vserver.url    = /enricher/v11/cloud-infrastructure/vservers/vserver/{0}?sot=!aai

diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java
index 5204a48..c767e44 100644 (file)
--- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/AuthorizationConfiguration.java
@@ -19,6 +19,7 @@
 package org.onap.sdnc.apps.pomba.networkdiscovery;
 
 import java.util.Base64;
+import org.eclipse.jetty.util.security.Password;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.stereotype.Component;
@@ -29,13 +30,12 @@ public class AuthorizationConfiguration {
     @Value("${basicAuth.username:admin}")
     private String username;
 
-    @Value("${basicAuth.password:admin}")
+    @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}")
     private String password;
 
-    @Bean(name="basicAuthHeader")
-    public String getBasicAuthHeader() {
-        return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes());
+    @Bean(name="networkDiscoveryBasicAuthHeader")
+    public String getNdBasicAuthHeader() {
+        String auth = new String(this.username + ":" + Password.deobfuscate(this.password));
+        return "Basic " + Base64.getEncoder().encodeToString(auth.getBytes());
     }
-
-
 }

diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java
index 9b2db05..0fee505 100644 (file)
--- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/EnricherConfiguration.java
@@ -38,7 +38,7 @@ public class EnricherConfiguration {
     @Value("${enricher.keyStorePath}")
     private String keyStorePath;
 
-    @Value("${enricher.keyStorePassword}")
+    @Value("${enricher.keyStorePassword:OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o}")
     private String keyStorePassword;
 
     @Value("${enricher.connectionTimeout:5000}")
@@ -55,7 +55,8 @@ public class EnricherConfiguration {
                 .connectTimeoutMs(this.connectionTimeout)
                 .readTimeoutMs(this.readTimeout)
                 .clientCertFile(this.keyStorePath)
-                .clientCertPassword(this.keyStorePassword);
+                .clientCertPassword(
+                        org.eclipse.jetty.util.security.Password.deobfuscate(this.keyStorePassword));
     }
 
     @Bean(name="enricherBaseUrl")

diff --git a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java
index 4e6fdcb..666e308 100644 (file)
--- a/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java
+++ b/pomba/network-discovery/src/main/java/org/onap/sdnc/apps/pomba/networkdiscovery/service/rs/RestServiceImpl.java
@@ -48,8 +48,8 @@ public class RestServiceImpl implements RestService {
     @Autowired
     private SpringService service;
 
-    @Resource(name="basicAuthHeader")
-    private String basicAuthHeader;
+    @Resource(name="networkDiscoveryBasicAuthHeader")
+    private String networkDiscoveryBasicAuthHeader;
 
     @Override
     public Response findbyResourceIdAndType(HttpServletRequest request,
@@ -73,7 +73,7 @@ public class RestServiceImpl implements RestService {
                 version = "v1";
             }
 
-            if (authorization == null || !this.basicAuthHeader.equals(authorization)) {
+            if (authorization == null || !this.networkDiscoveryBasicAuthHeader.equals(authorization)) {
                 throw new ApplicationException(UNAUTHORIZED, Status.UNAUTHORIZED);
             }
             if ((fromAppId == null) || fromAppId.trim().isEmpty()) {

diff --git a/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/AuthorizationConfigurationTest.java b/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/AuthorizationConfigurationTest.java
new file mode 100644 (file)
index 0000000..c34c53c
--- /dev/null
+++ b/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/AuthorizationConfigurationTest.java
@@ -0,0 +1,39 @@
+/*
+ * ============LICENSE_START===================================================
+ * Copyright (c) 2018 Amdocs
+ * ============================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=====================================================
+ */
+
+package org.onap.sdnc.apps.pomba.networkdiscovery.unittest.service;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import org.junit.Test;
+import org.onap.sdnc.apps.pomba.networkdiscovery.AuthorizationConfiguration;
+
+public class AuthorizationConfigurationTest
+{
+    AuthorizationConfiguration authorizationConfiguration =
+            mock(AuthorizationConfiguration.class);
+
+    @Test
+    public void testGetNdBasicAuthHeader() {
+        String msg = "Basic YWRtaW46YWRtaW4=";
+        when(authorizationConfiguration.getNdBasicAuthHeader()).thenReturn(msg);
+        assertEquals(msg, authorizationConfiguration.getNdBasicAuthHeader());
+    }
+}

diff --git a/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java b/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java
index f908dfd..100c671 100644 (file)
--- a/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java
+++ b/pomba/network-discovery/src/test/java/org/onap/sdnc/apps/pomba/networkdiscovery/unittest/service/NetworkDiscoveryTest.java
@@ -46,6 +46,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
+import org.eclipse.jetty.util.security.Password;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Rule;
@@ -75,7 +76,7 @@ import org.springframework.test.context.web.WebAppConfiguration;
 @TestPropertySource(properties = {
         "enricher.url=http://localhost:9505",
         "basicAuth.username=admin",
-        "basicAuth.password=admin"
+        "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30"
 })
 public class NetworkDiscoveryTest {
     private static final String V1 = "v1";
@@ -84,7 +85,8 @@ public class NetworkDiscoveryTest {
     private static final String RESOURCE_TYPE_VSERVER = "vserver";
     private static final String CALLBACK_PATH = "/callback";
 
-    private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString("admin:admin".getBytes());
+    private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString((
+            "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes());
     @Autowired
     private Environment environment;
 

diff --git a/pomba/service-decomposition/config/application.properties b/pomba/service-decomposition/config/application.properties
index fc26079..c60a369 100644 (file)
--- a/pomba/service-decomposition/config/application.properties
+++ b/pomba/service-decomposition/config/application.properties
@@ -16,7 +16,7 @@ server.tomcat.min-Spare-Threads=25
 server.tomcat.max-idle-time=60000
 
 basicAuth.username=admin
-basicAuth.password=admin
+basicAuth.password=OBF:1u2a1toa1w8v1tok1u30
 
 # AAI REST Client Configuration
 aai.host=135.63.125.59

diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java
index f54f387..7cac0cd 100644 (file)
--- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java
+++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/AuthorizationConfiguration.java
@@ -19,6 +19,7 @@
 package org.onap.sdnc.apps.pomba.servicedecomposition;
 
 import java.util.Base64;
+import org.eclipse.jetty.util.security.Password;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.stereotype.Component;
@@ -29,13 +30,12 @@ public class AuthorizationConfiguration {
     @Value("${basicAuth.username:admin}")
     private String username;
 
-    @Value("${basicAuth.password:admin}")
+    @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}")
     private String password;
 
-    @Bean(name="basicAuthHeader")
-    public String getBasicAuthHeader() {
-        return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes());
+    @Bean(name="serviceDecompositionBasicAuthHeader")
+    public String getSdBasicAuthHeader() {
+        String auth = new String(this.username + ":" + Password.deobfuscate(this.password));
+        return "Basic " + Base64.getEncoder().encodeToString(auth.getBytes());
     }
-
-
 }

diff --git a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java
index 12c3935..5ec6bca 100644 (file)
--- a/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java
+++ b/pomba/service-decomposition/src/main/java/org/onap/sdnc/apps/pomba/servicedecomposition/service/rs/RestServiceImpl.java
@@ -45,8 +45,8 @@ public class RestServiceImpl implements RestService {
     @Autowired
     private SpringService service;
 
-    @Resource(name="basicAuthHeader")
-    private String basicAuthHeader;
+    @Resource(name="serviceDecompositionBasicAuthHeader")
+    private String serviceDecompositionBasicAuthHeader;
 
     public RestServiceImpl() {}
 
@@ -61,7 +61,7 @@ public class RestServiceImpl implements RestService {
         adapter.getServiceDescriptor().setServiceName(SERVICE_NAME);
         adapter.entering(request);
         try {
-            if (authorization == null || !this.basicAuthHeader.equals(authorization)) {
+            if (authorization == null || !this.serviceDecompositionBasicAuthHeader.equals(authorization)) {
                 throw new DiscoveryException(UNAUTHORIZED, Status.UNAUTHORIZED);
             }
 

diff --git a/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/AuthorizationConfigurationTest.java b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/AuthorizationConfigurationTest.java
new file mode 100644 (file)
index 0000000..4c7830b
--- /dev/null
+++ b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/AuthorizationConfigurationTest.java
@@ -0,0 +1,39 @@
+/*
+ * ============LICENSE_START===================================================
+ * Copyright (c) 2018 Amdocs
+ * ============================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=====================================================
+ */
+
+package org.onap.sdnc.apps.pomba.servicedecomposition.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import org.junit.Test;
+import org.onap.sdnc.apps.pomba.servicedecomposition.AuthorizationConfiguration;
+
+public class AuthorizationConfigurationTest
+{
+    AuthorizationConfiguration authorizationConfiguration =
+            mock(AuthorizationConfiguration.class);
+
+    @Test
+    public void testGetSdBasicAuthHeader() {
+        String msg = "Basic YWRtaW46YWRtaW4=";
+        when(authorizationConfiguration.getSdBasicAuthHeader()).thenReturn(msg);
+        assertEquals(msg, authorizationConfiguration.getSdBasicAuthHeader());
+    }
+}

diff --git a/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java
index ba20a88..771ca99 100644 (file)
--- a/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java
+++ b/pomba/service-decomposition/src/test/java/org/onap/sdnc/apps/pomba/servicedecomposition/test/ServiceDecompositionTest.java
@@ -36,6 +36,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.Status;
+import org.eclipse.jetty.util.security.Password;
 import org.json.JSONArray;
 import org.json.JSONObject;
 import org.junit.Rule;
@@ -61,11 +62,12 @@ import org.springframework.test.context.web.WebAppConfiguration;
         "aai.host=localhost",
         "aai.port=8081",
         "basicAuth.username=admin",
-        "basicAuth.password=admin"
+        "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30"
     })
 public class ServiceDecompositionTest {
 
-    private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString("admin:admin".getBytes());
+    private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString((
+            "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes());
 
     // TODO missing code coverage for VNFC resources