Fixed callback authentication

Issue-ID: SO-3747
Signed-off-by: Lukasz Rajewski <lukasz.rajewski@orange.com>
Change-Id: Ia415b500b76c5f57efb70eb522f6d58f6649e0d0

diff --git a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/BpmnInfraConfiguration.java b/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/BpmnInfraConfiguration.java
deleted file mode 100644 (file)
index a06ad92..0000000
--- a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/BpmnInfraConfiguration.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package org.onap.so.adapters.cnf;
-
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Configuration;
-
-@Configuration
-public class BpmnInfraConfiguration {
-
-    @Value("${mso.adapters.requestDb.auth}")
-    private String auth;
-
-    public String getAuth() {
-        return auth;
-    }
-}

diff --git a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/MSOCnfApplication.java b/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/MSOCnfApplication.java
index 0ba40e2..a569e9d 100644 (file)
--- a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/MSOCnfApplication.java
+++ b/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/MSOCnfApplication.java
@@ -34,7 +34,7 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.web.client.RestTemplate;
 
 @SpringBootApplication
-@ComponentScan(basePackages = {"org.onap.so.adapters.cnf"})
+@ComponentScan(basePackages = {"org.onap.so.adapters.cnf", "org.onap.so.security"})
 @EnableAutoConfiguration(exclude = {LiquibaseAutoConfiguration.class, HibernateJpaAutoConfiguration.class,
         DataSourceAutoConfiguration.class, DataSourceTransactionManagerAutoConfiguration.class,
         SecurityAutoConfiguration.class})

diff --git a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/client/SoCallbackClient.java b/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/client/SoCallbackClient.java
index 9372983..1deacad 100644 (file)
--- a/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/client/SoCallbackClient.java
+++ b/so-cnf-adapter-application/src/main/java/org/onap/so/adapters/cnf/client/SoCallbackClient.java
@@ -1,7 +1,8 @@
 package org.onap.so.adapters.cnf.client;
 
 import com.google.gson.Gson;
-import org.onap.so.adapters.cnf.BpmnInfraConfiguration;
+import org.onap.so.security.SoUserCredentialConfiguration;
+import org.onap.so.security.UserCredentials;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.HttpHeaders;
@@ -21,12 +22,18 @@ public class SoCallbackClient {
     private final static Gson gson = new Gson();
 
     private final RestTemplate restTemplate;
-    private final BpmnInfraConfiguration bpmnInfraConfiguration;
+    private final SoUserCredentialConfiguration userCredentialConfiguration;
+    private final String role = "ACTUATOR";
+    private final UserCredentials credentials;
 
     @Autowired
-    public SoCallbackClient(RestTemplate restTemplate, BpmnInfraConfiguration bpmnInfraConfiguration) {
+    public SoCallbackClient(RestTemplate restTemplate, SoUserCredentialConfiguration userCredentialConfiguration) {
         this.restTemplate = restTemplate;
-        this.bpmnInfraConfiguration = bpmnInfraConfiguration;
+        this.userCredentialConfiguration = userCredentialConfiguration;
+        if (!userCredentialConfiguration.getRoles().contains(role))
+            throw new RuntimeException("Missing authentication role: " + role);
+        credentials = userCredentialConfiguration.getUsercredentials().stream().filter(
+                creds -> role.equals(creds.getRole())).findAny().orElse(null);
     }
 
     public ResponseEntity<String> sendPostCallback(String url, Object body) {
@@ -39,7 +46,7 @@ public class SoCallbackClient {
         acceptableMediaTypes.add(MediaType.APPLICATION_JSON);
         headers.setAccept(acceptableMediaTypes);
         headers.setContentType(MediaType.APPLICATION_JSON);
-        headers.add(HttpHeaders.AUTHORIZATION, bpmnInfraConfiguration.getAuth());
+        headers.setBasicAuth(credentials.getUsername(), credentials.getPassword());
 
         return new HttpEntity<>(gson.toJson(body), headers);
     }

diff --git a/so-cnf-adapter-application/src/main/resources/application.yaml b/so-cnf-adapter-application/src/main/resources/application.yaml
index dc277e5..a0e00a7 100644 (file)
--- a/so-cnf-adapter-application/src/main/resources/application.yaml
+++ b/so-cnf-adapter-application/src/main/resources/application.yaml
@@ -23,12 +23,12 @@
 #logging:
 #  path: logs
 
-#spring:
-#  datasource:
- #   driver-class-name: org.mariadb.jdbc.Driver
-#    jdbcUrl: jdbc:mariadb://192.168.235.44:30444/requestdb
- #   username: root
- #   password: secretpassword
+spring:
+  security:
+    usercredentials:
+      - username: ${ACTUATOR_USERNAME}
+        password: ${ACTUATOR_PASSWORD}
+        role: ACTUATOR
 
  # jpa:
  #   show-sql: false
@@ -60,9 +60,4 @@ multicloud:
 #management:
 #  security:
  #   enabled: false
- #   basic:
-mso:
-  adapters:
-    requestDb:
-      auth:
-#      enabled: false
\ No newline at end of file
+ #   basic:
\ No newline at end of file