<name>Blueprints Processor Application</name>
<description>Blueprints Processor Application</description>
+ <properties>
+ <assembly.id>maven</assembly.id>
+ <name.space>org.onap.ccsdk.cds</name.space>
+ <serviceArtifactName>blueprintsprocessor</serviceArtifactName>
+ <image.name>onap/ccsdk-blueprintsprocessor</image.name>
+ <docker.buildArg.https_proxy>${https_proxy}</docker.buildArg.https_proxy>
+ <docker.push.phase>deploy</docker.push.phase>
+ <docker.verbose>true</docker.verbose>
+ <ccsdk.project.version>${project.version}</ccsdk.project.version>
+ <ccsdk.build.timestamp>${maven.build.timestamp}</ccsdk.build.timestamp>
+ </properties>
+
<dependencies>
<dependency>
</execution>
</executions>
</plugin>
+ <plugin><!--build the final artifact for docker deployment -->
+ <artifactId>maven-assembly-plugin</artifactId>
+ <version>3.1.0</version>
+ <configuration>
+ <!-- <skipAssembly>${skip.assembly}</skipAssembly> -->
+ <outputDirectory>${basedir}/target/docker-stage</outputDirectory>
+ <descriptors>
+ <descriptor>src/main/docker/distribution.xml</descriptor>
+ </descriptors>
+ <tarLongFileMode>posix</tarLongFileMode>
+ </configuration>
+ <executions>
+ <execution>
+ <id>${assembly.id}</id>
+ <phase>package</phase>
+ <goals>
+ <goal>single</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.codehaus.groovy.maven</groupId>
+ <artifactId>gmaven-plugin</artifactId>
+ <version>1.0</version>
+ <executions>
+ <execution>
+ <phase>validate</phase>
+ <goals>
+ <goal>execute</goal>
+ </goals>
+ <configuration>
+ <source>${basedir}/../../../TagVersion.groovy</source>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
<plugin>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.1</version>
</plugin>
</plugins>
</build>
+
+ <profiles>
+ <profile>
+ <id>docker</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>io.fabric8</groupId>
+ <artifactId>docker-maven-plugin</artifactId>
+ <version>0.26.1</version>
+ <inherited>false</inherited>
+ <configuration>
+ <images>
+ <image>
+ <name>${image.name}</name>
+ <build>
+ <cleanup>try</cleanup>
+ <dockerFileDir>${basedir}/target/docker-stage</dockerFileDir>
+ <tags>
+ <tag>${project.docker.latestminortag.version}</tag>
+ <tag>${project.docker.latestfulltag.version}</tag>
+ <tag>${project.docker.latesttagtimestamp.version}</tag>
+ </tags>
+ </build>
+ </image>
+ </images>
+ <verbose>true</verbose>
+ </configuration>
+ <executions>
+ <execution>
+ <id>generate-images</id>
+ <phase>package</phase>
+ <goals>
+ <goal>build</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>push-images</id>
+ <phase>${docker.push.phase}</phase>
+ <goals>
+ <goal>build</goal>
+ <goal>push</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
</project>
--- /dev/null
+version: '3.3'
+
+services:
+ db:
+ image: mariadb:latest
+ container_name: ccsdk-mariadb
+ ports:
+ - "3306:3306"
+ volumes:
+ - ~/vm_mysql:/var/lib/mysql
+ restart: always
+ environment:
+ MYSQL_ROOT_PASSWORD: sdnctl
+ MYSQL_DATABASE: sdnctl
+ MYSQL_USER: sdnctl
+ MYSQL_PASSWORD: sdnctl
+ blueprints-processor:
+ depends_on:
+ - db
+ image: onap/ccsdk-blueprintsprocessor:latest
+ container_name: bp-processor
+ ports:
+ - "8000:8080"
+ - "9111:9111"
+ restart: always
+ volumes:
+ - blueprints-deploy:/opt/app/onap/blueprints/deploy
+ environment:
+ APPLICATIONNAME: BlueprintsProcessor
+ BUNDLEVERSION: 1.0.0
+ APP_CONFIG_HOME: /opt/app/onap/config
+ STICKYSELECTORKEY:
+ ENVCONTEXT: dev
+ command-executor:
+ depends_on:
+ - db
+ image: onap/ccsdk-commandexecutor:latest
+ container_name: bp-command-executor
+ ports:
+ - "50051:50051"
+ restart: always
+ volumes:
+ - blueprints-deploy:/opt/app/onap/blueprints/deploy
+
+volumes:
+ blueprints-deploy:
</dependencySets>
<fileSets>
<fileSet>
- <directory>${project.basedir}/../application/src/main/resources</directory>
+ <directory>${project.basedir}/src/main/resources</directory>
<includes>
<include>application.properties</include>
<include>logback.xml</include>
-Djava.security.egd=file:/dev/./urandom \
-DAPPNAME=${APP_NAME} -DAPPENV=${APP_ENV} -DAPPVERSION=${APP_VERSION} -DNAMESPACE=${NAMESPACE} \
-Dspring.config.location=${APP_CONFIG_HOME}/ \
-org.onap.ccsdk.cds.blueprintsprocessor.BlueprintProcessorApplication
+org.onap.ccsdk.cds.blueprintsprocessor.BlueprintProcessorApplicationKt
+++ /dev/null
-/*
- * Copyright © 2017-2018 AT&T Intellectual Property.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.onap.ccsdk.cds.blueprintsprocessor;
-
-import io.grpc.Server;
-import io.grpc.ServerBuilder;
-import org.onap.ccsdk.cds.blueprintsprocessor.designer.api.BluePrintManagementGRPCHandler;
-import org.onap.ccsdk.cds.blueprintsprocessor.security.BasicAuthServerInterceptor;
-import org.onap.ccsdk.cds.blueprintsprocessor.selfservice.api.BluePrintProcessingGRPCHandler;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
-import org.springframework.context.ApplicationListener;
-import org.springframework.context.event.ContextRefreshedEvent;
-import org.springframework.stereotype.Component;
-
-@ConditionalOnProperty(name = "blueprintsprocessor.grpcEnable", havingValue = "true")
-@Component
-public class BlueprintGRPCServer implements ApplicationListener<ContextRefreshedEvent> {
-
- private static Logger log = LoggerFactory.getLogger(BlueprintGRPCServer.class);
-
- @Autowired
- private BluePrintProcessingGRPCHandler bluePrintProcessingGRPCHandler;
- @Autowired
- private BluePrintManagementGRPCHandler bluePrintManagementGRPCHandler;
- @Autowired
- private BasicAuthServerInterceptor authInterceptor;
-
- @Value("${blueprintsprocessor.grpcPort}")
- private Integer grpcPort;
-
- @Override
- public void onApplicationEvent(ContextRefreshedEvent event) {
- try {
- log.info("Starting Blueprint Processor GRPC Starting..");
- Server server = ServerBuilder
- .forPort(grpcPort)
- .intercept(authInterceptor)
- .addService(bluePrintProcessingGRPCHandler)
- .addService(bluePrintManagementGRPCHandler)
- .build();
-
- server.start();
- log.info("Blueprint Processor GRPC server started and ready to serve on port({})...", server.getPort());
- } catch (Exception e) {
- log.error("*** Error ***", e);
- }
- }
-}
+++ /dev/null
-/*
- * Copyright © 2017-2018 AT&T Intellectual Property.
- * Modifications Copyright © 2018 IBM.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.onap.ccsdk.cds.blueprintsprocessor;
-
-import io.swagger.annotations.Api;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import springfox.documentation.builders.PathSelectors;
-import springfox.documentation.builders.RequestHandlerSelectors;
-import springfox.documentation.service.ApiInfo;
-import springfox.documentation.service.Contact;
-import springfox.documentation.spi.DocumentationType;
-import springfox.documentation.spring.web.plugins.Docket;
-
-import java.util.Collections;
-
-/**
- * SwaggerConfig
- *
- * @author Brinda Santh 8/13/2018
- */
-@Configuration
-//@EnableSwagger2WebFlux
-public class SwaggerConfig {
-
- @Bean
- public Docket api() {
- return new Docket(DocumentationType.SWAGGER_2)
- .select()
- .apis(RequestHandlerSelectors.withClassAnnotation(Api.class))
- .paths(PathSelectors.any())
- .build()
- .apiInfo(apiInfo());
- }
-
- private ApiInfo apiInfo() {
- return new ApiInfo(
- "CDS Blueprints Processor APIs",
- "Provide APIs to interact with CBA, their resolved resources and templates, and stored resource configurations.",
- "0.5.1",
- null,
- new Contact("CCSDK Team", "www.onap.org", "onap-discuss@lists.onap.org"),
- "Apache 2.0",
- "http://www.apache.org/licenses/LICENSE-2.0",
- Collections.emptyList());
- }
-}
\ No newline at end of file
+++ /dev/null
-/*
- * Copyright © 2017-2018 AT&T Intellectual Property.
- * Modifications Copyright © 2018 IBM.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.onap.ccsdk.cds.blueprintsprocessor;
-
-import org.onap.ccsdk.cds.blueprintsprocessor.security.AuthenticationManager;
-import org.onap.ccsdk.cds.blueprintsprocessor.security.SecurityContextRepository;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.http.HttpMethod;
-import org.springframework.security.config.web.server.ServerHttpSecurity;
-import org.springframework.security.web.server.SecurityWebFilterChain;
-import org.springframework.web.reactive.config.CorsRegistry;
-import org.springframework.web.reactive.config.ResourceHandlerRegistry;
-import org.springframework.web.reactive.config.WebFluxConfigurer;
-
-/**
- * WebConfig
- *
- * @author Brinda Santh 8/13/2018
- */
-@Configuration
-public class WebConfig implements WebFluxConfigurer {
-
- @Autowired
- private AuthenticationManager authenticationManager;
-
- @Autowired
- private SecurityContextRepository securityContextRepository;
-
- @Override
- public void addResourceHandlers(ResourceHandlerRegistry registry) {
-
- registry.addResourceHandler("/swagger-ui.html**")
- .addResourceLocations("classpath:/META-INF/resources/");
-
- registry.addResourceHandler("/webjars/**")
- .addResourceLocations("classpath:/META-INF/resources/webjars/");
- }
-
- @Override
- public void addCorsMappings(CorsRegistry corsRegistry) {
- corsRegistry.addMapping("/**")
- .allowedOrigins("*")
- .allowedMethods("*")
- .allowedHeaders("*")
- .maxAge(3600);
- }
-
-
- @Bean
- public SecurityWebFilterChain securitygWebFilterChain(ServerHttpSecurity http) {
- return http.csrf().disable()
- .formLogin().disable()
- .httpBasic().disable()
- .authenticationManager(authenticationManager)
- .securityContextRepository(securityContextRepository)
- .authorizeExchange()
- .pathMatchers(HttpMethod.OPTIONS).permitAll()
- .anyExchange().authenticated()
- .and().build();
-
- }
-}
+++ /dev/null
-/*
- * Copyright (C) 2019 Bell Canada.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.onap.ccsdk.cds.blueprintsprocessor.security;
-
-import com.google.common.base.Strings;
-import io.grpc.*;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.stereotype.Component;
-
-import java.nio.charset.StandardCharsets;
-import java.util.Base64;
-
-@Component
-public class BasicAuthServerInterceptor implements ServerInterceptor {
-
- private static Logger log = LoggerFactory.getLogger(BasicAuthServerInterceptor.class);
-
- @Autowired
- private AuthenticationManager authenticationManager;
-
-
- @Override
- public <ReqT, RespT> ServerCall.Listener<ReqT> interceptCall(
- ServerCall<ReqT, RespT> call,
- Metadata headers,
- ServerCallHandler<ReqT, RespT> next) {
- String authHeader = headers.get(Metadata.Key.of("Authorization", Metadata.ASCII_STRING_MARSHALLER));
-
- if (Strings.isNullOrEmpty(authHeader)) {
- throw Status.UNAUTHENTICATED.withDescription("Missing required authentication").asRuntimeException();
-
- }
-
- try {
- String[] tokens = decodeBasicAuth(authHeader);
- String username = tokens[0];
-
- log.info("Basic Authentication Authorization header found for user: {}", username);
-
- Authentication authRequest = new UsernamePasswordAuthenticationToken(username, tokens[1]);
- Authentication authResult = authenticationManager.authenticate(authRequest).block();
-
- log.info("Authentication success: {}", authResult);
-
- SecurityContextHolder.getContext().setAuthentication(authResult);
-
- } catch (AuthenticationException e) {
- SecurityContextHolder.clearContext();
-
- log.info("Authentication request failed: {}", e.getMessage());
-
- throw Status.UNAUTHENTICATED.withDescription(e.getMessage()).withCause(e).asRuntimeException();
- }
-
- return next.startCall(call, headers);
- }
-
- private String[] decodeBasicAuth(String authHeader) {
- String basicAuth;
- try {
- basicAuth = new String(Base64.getDecoder().decode(authHeader.substring(6).getBytes(StandardCharsets.UTF_8)),
- StandardCharsets.UTF_8);
- } catch (IllegalArgumentException | IndexOutOfBoundsException e) {
- throw new BadCredentialsException("Failed to decode basic authentication token");
- }
-
- int delim = basicAuth.indexOf(':');
- if (delim == -1) {
- throw new BadCredentialsException("Failed to decode basic authentication token");
- }
-
- return new String[]{basicAuth.substring(0, delim), basicAuth.substring(delim + 1)};
- }
-}
\ No newline at end of file
+++ /dev/null
-/*
- * Copyright (C) 2019 Bell Canada.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.onap.ccsdk.cds.blueprintsprocessor.security;
-
-import java.util.Collections;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;
-
-@Configuration
-public class SecurityConfiguration {
-
- @Value("${security.user.name}")
- private String username;
-
- @Value("${security.user.password}")
- private String password;
-
- @Bean
- public UserDetailsService inMemoryUserService() {
- UserDetails user = new User(username, password,
- Collections.singletonList(new SimpleGrantedAuthority("USER")));
- return new InMemoryUserDetailsManager(user);
- }
-
- @Bean
- public PasswordEncoder passwordEncoder() {
- return new BCryptPasswordEncoder();
- }
-
- @Bean
- public AuthenticationProvider inMemoryAuthenticationProvider() {
- DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
- provider.setUserDetailsService(inMemoryUserService());
- return provider;
- }
-}
\ No newline at end of file
+++ /dev/null
-/*
- * Copyright (C) 2019 Bell Canada.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.onap.ccsdk.cds.blueprintsprocessor.security;
-
-import java.nio.charset.StandardCharsets;
-import java.util.Base64;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.server.reactive.ServerHttpRequest;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContext;
-import org.springframework.security.core.context.SecurityContextImpl;
-import org.springframework.security.web.server.context.ServerSecurityContextRepository;
-import org.springframework.stereotype.Component;
-import org.springframework.web.server.ServerWebExchange;
-import reactor.core.publisher.Mono;
-
-@Component
-public class SecurityContextRepository implements ServerSecurityContextRepository {
-
- @Autowired
- private AuthenticationManager authenticationManager;
-
- @Override
- public Mono<Void> save(ServerWebExchange swe, SecurityContext sc) {
- throw new UnsupportedOperationException("Not supported.");
- }
-
- @Override
- public Mono<SecurityContext> load(ServerWebExchange swe) {
- ServerHttpRequest request = swe.getRequest();
- String authHeader = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION);
- if (authHeader != null && authHeader.startsWith("Basic")) {
- String[] tokens = decodeBasicAuth(authHeader);
- String username = tokens[0];
- String password = tokens[1];
- Authentication auth = new UsernamePasswordAuthenticationToken(username, password);
- return this.authenticationManager.authenticate(auth).map(SecurityContextImpl::new);
- } else {
- return Mono.empty();
- }
- }
-
- private String[] decodeBasicAuth(String authHeader) {
- String basicAuth;
- try {
- basicAuth = new String(Base64.getDecoder().decode(authHeader.substring(6).getBytes(StandardCharsets.UTF_8)),
- StandardCharsets.UTF_8);
- } catch (IllegalArgumentException | IndexOutOfBoundsException e) {
- throw new BadCredentialsException("Failed to decode basic authentication token");
- }
-
- int delim = basicAuth.indexOf(':');
- if (delim == -1) {
- throw new BadCredentialsException("Failed to decode basic authentication token");
- }
-
- return new String[]{basicAuth.substring(0, delim), basicAuth.substring(delim + 1)};
- }
-}
\ No newline at end of file
--- /dev/null
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.ccsdk.cds.blueprintsprocessor
+
+import io.grpc.ServerBuilder
+import org.onap.ccsdk.cds.blueprintsprocessor.designer.api.BluePrintManagementGRPCHandler
+import org.onap.ccsdk.cds.blueprintsprocessor.security.BasicAuthServerInterceptor
+import org.onap.ccsdk.cds.blueprintsprocessor.selfservice.api.BluePrintProcessingGRPCHandler
+import org.onap.ccsdk.cds.controllerblueprints.core.logger
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
+import org.springframework.context.ApplicationListener
+import org.springframework.context.event.ContextRefreshedEvent
+import org.springframework.stereotype.Component
+
+@ConditionalOnProperty(name = ["blueprintsprocessor.grpcEnable"], havingValue = "true")
+@Component
+open class BlueprintGRPCServer(private val bluePrintProcessingGRPCHandler: BluePrintProcessingGRPCHandler,
+ private val bluePrintManagementGRPCHandler: BluePrintManagementGRPCHandler,
+ private val authInterceptor: BasicAuthServerInterceptor)
+ : ApplicationListener<ContextRefreshedEvent> {
+
+ private val log = logger(BlueprintGRPCServer::class)
+
+ @Value("\${blueprintsprocessor.grpcPort}")
+ private val grpcPort: Int? = null
+
+ override fun onApplicationEvent(event: ContextRefreshedEvent) {
+ try {
+ log.info("Starting Blueprint Processor GRPC Starting..")
+ val server = ServerBuilder
+ .forPort(grpcPort!!)
+ .intercept(authInterceptor)
+ .addService(bluePrintProcessingGRPCHandler)
+ .addService(bluePrintManagementGRPCHandler)
+ .build()
+
+ server.start()
+ log.info("Blueprint Processor GRPC server started and ready to serve on port({})...", server.port)
+ } catch (e: Exception) {
+ log.error("*** Error ***", e)
+ }
+ }
+}
* limitations under the License.
*/
-package org.onap.ccsdk.cds.blueprintsprocessor;
+package org.onap.ccsdk.cds.blueprintsprocessor
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.web.embedded.netty.NettyReactiveWebServerFactory;
-import org.springframework.boot.web.server.WebServerFactoryCustomizer;
-import org.springframework.stereotype.Component;
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.boot.web.embedded.netty.NettyReactiveWebServerFactory
+import org.springframework.boot.web.server.WebServerFactoryCustomizer
+import org.springframework.stereotype.Component
@Component
-public class BlueprintHttpServer implements WebServerFactoryCustomizer<NettyReactiveWebServerFactory> {
+open class BlueprintHttpServer : WebServerFactoryCustomizer<NettyReactiveWebServerFactory> {
- @Value("${blueprintsprocessor.httpPort}")
- private Integer httpPort;
+ @Value("\${blueprintsprocessor.httpPort}")
+ private val httpPort: Int? = null
- @Override
- public void customize(NettyReactiveWebServerFactory serverFactory) {
- serverFactory.setPort(httpPort);
+ override fun customize(serverFactory: NettyReactiveWebServerFactory) {
+ serverFactory.port = httpPort!!
}
}
\ No newline at end of file
* limitations under the License.
*/
-package org.onap.ccsdk.cds.blueprintsprocessor;
+package org.onap.ccsdk.cds.blueprintsprocessor
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
-import org.springframework.context.annotation.ComponentScan;
+import org.springframework.boot.SpringApplication
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration
+import org.springframework.boot.autoconfigure.SpringBootApplication
+import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration
+import org.springframework.context.annotation.ComponentScan
/**
* BlueprintProcessorApplication
*
- * @author Brinda Santh 8/14/2018
+ * @author Brinda Santh
*/
@SpringBootApplication
-@EnableAutoConfiguration(exclude = {DataSourceAutoConfiguration.class})
-@ComponentScan(basePackages = {"org.onap.ccsdk.cds.blueprintsprocessor", "org.onap.ccsdk.cds.controllerblueprints"})
-public class BlueprintProcessorApplication {
+@EnableAutoConfiguration(exclude = [DataSourceAutoConfiguration::class])
+@ComponentScan(basePackages = ["org.onap.ccsdk.cds.blueprintsprocessor", "org.onap.ccsdk.cds.controllerblueprints"])
+open class BlueprintProcessorApplication
- public static void main(String[] args) {
+fun main(args: Array<String>) {
+ // This is required for TemplateController.getStoredResult to accept a content-type value
+ // as a request parameter, e.g. &format=application%2Fxml is accepted
+ System.setProperty("org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH", "true")
- // This is required for TemplateController.getStoredResult to accept a content-type value
- // as a request parameter, e.g. &format=application%2Fxml is accepted
- System.setProperty("org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH", "true");
-
- SpringApplication.run(BlueprintProcessorApplication.class, args);
- }
+ SpringApplication.run(BlueprintProcessorApplication::class.java, *args)
}
--- /dev/null
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property.
+ * Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.ccsdk.cds.blueprintsprocessor
+
+import io.swagger.annotations.Api
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import springfox.documentation.builders.PathSelectors
+import springfox.documentation.builders.RequestHandlerSelectors
+import springfox.documentation.service.ApiInfo
+import springfox.documentation.service.Contact
+import springfox.documentation.spi.DocumentationType
+import springfox.documentation.spring.web.plugins.Docket
+
+/**
+ * SwaggerConfig
+ *
+ * @author Brinda Santh
+ */
+@Configuration
+//@EnableSwagger2WebFlux
+open class SwaggerConfig {
+
+ @Bean
+ open fun api(): Docket {
+ return Docket(DocumentationType.SWAGGER_2)
+ .select()
+ .apis(RequestHandlerSelectors.withClassAnnotation(Api::class.java))
+ .paths(PathSelectors.any())
+ .build()
+ .apiInfo(apiInfo())
+ }
+
+ private fun apiInfo(): ApiInfo {
+ return ApiInfo(
+ "CDS Blueprints Processor APIs",
+ "Provide APIs to interact with CBA, their resolved resources and templates, and stored resource configurations.",
+ "0.7.0",
+ null,
+ Contact("CCSDK Team", "www.onap.org", "onap-discuss@lists.onap.org"),
+ "Apache 2.0",
+ "http://www.apache.org/licenses/LICENSE-2.0",
+ emptyList())
+ }
+}
\ No newline at end of file
--- /dev/null
+/*
+ * Copyright © 2017-2018 AT&T Intellectual Property.
+ * Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.onap.ccsdk.cds.blueprintsprocessor
+
+import org.onap.ccsdk.cds.blueprintsprocessor.security.AuthenticationManager
+import org.onap.ccsdk.cds.blueprintsprocessor.security.SecurityContextRepository
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.http.HttpMethod
+import org.springframework.security.config.web.server.ServerHttpSecurity
+import org.springframework.security.web.server.SecurityWebFilterChain
+import org.springframework.web.reactive.config.CorsRegistry
+import org.springframework.web.reactive.config.ResourceHandlerRegistry
+import org.springframework.web.reactive.config.WebFluxConfigurer
+
+/**
+ * WebConfig
+ *
+ * @author Brinda Santh
+ */
+@Configuration
+open class WebConfig(private val authenticationManager: AuthenticationManager,
+ private val securityContextRepository: SecurityContextRepository) : WebFluxConfigurer {
+
+ override fun addResourceHandlers(registry: ResourceHandlerRegistry) {
+
+ registry.addResourceHandler("/swagger-ui.html**")
+ .addResourceLocations("classpath:/META-INF/resources/")
+
+ registry.addResourceHandler("/webjars/**")
+ .addResourceLocations("classpath:/META-INF/resources/webjars/")
+ }
+
+ override fun addCorsMappings(corsRegistry: CorsRegistry) {
+ corsRegistry.addMapping("/**")
+ .allowedOrigins("*")
+ .allowedMethods("*")
+ .allowedHeaders("*")
+ .maxAge(3600)
+ }
+
+ @Bean
+ open fun securityWebFilterChain(http: ServerHttpSecurity): SecurityWebFilterChain {
+ return http.csrf().disable()
+ .formLogin().disable()
+ .httpBasic().disable()
+ .authenticationManager(authenticationManager)
+ .securityContextRepository(securityContextRepository!!)
+ .authorizeExchange()
+ .pathMatchers(HttpMethod.OPTIONS).permitAll()
+ .anyExchange().authenticated()
+ .and().build()
+ }
+}
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.onap.ccsdk.cds.blueprintsprocessor.security;
+package org.onap.ccsdk.cds.blueprintsprocessor.security
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.ReactiveAuthenticationManager;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import reactor.core.publisher.Mono;
+import org.springframework.context.annotation.Configuration
+import org.springframework.security.authentication.AuthenticationProvider
+import org.springframework.security.authentication.ReactiveAuthenticationManager
+import org.springframework.security.core.Authentication
+import org.springframework.security.core.AuthenticationException
+import reactor.core.publisher.Mono
@Configuration
-public class AuthenticationManager implements ReactiveAuthenticationManager {
+open class AuthenticationManager(private val authenticationProvider: AuthenticationProvider)
+ : ReactiveAuthenticationManager {
- @Autowired
- private AuthenticationProvider authenticationProvider;
-
- @Override
- public Mono<Authentication> authenticate(Authentication authentication) {
+ override fun authenticate(authentication: Authentication): Mono<Authentication> {
try {
- return Mono.just(authenticationProvider.authenticate(authentication));
- } catch (AuthenticationException e) {
- return Mono.error(e);
+ return Mono.just(authenticationProvider.authenticate(authentication))
+ } catch (e: AuthenticationException) {
+ return Mono.error(e)
}
+
}
}
\ No newline at end of file
--- /dev/null
+/*
+ * Copyright (C) 2019 Bell Canada.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.onap.ccsdk.cds.blueprintsprocessor.security
+
+import io.grpc.*
+import org.onap.ccsdk.cds.controllerblueprints.core.logger
+import org.springframework.security.authentication.BadCredentialsException
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
+import org.springframework.security.core.AuthenticationException
+import org.springframework.security.core.context.SecurityContextHolder
+import org.springframework.stereotype.Component
+import java.nio.charset.StandardCharsets
+import java.util.*
+
+@Component
+class BasicAuthServerInterceptor(private val authenticationManager: AuthenticationManager)
+ : ServerInterceptor {
+
+ private val log = logger(BasicAuthServerInterceptor::class)
+
+ override fun <ReqT, RespT> interceptCall(
+ call: ServerCall<ReqT, RespT>,
+ headers: Metadata,
+ next: ServerCallHandler<ReqT, RespT>): ServerCall.Listener<ReqT> {
+ val authHeader = headers.get(Metadata.Key.of("Authorization", Metadata.ASCII_STRING_MARSHALLER))
+
+ if (authHeader.isNullOrEmpty()) {
+ throw Status.UNAUTHENTICATED.withDescription("Missing required authentication")
+ .asRuntimeException()
+ }
+
+ try {
+ val tokens = decodeBasicAuth(authHeader)
+ val username = tokens[0]
+
+ log.info("Basic Authentication Authorization header found for user: {}", username)
+
+ val authRequest = UsernamePasswordAuthenticationToken(username, tokens[1])
+ val authResult = authenticationManager!!.authenticate(authRequest).block()
+
+ log.info("Authentication success: {}", authResult)
+
+ SecurityContextHolder.getContext().authentication = authResult
+
+ } catch (e: AuthenticationException) {
+ SecurityContextHolder.clearContext()
+
+ log.info("Authentication request failed: {}", e.message)
+
+ throw Status.UNAUTHENTICATED.withDescription(e.message).withCause(e).asRuntimeException()
+ }
+
+ return next.startCall(call, headers)
+ }
+
+ private fun decodeBasicAuth(authHeader: String): Array<String> {
+ val basicAuth: String
+ try {
+ basicAuth = String(Base64.getDecoder().decode(authHeader.substring(6).toByteArray(StandardCharsets.UTF_8)),
+ StandardCharsets.UTF_8)
+ } catch (e: IllegalArgumentException) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ } catch (e: IndexOutOfBoundsException) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ }
+
+ val delim = basicAuth.indexOf(':')
+ if (delim == -1) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ }
+
+ return arrayOf(basicAuth.substring(0, delim), basicAuth.substring(delim + 1))
+ }
+}
\ No newline at end of file
--- /dev/null
+/*
+ * Copyright (C) 2019 Bell Canada.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.onap.ccsdk.cds.blueprintsprocessor.security
+
+import org.springframework.beans.factory.annotation.Value
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.security.authentication.AuthenticationProvider
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider
+import org.springframework.security.core.authority.SimpleGrantedAuthority
+import org.springframework.security.core.userdetails.User
+import org.springframework.security.core.userdetails.UserDetailsService
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
+import org.springframework.security.crypto.password.PasswordEncoder
+import org.springframework.security.provisioning.InMemoryUserDetailsManager
+
+@Configuration
+open class SecurityConfiguration {
+
+ @Value("\${security.user.name}")
+ lateinit var username: String
+
+ @Value("\${security.user.password}")
+ lateinit var password: String
+
+ @Bean
+ open fun inMemoryUserService(): UserDetailsService {
+ val user = User(username, password,
+ listOf(SimpleGrantedAuthority("USER")))
+ return InMemoryUserDetailsManager(user)
+ }
+
+ @Bean
+ open fun passwordEncoder(): PasswordEncoder {
+ return BCryptPasswordEncoder()
+ }
+
+ @Bean
+ open fun inMemoryAuthenticationProvider(): AuthenticationProvider {
+ val provider = DaoAuthenticationProvider()
+ provider.setUserDetailsService(inMemoryUserService())
+ return provider
+ }
+}
\ No newline at end of file
--- /dev/null
+/*
+ * Copyright (C) 2019 Bell Canada.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.onap.ccsdk.cds.blueprintsprocessor.security
+
+import org.springframework.http.HttpHeaders
+import org.springframework.security.authentication.BadCredentialsException
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
+import org.springframework.security.core.context.SecurityContext
+import org.springframework.security.core.context.SecurityContextImpl
+import org.springframework.security.web.server.context.ServerSecurityContextRepository
+import org.springframework.stereotype.Component
+import org.springframework.web.server.ServerWebExchange
+import reactor.core.publisher.Mono
+import java.nio.charset.StandardCharsets
+import java.util.*
+
+@Component
+class SecurityContextRepository(private val authenticationManager: AuthenticationManager)
+ : ServerSecurityContextRepository {
+
+ override fun save(swe: ServerWebExchange, sc: SecurityContext): Mono<Void> {
+ throw UnsupportedOperationException("Not supported.")
+ }
+
+ override fun load(swe: ServerWebExchange): Mono<SecurityContext> {
+ val request = swe.request
+ val authHeader = request.headers.getFirst(HttpHeaders.AUTHORIZATION)
+ if (authHeader != null && authHeader.startsWith("Basic")) {
+ val tokens = decodeBasicAuth(authHeader)
+ val username = tokens[0]
+ val password = tokens[1]
+ val auth = UsernamePasswordAuthenticationToken(username, password)
+ return this.authenticationManager!!.authenticate(auth)
+ .map { SecurityContextImpl(it) }
+ } else {
+ return Mono.empty()
+ }
+ }
+
+ private fun decodeBasicAuth(authHeader: String): Array<String> {
+ val basicAuth: String
+ try {
+ basicAuth = String(Base64.getDecoder().decode(authHeader.substring(6).toByteArray(StandardCharsets.UTF_8)),
+ StandardCharsets.UTF_8)
+ } catch (e: IllegalArgumentException) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ } catch (e: IndexOutOfBoundsException) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ }
+
+ val delim = basicAuth.indexOf(':')
+ if (delim == -1) {
+ throw BadCredentialsException("Failed to decode basic authentication token")
+ }
+
+ return arrayOf(basicAuth.substring(0, delim), basicAuth.substring(delim + 1))
+ }
+}
\ No newline at end of file
# Web server config
server.port=8081
+# Used in Health Check
+endpoints.user.name=ccsdkapps
+endpoints.user.password=ccsdkapps
### START -Controller Blueprints Properties
# Load Resource Source Mappings
security.user.password: {bcrypt}$2a$10$duaUzVUVW0YPQCSIbGEkQOXwafZGwQ/b32/Ys4R1iwSSawFgz7QNu
security.user.name: ccsdkapps
+# Used in Health Check
+endpoints.user.name=ccsdkapps
+endpoints.user.password=ccsdkapps
+
# SDN-C's ODL Restconf Connection Details
blueprintsprocessor.restconfEnabled=true
blueprintsprocessor.restclient.sdncodl.type=basic-auth
<module>modules</module>
<module>functions</module>
<module>application</module>
- <module>distribution</module>
</modules>
<properties>
Code Review / ccsdk / cds.git / commitdiff