private static LogHelper applicationLogger = LogHelper.INSTANCE;
private ValidationServiceAuthConfig validationServiceAuthConfig;
+ private AAIMicroServiceAuthCore authCore;
@Inject
public AAIMicroServiceAuth(final ValidationServiceAuthConfig validationServiceAuthConfig) throws AAIAuthException {
this.validationServiceAuthConfig = validationServiceAuthConfig;
+ this.authCore = new AAIMicroServiceAuthCore();
if (!validationServiceAuthConfig.isAuthenticationDisable()) {
- AAIMicroServiceAuthCore.init(validationServiceAuthConfig.getAuthPolicyFile());
+ authCore.init(validationServiceAuthConfig.getAuthPolicyFile());
}
}
public boolean authBasic(String username, String authFunction) throws AAIAuthException {
- return AAIMicroServiceAuthCore.authorize(username, authFunction);
+ return authCore.authorize(username, authFunction);
}
public String authUser(String authUser, String authFunction) throws AAIAuthException {
}
applicationLogger.debug("Got one:" + cookie);
- return AAIMicroServiceAuthCore.authorize(username.toString(), authFunction);
+ return authCore.authorize(username.toString(), authFunction);
}
public boolean validateRequest(HttpServletRequest req, String action, String apiPath) throws AAIAuthException {
/**
- * ============LICENSE_START===================================================
- * Copyright (c) 2018 Amdocs
- * ============================================================================
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
+ * Copyright (c) 2018-2019 European Software Marketing Ltd.
+ * ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- * ============LICENSE_END=====================================================
+ * ============LICENSE_END=========================================================
*/
+
package org.onap.aai.auth;
import com.fasterxml.jackson.core.JsonProcessingException;
private static LogHelper applicationLogger = LogHelper.INSTANCE;
- public static final String APPCONFIG_DIR = (System.getProperty("CONFIG_HOME") == null)
- ? Paths.get(System.getProperty("APP_HOME"), "appconfig").toString() : System.getProperty("CONFIG_HOME");
-
- private static Path appConfigAuthDir = Paths.get(APPCONFIG_DIR, "auth");
- private static Path defaultAuthFileName = appConfigAuthDir.resolve("auth_policy.json");
+ private Path appConfigAuthDir;
private static boolean usersInitialized = false;
private static HashMap<String, AAIAuthUser> users;
private static boolean timerSet = false;
- private static String policyAuthFileName;
+ private String policyAuthFileName;
public enum HttpMethods {
- GET,
- PUT,
- DELETE,
- HEAD,
- POST
- }
-
- // Don't instantiate
- private AAIMicroServiceAuthCore() {}
-
- public static String getDefaultAuthFileName() {
- return defaultAuthFileName.toString();
+ GET, PUT, DELETE, HEAD, POST
}
- public static void setDefaultAuthFileName(String defaultAuthFileName) {
- AAIMicroServiceAuthCore.defaultAuthFileName = Paths.get(defaultAuthFileName);
+ public AAIMicroServiceAuthCore() {
+ appConfigAuthDir = Paths.get(System.getProperty("CONFIG_HOME"), "auth");
}
/**
* @param authPolicyFile
* @throws AAIAuthException
- * if the policy file cannot be loaded
+ * if the policy file cannot be loaded
*/
- public static synchronized void init(String authPolicyFile) throws AAIAuthException {
-
+ public void init(String authPolicyFile) throws AAIAuthException {
try {
- policyAuthFileName = AAIMicroServiceAuthCore.getConfigFile(authPolicyFile);
+ policyAuthFileName = getConfigFile(authPolicyFile);
} catch (IOException e) {
applicationLogger.debug("Exception while retrieving policy file.");
applicationLogger.error(ApplicationMsgs.PROCESS_REQUEST_ERROR, e);
throw new AAIAuthException(e.getMessage());
}
+
if (policyAuthFileName == null) {
throw new AAIAuthException("Auth policy file could not be found");
}
- AAIMicroServiceAuthCore.reloadUsers();
+ reloadUsers();
TimerTask task = new FileWatcher(new File(policyAuthFileName)) {
@Override
// here we implement the onChange
applicationLogger.debug("File " + file.getName() + " has been changed!");
try {
- AAIMicroServiceAuthCore.reloadUsers();
+ reloadUsers();
} catch (AAIAuthException e) {
applicationLogger.error(ApplicationMsgs.PROCESS_REQUEST_ERROR, e);
}
}
}
- public static String getConfigFile(String authPolicyFile) throws IOException {
+ public String getConfigFile(String authPolicyFile) throws IOException {
File authFile = new File(authPolicyFile);
if (authFile.exists()) {
return authFile.getCanonicalPath();
authFile = appConfigAuthDir.resolve(authPolicyFile).toFile();
if (authFile.exists()) {
return authFile.getCanonicalPath();
+ } else {
+ return null;
}
- if (getDefaultAuthFileName() != null) {
- authFile = new File(getDefaultAuthFileName());
- if (authFile.exists()) {
- return getDefaultAuthFileName();
- }
- }
- return null;
}
/**
* @throws AAIAuthException
*/
- public static synchronized void reloadUsers() throws AAIAuthException {
+ public synchronized void reloadUsers() throws AAIAuthException {
users = new HashMap<>();
ObjectMapper mapper = new ObjectMapper();
}
}
- public static boolean authorize(String username, String authFunction) throws AAIAuthException {
+ public boolean authorize(String username, String authFunction) throws AAIAuthException {
if (!usersInitialized || users == null) {
throw new AAIAuthException("Auth module not initialized");
}
-/*
- * ============LICENSE_START===================================================
- * Copyright (c) 2018 Amdocs
- * ============================================================================
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
+ * Copyright (c) 2018-2019 European Software Marketing Ltd.
+ * ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- * ============LICENSE_END=====================================================
+ * ============LICENSE_END=========================================================
*/
+
package org.onap.aai.validation.config;
import org.springframework.beans.factory.annotation.Value;
*/
package org.onap.aai.validation;
+import java.io.IOException;
+import org.hamcrest.Description;
+import org.hamcrest.TypeSafeMatcher;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
*
*/
@SpringBootTest(classes = ValidationServiceApplication.class)
-@TestPropertySource(locations = {"classpath:oxm-reader/schemaIngest.properties", "classpath:application.properties"})
+@TestPropertySource(locations = {"classpath:oxm-reader/schemaIngest.properties", "classpath:test-application.properties"})
@ContextConfiguration(locations = {"classpath:validation-service-beans.xml"})
public class TestApplication {
ValidationServiceApplication.main(new String[] {});
}
+ @Test
+ public void testApplicationWithEmptyKeyStorePassword() {
+ System.setProperty("KEY_STORE_PASSWORD", "");
+ final CauseMatcher expectedCause = new CauseMatcher(IOException.class, "password was incorrect");
+ expectedEx.expectCause(expectedCause);
+ ValidationServiceApplication.main(new String[] {});
+ }
+
+ @Test
+ public void testApplicationWithIncorrectKeyStorePassword() {
+ System.setProperty("KEY_STORE_PASSWORD", "test");
+ final CauseMatcher expectedCause = new CauseMatcher(IOException.class, "password was incorrect");
+ expectedEx.expectCause(expectedCause);
+ ValidationServiceApplication.main(new String[] {});
+ }
+
+ private static class CauseMatcher extends TypeSafeMatcher<Throwable> {
+
+ private final Class<? extends Throwable> type;
+ private final String expectedMessage;
+
+ public CauseMatcher(Class<? extends Throwable> type, String expectedMessage) {
+ this.type = type;
+ this.expectedMessage = expectedMessage;
+ }
+
+ @Override
+ protected boolean matchesSafely(Throwable item) {
+ return item.getClass().isAssignableFrom(type) && item.getMessage().contains(expectedMessage);
+ }
+
+ @Override
+ public void describeTo(Description description) {
+ description.appendValue(type).appendText(" and message ").appendValue(expectedMessage);
+ }
+ }
}
-/*
- * ============LICENSE_START===================================================
- * Copyright (c) 2018 Amdocs
- * ============================================================================
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
+ * Copyright (c) 2018-2019 European Software Marketing Ltd.
+ * ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- * ============LICENSE_END=====================================================
+ * ============LICENSE_END=========================================================
*/
+
package org.onap.aai.validation.auth;
import static org.hamcrest.CoreMatchers.equalTo;
import org.mockito.Mockito;
import org.onap.aai.auth.AAIAuthException;
import org.onap.aai.auth.AAIMicroServiceAuth;
-import org.onap.aai.auth.AAIMicroServiceAuthCore;
import org.onap.aai.validation.config.ValidationServiceAuthConfig;
import org.springframework.mock.web.MockHttpServletRequest;
/**
* Tests @{link AAIMicroServiceAuth}
*/
-
public class MicroServiceAuthTest {
static {
- System.setProperty("APP_HOME", ".");
- System.setProperty("CONFIG_HOME", Paths.get(System.getProperty("user.dir"), "src/test/resources").toString());
+ System.setProperty("CONFIG_HOME", Paths.get("src/test/resources").toString());
}
private static final String VALID_ADMIN_USER = "cn=common-name, ou=org-unit, o=org, l=location, st=state, c=us";
*/
@Test(expected = AAIAuthException.class)
public void missingPolicyFile() throws AAIAuthException, IOException {
- String defaultFile = AAIMicroServiceAuthCore.getDefaultAuthFileName();
- try {
- AAIMicroServiceAuthCore.setDefaultAuthFileName("invalid.default.file");
- ValidationServiceAuthConfig authConfig = new ValidationServiceAuthConfig();
- authConfig.setAuthPolicyFile("invalid.file.name");
- new AAIMicroServiceAuth(authConfig);
- } finally {
- AAIMicroServiceAuthCore.setDefaultAuthFileName(defaultFile);
- }
+ ValidationServiceAuthConfig authConfig = new ValidationServiceAuthConfig();
+ authConfig.setAuthPolicyFile("invalid.file.name");
+ new AAIMicroServiceAuth(authConfig);
}
/**
--- /dev/null
+{"roles": [
+ {
+ "name": "admin",
+ "functions": [
+ {
+ "name": "actions",
+ "methods": [
+ {"name": "GET"},
+ {"name": "DELETE"},
+ {"name": "PUT"}
+ ]
+ },
+ {
+ "name": "validate",
+ "methods": [{"name": "POST"}]
+ }
+ ],
+ "users": [
+ {"username": "CN=common-name, OU=org-unit, O=org, L=location, ST=state, C=US"},
+ {"username": "CN=test, OU=qa, O=Test Ltd, L=London, ST=London, C=GB"}
+ ]
+ },
+ {
+ "name": "ops",
+ "functions": [{
+ "name": "actions",
+ "methods": [{"name": "POST"}]
+ }],
+ "users": [
+ {"username": "CN=common-name, OU=org-unit, O=org, L=location, ST=state, C=US"},
+ {"username": "CN=test, OU=qa, O=Test Ltd, L=London, ST=London, C=GB"}
+ ]
+ },
+ {
+ "name": "basicauth",
+ "functions": [{
+ "name": "util",
+ "methods": [{"name": "GET"}]
+ }],
+ "users": [{
+ "user": "aai",
+ "pass": "OBF:1u2a1t2v1vgb1s3g1s3m1vgj1t3b1u30"
+ }]
+ },
+ {
+ "name": "nofuncauth",
+ "functions": [{
+ "name": "nofuncutil"
+ }],
+ "users": [{
+ "user": "aai",
+ "pass": "OBF:1u2a1t2v1vgb1s3g1s3m1vgj1t3b1u30"
+ }]
+ }
+]}
# limitations under the License.
# ============LICENSE_END=====================================================
-auth.policy.file=appconfig-local/auth/auth_policy.json
+auth.policy.file=${CONFIG_HOME}/auth/auth_policy.json
auth.authentication.disable=false
\ No newline at end of file
+# ============LICENSE_START=======================================================
+# org.onap.aai
+# ================================================================================
+# Copyright (c) 2018-2019 AT&T Intellectual Property. All rights reserved.
+# Copyright (c) 2018-2019 European Software Marketing Ltd.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+APP_HOME=.
+CONFIG_HOME=src/test/resources
+
consumer.topic.names=aai-event,aai-data-export
publisher.topic.names=aai-data-integrity
-topics.properties.location=src/test/resources/topic-config/
+topics.properties.location=${CONFIG_HOME}/topic-config/
server.ssl.key-store=
Code Review / aai / validation.git / commitdiff