# Basic Authentication
basicAuth.username=admin
-basicAuth.password=OBF:1u2a1toa1w8v1tok1u30
+basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)
# A&AI Enircher REST Client Configuration
enricher.url=https://d2enrichment:9505
* limitations under the License.
* ============LICENSE_END=====================================================
*/
+
package org.onap.sdnc.apps.pomba.networkdiscovery;
import org.springframework.boot.SpringApplication;
}
public static void main(String[] args) throws Exception {
- SpringApplication.run(Application.class, args);
+ SpringApplication app = new SpringApplication(Application.class);
+ app.addInitializers(new PropertyPasswordConfiguration());
}
-
-}
+}
\ No newline at end of file
package org.onap.sdnc.apps.pomba.networkdiscovery;
import java.util.Base64;
-import org.eclipse.jetty.util.security.Password;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
@Value("${basicAuth.username:admin}")
private String username;
- @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}")
+ @Value("${basicAuth.password:admin}")
private String password;
- @Bean(name="networkDiscoveryBasicAuthHeader")
+ @Bean(name="basicAuthHeader")
public String getNdBasicAuthHeader() {
- String auth = new String(this.username + ":" + Password.deobfuscate(this.password));
- return "Basic " + Base64.getEncoder().encodeToString(auth.getBytes());
+ return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes());
}
}
--- /dev/null
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.networkdiscovery;
+
+import org.eclipse.jetty.util.security.Password;
+
+public class JettyPasswordDecoder implements PasswordDecoder {
+
+ @Override
+ public String decode(String input) {
+ if (input.startsWith("OBF:")) {
+ return Password.deobfuscate(input);
+ }
+ return Password.deobfuscate("OBF:" + input);
+ }
+}
\ No newline at end of file
--- /dev/null
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.networkdiscovery;
+
+public interface PasswordDecoder {
+
+ String decode(String input);
+}
\ No newline at end of file
--- /dev/null
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.networkdiscovery;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.core.env.ConfigurableEnvironment;
+import org.springframework.core.env.EnumerablePropertySource;
+import org.springframework.core.env.MapPropertySource;
+import org.springframework.core.env.PropertySource;
+import org.springframework.stereotype.Component;
+
+@Component
+public class PropertyPasswordConfiguration implements ApplicationContextInitializer<ConfigurableApplicationContext>
+{
+ private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)");
+
+ private PasswordDecoder passwordDecoder = new JettyPasswordDecoder();
+
+ @Override
+ public void initialize(ConfigurableApplicationContext applicationContext) {
+ ConfigurableEnvironment environment = applicationContext.getEnvironment();
+ for (PropertySource<?> propertySource : environment.getPropertySources()) {
+ Map<String, Object> propertyOverrides = new LinkedHashMap<>();
+ decodePasswords(propertySource, propertyOverrides);
+ if (!propertyOverrides.isEmpty()) {
+ PropertySource<?> decodedProperties = new MapPropertySource("decoded "+ propertySource.getName(), propertyOverrides);
+ environment.getPropertySources().addBefore(propertySource.getName(), decodedProperties);
+ }
+ }
+ }
+
+ private void decodePasswords(PropertySource<?> source, Map<String, Object> propertyOverrides) {
+ if (source instanceof EnumerablePropertySource) {
+ EnumerablePropertySource<?> enumerablePropertySource = (EnumerablePropertySource<?>) source;
+ for (String key : enumerablePropertySource.getPropertyNames()) {
+ Object rawValue = source.getProperty(key);
+ if (rawValue instanceof String) {
+ String decodedValue = decodePasswordsInString((String) rawValue);
+ propertyOverrides.put(key, decodedValue);
+ }
+ }
+ }
+ }
+
+ private String decodePasswordsInString(String input) {
+ if (input == null) return null;
+ StringBuffer output = new StringBuffer();
+ Matcher matcher = decodePasswordPattern.matcher(input);
+ while (matcher.find()) {
+ String replacement = passwordDecoder.decode(matcher.group(1));
+ matcher.appendReplacement(output, replacement);
+ }
+ matcher.appendTail(output);
+ return output.toString();
+ }
+}
\ No newline at end of file
* limitations under the License.
* ============LICENSE_END=====================================================
*/
+
package org.onap.sdnc.apps.pomba.networkdiscovery.service.rs;
import static org.onap.sdnc.apps.pomba.networkdiscovery.ApplicationException.Error.GENERAL_FAILURE;
@Autowired
private SpringService service;
- @Resource(name="networkDiscoveryBasicAuthHeader")
- private String networkDiscoveryBasicAuthHeader;
+ @Resource(name="basicAuthHeader")
+ private String basicAuthHeader;
@Override
public Response findbyResourceIdAndType(HttpServletRequest request,
version = "v1";
}
- if (authorization == null || !this.networkDiscoveryBasicAuthHeader.equals(authorization)) {
+ if (authorization == null || !this.basicAuthHeader.equals(authorization)) {
throw new ApplicationException(UNAUTHORIZED, Status.UNAUTHORIZED);
}
if ((fromAppId == null) || fromAppId.trim().isEmpty()) {
} finally {
adapter.exiting();
}
-
}
-
}
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
-import org.eclipse.jetty.util.security.Password;
import org.junit.After;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.onap.logging.ref.slf4j.ONAPLogConstants;
+import org.onap.sdnc.apps.pomba.networkdiscovery.Application;
+import org.onap.sdnc.apps.pomba.networkdiscovery.PropertyPasswordConfiguration;
import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.Attribute;
import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.DataQuality;
import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.NetworkDiscoveryNotification;
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.core.env.Environment;
+import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
@TestPropertySource(properties = {
"enricher.url=http://localhost:9505",
"basicAuth.username=admin",
- "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30"
+ "basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)"
})
+@ContextConfiguration(initializers = PropertyPasswordConfiguration.class, classes = Application.class)
public class NetworkDiscoveryTest {
private static final String V1 = "v1";
private static final String APP = "junit";
private static final String RESOURCE_TYPE_VSERVER = "vserver";
private static final String CALLBACK_PATH = "/callback";
- private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString((
- "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes());
+ private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(("admin:admin").getBytes());
@Autowired
private Environment environment;
}
}
-
@Test
public void testVerifyResourceType() throws Exception {
// no resource type
server.tomcat.max-idle-time=60000
basicAuth.username=admin
-basicAuth.password=OBF:1u2a1toa1w8v1tok1u30
+basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)
# AAI REST Client Configuration
aai.host=135.63.125.59
* limitations under the License.
* ============LICENSE_END=====================================================
*/
+
package org.onap.sdnc.apps.pomba.servicedecomposition;
import org.springframework.boot.SpringApplication;
}
public static void main(String[] args) throws Exception {
- SpringApplication.run(Application.class, args);
+ SpringApplication app = new SpringApplication(Application.class);
+ app.addInitializers(new PropertyPasswordConfiguration());
}
-
}
package org.onap.sdnc.apps.pomba.servicedecomposition;
import java.util.Base64;
-import org.eclipse.jetty.util.security.Password;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
@Value("${basicAuth.username:admin}")
private String username;
- @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}")
+ @Value("${basicAuth.password:admin}")
private String password;
- @Bean(name="serviceDecompositionBasicAuthHeader")
+ @Bean(name="basicAuthHeader")
public String getSdBasicAuthHeader() {
- String auth = new String(this.username + ":" + Password.deobfuscate(this.password));
- return "Basic " + Base64.getEncoder().encodeToString(auth.getBytes());
+ return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes());
}
}
--- /dev/null
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.servicedecomposition;
+
+import org.eclipse.jetty.util.security.Password;
+
+public class JettyPasswordDecoder implements PasswordDecoder {
+
+ @Override
+ public String decode(String input) {
+ if (input.startsWith("OBF:")) {
+ return Password.deobfuscate(input);
+ }
+ return Password.deobfuscate("OBF:" + input);
+ }
+}
\ No newline at end of file
--- /dev/null
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.servicedecomposition;
+
+public interface PasswordDecoder {
+
+ String decode(String input);
+}
\ No newline at end of file
--- /dev/null
+/**
+ * ============LICENSE_START=======================================================
+ * org.onap.aai
+ * ================================================================================
+ * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END=========================================================
+ */
+
+package org.onap.sdnc.apps.pomba.servicedecomposition;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.core.env.ConfigurableEnvironment;
+import org.springframework.core.env.EnumerablePropertySource;
+import org.springframework.core.env.MapPropertySource;
+import org.springframework.core.env.PropertySource;
+import org.springframework.stereotype.Component;
+
+@Component
+public class PropertyPasswordConfiguration implements ApplicationContextInitializer<ConfigurableApplicationContext>
+{
+
+ private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)");
+
+ private PasswordDecoder passwordDecoder = new JettyPasswordDecoder();
+
+ @Override
+ public void initialize(ConfigurableApplicationContext applicationContext) {
+ ConfigurableEnvironment environment = applicationContext.getEnvironment();
+ for (PropertySource<?> propertySource : environment.getPropertySources()) {
+ Map<String, Object> propertyOverrides = new LinkedHashMap<>();
+ decodePasswords(propertySource, propertyOverrides);
+ if (!propertyOverrides.isEmpty()) {
+ PropertySource<?> decodedProperties = new MapPropertySource("decoded "+ propertySource.getName(), propertyOverrides);
+ environment.getPropertySources().addBefore(propertySource.getName(), decodedProperties);
+ }
+ }
+ }
+
+ private void decodePasswords(PropertySource<?> source, Map<String, Object> propertyOverrides) {
+ if (source instanceof EnumerablePropertySource) {
+ EnumerablePropertySource<?> enumerablePropertySource = (EnumerablePropertySource<?>) source;
+ for (String key : enumerablePropertySource.getPropertyNames()) {
+ Object rawValue = source.getProperty(key);
+ if (rawValue instanceof String) {
+ String decodedValue = decodePasswordsInString((String) rawValue);
+ propertyOverrides.put(key, decodedValue);
+ }
+ }
+ }
+ }
+
+ private String decodePasswordsInString(String input) {
+ if (input == null) return null;
+ StringBuffer output = new StringBuffer();
+ Matcher matcher = decodePasswordPattern.matcher(input);
+ while (matcher.find()) {
+ String replacement = passwordDecoder.decode(matcher.group(1));
+ matcher.appendReplacement(output, replacement);
+ }
+ matcher.appendTail(output);
+ return output.toString();
+ }
+}
\ No newline at end of file
* limitations under the License.
* ============LICENSE_END=====================================================
*/
+
package org.onap.sdnc.apps.pomba.servicedecomposition.service.rs;
import static org.onap.sdnc.apps.pomba.servicedecomposition.exception.DiscoveryException.Error.*;
@Autowired
private SpringService service;
- @Resource(name="serviceDecompositionBasicAuthHeader")
- private String serviceDecompositionBasicAuthHeader;
+ @Resource(name="basicAuthHeader")
+ private String basicAuthHeader;
public RestServiceImpl() {}
adapter.getServiceDescriptor().setServiceName(SERVICE_NAME);
adapter.entering(request);
try {
- if (authorization == null || !this.serviceDecompositionBasicAuthHeader.equals(authorization)) {
+ if (authorization == null || !this.basicAuthHeader.equals(authorization)) {
throw new DiscoveryException(UNAUTHORIZED, Status.UNAUTHORIZED);
}
} finally {
adapter.exiting();
}
-
}
-
-}
+}
\ No newline at end of file
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
-import org.eclipse.jetty.util.security.Password;
import org.json.JSONArray;
import org.json.JSONObject;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.onap.logging.ref.slf4j.ONAPLogConstants;
+import org.onap.sdnc.apps.pomba.servicedecomposition.Application;
+import org.onap.sdnc.apps.pomba.servicedecomposition.PropertyPasswordConfiguration;
import org.onap.sdnc.apps.pomba.servicedecomposition.service.rs.RestService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
"aai.host=localhost",
"aai.port=8081",
"basicAuth.username=admin",
- "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30"
- })
+ "basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)"
+})
+@ContextConfiguration(initializers = PropertyPasswordConfiguration.class, classes = Application.class)
public class ServiceDecompositionTest {
- private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString((
- "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes());
+ private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(("admin:admin").getBytes());
// TODO missing code coverage for VNFC resources
fail("Did not find " + field + "=" + value + " in " + arrayName + " array");
}
-
private void addResponse(String path, String classpathResource) throws IOException {
String payload = readFully(ClassLoader.getSystemResourceAsStream(classpathResource));
aai.stubFor(get(path).willReturn(okJson(payload)));
}
-
private String readFully(InputStream in) throws IOException {
char[] cbuf = new char[1024];
StringBuilder content = new StringBuilder();
}
return content.toString();
}
-}
+}
\ No newline at end of file
Code Review / sdnc / apps.git / commitdiff