*/.idea
*.iml
aai-resources/debug-logs/EELF/
+.vscode
\ No newline at end of file
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
- <classpathentry kind="src" output="target/classes" path="src/main/java">
+ <classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
<attributes>
+ <attribute name="maven.pomderived" value="true"/>
<attribute name="optional" value="true"/>
+ </attributes>
+ </classpathentry>
+ <classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
+ <attributes>
<attribute name="maven.pomderived" value="true"/>
+ <attribute name="test" value="true"/>
+ <attribute name="optional" value="true"/>
</attributes>
</classpathentry>
- <classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
+ <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
- <classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
+ <classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
- <attribute name="test" value="true"/>
</attributes>
</classpathentry>
- <classpathentry kind="src" output="target/test-classes" path="src/test/java">
+ <classpathentry excluding="**" kind="src" output="target/classes" path="src/main/docker">
<attributes>
- <attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
- <attribute name="test" value="true"/>
+ <attribute name="optional" value="true"/>
</attributes>
</classpathentry>
- <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
+ <classpathentry excluding="**" kind="src" output="target/classes" path="src/main/swm">
<attributes>
<attribute name="maven.pomderived" value="true"/>
+ <attribute name="optional" value="true"/>
</attributes>
</classpathentry>
- <classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
+ <classpathentry kind="src" output="target/classes" path="src/main/java">
<attributes>
+ <attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
- <classpathentry excluding="**" kind="src" output="target/classes" path="src/main/docker">
+ <classpathentry kind="src" output="target/test-classes" path="src/test/java">
<attributes>
+ <attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
+ <attribute name="test" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" path="target/generated-sources/annotations">
<attributes>
<attribute name="optional" value="true"/>
- <attribute name="maven.pomderived" value="true"/>
- <attribute name="ignore_optional_problems" value="true"/>
- <attribute name="m2e-apt" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" output="target/test-classes" path="target/generated-test-sources/test-annotations">
<attributes>
<attribute name="optional" value="true"/>
- <attribute name="maven.pomderived" value="true"/>
- <attribute name="ignore_optional_problems" value="true"/>
- <attribute name="m2e-apt" value="true"/>
<attribute name="test" value="true"/>
</attributes>
</classpathentry>
</parent>
<properties>
<java.version>1.8</java.version>
+ <spring.boot.version>2.2.13.RELEASE</spring.boot.version>
+ <spring.version>5.2.12.RELEASE</spring.version>
+ <spring.jms.version>${spring.version}</spring.jms.version>
+ <spring.test.version>${spring.version}</spring.test.version>
<start-class>org.onap.aai.ResourcesApp</start-class>
<!-- Default docker registry that maven fabric plugin will try to pull from -->
<!-- Integration tests will be skipped by default. Could be enabled here or by -DskipITs=false-->
<skipITs>true</skipITs>
- <!-- <swagger.version>1.5.24</swagger.version> -->
<!-- https://mvnrepository.com/artifact/io.swagger/swagger-core -->
<swagger.version>1.6.8</swagger.version>
</properties>
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.core.env.Environment;
+import org.springframework.core.env.Profiles;
@SpringBootApplication(
exclude = {DataSourceAutoConfiguration.class, DataSourceTransactionManagerAutoConfiguration.class,
logger.info("Starting AAIGraph connections and the NodeInjestor");
- if (env.acceptsProfiles(Profiles.TWO_WAY_SSL) && env.acceptsProfiles(Profiles.ONE_WAY_SSL)) {
+ // if (env.acceptsProfiles(Profiles.TWO_WAY_SSL) && env.acceptsProfiles(Profiles.ONE_WAY_SSL)) {
+ if (env.acceptsProfiles(Profiles.of(ResourcesProfiles.TWO_WAY_SSL, ResourcesProfiles.ONE_WAY_SSL))) {
logger.warn("You have seriously misconfigured your application");
}
package org.onap.aai;
-public final class Profiles {
+public final class ResourcesProfiles {
public static final String DMAAP = "dmaap";
public static final String DME2 = "dme2";
public static final String AAF_CERT_AUTHENTICATION = "aaf-cert-auth";
public static final String TWO_WAY_SSL = "two-way-ssl";
- private Profiles() {
+ private ResourcesProfiles() {
}
}
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
-import org.onap.aai.Profiles;
+import org.onap.aai.ResourcesProfiles;
import org.onap.aai.exceptions.AAIException;
import org.onap.aai.interceptors.AAIContainerFilter;
import org.onap.aai.logging.ErrorLogHelper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Profile;
-@Profile(Profiles.ONE_WAY_SSL)
+@Profile(ResourcesProfiles.ONE_WAY_SSL)
@PreMatching
@Priority(AAIRequestFilterPriority.AUTHORIZATION)
public class OneWaySslAuthorization extends AAIContainerFilter implements ContainerRequestFilter {
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.*;
import javax.ws.rs.core.*;
+import javax.ws.rs.core.Response.Status;
import org.apache.commons.lang3.ObjectUtils;
import org.javatuples.Pair;
}
+ /**
+ * Only PUT, DELETE and OPTIONS methods are allowed for /relationship-list/relationship endpoints
+ * This prevents the GET Path matching for "/{uri: .+}" to match for paths ending with /relationship-list/relationship
+ * The METHOD_NOT_ALLOWED code will be mapped to a BadRequest in the InvalidResponseStatus interceptor
+ */
+ @GET
+ @Path("/{uri: .+}/relationship-list/relationship")
+ @Consumes({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
+ @Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
+ public Response disallowGetOnRelationshipListRelationship() {
+ return Response
+ .status(Status.METHOD_NOT_ALLOWED)
+ .allow("PUT","DELETE","OPTIONS")
+ .build();
+ }
+
/**
* Gets the legacy.
*
}
@Override
- public void configure(WebSecurity web) throws Exception {
+ public void configure(WebSecurity web) {
web.ignoring().regexMatchers("^.*/util/echo$");
}
import javax.annotation.PostConstruct;
import org.eclipse.jetty.util.security.Password;
-import org.onap.aai.Profiles;
+import org.onap.aai.ResourcesProfiles;
import org.onap.aai.util.AAIConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Profile;
import org.springframework.stereotype.Service;
-@Profile(Profiles.ONE_WAY_SSL)
+@Profile(ResourcesProfiles.ONE_WAY_SSL)
@Service
public class AuthorizationService {
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.core.env.Environment;
+import org.springframework.core.env.Profiles;
@Configuration
public class JerseyConfiguration {
private final Reflections loggingReflections = new Reflections(LOGGING_INTERCEPTOR_PACKAGE);
private final Environment environment;
- @Autowired
public JerseyConfiguration(Environment environment) {
this.environment = environment;
}
private boolean isEnabledByActiveProfiles(AnnotatedElement annotatedElement) {
return !annotatedElement.isAnnotationPresent(Profile.class)
- || environment.acceptsProfiles(annotatedElement.getAnnotation(Profile.class).value());
+ || environment.acceptsProfiles(Profiles.of(annotatedElement.getAnnotation(Profile.class).value()));
}
private class MissingFilterPriorityException extends RuntimeException {
management.endpoints.enabled-by-default=true
#To Enable Actuator Endpoint, you can override this in OOM Charts
management.endpoints.web.exposure.include=info, health, prometheus
-management.metrics.web.server.auto-time-requests=false
+management.metrics.web.server.request.autotime.enabled=false
management.metrics.distribution.percentiles-histogram[http.server.requests]=true
management.metrics.distribution.sla[http.server.requests]=20ms, 30ms, 40ms, 50ms, 60ms, 70ms, 80ms, 90ms, 100ms, 500ms, 1000ms, 5000ms, 7000ms
management.metrics.tags.group_id=aai
import org.springframework.boot.web.client.RestTemplateBuilder;
import org.springframework.context.annotation.Bean;
import org.springframework.core.env.Environment;
+import org.springframework.core.env.Profiles;
import org.springframework.http.HttpStatus;
import org.springframework.http.client.ClientHttpResponse;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
RestTemplate restTemplate(RestTemplateBuilder builder) throws Exception {
RestTemplate restTemplate = null;
- if (env.acceptsProfiles("one-way-ssl", "two-way-ssl")) {
+ if (env.acceptsProfiles(Profiles.of(ResourcesProfiles.TWO_WAY_SSL, ResourcesProfiles.ONE_WAY_SSL))) {
char[] trustStorePassword = env.getProperty("server.ssl.trust-store-password").toCharArray();
char[] keyStorePassword = env.getProperty("server.ssl.key-store-password").toCharArray();
String trustStore = env.getProperty("server.ssl.trust-store");
SSLContextBuilder sslContextBuilder = SSLContextBuilder.create();
- if (env.acceptsProfiles("two-way-ssl")) {
+ if (env.acceptsProfiles(Profiles.of(ResourcesProfiles.TWO_WAY_SSL))) {
sslContextBuilder =
sslContextBuilder.loadKeyMaterial(loadPfx(keyStore, keyStorePassword), keyStorePassword);
}
server.basic.auth.location=${server.local.startpath}etc/auth/realm.properties
server.port=8447
-security.require-ssl=false
server.ssl.enabled=false
#server.ssl.enabled-protocols=TLSv1.1,TLSv1.2
#server.ssl.key-store=${server.local.startpath}etc/auth/aai_keystore
management.server.port=0
management.endpoints.enabled-by-default=true
management.endpoints.web.exposure.include=info, health, prometheus
-management.metrics.web.server.auto-time-requests=false
+management.metrics.web.server.request.autotime.enabled=false
scrape.uri.metrics=true