# Basic Authentication
basicAuth.username=admin
-basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)
+basicAuth.password=OBF:1u2a1toa1w8v1tok1u30
# A&AI Enircher REST Client Configuration
enricher.url=https://d2enrichment:9505
}
public static void main(String[] args) throws Exception {
- SpringApplication app = new SpringApplication(Application.class);
- app.addInitializers(new PropertyPasswordConfiguration());
+ SpringApplication.run(Application.class, args);
}
}
\ No newline at end of file
package org.onap.sdnc.apps.pomba.networkdiscovery;
import java.util.Base64;
+import org.eclipse.jetty.util.security.Password;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
@Value("${basicAuth.username:admin}")
private String username;
- @Value("${basicAuth.password:admin}")
+ @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}")
private String password;
@Bean(name="basicAuthHeader")
public String getNdBasicAuthHeader() {
- return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes());
+ return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + Password.deobfuscate(this.password)).getBytes());
}
}
+++ /dev/null
-/**
- * ============LICENSE_START=======================================================
- * org.onap.aai
- * ================================================================================
- * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.sdnc.apps.pomba.networkdiscovery;
-
-import org.eclipse.jetty.util.security.Password;
-
-public class JettyPasswordDecoder implements PasswordDecoder {
-
- @Override
- public String decode(String input) {
- if (input.startsWith("OBF:")) {
- return Password.deobfuscate(input);
- }
- return Password.deobfuscate("OBF:" + input);
- }
-}
\ No newline at end of file
+++ /dev/null
-/**
- * ============LICENSE_START=======================================================
- * org.onap.aai
- * ================================================================================
- * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.sdnc.apps.pomba.networkdiscovery;
-
-public interface PasswordDecoder {
-
- String decode(String input);
-}
\ No newline at end of file
+++ /dev/null
-/**
- * ============LICENSE_START=======================================================
- * org.onap.aai
- * ================================================================================
- * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.sdnc.apps.pomba.networkdiscovery;
-
-import java.util.LinkedHashMap;
-import java.util.Map;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import org.springframework.context.ApplicationContextInitializer;
-import org.springframework.context.ConfigurableApplicationContext;
-import org.springframework.core.env.ConfigurableEnvironment;
-import org.springframework.core.env.EnumerablePropertySource;
-import org.springframework.core.env.MapPropertySource;
-import org.springframework.core.env.PropertySource;
-import org.springframework.stereotype.Component;
-
-@Component
-public class PropertyPasswordConfiguration implements ApplicationContextInitializer<ConfigurableApplicationContext>
-{
- private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)");
-
- private PasswordDecoder passwordDecoder = new JettyPasswordDecoder();
-
- @Override
- public void initialize(ConfigurableApplicationContext applicationContext) {
- ConfigurableEnvironment environment = applicationContext.getEnvironment();
- for (PropertySource<?> propertySource : environment.getPropertySources()) {
- Map<String, Object> propertyOverrides = new LinkedHashMap<>();
- decodePasswords(propertySource, propertyOverrides);
- if (!propertyOverrides.isEmpty()) {
- PropertySource<?> decodedProperties = new MapPropertySource("decoded "+ propertySource.getName(), propertyOverrides);
- environment.getPropertySources().addBefore(propertySource.getName(), decodedProperties);
- }
- }
- }
-
- private void decodePasswords(PropertySource<?> source, Map<String, Object> propertyOverrides) {
- if (source instanceof EnumerablePropertySource) {
- EnumerablePropertySource<?> enumerablePropertySource = (EnumerablePropertySource<?>) source;
- for (String key : enumerablePropertySource.getPropertyNames()) {
- Object rawValue = source.getProperty(key);
- if (rawValue instanceof String) {
- String decodedValue = decodePasswordsInString((String) rawValue);
- propertyOverrides.put(key, decodedValue);
- }
- }
- }
- }
-
- private String decodePasswordsInString(String input) {
- if (input == null) return null;
- StringBuffer output = new StringBuffer();
- Matcher matcher = decodePasswordPattern.matcher(input);
- while (matcher.find()) {
- String replacement = passwordDecoder.decode(matcher.group(1));
- matcher.appendReplacement(output, replacement);
- }
- matcher.appendTail(output);
- return output.toString();
- }
-}
\ No newline at end of file
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
+import org.eclipse.jetty.util.security.Password;
import org.junit.After;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.onap.logging.ref.slf4j.ONAPLogConstants;
-import org.onap.sdnc.apps.pomba.networkdiscovery.Application;
-import org.onap.sdnc.apps.pomba.networkdiscovery.PropertyPasswordConfiguration;
import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.Attribute;
import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.DataQuality;
import org.onap.sdnc.apps.pomba.networkdiscovery.datamodel.NetworkDiscoveryNotification;
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.core.env.Environment;
-import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
@TestPropertySource(properties = {
"enricher.url=http://localhost:9505",
"basicAuth.username=admin",
- "basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)"
+ "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30"
})
-@ContextConfiguration(initializers = PropertyPasswordConfiguration.class, classes = Application.class)
+
public class NetworkDiscoveryTest {
private static final String V1 = "v1";
private static final String APP = "junit";
private static final String RESOURCE_TYPE_VSERVER = "vserver";
private static final String CALLBACK_PATH = "/callback";
- private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(("admin:admin").getBytes());
+ private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString((
+ "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes());
@Autowired
private Environment environment;
server.tomcat.max-idle-time=60000
basicAuth.username=admin
-basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)
+basicAuth.password=OBF:1u2a1toa1w8v1tok1u30
# AAI REST Client Configuration
aai.host=135.63.125.59
}
public static void main(String[] args) throws Exception {
- SpringApplication app = new SpringApplication(Application.class);
- app.addInitializers(new PropertyPasswordConfiguration());
+ SpringApplication.run(Application.class, args);
}
}
package org.onap.sdnc.apps.pomba.servicedecomposition;
import java.util.Base64;
+import org.eclipse.jetty.util.security.Password;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.stereotype.Component;
@Value("${basicAuth.username:admin}")
private String username;
- @Value("${basicAuth.password:admin}")
+ @Value("${basicAuth.password:OBF:1u2a1toa1w8v1tok1u30}")
private String password;
@Bean(name="basicAuthHeader")
public String getSdBasicAuthHeader() {
- return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + this.password).getBytes());
+ return "Basic " + Base64.getEncoder().encodeToString((this.username + ":" + Password.deobfuscate(this.password)).getBytes());
}
}
+++ /dev/null
-/**
- * ============LICENSE_START=======================================================
- * org.onap.aai
- * ================================================================================
- * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.sdnc.apps.pomba.servicedecomposition;
-
-import org.eclipse.jetty.util.security.Password;
-
-public class JettyPasswordDecoder implements PasswordDecoder {
-
- @Override
- public String decode(String input) {
- if (input.startsWith("OBF:")) {
- return Password.deobfuscate(input);
- }
- return Password.deobfuscate("OBF:" + input);
- }
-}
\ No newline at end of file
+++ /dev/null
-/**
- * ============LICENSE_START=======================================================
- * org.onap.aai
- * ================================================================================
- * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.sdnc.apps.pomba.servicedecomposition;
-
-public interface PasswordDecoder {
-
- String decode(String input);
-}
\ No newline at end of file
+++ /dev/null
-/**
- * ============LICENSE_START=======================================================
- * org.onap.aai
- * ================================================================================
- * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.sdnc.apps.pomba.servicedecomposition;
-
-import java.util.LinkedHashMap;
-import java.util.Map;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import org.springframework.context.ApplicationContextInitializer;
-import org.springframework.context.ConfigurableApplicationContext;
-import org.springframework.core.env.ConfigurableEnvironment;
-import org.springframework.core.env.EnumerablePropertySource;
-import org.springframework.core.env.MapPropertySource;
-import org.springframework.core.env.PropertySource;
-import org.springframework.stereotype.Component;
-
-@Component
-public class PropertyPasswordConfiguration implements ApplicationContextInitializer<ConfigurableApplicationContext>
-{
-
- private static final Pattern decodePasswordPattern = Pattern.compile("password\\((.*?)\\)");
-
- private PasswordDecoder passwordDecoder = new JettyPasswordDecoder();
-
- @Override
- public void initialize(ConfigurableApplicationContext applicationContext) {
- ConfigurableEnvironment environment = applicationContext.getEnvironment();
- for (PropertySource<?> propertySource : environment.getPropertySources()) {
- Map<String, Object> propertyOverrides = new LinkedHashMap<>();
- decodePasswords(propertySource, propertyOverrides);
- if (!propertyOverrides.isEmpty()) {
- PropertySource<?> decodedProperties = new MapPropertySource("decoded "+ propertySource.getName(), propertyOverrides);
- environment.getPropertySources().addBefore(propertySource.getName(), decodedProperties);
- }
- }
- }
-
- private void decodePasswords(PropertySource<?> source, Map<String, Object> propertyOverrides) {
- if (source instanceof EnumerablePropertySource) {
- EnumerablePropertySource<?> enumerablePropertySource = (EnumerablePropertySource<?>) source;
- for (String key : enumerablePropertySource.getPropertyNames()) {
- Object rawValue = source.getProperty(key);
- if (rawValue instanceof String) {
- String decodedValue = decodePasswordsInString((String) rawValue);
- propertyOverrides.put(key, decodedValue);
- }
- }
- }
- }
-
- private String decodePasswordsInString(String input) {
- if (input == null) return null;
- StringBuffer output = new StringBuffer();
- Matcher matcher = decodePasswordPattern.matcher(input);
- while (matcher.find()) {
- String replacement = passwordDecoder.decode(matcher.group(1));
- matcher.appendReplacement(output, replacement);
- }
- matcher.appendTail(output);
- return output.toString();
- }
-}
\ No newline at end of file
import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
+import org.eclipse.jetty.util.security.Password;
import org.json.JSONArray;
import org.json.JSONObject;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.onap.logging.ref.slf4j.ONAPLogConstants;
-import org.onap.sdnc.apps.pomba.servicedecomposition.Application;
-import org.onap.sdnc.apps.pomba.servicedecomposition.PropertyPasswordConfiguration;
import org.onap.sdnc.apps.pomba.servicedecomposition.service.rs.RestService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
import org.springframework.boot.autoconfigure.orm.jpa.HibernateJpaAutoConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
"aai.host=localhost",
"aai.port=8081",
"basicAuth.username=admin",
- "basicAuth.password=password(OBF:1u2a1toa1w8v1tok1u30)"
+ "basicAuth.password=OBF:1u2a1toa1w8v1tok1u30"
})
-@ContextConfiguration(initializers = PropertyPasswordConfiguration.class, classes = Application.class)
+
public class ServiceDecompositionTest {
- private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString(("admin:admin").getBytes());
+ private static final String AUTH = "Basic " + Base64.getEncoder().encodeToString((
+ "admin:" + Password.deobfuscate("OBF:1u2a1toa1w8v1tok1u30")).getBytes());
// TODO missing code coverage for VNFC resources
Code Review / sdnc / apps.git / commitdiff