remove deobfuscate as crypto is already used.
update based on the feedback to use crypto utils to decrypt
Re-Factor DMAAP Credentials to use encrypted auth credential
Change-Id: I2ac5be84594d84f0f24ae554d99cef274dbb6c16
Issue-ID: SO-1425
Signed-off-by: Benjamin, Max (mb388a) <mb388a@us.att.com>
}
@Override
- public String getUserName() {
+ public String getAuth() {
- return UrnPropertiesReader.getVariable("mso.global.dmaap.username");
+ return UrnPropertiesReader.getVariable("mso.global.dmaap.auth");
}
@Override
- public String getPassword() {
+ public String getKey() {
- return UrnPropertiesReader.getVariable("mso.global.dmaap.password");
+ return UrnPropertiesReader.getVariable("mso.msoKey");
}
@Override
public String getTopic() {
-
return UrnPropertiesReader.getVariable("mso.global.dmaap.publisher.topic");
}
@Test
public void testGetters() {
- assertEquals("dmaapUsername", globalDmaapPublisher.getUserName());
- assertEquals("ZG1hYXBQYXNzd29yZA==", globalDmaapPublisher.getPassword());
+ assertEquals("81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54", globalDmaapPublisher.getAuth());
+ assertEquals("07a7159d3bf51a0e53be7a8f89699be7", globalDmaapPublisher.getKey());
assertEquals("com.att.mso.asyncStatusUpdate", globalDmaapPublisher.getTopic());
assertEquals("http://localhost:" + wireMockPort, globalDmaapPublisher.getHost().get());
}
host: http://localhost:${wiremock.server.port}
publisher:
topic: com.att.mso.asyncStatusUpdate
+ auth: 81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54
oof:
auth: test
timeout: PT10S
auth: Basic YWRtaW46YWRtaW4=
host: http://localhost:8446
path: /restconf/operations/GENERIC-RESOURCE-API
+sdno:
+ health-check:
+ dmaap:
+ password: alRyMzJ3NUNeakxl
+ publisher:
+ topic: com.att.sdno.test-health-diagnostic-v02
+ host: https://olsd004.wnsnet.attws.com:3905
+ subscriber:
+ topic: com.att.sdno.test-health-diagnostic-v02
+ auth: 81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54
sniro:
conductor:
enabled: true
headers.patchVersion: 1
headers.minorVersion: 1
headers.latestVersion: 2
-
+ruby:
+ create-ticket-request:
+ dmaap:
+ username: m04768@mso.ecomp.att.com
+ password: alRyMzJ3NUNeakxl
+ publisher:
+ topic: com.att.pdas.exp.msoCMFallout-v1
+ host: https://olsd004.wnsnet.attws.com:3905
+ auth: 81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54
spring:
datasource:
jdbc-url: jdbc:mariadb://localhost:3307/camundabpmn
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
+
package org.onap.so.client.dmaap;
import java.io.IOException;
+import java.security.GeneralSecurityException;
import java.util.Base64;
import java.util.Map;
import java.util.Optional;
import org.slf4j.LoggerFactory;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
-
+import org.onap.so.utils.CryptoUtils;
public abstract class DmaapClient {
-
+
protected static Logger logger = LoggerFactory.getLogger(DmaapClient.class);
protected final Map<String, String> msoProperties;
protected final Properties properties;
+
public DmaapClient(String filepath) throws IOException {
Resource resource = new ClassPathResource(filepath);
DmaapProperties dmaapProperties = DmaapPropertiesLoader.getInstance().getNewImpl();
this.msoProperties = dmaapProperties.getProperties();
this.properties = new Properties();
this.properties.load(resource.getInputStream());
- this.properties.put("password", this.deobfuscatePassword(this.getPassword()));
- this.properties.put("username", this.getUserName());
+ try {
+ this.properties.put("auth", CryptoUtils.decrypt(this.getAuth(), this.getKey()).getBytes());
+ } catch (GeneralSecurityException e) {
+ logger.error(e.getMessage(), e);
+ }
+ this.properties.put("key", this.getKey());
this.properties.put("topic", this.getTopic());
Optional<String> host = this.getHost();
if (host.isPresent()) {
this.properties.put("host", host.get());
}
}
- protected String deobfuscatePassword(String password) {
-
+
+ protected String deobfuscatePassword(String decrypted_key) {
+
try {
- return new String(Base64.getDecoder().decode(password.getBytes()));
- } catch(IllegalArgumentException iae) {
- logger.error("llegal Arguments",iae);
- return password;
+ return new String(Base64.getDecoder().decode(decrypted_key.getBytes()));
+ } catch (IllegalArgumentException iae) {
+ logger.error("llegal Arguments", iae);
+ return decrypted_key;
}
}
-
-
- public abstract String getUserName();
- public abstract String getPassword();
+
+ public abstract String getKey();
+
+ public abstract String getAuth();
+
public abstract String getTopic();
+
public abstract Optional<String> getHost();
}
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
+
package org.onap.so.client.dmaap.rest;
import java.net.URL;
-import java.util.Base64;
import java.util.Map;
import org.onap.so.client.RestClient;
+import org.onap.so.utils.CryptoUtils;
import org.onap.so.utils.TargetEntity;
public class DMaaPRestClient extends RestClient {
- private final String username;
- private final String password;
- public DMaaPRestClient(URL url, String contentType, String username, String password) {
+ private final String auth;
+ private final String key;
+
+ public DMaaPRestClient(URL url, String contentType, String auth, String key) {
super(url, contentType);
- this.username = username;
- this.password = password;
+ this.auth = auth;
+ this.key = key;
}
- @Override
- public TargetEntity getTargetEntity(){
- return TargetEntity.DMAAP;
- }
+ @Override
+ public TargetEntity getTargetEntity() {
+ return TargetEntity.DMAAP;
+ }
@Override
protected void initializeHeaderMap(Map<String, String> headerMap) {
- headerMap.put("Authorization", "Basic " + Base64.getEncoder().encodeToString((username + ":" + password).getBytes()));
+ if (auth != null && !auth.isEmpty() && key != null && !key.isEmpty()) {
+ addBasicAuthHeader(auth, key);
+ }
}
}
public class PropertiesBean {
- private String username;
- private String password;
+ private String auth;
+ private String key;
private String environment;
private String partition;
private String contentType;
public PropertiesBean(Properties properties) {
- this.withUsername(properties.getProperty("username"))
- .withPassword(properties.getProperty("password"))
+ this.withAuth(properties.getProperty("auth"))
+ .withKey(properties.getProperty("key"))
.withTopic(properties.getProperty("topic"))
.withEnvironment(properties.getProperty("environment"))
.withHost(properties.getProperty("host"))
.withPartition(properties.getProperty("partition"))
.withContentType(properties.getProperty("contentType", "application/json"));
}
- public String getUsername() {
- return username;
+ public String getAuth() {
+ return auth;
}
- public void setUsername(String username) {
- this.username = username;
+ public void setAuth(String auth) {
+ this.auth = auth;
}
- public PropertiesBean withUsername(String username) {
- this.username = username;
+ public PropertiesBean withAuth(String auth) {
+ this.auth = auth;
return this;
}
- public String getPassword() {
- return password;
+ public String getKey() {
+ return key;
}
- public void setPassword(String password) {
- this.password = password;
+ public void setKey(String key) {
+ this.key = key;
}
- public PropertiesBean withPassword(String password) {
- this.password = password;
+ public PropertiesBean withKey(String key) {
+ this.key = key;
return this;
}
public String getEnvironment() {
private final RestClient client;
public RestConsumer(Properties properties) {
PropertiesBean bean = new PropertiesBean(properties);
- client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getUsername(), bean.getPassword());
+ client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getAuth(), bean.getKey());
}
private URL createURL(PropertiesBean properties) {
public RestPublisher(Properties properties) {
PropertiesBean bean = new PropertiesBean(properties);
- client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getUsername(), bean.getPassword());
+ client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getAuth(), bean.getKey());
}
private URL createURL(PropertiesBean properties) {
}
@Override
- public String getUserName() {
- return msoProperties.get("ruby.create-ticket-request.dmaap.username");
+ public String getAuth() {
+ return msoProperties.get("ruby.create-ticket-request.dmaap.auth");
}
@Override
- public String getPassword() {
- return msoProperties.get("ruby.create-ticket-request.dmaap.password");
+ public String getKey() {
+ return msoProperties.get("mso.msoKey");
}
@Override
}
@Override
- public String getUserName() {
- return msoProperties.get("sdno.health-check.dmaap.username");
+ public String getAuth() {
+ return msoProperties.get("sdno.health-check.dmaap.auth");
}
@Override
- public String getPassword() {
- return msoProperties.get("sdno.health-check.dmaap.password");
+ public String getKey() {
+ return msoProperties.get("mso.msoKey");
}
@Override
}
@Override
- public String getUserName() {
- return msoProperties.get("sdno.health-check.dmaap.username");
+ public String getAuth() {
+ return msoProperties.get("sdno.health-check.dmaap.auth");
}
@Override
- public String getPassword() {
- return msoProperties.get("sdno.health-check.dmaap.password");
+ public String getKey() {
+ return msoProperties.get("sdno.health-check.dmaap.msoKey");
}
@Override
DmaapPublisher dmaapPublisher = new DmaapPublisher(120) {
@Override
- public String getUserName() {
- return "test";
+ public String getAuth() {
+ return "8F73A1691F6271E769329C176EE3EA48F52786AF12A3E16259007EED2A0F0CC3CB965F4AB5318483015723CCE1C0B48AB6C4DED6E251869393B01E4EC532FC88D4A128B92F4CDB34719B171923";
}
@Override
- public String getPassword() {
- return "test";
+ public String getKey() {
+ return "07a7159d3bf51a0e53be7a8f89699be7";
}
@Override
sdno.health-check.dmaap.publisher.topic=com.att.sdno.test-health-diagnostic-v02
ruby.create-ticket-request.dmaap.username=testuser
ruby.create-ticket-request.dmaap.password=eHQ1cUJrOUc
-ruby.create-ticket-request.publisher.topic=com.att.pdas.st1.msoCMFallout-v1
\ No newline at end of file
+ruby.create-ticket-request.publisher.topic=com.att.pdas.st1.msoCMFallout-v1
+ruby.create-ticket-request.dmaap.auth=81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54
+sdno.health-check.dmaap.auth=81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54
+mso.msoKey=07a7159d3bf51a0e53be7a8f89699be7
\ No newline at end of file
private final Map<String, String> props = new HashMap<>();
private static final String[] propertyNames = {
- "mso.so.operational-environment.dmaap.username",
- "mso.so.operational-environment.dmaap.password",
+ "mso.so.operational-environment.dmaap.auth",
+ "mso.msoKey",
"mso.so.operational-environment.publisher.topic",
"mso.so.operational-environment.dmaap.host"
};
}
@Override
- public String getUserName() {
+ public String getAuth() {
- return this.msoProperties.get("mso.so.operational-environment.dmaap.username");
+ return this.msoProperties.get("mso.so.operational-environment.dmaap.auth");
}
@Override
- public String getPassword() {
+ public String getKey() {
- return this.msoProperties.get("mso.so.operational-environment.dmaap.password");
+ return this.msoProperties.get("mso.msoKey");
}
@Override
@Test
public void getProperties() throws FileNotFoundException, IOException {
- assertEquals("testuser", publisher.getUserName());
- assertEquals("VjR5NDcxSzA=", publisher.getPassword());
+ assertEquals("B3705D6C2D521257CC2422ACCF03B001811ACC49F564DDB3A2CF2A1378B6D35A23CDCB696F2E1EDFBE6758DFE7C74B94F4A7DF84A0E2BB904935AC4D900D5597DF981ADE6CE1FF3AF993BED0", publisher.getAuth());
+ assertEquals("07a7159d3bf51a0e53be7a8f89699be7", publisher.getKey());
assertEquals("test.operationalEnvironmentEvent", publisher.getTopic());
assertEquals("http://localhost:" + env.getProperty("wiremock.server.port"), publisher.getHost().get());
}
# will be used as entry in DB to say SITE OFF/ON for healthcheck
-server:
- port: 8080
- tomcat:
- max-threads: 50
-ssl-enable: false
+server:
+ port: 8080
+ tomcat:
+ max-threads: 50
+
mso:
health:
username: testuser
password: VjR5NDcxSzA=
host: http://localhost:${wiremock.server.port}
+ auth: B3705D6C2D521257CC2422ACCF03B001811ACC49F564DDB3A2CF2A1378B6D35A23CDCB696F2E1EDFBE6758DFE7C74B94F4A7DF84A0E2BB904935AC4D900D5597DF981ADE6CE1FF3AF993BED0
publisher:
topic: test.operationalEnvironmentEvent