From 2d9d17fab52a9b17fee99ee0e8418ac0fa80b61e Mon Sep 17 00:00:00 2001
From: Ram Krishna Verma <ram_krishna.verma@bell.ca>
Date: Wed, 16 Sep 2020 15:26:58 -0400
Subject: [PATCH] Remove base64 encoding of password from xacml

Issue-ID: POLICY-2550
Change-Id: I05d9af99401991ea867e7ab8d697692c9020b3b7
Signed-off-by: Ram Krishna Verma <ram_krishna.verma@bell.ca>
---
 .../onap/policy/pdp/xacml/application/common/std/StdOnapPip.java | 9 +--------
 .../src/main/resources/apps/guard/xacml.properties               | 2 +-
 .../src/main/resources/mysql/bin/create-guard-table.sh           | 3 ++-
 pom.xml                                                          | 3 ++-
 4 files changed, 6 insertions(+), 11 deletions(-)

diff --git a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdOnapPip.java b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdOnapPip.java
index 244c4bc7..753daa2b 100644
--- a/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdOnapPip.java
+++ b/applications/common/src/main/java/org/onap/policy/pdp/xacml/application/common/std/StdOnapPip.java
@@ -1,6 +1,7 @@
 /*-
  * ============LICENSE_START=======================================================
  * Copyright (C) 2019-2020 AT&T Intellectual Property. All rights reserved.
+ * Modifications Copyright (C) 2020 Bell Canada. All rights reserved.
  * ================================================================================
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -35,7 +36,6 @@ import com.att.research.xacml.std.pip.StdMutablePIPResponse;
 import com.att.research.xacml.std.pip.StdPIPRequest;
 import com.att.research.xacml.std.pip.engines.StdConfigurableEngine;
 import java.math.BigInteger;
-import java.util.Base64;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Iterator;
@@ -102,13 +102,6 @@ public abstract class StdOnapPip extends StdConfigurableEngine {
             Properties emProperties = new Properties();
             emProperties.putAll(properties);
 
-            //
-            // Need to decode the password before creating the EntityManager
-            //
-            String decodedPassword = new String(Base64.getDecoder()
-                    .decode(emProperties.getProperty("javax.persistence.jdbc.password")));
-            emProperties.setProperty("javax.persistence.jdbc.password", decodedPassword);
-
             //
             // Create the entity manager factory
             //
diff --git a/packages/policy-xacmlpdp-tarball/src/main/resources/apps/guard/xacml.properties b/packages/policy-xacmlpdp-tarball/src/main/resources/apps/guard/xacml.properties
index fea5da23..1b9cb4db 100644
--- a/packages/policy-xacmlpdp-tarball/src/main/resources/apps/guard/xacml.properties
+++ b/packages/policy-xacmlpdp-tarball/src/main/resources/apps/guard/xacml.properties
@@ -50,4 +50,4 @@ xacml.pip.engines=count-recent-operations,get-operation-outcome
 javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver
 javax.persistence.jdbc.url=jdbc:mariadb://mariadb:3306/operationshistory
 javax.persistence.jdbc.user=policy_user
-javax.persistence.jdbc.password=cG9saWN5X3VzZXI=
+javax.persistence.jdbc.password=policy_user
diff --git a/packages/policy-xacmlpdp-tarball/src/main/resources/mysql/bin/create-guard-table.sh b/packages/policy-xacmlpdp-tarball/src/main/resources/mysql/bin/create-guard-table.sh
index e7226078..b64c89da 100644
--- a/packages/policy-xacmlpdp-tarball/src/main/resources/mysql/bin/create-guard-table.sh
+++ b/packages/policy-xacmlpdp-tarball/src/main/resources/mysql/bin/create-guard-table.sh
@@ -2,6 +2,7 @@
 #
 # ============LICENSE_START=======================================================
 #  Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+#  Modifications Copyright (C) 2020 Bell Canada. All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -33,7 +34,7 @@ fi
 # Extract Maria DB Credential properties from xacml.properties file
 DB_HOSTNAME=$(awk -F[/:] '$1 == "javax.persistence.jdbc.url=jdbc" { print $3 $5 }' /tmp/temp.xacml.properties)
 DB_USERNAME=$(awk -F= '$1 == "javax.persistence.jdbc.user" { print $2 }' /tmp/temp.xacml.properties)
-DB_PASSWORD=$(awk -F= '$1 == "javax.persistence.jdbc.password" { print $2 }' /tmp/temp.xacml.properties | base64 -d)
+DB_PASSWORD=$(awk -F= '$1 == "javax.persistence.jdbc.password" { print $2 }' /tmp/temp.xacml.properties)
 
 # Remove temp file
 rm /tmp/temp.xacml.properties
diff --git a/pom.xml b/pom.xml
index 59397f8e..082009df 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,6 +4,7 @@
   ================================================================================
   Copyright (C) 2018-2020 AT&T Intellectual Property. All rights reserved.
   Modifications Copyright (C) 2020 Nordix Foundation.
+  Modifications Copyright (C) 2020 Bell Canada. All rights reserved.
   ================================================================================
   Licensed under the Apache License, Version 2.0 (the "License");
   you may not use this file except in compliance with the License.
@@ -41,7 +42,7 @@
 
     <properties>
         <policy.common.version>1.7.1</policy.common.version>
-        <policy.models.version>2.3.1</policy.models.version>
+        <policy.models.version>2.3.2-SNAPSHOT</policy.models.version>
     </properties>
 
     <modules>
-- 
2.16.6