From 301bd0d634305aff6367bc77e7e71535a15fa365 Mon Sep 17 00:00:00 2001 From: Fiete Ostkamp Date: Fri, 16 May 2025 16:22:09 +0200 Subject: [PATCH] Remove AAF from SO - remove all AAF dependendies - remove the aaf spring profile - rename auth-related properties - mso.config.cadi.aafId -> mso.auth.user - mso.auth -> mso.auth.password Issue-ID: SO-4155 Signed-off-by: Fiete Ostkamp Change-Id: I8249970f7f7027638d1da631574893d252b3c90b --- bpmn/mso-infrastructure-bpmn/pom.xml | 19 ---- common/pom.xml | 33 ------ .../java/org/onap/so/security/SecurityFilters.java | 41 ------- .../java/org/onap/so/security/SoCadiFilter.java | 121 --------------------- .../SoNoAuthWebSecurityConfigurerAdapter.java | 8 +- .../onap/so/utils/ExternalTaskServiceUtils.java | 5 +- cxf-logging/pom.xml | 2 +- .../src/main/resources/logger/logback-spring.xml | 39 +++---- mso-api-handlers/mso-api-handler-infra/pom.xml | 29 ----- pom.xml | 54 ++------- 10 files changed, 32 insertions(+), 319 deletions(-) delete mode 100644 common/src/main/java/org/onap/so/security/SecurityFilters.java delete mode 100644 common/src/main/java/org/onap/so/security/SoCadiFilter.java diff --git a/bpmn/mso-infrastructure-bpmn/pom.xml b/bpmn/mso-infrastructure-bpmn/pom.xml index b0d5902b0c..eb1987652e 100644 --- a/bpmn/mso-infrastructure-bpmn/pom.xml +++ b/bpmn/mso-infrastructure-bpmn/pom.xml @@ -302,29 +302,10 @@ assertj-core test - - org.onap.aaf.authz - aaf-cadi-aaf - - - javax.servlet - servlet-api - - - log4j - log4j - - - org.camunda.bpm.springboot camunda-bpm-spring-boot-starter-test test - - org.onap.aaf.authz - aaf-misc-rosetta - runtime - diff --git a/common/pom.xml b/common/pom.xml index a697ba6bef..240ea6de67 100644 --- a/common/pom.xml +++ b/common/pom.xml @@ -133,39 +133,6 @@ junit-vintage-engine test - - org.onap.aaf.authz - aaf-cadi-client - - - org.onap.aaf.authz - aaf-cadi-aaf - - - javax.servlet - servlet-api - - - log4j - log4j - - - - - org.onap.aaf.authz - aaf-auth-client - runtime - - - org.onap.aaf.authz - aaf-misc-env - runtime - - - org.onap.aaf.authz - aaf-misc-rosetta - runtime - org.reflections reflections diff --git a/common/src/main/java/org/onap/so/security/SecurityFilters.java b/common/src/main/java/org/onap/so/security/SecurityFilters.java deleted file mode 100644 index 7ad0fd05df..0000000000 --- a/common/src/main/java/org/onap/so/security/SecurityFilters.java +++ /dev/null @@ -1,41 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP - SO - * ================================================================================ - * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END========================================================= - */ - -package org.onap.so.security; - -import org.springframework.boot.web.servlet.FilterRegistrationBean; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Profile; -import org.springframework.core.Ordered; - -@Configuration -@Profile("!test & aaf") -public class SecurityFilters { - - @Bean - public FilterRegistrationBean loginRegistrationBean() { - FilterRegistrationBean filterRegistrationBean = new FilterRegistrationBean<>(); - filterRegistrationBean.setFilter(new SoCadiFilter()); - filterRegistrationBean.setName("cadiFilter"); - filterRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE); - return filterRegistrationBean; - } -} diff --git a/common/src/main/java/org/onap/so/security/SoCadiFilter.java b/common/src/main/java/org/onap/so/security/SoCadiFilter.java deleted file mode 100644 index 1660220dc1..0000000000 --- a/common/src/main/java/org/onap/so/security/SoCadiFilter.java +++ /dev/null @@ -1,121 +0,0 @@ -/*- - * ============LICENSE_START======================================================= - * ONAP SO - * ================================================================================ - * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights - * reserved. - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END============================================ - * =================================================================== - * - */ -package org.onap.so.security; - -import javax.annotation.Priority; -import javax.servlet.FilterConfig; -import javax.servlet.ServletException; -import org.onap.aaf.cadi.config.Config; -import org.onap.aaf.cadi.filter.CadiFilter; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Profile; -import org.springframework.stereotype.Component; - -@Component -@Profile("!test & aaf") -// Run right before default priority of 0 to block requests -@Priority(-1) -public class SoCadiFilter extends CadiFilter { - - protected final Logger logger = LoggerFactory.getLogger(SoCadiFilter.class); - - @Value("${mso.config.cadi.cadiLoglevel:#{null}}") - private String cadiLoglevel; - - @Value("${mso.config.cadi.cadiKeyFile:#{null}}") - private String cadiKeyFile; - - @Value("${mso.config.cadi.cadiTruststorePassword:#{null}}") - private String cadiTrustStorePassword; - - @Value("${mso.config.cadi.cadiTrustStore:#{null}}") - private String cadiTrustStore; - - @Value("${mso.config.cadi.cadiLatitude:#{null}}") - private String cadiLatitude; - - @Value("${mso.config.cadi.cadiLongitude:#{null}}") - private String cadiLongitude; - - @Value("${mso.config.cadi.aafEnv:#{null}}") - private String aafEnv; - - @Value("${mso.config.cadi.aafApiVersion:#{null}}") - private String aafApiVersion; - - @Value("${mso.config.cadi.aafRootNs:#{null}}") - private String aafRootNs; - - @Value("${mso.config.cadi.aafId:#{null}}") - private String aafMechId; - - @Value("${mso.config.cadi.aafPassword:#{null}}") - private String aafMechIdPassword; - - @Value("${mso.config.cadi.aafLocateUrl:#{null}}") - private String aafLocateUrl; - - @Value("${mso.config.cadi.aafUrl:#{null}}") - private String aafUrl; - - @Value("${mso.config.cadi.apiEnforcement:#{null}}") - private String apiEnforcement; - - @Value("${mso.config.cadi.userExpires:#{null}}") - private String userExpires; - - private void checkIfNullProperty(String key, String value) { - /* - * When value is null, it is not defined in application.yaml set nothing in System properties - */ - if (value != null) { - System.setProperty(key, value); - } - } - - @Override - public void init(FilterConfig filterConfig) throws ServletException { - checkIfNullProperty(Config.CADI_LOGLEVEL, cadiLoglevel); - checkIfNullProperty(Config.CADI_KEYFILE, cadiKeyFile); - checkIfNullProperty(Config.CADI_TRUSTSTORE, cadiTrustStore); - checkIfNullProperty(Config.CADI_TRUSTSTORE_PASSWORD, cadiTrustStorePassword); - checkIfNullProperty(Config.CADI_LATITUDE, cadiLatitude); - checkIfNullProperty(Config.CADI_LONGITUDE, cadiLongitude); - checkIfNullProperty(Config.AAF_ENV, aafEnv); - checkIfNullProperty(Config.AAF_API_VERSION, aafApiVersion); - checkIfNullProperty(Config.AAF_ROOT_NS, aafRootNs); - checkIfNullProperty(Config.AAF_APPID, aafMechId); - checkIfNullProperty(Config.AAF_APPPASS, aafMechIdPassword); - checkIfNullProperty(Config.AAF_LOCATE_URL, aafLocateUrl); - checkIfNullProperty(Config.AAF_URL, aafUrl); - checkIfNullProperty(Config.CADI_API_ENFORCEMENT, apiEnforcement); - checkIfNullProperty(Config.AAF_USER_EXPIRES, userExpires); - // checkIfNullProperty(AFT_ENVIRONMENT_VAR, aftEnv); - logger.debug(" *** init Filter Config *** "); - super.init(filterConfig); - } - - -} diff --git a/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java b/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java index 4a112b9687..8218c665ba 100644 --- a/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java +++ b/common/src/main/java/org/onap/so/security/SoNoAuthWebSecurityConfigurerAdapter.java @@ -5,15 +5,15 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - * + * * SPDX-License-Identifier: Apache-2.0 * ============LICENSE_END========================================================= */ @@ -34,7 +34,7 @@ import org.springframework.security.web.firewall.StrictHttpFirewall; @EnableWebSecurity @Configuration @Order(2) -@Profile({"aaf", "test", "serviceMesh"}) +@Profile({"test", "serviceMesh"}) public class SoNoAuthWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { @Override public void configure(final WebSecurity web) throws Exception { diff --git a/common/src/main/java/org/onap/so/utils/ExternalTaskServiceUtils.java b/common/src/main/java/org/onap/so/utils/ExternalTaskServiceUtils.java index 1a8307e8bc..6c98547dea 100644 --- a/common/src/main/java/org/onap/so/utils/ExternalTaskServiceUtils.java +++ b/common/src/main/java/org/onap/so/utils/ExternalTaskServiceUtils.java @@ -48,12 +48,13 @@ public class ExternalTaskServiceUtils { } protected ClientRequestInterceptor createClientInterceptor(String auth) { - return new BasicAuthProvider(env.getRequiredProperty("mso.config.cadi.aafId"), auth); + return new BasicAuthProvider(env.getRequiredProperty("mso.auth.user"), auth); } protected String getAuth() throws Exception { try { - return CryptoUtils.decrypt(env.getRequiredProperty("mso.auth"), env.getRequiredProperty("mso.msoKey")); + return CryptoUtils.decrypt(env.getRequiredProperty("mso.auth.password"), + env.getRequiredProperty("mso.msoKey")); } catch (IllegalStateException | GeneralSecurityException e) { logger.error("Error Decrypting Password", e); throw new Exception("Cannot load password"); diff --git a/cxf-logging/pom.xml b/cxf-logging/pom.xml index 8a1af4a044..1df8606ee6 100644 --- a/cxf-logging/pom.xml +++ b/cxf-logging/pom.xml @@ -34,7 +34,7 @@ org.slf4j slf4j-api - + org.junit.vintage junit-vintage-engine test diff --git a/deployment-configs/src/main/resources/logger/logback-spring.xml b/deployment-configs/src/main/resources/logger/logback-spring.xml index bd9712ad87..a12693013e 100644 --- a/deployment-configs/src/main/resources/logger/logback-spring.xml +++ b/deployment-configs/src/main/resources/logger/logback-spring.xml @@ -1,12 +1,12 @@ - @@ -23,7 +23,7 @@ - + - - ENTRY + + ENTRY EXIT DENY @@ -81,8 +81,8 @@ - - INVOKE + + INVOKE INVOKE-RETURN DENY @@ -159,14 +159,14 @@ ${debugPattern} - + 256 true - + ${logs_dir:-.}/${cadiLogName}.log @@ -206,15 +206,10 @@ - - - - - - + diff --git a/mso-api-handlers/mso-api-handler-infra/pom.xml b/mso-api-handlers/mso-api-handler-infra/pom.xml index 5ce6e34411..37bc619c42 100644 --- a/mso-api-handlers/mso-api-handler-infra/pom.xml +++ b/mso-api-handlers/mso-api-handler-infra/pom.xml @@ -139,35 +139,6 @@ io.micrometer micrometer-registry-prometheus - - org.onap.aaf.authz - aaf-cadi-aaf - - - javax.servlet - servlet-api - - - log4j - log4j - - - - - org.onap.aaf.authz - aaf-auth-client - runtime - - - org.onap.aaf.authz - aaf-misc-env - runtime - - - org.onap.aaf.authz - aaf-misc-rosetta - runtime - ${project.artifactId}-${project.version} diff --git a/pom.xml b/pom.xml index 32ee48248c..5b6642bcee 100644 --- a/pom.xml +++ b/pom.xml @@ -68,13 +68,11 @@ 2.1 2.3.7.RELEASE Hoxton.SR8 - 2.1.21 false true 0.33.0 1.7.2 0.9.0 - 2.1.15 1.9.0-SNAPSHOT 1.6.9 2.14.2 @@ -881,13 +879,13 @@ 2.4 test - - org.springframework.cloud - spring-cloud-starter-sleuth - - - org.springframework.cloud - spring-cloud-sleuth-zipkin + + org.springframework.cloud + spring-cloud-starter-sleuth + + + org.springframework.cloud + spring-cloud-sleuth-zipkin @@ -1063,44 +1061,6 @@ - - org.onap.aaf.authz - aaf-cadi-client - ${aaf.version} - - - org.onap.aaf.authz - aaf-cadi-aaf - ${aaf.version} - - - javax.servlet - servlet-api - - - log4j - log4j - - - - - org.onap.aaf.authz - aaf-auth-client - ${aaf.version} - runtime - - - org.onap.aaf.authz - aaf-misc-env - ${aaf.version} - runtime - - - org.onap.aaf.authz - aaf-misc-rosetta - ${aaf.version} - runtime - ch.vorburger.mariaDB4j mariaDB4j -- 2.16.6