From 3c54febdf3d6e49bd50c7aeca5b4476becfdd027 Mon Sep 17 00:00:00 2001 From: da490c Date: Wed, 20 Jun 2018 00:53:25 -0400 Subject: [PATCH] Add support for basic-auth password obfuscation Issue-ID: AAI-1231 Change-Id: I6e3db5d5fc52e715cd6ebabf83b63fda1c787da4 Signed-off-by: da490c --- sparkybe-onap-application/pom.xml | 2 +- .../onap/aai/sparky/dal/ActiveInventoryAdapter.java | 20 ++++++++++++++++++-- .../viewandinspect/config/SparkyConstants.java | 1 + 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/sparkybe-onap-application/pom.xml b/sparkybe-onap-application/pom.xml index b08c9fd..cc5e004 100644 --- a/sparkybe-onap-application/pom.xml +++ b/sparkybe-onap-application/pom.xml @@ -224,7 +224,7 @@ org.onap.aai rest-client - 1.2.1 + 1.3.0-SNAPSHOT diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/dal/ActiveInventoryAdapter.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/dal/ActiveInventoryAdapter.java index 9d33a3b..656ffba 100644 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/dal/ActiveInventoryAdapter.java +++ b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/dal/ActiveInventoryAdapter.java @@ -47,7 +47,9 @@ import org.onap.aai.sparky.dal.rest.RestClientConstructionException; import org.onap.aai.sparky.dal.rest.RestClientFactory; import org.onap.aai.sparky.dal.rest.config.RestEndpointConfig; import org.onap.aai.sparky.logging.AaiUiMsgs; +import org.onap.aai.sparky.util.Encryptor; import org.onap.aai.sparky.util.NodeUtils; +import org.onap.aai.sparky.viewandinspect.config.SparkyConstants; /** * The Class ActiveInventoryAdapter. @@ -87,6 +89,21 @@ public class ActiveInventoryAdapter { this.oxmModelLoader = oxmModelLoader; this.oxmEntityLookup = oxmEntityLookup; this.endpointConfig = endpointConfig; + + /* + * Add support for de-obfuscating basic auth password (if obfuscated) + */ + + if (endpointConfig.getRestAuthenticationMode() == RestAuthenticationMode.SSL_BASIC) { + String basicAuthPassword = endpointConfig.getBasicAuthPassword(); + + if (basicAuthPassword != null + && basicAuthPassword.startsWith(SparkyConstants.OBFUSCATION_PREFIX)) { + Encryptor enc = new Encryptor(); + endpointConfig.setBasicAuthPassword(enc.decryptValue(basicAuthPassword)); + } + } + this.restClient = RestClientFactory.buildClient(endpointConfig); } @@ -102,16 +119,15 @@ public class ActiveInventoryAdapter { headers.get(HEADER_TRANS_ID).add(TRANSACTION_ID_PREFIX + NodeUtils.getRandomTxnId()); if (endpointConfig.getRestAuthenticationMode() == RestAuthenticationMode.SSL_BASIC) { - headers.putIfAbsent(HEADER_AUTHORIZATION, new ArrayList()); headers.get(HEADER_AUTHORIZATION).add(getBasicAuthenticationCredentials()); - } return headers; } protected String getBasicAuthenticationCredentials() { + String usernameAndPassword = String.join(":", endpointConfig.getBasicAuthUserName(), endpointConfig.getBasicAuthPassword()); return "Basic " + java.util.Base64.getEncoder().encodeToString(usernameAndPassword.getBytes()); diff --git a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/viewandinspect/config/SparkyConstants.java b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/viewandinspect/config/SparkyConstants.java index e3c2577..b5f72bc 100644 --- a/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/viewandinspect/config/SparkyConstants.java +++ b/sparkybe-onap-service/src/main/java/org/onap/aai/sparky/viewandinspect/config/SparkyConstants.java @@ -26,6 +26,7 @@ package org.onap.aai.sparky.viewandinspect.config; public class SparkyConstants { public static String APP_NAME = "AAIUI"; + public static final String OBFUSCATION_PREFIX = "OBF:"; /** Default to unix file separator if system property file.separator is null */ public static final String FILESEP = -- 2.16.6