1 /*******************************************************************************
2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 * ============LICENSE_END=========================================================
19 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
21 *******************************************************************************/
22 package org.onap.dmaap.dmf.mr.beans;
24 import com.att.eelf.configuration.EELFLogger;
25 import com.att.eelf.configuration.EELFManager;
26 import com.att.nsa.configs.ConfigDb;
27 import com.att.nsa.configs.ConfigDbException;
28 import com.att.nsa.configs.confimpl.EncryptingLayer;
29 import com.att.nsa.drumlin.till.nv.rrNvReadable;
30 import com.att.nsa.drumlin.till.nv.rrNvReadable.missingReqdSetting;
31 import com.att.nsa.security.db.BaseNsaApiDbImpl;
32 import com.att.nsa.security.db.EncryptingApiDbImpl;
33 import com.att.nsa.security.db.NsaApiDb;
34 import com.att.nsa.security.db.simple.NsaSimpleApiKey;
35 import com.att.nsa.security.db.simple.NsaSimpleApiKeyFactory;
36 import com.att.nsa.util.rrConvertor;
37 import org.onap.dmaap.dmf.mr.constants.CambriaConstants;
38 import org.springframework.beans.factory.annotation.Autowired;
40 import java.security.Key;
44 * @author anowarul.islam
47 public class DMaaPNsaApiDb {
50 private DMaaPZkConfigDb cdb;
52 //private static final Logger log = Logger
54 private static final EELFLogger log = EELFManager.getInstance().getLogger(DMaaPNsaApiDb.class);
58 * Constructor initialized
63 public DMaaPNsaApiDb(rrNvReadable settings, DMaaPZkConfigDb cdb) {
72 * @throws ConfigDbException
73 * @throws missingReqdSetting
75 public static NsaApiDb<NsaSimpleApiKey> buildApiKeyDb(
76 rrNvReadable settings, ConfigDb cdb) throws ConfigDbException,
78 // Cambria uses an encrypted api key db
81 final String keyBase64 =com.att.ajsc.filemonitor.AJSCPropertiesMap.getProperty(CambriaConstants.msgRtr_prop,"cambria.secureConfig.key");
85 final String initVectorBase64 =com.att.ajsc.filemonitor.AJSCPropertiesMap.getProperty(CambriaConstants.msgRtr_prop,"cambria.secureConfig.iv");
86 // if neither value was provided, don't encrypt api key db
87 if (keyBase64 == null && initVectorBase64 == null) {
88 log.info("This server is configured to use an unencrypted API key database. See the settings documentation.");
89 return new BaseNsaApiDbImpl<>(cdb,
90 new NsaSimpleApiKeyFactory());
91 } else if (keyBase64 == null) {
92 // neither or both, otherwise something's goofed
93 throw new missingReqdSetting("cambria.secureConfig.key");
94 } else if (initVectorBase64 == null) {
95 // neither or both, otherwise something's goofed
96 throw new missingReqdSetting("cambria.secureConfig.iv");
98 log.info("This server is configured to use an encrypted API key database.");
99 final Key key = EncryptingLayer.readSecretKey(keyBase64);
100 final byte[] iv = rrConvertor.base64Decode(initVectorBase64);
101 return new EncryptingApiDbImpl<>(cdb,
102 new NsaSimpleApiKeyFactory(), key, iv);
126 public DMaaPZkConfigDb getCdb() {
133 public void setCdb(DMaaPZkConfigDb cdb) {