Remove web-filter for incoming scheduler requests 44/92644/2
authorEylon Malin <eylon.malin@intl.att.com>
Sun, 4 Aug 2019 15:03:29 +0000 (18:03 +0300)
committerIttay Stern <ittay.stern@att.com>
Sun, 4 Aug 2019 15:11:25 +0000 (15:11 +0000)
authentication can be handled in a different way like using AAF
(see 48b0c6ee)

Issue-ID: VID-378
Signed-off-by: Eylon Malin <eylon.malin@intl.att.com>
Change-Id: I68c664bc6a20ce4d8722558e00985b7638fed04b

epsdk-app-onap/src/main/webapp/WEB-INF/conf/system.properties
epsdk-app-onap/src/main/webapp/WEB-INF/conf/system_template.properties
vid-app-common/src/main/java/org/onap/vid/controller/filter/ClientCredentialsFilter.java [deleted file]
vid-app-common/src/main/java/org/onap/vid/scheduler/SchedulerProperties.java
vid-app-common/src/test/java/org/onap/vid/controller/ClientCredentialsFilterTest.java [deleted file]

index 96fa220..0fe2f4e 100755 (executable)
@@ -197,7 +197,6 @@ scheduler.server.url=http://BYO.scheduler:8989/scheduler
 
 scheduler.submit.new.vnf.change=/v1/ChangeManagement/schedules/{scheduleId}/approvals
 scheduler.get.schedules=/v1/ChangeManagement/schedules/scheduleDetails/
-scheduler.basic.auth=
 
 features.set.filename=onap.features.properties
 
@@ -205,4 +204,4 @@ vid.asyncJob.howLongToKeepOldJobsInDays=7
 
 # thread definition - count and timeout (in seconds)
 vid.thread.count=50
-vid.thread.timeout=30
\ No newline at end of file
+vid.thread.timeout=30
index 726b56f..54359c2 100755 (executable)
@@ -153,7 +153,6 @@ mso.dme2.client.timeout=${MSO_DME2_CLIENT_TIMEOUT}
 mso.dme2.client.read.timeout=${MSO_DME2_CLIENT_READ_TIMEOUT}
 mso.dme2.server.url=${MSO_DME2_SERVER_URL}
 mso.dme2.enabled=${MSO_DME2_ENABLED}
-scheduler.basic.auth=
 
 features.set.filename=onap.features.properties
 
@@ -161,4 +160,4 @@ vid.asyncJob.howLongToKeepOldJobsInDays=7
 
 # thread definition - count and timeout (in seconds)
 vid.thread.count=50
-vid.thread.timeout=30
\ No newline at end of file
+vid.thread.timeout=30
diff --git a/vid-app-common/src/main/java/org/onap/vid/controller/filter/ClientCredentialsFilter.java b/vid-app-common/src/main/java/org/onap/vid/controller/filter/ClientCredentialsFilter.java
deleted file mode 100644 (file)
index f112905..0000000
+++ /dev/null
@@ -1,82 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * VID
- * ================================================================================
- * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.vid.controller.filter;
-
-import org.apache.commons.lang3.StringUtils;
-import org.onap.vid.scheduler.SchedulerProperties;
-import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
-import org.onap.portalsdk.core.util.SystemProperties;
-import org.springframework.web.filter.GenericFilterBean;
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.ServletResponse;
-import javax.servlet.annotation.WebFilter;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * Created by amichai on 13/05/2018.
- */
-@WebFilter(urlPatterns = "/change-management/workflow/*")
-public class ClientCredentialsFilter  extends GenericFilterBean {
-
-    private static final EELFLoggerDelegate filterLogger = EELFLoggerDelegate.getLogger(ClientCredentialsFilter.class);
-
-
-    @Override
-    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
-
-        if (!(request instanceof HttpServletRequest) || !(response instanceof HttpServletResponse))
-            return;
-
-        String expectedAuthorization = SystemProperties.getProperty(SchedulerProperties.SCHEDULER_BASIC_AUTH);
-        String actualAuthorization = ((HttpServletRequest)request).getHeader("Authorization");
-
-        if (verifyClientCredentials(actualAuthorization, expectedAuthorization)) {
-            filterLogger.warn(EELFLoggerDelegate.debugLogger,"Client credentials authenticated.");
-            chain.doFilter(request, response);
-            return;
-        }
-
-        filterLogger.warn(EELFLoggerDelegate.debugLogger,"Client did not provide the expected credentials.");
-        ((HttpServletResponse) response).sendError(401);
-    }
-
-    public boolean verifyClientCredentials(String actualAuthorization, String expectedAuthorization)
-    {
-        if (StringUtils.isEmpty(expectedAuthorization))
-        {
-            filterLogger.warn(EELFLoggerDelegate.debugLogger,String.format("Expected Authorization is not configured (key: %s)", SchedulerProperties.SCHEDULER_BASIC_AUTH));
-            return true;
-        }
-
-        if (StringUtils.isEmpty(actualAuthorization))
-        {
-            filterLogger.warn(EELFLoggerDelegate.debugLogger,"Authorization header is missing.");
-            return false;
-        }
-
-        return actualAuthorization.equals(expectedAuthorization);
-    }
-
-}
index 8974032..400e8d9 100644 (file)
@@ -35,7 +35,4 @@ public class SchedulerProperties extends SystemProperties {
 
        public static final String SCHEDULER_DELETE_SCHEDULE = "scheduler.delete.schedule";
 
-       public static final String SCHEDULER_BASIC_AUTH =  "scheduler.basic.auth";
-
-
 }
diff --git a/vid-app-common/src/test/java/org/onap/vid/controller/ClientCredentialsFilterTest.java b/vid-app-common/src/test/java/org/onap/vid/controller/ClientCredentialsFilterTest.java
deleted file mode 100644 (file)
index 37c02b2..0000000
+++ /dev/null
@@ -1,111 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * VID
- * ================================================================================
- * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ============LICENSE_END=========================================================
- */
-
-package org.onap.vid.controller;
-
-
-import org.junit.Assert;
-import org.mockito.Mockito;
-import org.onap.vid.controller.filter.ClientCredentialsFilter;
-import org.testng.annotations.DataProvider;
-import org.testng.annotations.Test;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-import static org.mockito.ArgumentMatchers.any;
-
-
-/**
- * Created by amichai on 16/05/2018.
- */
-public class ClientCredentialsFilterTest {
-
-    @DataProvider
-    public static Object[][] authorizedData() {
-        return new Object[][] {
-                {"Basic 123==", null},
-                {null, null},
-                {null, ""},
-                {"Basic 123==", ""},
-                {"Basic 123==", "Basic 123=="}
-        };
-    }
-
-    @DataProvider
-    public static Object[][] notAuthorizedData() {
-        return new Object[][] {
-                {null, "Basic 123=="},
-                {"", "Basic 123=="},
-                {"not null but not as expected", "Basic 123=="},
-                {"basic 123==", "Basic 123=="}
-        };
-    }
-
-    @DataProvider
-    public static Object[][] clientVerified() {
-        return new Object[][] {
-                {true},
-                {false}
-        };
-    }
-
-    @Test(dataProvider = "authorizedData")
-    public void givenAuthorizationHeader_Authorized(String actualAuth, String expectedAuth){
-        ClientCredentialsFilter filter = new ClientCredentialsFilter();
-        Assert.assertTrue(filter.verifyClientCredentials(actualAuth, expectedAuth));
-    }
-
-    @Test(dataProvider = "notAuthorizedData")
-    public void givenAuthorizationHeader_NotAuthorized(String actualAuth, String expectedAuth){
-        ClientCredentialsFilter filter = new ClientCredentialsFilter();
-        Assert.assertFalse(filter.verifyClientCredentials(actualAuth, expectedAuth));
-    }
-
-    //@Test(dataProvider = "clientVerified")
-    public void notAuthorized_return401(Boolean clientVerified) throws IOException, ServletException {
-        ClientCredentialsFilter filter = Mockito.mock(ClientCredentialsFilter.class);
-        HttpServletResponse response = Mockito.mock(HttpServletResponse.class);
-        HttpServletRequest request = Mockito.mock(HttpServletRequest.class);
-        FilterChain chain = Mockito.mock(FilterChain.class);
-
-
-        Mockito.when(filter.verifyClientCredentials(any(),any())).thenReturn(clientVerified);
-        Mockito.doNothing().when(response).sendError(401);
-
-        Mockito.doCallRealMethod().when(filter).doFilter(request,response,chain);
-        filter.doFilter(request,response,chain);
-
-        if (clientVerified)
-        {
-            Mockito.verify(chain).doFilter(request,response);
-
-        }
-        else {
-            Mockito.verify(response).sendError(401);
-        }
-
-    }
-
-
-}