Rework AAF classes

Rework AAF integration to be more Spring specific + change console log
to previous pattern

Issue-ID: CLAMP-210
Change-Id: I689269668f64996f2d07491e420062f5ca0ca1db
Signed-off-by: Determe, Sebastien (sd378r) <sd378r@intl.att.com>
diff --git a/src/main/java/org/onap/clamp/clds/config/AAFConfiguration.java b/src/main/java/org/onap/clamp/clds/config/AAFConfiguration.java
index 93432c9..13dccda 100644
--- a/src/main/java/org/onap/clamp/clds/config/AAFConfiguration.java
+++ b/src/main/java/org/onap/clamp/clds/config/AAFConfiguration.java
@@ -22,49 +22,22 @@
  */
 package org.onap.clamp.clds.config;
 
-import java.util.Properties;
-
 import javax.servlet.Filter;
 
 import org.onap.clamp.clds.filter.ClampCadiFilter;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
-import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.stereotype.Component;
 
-@Component
 @Configuration
 @Profile("clamp-aaf-authentication")
-@ConfigurationProperties(prefix = "clamp.config.cadi")
 public class AAFConfiguration {
-    private static final String CADI_KEY_FILE = "cadi_keyfile";
-    private static final String CADI_LOG_LEVEL = "cadi_loglevel";
-    private static final String LATITUDE = "cadi_latitude";
-    private static final String LONGITUDE = "cadi_longitude";
-    private static final String LOCATE_URL = "aaf_locate_url";
-    private static final String OAUTH_TOKEN_URL = "aaf_oauth2_token_url";
-    private static final String OAUTH_INTROSPECT_URL = "aaf_oauth2_introspect_url";
-    private static final String AAF_ENV = "aaf_env";
-    private static final String AAF_URL = "aaf_url";
-    private static final String X509_ISSUERS = "cadi_x509_issuers";
-	
-    private String              keyFile;
-    private String              cadiLoglevel;
-    private String              cadiLatitude;
-    private String              cadiLongitude;
-    private String              aafLocateUrl;
-    private String              oauthTokenUrl;
-    private String              oauthIntrospectUrl;
-    private String              aafEnv;
-    private String              aafUrl;
-    private String              cadiX509Issuers;
 
     /**
      * Method to return clamp cadi filter.
-     * 
+     *
      * @return Filter
      */
     @Bean(name = "cadiFilter")
@@ -74,7 +47,7 @@
 
     /**
      * Method to register cadi filter.
-     * 
+     *
      * @return FilterRegistrationBean
      */
     @Bean
@@ -87,104 +60,4 @@
         registration.setOrder(0);
         return registration;
     }
-
-	public String getKeyFile() {
-		return keyFile;
-	}
-
-	public void setKeyFile(String keyFile) {
-		this.keyFile = keyFile;
-	}
-
-	public String getCadiLoglevel() {
-		return cadiLoglevel;
-	}
-
-	public void setCadiLoglevel(String cadiLoglevel) {
-		this.cadiLoglevel = cadiLoglevel;
-	}
-
-	public String getCadiLatitude() {
-		return cadiLatitude;
-	}
-
-	public void setCadiLatitude(String cadiLatitude) {
-		this.cadiLatitude = cadiLatitude;
-	}
-
-	public String getCadiLongitude() {
-		return cadiLongitude;
-	}
-
-	public void setCadiLongitude(String cadiLongitude) {
-		this.cadiLongitude = cadiLongitude;
-	}
-
-	public String getAafLocateUrl() {
-		return aafLocateUrl;
-	}
-
-	public void setAafLocateUrl(String aafLocateUrl) {
-		this.aafLocateUrl = aafLocateUrl;
-	}
-
-	public String getOauthTokenUrl() {
-		return oauthTokenUrl;
-	}
-
-	public void setOauthTokenUrl(String oauthTokenUrl) {
-		this.oauthTokenUrl = oauthTokenUrl;
-	}
-
-	public String getOauthIntrospectUrl() {
-		return oauthIntrospectUrl;
-	}
-
-	public void setOauthIntrospectUrl(String oauthIntrospectUrl) {
-		this.oauthIntrospectUrl = oauthIntrospectUrl;
-	}
-
-	public String getAafEnv() {
-		return aafEnv;
-	}
-
-	public void setAafEnv(String aafEnv) {
-		this.aafEnv = aafEnv;
-	}
-
-	public String getAafUrl() {
-		return aafUrl;
-	}
-
-	public void setAafUrl(String aafUrl) {
-		this.aafUrl = aafUrl;
-	}
-
-	public String getCadiX509Issuers() {
-		return cadiX509Issuers;
-	}
-
-	public void setCadiX509Issuers(String cadiX509Issuers) {
-		this.cadiX509Issuers = cadiX509Issuers;
-	}
-
-	public Properties getProperties() {
-        Properties prop = System.getProperties();
-        //prop.put("cadi_prop_files", "");
-        prop.put(CADI_KEY_FILE, keyFile);
-        prop.put(CADI_LOG_LEVEL, cadiLoglevel);
-        prop.put(LATITUDE, cadiLatitude);
-        prop.put(LONGITUDE, cadiLongitude);
-        prop.put(LOCATE_URL, aafLocateUrl);
-        if (oauthTokenUrl != null) {
-            prop.put(OAUTH_TOKEN_URL, oauthTokenUrl);
-        }
-        if (oauthIntrospectUrl != null) {
-            prop.put(OAUTH_INTROSPECT_URL, oauthIntrospectUrl);
-        }
-        prop.put(AAF_ENV, aafEnv);
-        prop.put(AAF_URL, aafUrl);
-        prop.put(X509_ISSUERS, cadiX509Issuers);
-        return prop;
-    }
 }
\ No newline at end of file
diff --git a/src/main/java/org/onap/clamp/clds/config/SSLConfiguration.java b/src/main/java/org/onap/clamp/clds/config/SSLConfiguration.java
deleted file mode 100644
index 6a97f23..0000000
--- a/src/main/java/org/onap/clamp/clds/config/SSLConfiguration.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*-
- * ============LICENSE_START=======================================================
- * ONAP CLAMP
- * ================================================================================
- * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights
- *                             reserved.
- * ================================================================================
- * Licensed under the Apache License, Version 2.0 (the "License"); 
- * you may not use this file except in compliance with the License. 
- * You may obtain a copy of the License at
- * 
- * http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software 
- * distributed under the License is distributed on an "AS IS" BASIS, 
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
- * See the License for the specific language governing permissions and 
- * limitations under the License.
- * ============LICENSE_END============================================
- * ===================================================================
- * 
- */
-package org.onap.clamp.clds.config;
-
-import org.springframework.context.annotation.Configuration;
-
-import javax.annotation.PostConstruct;
-
-import org.springframework.beans.factory.annotation.Value;
-
-@Configuration
-public class SSLConfiguration {
-    private static final String TRUST_STORE = "javax.net.ssl.trustStore";
-    private static final String TRUST_STORE_PW = "javax.net.ssl.trustStorePassword";
-    private static final String TRUST_STORE_TYPE = "javax.net.ssl.trustStoreType";
-
-    @Value("${server.ssl.trust:none}")
-    private String sslTruststoreFile;
-    @Value("${server.ssl.trust-password:none}")
-    private String sslTruststorePw;
-    @Value("${server.ssl.trust-type:none}")
-    private String sslTruststoreType;
-
-    @PostConstruct
-    private void configureSSL() {
-        if (!sslTruststoreFile.equals("none")) {
-            System.setProperty(TRUST_STORE, sslTruststoreFile);
-        }
-        if (!sslTruststoreType.equals("none")) {
-            System.setProperty(TRUST_STORE_TYPE, sslTruststoreType);
-        }
-        if (!sslTruststorePw.equals("none")) {
-            System.setProperty(TRUST_STORE_PW, sslTruststorePw);
-        }
-    }
-}
diff --git a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java
index ed3dcb4..f058a9e 100644
--- a/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java
+++ b/src/main/java/org/onap/clamp/clds/filter/ClampCadiFilter.java
@@ -22,59 +22,122 @@
  */
 package org.onap.clamp.clds.filter;
 
-import java.util.Properties;
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.file.StandardCopyOption;
 
 import javax.servlet.FilterConfig;
 import javax.servlet.ServletException;
 
+import org.onap.aaf.cadi.config.Config;
 import org.onap.aaf.cadi.filter.CadiFilter;
-import org.onap.clamp.clds.config.AAFConfiguration;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.ApplicationContext;
 
 public class ClampCadiFilter extends CadiFilter {
-    private static final String CADI_TRUST_STORE = "cadi_truststore";
-    private static final String CADI_TRUST_STORE_PW = "cadi_truststore_password";
-    private static final String CADI_KEY_STORE = "cadi_keystore";
-    private static final String CADI_KEY_STORE_PW = "cadi_keystore_password";
-    private static final String ALIAS = "cadi_alias";
-
-    @Value("${server.ssl.key-store:none}")
-    private String              keyStore;
-
-    @Value("${clamp.config.cadi.cadiKeystorePassword:none}")
-    private String              keyStorePass;
-
-    @Value("${server.ssl.trust:none}")
-    private String              trustStore;
-
-    @Value("${clamp.config.cadi.cadiTruststorePassword:none}")
-    private String              trustStorePass;
-
-    @Value("${server.ssl.key-alias:clamp@clamp.onap.org}")
-    private String              alias;
+    private static final EELFLogger logger = EELFManager.getInstance().getLogger(ClampCadiFilter.class);
 
     @Autowired
-    private AAFConfiguration aafConfiguration;
+    private ApplicationContext appContext;
+
+    @Value("${server.ssl.key-store:#{null}}")
+    private String keyStore;
+
+    @Value("${clamp.config.cadi.cadiKeystorePassword:#{null}}")
+    private String keyStorePass;
+
+    @Value("${server.ssl.trust-store:#{null}}")
+    private String trustStore;
+
+    @Value("${clamp.config.cadi.cadiTruststorePassword:#{null}}")
+    private String trustStorePass;
+
+    @Value("${server.ssl.key-alias:clamp@clamp.onap.org}")
+    private String alias;
+
+    @Value("${clamp.config.cadi.keyFile:#{null}}")
+    private String keyFile;
+
+    @Value("${clamp.config.cadi.cadiLoglevel:#{null}}")
+    private String cadiLoglevel;
+
+    @Value("${clamp.config.cadi.cadiLatitude:#{null}}")
+    private String cadiLatitude;
+
+    @Value("${clamp.config.cadi.cadiLongitude:#{null}}")
+    private String cadiLongitude;
+
+    @Value("${clamp.config.cadi.aafLocateUrl:#{null}}")
+    private String aafLocateUrl;
+
+    @Value("${clamp.config.cadi.oauthTokenUrl:#{null}}")
+    private String oauthTokenUrl;
+
+    @Value("${clamp.config.cadi.oauthIntrospectUrl:#{null}}")
+    private String oauthIntrospectUrl;
+
+    @Value("${clamp.config.cadi.aafEnv:#{null}}")
+    private String aafEnv;
+
+    @Value("${clamp.config.cadi.aafUrl:#{null}}")
+    private String aafUrl;
+
+    @Value("${clamp.config.cadi.cadiX509Issuers:#{null}}")
+    private String cadiX509Issuers;
+
+    private void checkIfNullProperty(String key, String value) {
+        /* When value is null, so not defined in application.properties
+           set nothing in System properties */
+        if (value != null) {
+            /* Ensure that any properties already defined in System.prop by JVM params
+                won't be overwritten by Spring application.properties values */
+            System.setProperty(key, System.getProperty(key, value));
+        }
+    }
 
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
-        Properties props = aafConfiguration.getProperties();
-        props.setProperty(CADI_KEY_STORE, trimFileName(keyStore));
-        props.setProperty(CADI_TRUST_STORE, trimFileName(trustStore));
-        props.setProperty(ALIAS, alias);
-        props.setProperty(CADI_KEY_STORE_PW,  keyStorePass);
-        props.setProperty(CADI_TRUST_STORE_PW, trustStorePass);
+        // set some properties in System so that Cadi filter will find its config
+        // The JVM values set will always overwrite the Spring ones.
+        checkIfNullProperty(Config.CADI_KEYFILE, convertSpringToPath(keyFile));
+        checkIfNullProperty(Config.CADI_LOGLEVEL, cadiLoglevel);
+        checkIfNullProperty(Config.CADI_LATITUDE, cadiLatitude);
+        checkIfNullProperty(Config.CADI_LONGITUDE, cadiLongitude);
+
+        checkIfNullProperty(Config.AAF_LOCATE_URL, aafLocateUrl);
+        checkIfNullProperty(Config.AAF_OAUTH2_TOKEN_URL, oauthTokenUrl);
+        checkIfNullProperty(Config.AAF_OAUTH2_INTROSPECT_URL, oauthIntrospectUrl);
+
+        checkIfNullProperty(Config.AAF_ENV, aafEnv);
+        checkIfNullProperty(Config.AAF_URL, aafUrl);
+        checkIfNullProperty(Config.CADI_X509_ISSUERS, cadiX509Issuers);
+        checkIfNullProperty(Config.CADI_KEYSTORE, convertSpringToPath(keyStore));
+        checkIfNullProperty(Config.CADI_TRUSTSTORE, convertSpringToPath(trustStore));
+        checkIfNullProperty(Config.CADI_ALIAS, alias);
+        checkIfNullProperty(Config.CADI_KEYSTORE_PASSWORD, keyStorePass);
+        checkIfNullProperty(Config.CADI_TRUSTSTORE_PASSWORD, trustStorePass);
 
         super.init(filterConfig);
     }
 
-    private String trimFileName (String fileName) {
-        int index= fileName.indexOf("file:");
-        if (index == -1) {
-            return fileName;
-        } else {
-            return fileName.substring(index+5);
+    private String convertSpringToPath(String fileName) {
+        try (InputStream ioFile = appContext.getResource(fileName).getInputStream()) {
+            if (!fileName.contains("file:")) {
+                File targetFile = new File(appContext.getResource(fileName).getFilename());
+                java.nio.file.Files.copy(ioFile, targetFile.toPath(), StandardCopyOption.REPLACE_EXISTING);
+                return targetFile.getPath();
+            } else {
+                return appContext.getResource(fileName).getFile().getPath();
+            }
+        } catch (IOException e) {
+            logger.error("Unable to open and copy the file: " + fileName, e);
+            return null;
         }
+
     }
 }
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 552efbc..b506915 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -55,15 +55,19 @@
 ### HTTP (Redirected to HTTPS) and HTTPS Example:
 ### --------------------------------------------
 server.port=8443
-server.ssl.client-auth=want
-server.ssl.key-store=file:/opt/clamp/config/org.onap.clamp.p12
+## Config part for Server certificates
+# Can be a classpath parameter instead of file:/
+server.ssl.key-store=classpath:/clds/aaf/org.onap.clamp.p12
 server.ssl.key-store-password=China in the Spring
 server.ssl.key-password=China in the Spring
 server.ssl.key-store-type=PKCS12
-server.ssl.trust=/opt/clamp/config/truststoreONAPall.jks
-server.ssl.trust-pass=changeit
-server.ssl.trust-type=JKS
 server.ssl.key-alias=clamp@clamp.onap.org
+
+## Config part for Client certificates
+server.ssl.client-auth=need
+server.ssl.trust-store=classpath:/clds/aaf/truststoreONAPall.jks
+server.ssl.trust-store-password=changeit
+
 server.http-to-https-redirection.port=8080
 
 server.servlet.context-path=/
@@ -228,7 +232,7 @@
 clamp.config.security.permission.instance=dev
 
 #AAF related parameters
-clamp.config.cadi.keyFile=/opt/clamp/config/org.onap.clamp.keyfile
+clamp.config.cadi.keyFile=classpath:/clds/aaf/org.onap.clamp.keyfile
 clamp.config.cadi.cadiLoglevel=DEBUG
 clamp.config.cadi.cadiLatitude=37.78187
 clamp.config.cadi.cadiLongitude=-122.26147
diff --git a/src/main/resources/logback-default.xml b/src/main/resources/logback-default.xml
index 37cdf76..c2524be 100644
--- a/src/main/resources/logback-default.xml
+++ b/src/main/resources/logback-default.xml
@@ -10,18 +10,15 @@
 		<property name="p_mak" value="%replace(%replace(%marker){'\t', '\\\\t'}){'\n','\\\\n'}"/>
 		<property name="p_thr" value="%thread"/>
 		<property name="defaultPattern" value="%nopexception${p_tim}\t${p_thr}\t${p_lvl}\t${p_log}\t${p_mdc}\t${p_msg}\t${p_exc}\t${p_mak}\t%n"/>
-		<property name="debugPattern" value="%nopexception${p_tim}|${p_lvl}|${p_mdc}|{p_exc}|%msg%n"/>
+		<property name="debugPattern" value="%nopexception${p_tim}|${p_lvl}|${p_mdc}|${p_exc}|%msg%n"/>
 
 		<!-- Example evaluator filter applied against console appender -->
 		<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
-				<!-- filter class="ch.qos.logback.classic.filter.LevelFilter"> <level>ERROR</level> 
-						<onMatch>ACCEPT</onMatch> <onMismatch>DENY</onMismatch> </filter -->
-				<!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
 				<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
 						<level>INFO</level>
 				</filter>
 				<encoder>
-						<pattern>${debugPattern}</pattern>
+					<pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - %msg%n</pattern>
 				</encoder>
 		</appender>
 
@@ -181,7 +178,6 @@
 	<logger name="ch.qos.logback.core" level="INFO" />
 
 	<!-- logback jms appenders & loggers definition starts here -->
-	<!-- logback jms appenders & loggers definition starts here -->
 	<appender name="auditLogs"
 		class="ch.qos.logback.core.rolling.RollingFileAppender">
 		<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
diff --git a/src/main/resources/system.properties b/src/main/resources/system.properties
index a24b620..f95fc70 100644
--- a/src/main/resources/system.properties
+++ b/src/main/resources/system.properties
@@ -5,22 +5,23 @@
 # Copyright (C) 2017-2018 AT&T Intellectual Property. All rights
 #                             reserved.
 # ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License"); 
-# you may not use this file except in compliance with the License. 
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 # 
 # http://www.apache.org/licenses/LICENSE-2.0
 # 
-# Unless required by applicable law or agreed to in writing, software 
-# distributed under the License is distributed on an "AS IS" BASIS, 
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
-# See the License for the specific language governing permissions and 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
 # limitations under the License.
 # ============LICENSE_END============================================
 # ===================================================================
-# 
-###
+#
+### Static JVM parameters can be set here by the dev team
+### These will be loaded at Clamp startup
 #
 # JVM SSL/TLS properties
-jdk.tls.client.protocols=TLSv1.1,TLSv1.2 
+jdk.tls.client.protocols=TLSv1.1,TLSv1.2
 https.protocols=TLSv1.1,TLSv1.2