use encrypted auth for dmaap
remove deobfuscate as crypto is already used.
update based on the feedback to use crypto utils to decrypt
Re-Factor DMAAP Credentials to use encrypted auth credential
Change-Id: I2ac5be84594d84f0f24ae554d99cef274dbb6c16
Issue-ID: SO-1425
Signed-off-by: Benjamin, Max (mb388a) <mb388a@us.att.com>
diff --git a/bpmn/MSOCommonBPMN/src/main/java/org/onap/so/client/dmaapproperties/GlobalDmaapPublisher.java b/bpmn/MSOCommonBPMN/src/main/java/org/onap/so/client/dmaapproperties/GlobalDmaapPublisher.java
index 3828528..17b99e2 100644
--- a/bpmn/MSOCommonBPMN/src/main/java/org/onap/so/client/dmaapproperties/GlobalDmaapPublisher.java
+++ b/bpmn/MSOCommonBPMN/src/main/java/org/onap/so/client/dmaapproperties/GlobalDmaapPublisher.java
@@ -38,22 +38,21 @@
}
@Override
- public String getUserName() {
+ public String getAuth() {
- return UrnPropertiesReader.getVariable("mso.global.dmaap.username");
+ return UrnPropertiesReader.getVariable("mso.global.dmaap.auth");
}
@Override
- public String getPassword() {
+ public String getKey() {
- return UrnPropertiesReader.getVariable("mso.global.dmaap.password");
+ return UrnPropertiesReader.getVariable("mso.msoKey");
}
@Override
public String getTopic() {
-
return UrnPropertiesReader.getVariable("mso.global.dmaap.publisher.topic");
}
diff --git a/bpmn/MSOCommonBPMN/src/test/java/org/onap/so/client/dmaapproperties/GlobalDmaapPublisherTest.java b/bpmn/MSOCommonBPMN/src/test/java/org/onap/so/client/dmaapproperties/GlobalDmaapPublisherTest.java
index 47e0583..d380536 100644
--- a/bpmn/MSOCommonBPMN/src/test/java/org/onap/so/client/dmaapproperties/GlobalDmaapPublisherTest.java
+++ b/bpmn/MSOCommonBPMN/src/test/java/org/onap/so/client/dmaapproperties/GlobalDmaapPublisherTest.java
@@ -33,8 +33,8 @@
@Test
public void testGetters() {
- assertEquals("dmaapUsername", globalDmaapPublisher.getUserName());
- assertEquals("ZG1hYXBQYXNzd29yZA==", globalDmaapPublisher.getPassword());
+ assertEquals("81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54", globalDmaapPublisher.getAuth());
+ assertEquals("07a7159d3bf51a0e53be7a8f89699be7", globalDmaapPublisher.getKey());
assertEquals("com.att.mso.asyncStatusUpdate", globalDmaapPublisher.getTopic());
assertEquals("http://localhost:" + wireMockPort, globalDmaapPublisher.getHost().get());
}
diff --git a/bpmn/MSOCommonBPMN/src/test/resources/application-test.yaml b/bpmn/MSOCommonBPMN/src/test/resources/application-test.yaml
index 18f94f3..b229fbd 100644
--- a/bpmn/MSOCommonBPMN/src/test/resources/application-test.yaml
+++ b/bpmn/MSOCommonBPMN/src/test/resources/application-test.yaml
@@ -146,6 +146,7 @@
host: http://localhost:${wiremock.server.port}
publisher:
topic: com.att.mso.asyncStatusUpdate
+ auth: 81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54
oof:
auth: test
timeout: PT10S
@@ -163,6 +164,16 @@
auth: Basic YWRtaW46YWRtaW4=
host: http://localhost:8446
path: /restconf/operations/GENERIC-RESOURCE-API
+sdno:
+ health-check:
+ dmaap:
+ password: alRyMzJ3NUNeakxl
+ publisher:
+ topic: com.att.sdno.test-health-diagnostic-v02
+ host: https://olsd004.wnsnet.attws.com:3905
+ subscriber:
+ topic: com.att.sdno.test-health-diagnostic-v02
+ auth: 81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54
sniro:
conductor:
enabled: true
@@ -178,7 +189,15 @@
headers.patchVersion: 1
headers.minorVersion: 1
headers.latestVersion: 2
-
+ruby:
+ create-ticket-request:
+ dmaap:
+ username: m04768@mso.ecomp.att.com
+ password: alRyMzJ3NUNeakxl
+ publisher:
+ topic: com.att.pdas.exp.msoCMFallout-v1
+ host: https://olsd004.wnsnet.attws.com:3905
+ auth: 81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54
spring:
datasource:
jdbc-url: jdbc:mariadb://localhost:3307/camundabpmn
diff --git a/common/src/main/java/org/onap/so/client/dmaap/DmaapClient.java b/common/src/main/java/org/onap/so/client/dmaap/DmaapClient.java
index dde0b31..dea00dd 100644
--- a/common/src/main/java/org/onap/so/client/dmaap/DmaapClient.java
+++ b/common/src/main/java/org/onap/so/client/dmaap/DmaapClient.java
@@ -17,10 +17,11 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
+
package org.onap.so.client.dmaap;
import java.io.IOException;
+import java.security.GeneralSecurityException;
import java.util.Base64;
import java.util.Map;
import java.util.Optional;
@@ -31,13 +32,14 @@
import org.slf4j.LoggerFactory;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.Resource;
-
+import org.onap.so.utils.CryptoUtils;
public abstract class DmaapClient {
-
+
protected static Logger logger = LoggerFactory.getLogger(DmaapClient.class);
protected final Map<String, String> msoProperties;
protected final Properties properties;
+
public DmaapClient(String filepath) throws IOException {
Resource resource = new ClassPathResource(filepath);
DmaapProperties dmaapProperties = DmaapPropertiesLoader.getInstance().getNewImpl();
@@ -48,27 +50,34 @@
this.msoProperties = dmaapProperties.getProperties();
this.properties = new Properties();
this.properties.load(resource.getInputStream());
- this.properties.put("password", this.deobfuscatePassword(this.getPassword()));
- this.properties.put("username", this.getUserName());
+ try {
+ this.properties.put("auth", CryptoUtils.decrypt(this.getAuth(), this.getKey()).getBytes());
+ } catch (GeneralSecurityException e) {
+ logger.error(e.getMessage(), e);
+ }
+ this.properties.put("key", this.getKey());
this.properties.put("topic", this.getTopic());
Optional<String> host = this.getHost();
if (host.isPresent()) {
this.properties.put("host", host.get());
}
}
- protected String deobfuscatePassword(String password) {
-
+
+ protected String deobfuscatePassword(String decrypted_key) {
+
try {
- return new String(Base64.getDecoder().decode(password.getBytes()));
- } catch(IllegalArgumentException iae) {
- logger.error("llegal Arguments",iae);
- return password;
+ return new String(Base64.getDecoder().decode(decrypted_key.getBytes()));
+ } catch (IllegalArgumentException iae) {
+ logger.error("llegal Arguments", iae);
+ return decrypted_key;
}
}
-
-
- public abstract String getUserName();
- public abstract String getPassword();
+
+ public abstract String getKey();
+
+ public abstract String getAuth();
+
public abstract String getTopic();
+
public abstract Optional<String> getHost();
}
diff --git a/common/src/main/java/org/onap/so/client/dmaap/rest/DMaaPRestClient.java b/common/src/main/java/org/onap/so/client/dmaap/rest/DMaaPRestClient.java
index 0438ff2..9fd8c05 100644
--- a/common/src/main/java/org/onap/so/client/dmaap/rest/DMaaPRestClient.java
+++ b/common/src/main/java/org/onap/so/client/dmaap/rest/DMaaPRestClient.java
@@ -17,34 +17,37 @@
* limitations under the License.
* ============LICENSE_END=========================================================
*/
-
+
package org.onap.so.client.dmaap.rest;
import java.net.URL;
-import java.util.Base64;
import java.util.Map;
import org.onap.so.client.RestClient;
+import org.onap.so.utils.CryptoUtils;
import org.onap.so.utils.TargetEntity;
public class DMaaPRestClient extends RestClient {
- private final String username;
- private final String password;
- public DMaaPRestClient(URL url, String contentType, String username, String password) {
+ private final String auth;
+ private final String key;
+
+ public DMaaPRestClient(URL url, String contentType, String auth, String key) {
super(url, contentType);
- this.username = username;
- this.password = password;
+ this.auth = auth;
+ this.key = key;
}
- @Override
- public TargetEntity getTargetEntity(){
- return TargetEntity.DMAAP;
- }
+ @Override
+ public TargetEntity getTargetEntity() {
+ return TargetEntity.DMAAP;
+ }
@Override
protected void initializeHeaderMap(Map<String, String> headerMap) {
- headerMap.put("Authorization", "Basic " + Base64.getEncoder().encodeToString((username + ":" + password).getBytes()));
+ if (auth != null && !auth.isEmpty() && key != null && !key.isEmpty()) {
+ addBasicAuthHeader(auth, key);
+ }
}
}
diff --git a/common/src/main/java/org/onap/so/client/dmaap/rest/PropertiesBean.java b/common/src/main/java/org/onap/so/client/dmaap/rest/PropertiesBean.java
index f43c658..1884921 100644
--- a/common/src/main/java/org/onap/so/client/dmaap/rest/PropertiesBean.java
+++ b/common/src/main/java/org/onap/so/client/dmaap/rest/PropertiesBean.java
@@ -24,8 +24,8 @@
public class PropertiesBean {
- private String username;
- private String password;
+ private String auth;
+ private String key;
private String environment;
private String partition;
private String contentType;
@@ -35,8 +35,8 @@
public PropertiesBean(Properties properties) {
- this.withUsername(properties.getProperty("username"))
- .withPassword(properties.getProperty("password"))
+ this.withAuth(properties.getProperty("auth"))
+ .withKey(properties.getProperty("key"))
.withTopic(properties.getProperty("topic"))
.withEnvironment(properties.getProperty("environment"))
.withHost(properties.getProperty("host"))
@@ -44,24 +44,24 @@
.withPartition(properties.getProperty("partition"))
.withContentType(properties.getProperty("contentType", "application/json"));
}
- public String getUsername() {
- return username;
+ public String getAuth() {
+ return auth;
}
- public void setUsername(String username) {
- this.username = username;
+ public void setAuth(String auth) {
+ this.auth = auth;
}
- public PropertiesBean withUsername(String username) {
- this.username = username;
+ public PropertiesBean withAuth(String auth) {
+ this.auth = auth;
return this;
}
- public String getPassword() {
- return password;
+ public String getKey() {
+ return key;
}
- public void setPassword(String password) {
- this.password = password;
+ public void setKey(String key) {
+ this.key = key;
}
- public PropertiesBean withPassword(String password) {
- this.password = password;
+ public PropertiesBean withKey(String key) {
+ this.key = key;
return this;
}
public String getEnvironment() {
diff --git a/common/src/main/java/org/onap/so/client/dmaap/rest/RestConsumer.java b/common/src/main/java/org/onap/so/client/dmaap/rest/RestConsumer.java
index 39af156..bee5a0c 100644
--- a/common/src/main/java/org/onap/so/client/dmaap/rest/RestConsumer.java
+++ b/common/src/main/java/org/onap/so/client/dmaap/rest/RestConsumer.java
@@ -37,7 +37,7 @@
private final RestClient client;
public RestConsumer(Properties properties) {
PropertiesBean bean = new PropertiesBean(properties);
- client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getUsername(), bean.getPassword());
+ client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getAuth(), bean.getKey());
}
private URL createURL(PropertiesBean properties) {
diff --git a/common/src/main/java/org/onap/so/client/dmaap/rest/RestPublisher.java b/common/src/main/java/org/onap/so/client/dmaap/rest/RestPublisher.java
index 090e505..af660c2 100644
--- a/common/src/main/java/org/onap/so/client/dmaap/rest/RestPublisher.java
+++ b/common/src/main/java/org/onap/so/client/dmaap/rest/RestPublisher.java
@@ -35,7 +35,7 @@
public RestPublisher(Properties properties) {
PropertiesBean bean = new PropertiesBean(properties);
- client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getUsername(), bean.getPassword());
+ client = new DMaaPRestClient(this.createURL(bean), bean.getContentType(), bean.getAuth(), bean.getKey());
}
private URL createURL(PropertiesBean properties) {
diff --git a/common/src/main/java/org/onap/so/client/ruby/dmaap/RubyCreateTicketRequestPublisher.java b/common/src/main/java/org/onap/so/client/ruby/dmaap/RubyCreateTicketRequestPublisher.java
index 1d4e014..93a2d96 100644
--- a/common/src/main/java/org/onap/so/client/ruby/dmaap/RubyCreateTicketRequestPublisher.java
+++ b/common/src/main/java/org/onap/so/client/ruby/dmaap/RubyCreateTicketRequestPublisher.java
@@ -32,13 +32,13 @@
}
@Override
- public String getUserName() {
- return msoProperties.get("ruby.create-ticket-request.dmaap.username");
+ public String getAuth() {
+ return msoProperties.get("ruby.create-ticket-request.dmaap.auth");
}
@Override
- public String getPassword() {
- return msoProperties.get("ruby.create-ticket-request.dmaap.password");
+ public String getKey() {
+ return msoProperties.get("mso.msoKey");
}
@Override
diff --git a/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapConsumer.java b/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapConsumer.java
index 8154b91..a76c47c 100644
--- a/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapConsumer.java
+++ b/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapConsumer.java
@@ -42,13 +42,13 @@
}
@Override
- public String getUserName() {
- return msoProperties.get("sdno.health-check.dmaap.username");
+ public String getAuth() {
+ return msoProperties.get("sdno.health-check.dmaap.auth");
}
@Override
- public String getPassword() {
- return msoProperties.get("sdno.health-check.dmaap.password");
+ public String getKey() {
+ return msoProperties.get("mso.msoKey");
}
@Override
diff --git a/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapPublisher.java b/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapPublisher.java
index 2556e67..f4af205 100644
--- a/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapPublisher.java
+++ b/common/src/main/java/org/onap/so/client/sdno/dmaap/SDNOHealthCheckDmaapPublisher.java
@@ -33,13 +33,13 @@
}
@Override
- public String getUserName() {
- return msoProperties.get("sdno.health-check.dmaap.username");
+ public String getAuth() {
+ return msoProperties.get("sdno.health-check.dmaap.auth");
}
@Override
- public String getPassword() {
- return msoProperties.get("sdno.health-check.dmaap.password");
+ public String getKey() {
+ return msoProperties.get("sdno.health-check.dmaap.msoKey");
}
@Override
diff --git a/common/src/test/java/org/onap/so/client/dmaap/DmaapPublisherTest.java b/common/src/test/java/org/onap/so/client/dmaap/DmaapPublisherTest.java
index c0633c1..0836ed2 100644
--- a/common/src/test/java/org/onap/so/client/dmaap/DmaapPublisherTest.java
+++ b/common/src/test/java/org/onap/so/client/dmaap/DmaapPublisherTest.java
@@ -29,13 +29,13 @@
DmaapPublisher dmaapPublisher = new DmaapPublisher(120) {
@Override
- public String getUserName() {
- return "test";
+ public String getAuth() {
+ return "8F73A1691F6271E769329C176EE3EA48F52786AF12A3E16259007EED2A0F0CC3CB965F4AB5318483015723CCE1C0B48AB6C4DED6E251869393B01E4EC532FC88D4A128B92F4CDB34719B171923";
}
@Override
- public String getPassword() {
- return "test";
+ public String getKey() {
+ return "07a7159d3bf51a0e53be7a8f89699be7";
}
@Override
diff --git a/common/src/test/resources/dmaap.properties b/common/src/test/resources/dmaap.properties
index 7ce1019..5593455 100644
--- a/common/src/test/resources/dmaap.properties
+++ b/common/src/test/resources/dmaap.properties
@@ -4,4 +4,7 @@
sdno.health-check.dmaap.publisher.topic=com.att.sdno.test-health-diagnostic-v02
ruby.create-ticket-request.dmaap.username=testuser
ruby.create-ticket-request.dmaap.password=eHQ1cUJrOUc
-ruby.create-ticket-request.publisher.topic=com.att.pdas.st1.msoCMFallout-v1
\ No newline at end of file
+ruby.create-ticket-request.publisher.topic=com.att.pdas.st1.msoCMFallout-v1
+ruby.create-ticket-request.dmaap.auth=81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54
+sdno.health-check.dmaap.auth=81B7E3533B91A6706830611FB9A8ECE529BBCCE754B1F1520FA7C8698B42F97235BEFA993A387E664D6352C63A6185D68DA7F0B1D360637CBA102CB166E3E62C11EB1F75386D3506BCECE51E54
+mso.msoKey=07a7159d3bf51a0e53be7a8f89699be7
\ No newline at end of file
diff --git a/mso-api-handlers/mso-api-handler-infra/src/main/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/DmaapPropertiesImpl.java b/mso-api-handlers/mso-api-handler-infra/src/main/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/DmaapPropertiesImpl.java
index 813299c..8409d9c 100644
--- a/mso-api-handlers/mso-api-handler-infra/src/main/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/DmaapPropertiesImpl.java
+++ b/mso-api-handlers/mso-api-handler-infra/src/main/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/DmaapPropertiesImpl.java
@@ -31,8 +31,8 @@
private final Map<String, String> props = new HashMap<>();
private static final String[] propertyNames = {
- "mso.so.operational-environment.dmaap.username",
- "mso.so.operational-environment.dmaap.password",
+ "mso.so.operational-environment.dmaap.auth",
+ "mso.msoKey",
"mso.so.operational-environment.publisher.topic",
"mso.so.operational-environment.dmaap.host"
};
diff --git a/mso-api-handlers/mso-api-handler-infra/src/main/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/OperationalEnvironmentPublisher.java b/mso-api-handlers/mso-api-handler-infra/src/main/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/OperationalEnvironmentPublisher.java
index 52c395e..31bc6fc 100644
--- a/mso-api-handlers/mso-api-handler-infra/src/main/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/OperationalEnvironmentPublisher.java
+++ b/mso-api-handlers/mso-api-handler-infra/src/main/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/OperationalEnvironmentPublisher.java
@@ -37,15 +37,15 @@
}
@Override
- public String getUserName() {
+ public String getAuth() {
- return this.msoProperties.get("mso.so.operational-environment.dmaap.username");
+ return this.msoProperties.get("mso.so.operational-environment.dmaap.auth");
}
@Override
- public String getPassword() {
+ public String getKey() {
- return this.msoProperties.get("mso.so.operational-environment.dmaap.password");
+ return this.msoProperties.get("mso.msoKey");
}
@Override
diff --git a/mso-api-handlers/mso-api-handler-infra/src/test/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/OperationalEnvironmentPublisherTest.java b/mso-api-handlers/mso-api-handler-infra/src/test/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/OperationalEnvironmentPublisherTest.java
index 59df7ae..7329f31 100644
--- a/mso-api-handlers/mso-api-handler-infra/src/test/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/OperationalEnvironmentPublisherTest.java
+++ b/mso-api-handlers/mso-api-handler-infra/src/test/java/org/onap/so/apihandlerinfra/tenantisolation/dmaap/OperationalEnvironmentPublisherTest.java
@@ -43,8 +43,8 @@
@Test
public void getProperties() throws FileNotFoundException, IOException {
- assertEquals("testuser", publisher.getUserName());
- assertEquals("VjR5NDcxSzA=", publisher.getPassword());
+ assertEquals("B3705D6C2D521257CC2422ACCF03B001811ACC49F564DDB3A2CF2A1378B6D35A23CDCB696F2E1EDFBE6758DFE7C74B94F4A7DF84A0E2BB904935AC4D900D5597DF981ADE6CE1FF3AF993BED0", publisher.getAuth());
+ assertEquals("07a7159d3bf51a0e53be7a8f89699be7", publisher.getKey());
assertEquals("test.operationalEnvironmentEvent", publisher.getTopic());
assertEquals("http://localhost:" + env.getProperty("wiremock.server.port"), publisher.getHost().get());
}
diff --git a/mso-api-handlers/mso-api-handler-infra/src/test/resources/application-test.yaml b/mso-api-handlers/mso-api-handler-infra/src/test/resources/application-test.yaml
index 63eb053..4826c87 100644
--- a/mso-api-handlers/mso-api-handler-infra/src/test/resources/application-test.yaml
+++ b/mso-api-handlers/mso-api-handler-infra/src/test/resources/application-test.yaml
@@ -1,10 +1,10 @@
# will be used as entry in DB to say SITE OFF/ON for healthcheck
-server:
- port: 8080
- tomcat:
- max-threads: 50
-ssl-enable: false
+server:
+ port: 8080
+ tomcat:
+ max-threads: 50
+
mso:
health:
@@ -77,6 +77,7 @@
username: testuser
password: VjR5NDcxSzA=
host: http://localhost:${wiremock.server.port}
+ auth: B3705D6C2D521257CC2422ACCF03B001811ACC49F564DDB3A2CF2A1378B6D35A23CDCB696F2E1EDFBE6758DFE7C74B94F4A7DF84A0E2BB904935AC4D900D5597DF981ADE6CE1FF3AF993BED0
publisher:
topic: test.operationalEnvironmentEvent