From f11a883a0b7d0dff421e5a79bc9f2378b76d3318 Mon Sep 17 00:00:00 2001
From: elinuxhenrik
Date: Thu, 26 Nov 2020 10:06:54 +0100
Subject: [PATCH] Remove user authentication
Change-Id: Ibd23d3453f7b5441f62469e2667edc5a5731969e
Issue-ID: NONRTRIC-339
Signed-off-by: elinuxhenrik Add getJobs
---
webapp-backend/config/.gitignore | 2 -
webapp-backend/config/key.properties.template | 21 --
webapp-backend/config/portal.properties.template | 34 --
webapp-backend/pom.xml | 50 ---
.../controlpanel/ControlPanelConstants.java | 15 -
.../controlpanel/ControlPanelUserManager.java | 183 ----------
.../controlpanel/config/AdminConfiguration.java | 59 ----
.../config/PortalApiConfiguration.java | 58 ----
.../config/WebSecurityConfiguration.java | 124 -------
.../controller/EnrichmentController.java | 9 -
.../controlpanel/controller/PolicyController.java | 8 -
.../controlpanel/model/EcompUserDetails.java | 93 -----
.../portalapi/IPortalSdkDecryptor.java | 42 ---
.../controlpanel/portalapi/PortalAuthManager.java | 120 -------
.../portalapi/PortalAuthenticationFilter.java | 281 ---------------
.../portalapi/PortalRestCentralServiceImpl.java | 93 -----
.../portalapi/PortalSdkDecryptorAes.java | 34 --
.../portalapi/PortalSdkDecryptorPkc.java | 33 --
webapp-backend/src/main/resources/ESAPI.properties | 385 ---------------------
.../src/main/resources/application.properties | 22 --
.../src/main/resources/portal.properties | 34 --
.../src/main/resources/validation.properties | 19 -
.../controlpanel/ControlPanelUserManagerTest.java | 82 -----
.../mock/PortalApIMockConfiguration.java | 84 -----
.../mock/WebSecurityMockConfiguration.java | 86 -----
.../portalapi/PortalAuthManagerTest.java | 91 -----
webapp-backend/src/test/resources/key.properties | 22 --
.../src/test/resources/portal.properties | 26 --
28 files changed, 2110 deletions(-)
delete mode 100644 webapp-backend/config/.gitignore
delete mode 100644 webapp-backend/config/key.properties.template
delete mode 100644 webapp-backend/config/portal.properties.template
delete mode 100644 webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelUserManager.java
delete mode 100644 webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/AdminConfiguration.java
delete mode 100644 webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/PortalApiConfiguration.java
delete mode 100644 webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/WebSecurityConfiguration.java
delete mode 100644 webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/EcompUserDetails.java
delete mode 100644 webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/IPortalSdkDecryptor.java
delete mode 100644 webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalAuthManager.java
delete mode 100644 webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalAuthenticationFilter.java
delete mode 100644 webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalRestCentralServiceImpl.java
delete mode 100644 webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalSdkDecryptorAes.java
delete mode 100644 webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalSdkDecryptorPkc.java
delete mode 100644 webapp-backend/src/main/resources/ESAPI.properties
delete mode 100644 webapp-backend/src/main/resources/portal.properties
delete mode 100644 webapp-backend/src/main/resources/validation.properties
delete mode 100644 webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelUserManagerTest.java
delete mode 100644 webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/mock/PortalApIMockConfiguration.java
delete mode 100644 webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/mock/WebSecurityMockConfiguration.java
delete mode 100644 webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalAuthManagerTest.java
delete mode 100644 webapp-backend/src/test/resources/key.properties
delete mode 100644 webapp-backend/src/test/resources/portal.properties
diff --git a/webapp-backend/config/.gitignore b/webapp-backend/config/.gitignore
deleted file mode 100644
index edd66f1..0000000
--- a/webapp-backend/config/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-/key.properties
-/portal.properties
diff --git a/webapp-backend/config/key.properties.template b/webapp-backend/config/key.properties.template
deleted file mode 100644
index ecf8b94..0000000
--- a/webapp-backend/config/key.properties.template
+++ /dev/null
@@ -1,21 +0,0 @@
-# ========================LICENSE_START=================================
-# O-RAN-SC
-# %%
-# Copyright (C) 2019 AT&T Intellectual Property
-# %%
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ========================LICENSE_END===================================
-
-# Template for the file that provides a secret key for the Non-RT RIC Control Panel.
-
-cipher.enc.key =
diff --git a/webapp-backend/config/portal.properties.template b/webapp-backend/config/portal.properties.template
deleted file mode 100644
index f0d6eca..0000000
--- a/webapp-backend/config/portal.properties.template
+++ /dev/null
@@ -1,34 +0,0 @@
-# ========================LICENSE_START=================================
-# O-RAN-SC
-# %%
-# Copyright (C) 2019 AT&T Intellectual Property
-# %%
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ========================LICENSE_END===================================
-
-# Template for the file that provides properties for the EPSDK-FW library.
-# This file must be present on the Java classpath.
-
-# The following properties are the same in every deployment
-
-portal.api.impl.class = org.oransc.portal.nonrtric.controlpanel.portalapi.PortalRestCentralServiceImpl
-role_access_centralized = remote
-
-# The following properties are DIFFERENT in every deployment
-
-# URL of portal login screen
-ecomp_redirect_url = http://localhost/portal
-# URL of portal API
-ecomp_rest_url = http://localhost/portal
-# Value assigned by portal instance
-ueb_app_key = abcdef1234567890
diff --git a/webapp-backend/pom.xml b/webapp-backend/pom.xml
index 240c9c4..4dfba6e 100644
--- a/webapp-backend/pom.xml
+++ b/webapp-backend/pom.xml
@@ -52,56 +52,6 @@ limitations under the License.
-
-
- org.onap.portal.sdk
- epsdk-fw
- ${epsdk-fw.version}
-
-
- commons-logging
- commons-logging
-
-
- log4j
- log4j
-
-
- log4j
- apache-log4j-extras
-
-
- org.slf4j
- slf4j-log4j12
-
-
- junit
- junit
-
-
- commons-fileupload
- commons-fileupload
-
-
- commons-beanutils
- commons-beanutils
-
-
-
- org.powermock
- powermock-module-junit4
-
-
-
- org.powermock
- powermock-api-mockito
-
-
-
-
- org.springframework.boot
- spring-boot-starter-security
- org.springframework.bootspring-boot-starter-web
diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelConstants.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelConstants.java
index 2e2d87e..b3766e8 100644
--- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelConstants.java
+++ b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelConstants.java
@@ -27,19 +27,4 @@ public abstract class ControlPanelConstants {
}
public static final String ENDPOINT_PREFIX = "/api";
- // Factor out method names used in multiple controllers
- public static final String VERSION_METHOD = "version";
- public static final String APP_NAME_AC = "AC";
- public static final String APP_NAME_MC = "MC";
- // The role names are defined by ONAP Portal.
- // The prefix "ROLE_" is required by Spring.
- // These are used in Java code annotations that require constants.
- public static final String ROLE_NAME_STANDARD = "Standard_User";
- public static final String ROLE_NAME_ADMIN = "System_Administrator";
- private static final String ROLE_PREFIX = "ROLE_";
- public static final String ROLE_ADMIN = ROLE_PREFIX + ROLE_NAME_ADMIN;
- public static final String ROLE_STANDARD = ROLE_PREFIX + ROLE_NAME_STANDARD;
- public static final String POLICY_CONTROLLER_USERNAME = "admin";
- public static final String POLICY_CONTROLLER_PASSWORD = "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U";
-
}
diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelUserManager.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelUserManager.java
deleted file mode 100644
index ba42b03..0000000
--- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelUserManager.java
+++ /dev/null
@@ -1,183 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * O-RAN-SC
- * %%
- * Copyright (C) 2019 AT&T Intellectual Property
- * Modifications Copyright (C) 2020 Nordix Foundation
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================LICENSE_END===================================
- */
-package org.oransc.portal.nonrtric.controlpanel;
-
-import com.fasterxml.jackson.core.type.TypeReference;
-import com.fasterxml.jackson.databind.ObjectMapper;
-
-import java.io.File;
-import java.io.IOException;
-import java.lang.invoke.MethodHandles;
-import java.nio.file.Files;
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import org.onap.portalsdk.core.onboarding.exception.PortalAPIException;
-import org.onap.portalsdk.core.restful.domain.EcompRole;
-import org.onap.portalsdk.core.restful.domain.EcompUser;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Provides simple user-management services.
- *
- * This first implementation serializes user details to a file.
- */
-public class ControlPanelUserManager {
-
- private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
-
- // This default value is only useful for development and testing.
- public static final String USER_FILE_PATH = "controlpanel-users.json";
-
- private final File userFile;
- private final List users;
-
- /**
- * Development/test-only constructor that uses default file path.
- *
- * @param clear
- * If true, start empty and remove any existing file.
- *
- * @throws IOException
- * On file error
- */
- public ControlPanelUserManager(boolean clear) throws IOException {
- this(USER_FILE_PATH);
- if (clear) {
- logger.debug("ctor: removing file {}", userFile.getAbsolutePath());
- File f = new File(ControlPanelUserManager.USER_FILE_PATH);
- if (f.exists())
- Files.delete(f.toPath());
- users.clear();
- }
- }
-
- /**
- * Constructur that accepts a file path
- *
- * @param userFilePath
- * File path
- * @throws IOException
- * If file cannot be read
- */
- public ControlPanelUserManager(final String userFilePath) throws IOException {
- logger.debug("ctor: userfile {}", userFilePath);
- if (userFilePath == null)
- throw new IllegalArgumentException("Missing or empty user file property");
- userFile = new File(userFilePath);
- logger.debug("ctor: managing users in file {}", userFile.getAbsolutePath());
- if (userFile.exists()) {
- final ObjectMapper mapper = new ObjectMapper();
- users = mapper.readValue(userFile, new TypeReference>() {});
- } else {
- users = new ArrayList<>();
- }
- }
-
- /**
- * Gets the current users.
- *
- * @return List of EcompUser objects, possibly empty
- */
- public List getUsers() {
- return this.users;
- }
-
- /**
- * Gets the user with the specified login Id
- *
- * @param loginId
- * Desired login Id
- * @return User object; null if Id is not known
- */
- public EcompUser getUser(String loginId) {
- for (EcompUser u : this.users) {
- if (u.getLoginId().equals(loginId)) {
- logger.debug("getUser: match on {}", loginId);
- return u;
- }
- }
- logger.debug("getUser: no match on {}", loginId);
- return null;
- }
-
- private void saveUsers() throws IOException {
- final ObjectMapper mapper = new ObjectMapper();
- mapper.writeValue(userFile, users);
- }
-
- /*
- * Allow at most one thread to create a user at one time.
- */
- public synchronized void createUser(EcompUser user) throws PortalAPIException {
- if (logger.isDebugEnabled()) {
- logger.debug("createUser: loginId is {}", user.getLoginId());
- }
- if (users.contains(user))
- throw new PortalAPIException("User exists: " + user.getLoginId());
- users.add(user);
- try {
- saveUsers();
- } catch (Exception ex) {
- throw new PortalAPIException("Save failed", ex);
- }
- }
-
- /*
- * Allow at most one thread to modify a user at one time. We still have
- * last-edit-wins of course.
- */
- public synchronized void updateUser(String loginId, EcompUser user) throws PortalAPIException {
- logger.debug("editUser: loginId is {}", loginId);
- int index = users.indexOf(user);
- if (index < 0)
- throw new PortalAPIException("User does not exist: " + user.getLoginId());
- users.remove(index);
- users.add(user);
- try {
- saveUsers();
- } catch (Exception ex) {
- throw new PortalAPIException("Save failed", ex);
- }
- }
-
- // Test infrastructure
- public static void main(String[] args) throws Exception {
- ControlPanelUserManager dum = new ControlPanelUserManager(false);
- EcompUser user = new EcompUser();
- user.setActive(true);
- user.setLoginId("demo");
- user.setFirstName("First");
- user.setLastName("Last");
- EcompRole role = new EcompRole();
- role.setId(1L);
- role.setName(ControlPanelConstants.ROLE_NAME_ADMIN);
- Set roles = new HashSet<>();
- roles.add(role);
- user.setRoles(roles);
- dum.createUser(user);
- logger.debug("Created user {}", user);
- }
-
-}
diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/AdminConfiguration.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/AdminConfiguration.java
deleted file mode 100644
index 4ec8e38..0000000
--- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/AdminConfiguration.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * O-RAN-SC
- * %%
- * Copyright (C) 2019 AT&T Intellectual Property
- * Modifications Copyright (C) 2020 Nordix Foundation
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================LICENSE_END===================================
- */
-package org.oransc.portal.nonrtric.controlpanel.config;
-
-import java.io.IOException;
-import java.lang.invoke.MethodHandles;
-
-import org.oransc.portal.nonrtric.controlpanel.ControlPanelUserManager;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
-
-/**
- * Creates an instance of the user manager.
- */
-@Configuration
-@Profile("!test")
-public class AdminConfiguration {
-
- private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
-
- // Populated by the autowired constructor
- private final String userfile;
-
- @Autowired
- public AdminConfiguration(@Value("${userfile}") final String userfile) {
- logger.debug("ctor userfile '{}'", userfile);
- this.userfile = userfile;
- }
-
- @Bean
- // The bean (method) name must be globally unique
- public ControlPanelUserManager userManager() throws IOException {
- return new ControlPanelUserManager(userfile);
- }
-
-}
diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/PortalApiConfiguration.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/PortalApiConfiguration.java
deleted file mode 100644
index 615d705..0000000
--- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/PortalApiConfiguration.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * O-RAN-SC
- * %%
- * Copyright (C) 2019 AT&T Intellectual Property
- * Modifications Copyright (C) 2020 Nordix Foundation
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================LICENSE_END===================================
- */
-package org.oransc.portal.nonrtric.controlpanel.config;
-
-import java.lang.invoke.MethodHandles;
-
-import org.onap.portalsdk.core.onboarding.crossapi.PortalRestAPIProxy;
-import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.boot.web.servlet.ServletRegistrationBean;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
-
-@Configuration
-@Profile("!test")
-public class PortalApiConfiguration {
-
- private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
-
- /**
- * Instantiates the EPSDK-FW servlet that implements the API called by Portal.
- * Needed because this app is not configured to scan the EPSDK-FW packages;
- * there's also a chance that Spring-Boot does not automatically
- * process @WebServlet annotations.
- *
- * @return Servlet registration bean for the Portal Rest API proxy servlet.
- */
- @Bean
- public ServletRegistrationBean portalApiProxyServletBean() {
- logger.debug("portalApiProxyServletBean");
- PortalRestAPIProxy servlet = new PortalRestAPIProxy();
- final ServletRegistrationBean servletBean =
- new ServletRegistrationBean<>(servlet, PortalApiConstants.API_PREFIX + "/*");
- servletBean.setName("PortalRestApiProxyServlet");
- return servletBean;
- }
-
-}
diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/WebSecurityConfiguration.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/WebSecurityConfiguration.java
deleted file mode 100644
index 88751b9..0000000
--- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/config/WebSecurityConfiguration.java
+++ /dev/null
@@ -1,124 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * O-RAN-SC
- * %%
- * Copyright (C) 2019 AT&T Intellectual Property
- * Modifications Copyright (C) 2019 Nordix Foundation
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================LICENSE_END===================================
- */
-package org.oransc.portal.nonrtric.controlpanel.config;
-
-import java.io.IOException;
-import java.lang.invoke.MethodHandles;
-import java.lang.reflect.InvocationTargetException;
-
-import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
-import org.oransc.portal.nonrtric.controlpanel.ControlPanelUserManager;
-import org.oransc.portal.nonrtric.controlpanel.controller.PolicyController;
-import org.oransc.portal.nonrtric.controlpanel.controller.SimpleErrorController;
-import org.oransc.portal.nonrtric.controlpanel.portalapi.PortalAuthManager;
-import org.oransc.portal.nonrtric.controlpanel.portalapi.PortalAuthenticationFilter;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.builders.WebSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
-import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
-
-@Configuration
-@EnableWebSecurity
-@EnableGlobalMethodSecurity(securedEnabled = true)
-@Profile("!test")
-public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
-
- private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
-
- // Although constructor arguments are recommended over field injection,
- // this results in fewer lines of code.
- @Value("${portalapi.security}")
- private Boolean portalapiSecurity;
- @Value("${portalapi.appname}")
- private String appName;
- @Value("${portalapi.username}")
- private String userName;
- @Value("${portalapi.password}")
- private String password;
- @Value("${portalapi.decryptor}")
- private String decryptor;
- @Value("${portalapi.usercookie}")
- private String userCookie;
-
- @Autowired
- ControlPanelUserManager userManager;
-
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- logger.debug("configure: portalapi.username {}", userName);
- // A chain of ".and()" always baffles me
- http.authorizeRequests().anyRequest().authenticated();
- http.headers().frameOptions().disable();
- http.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse());
- http.addFilterBefore(portalAuthenticationFilterBean(), BasicAuthenticationFilter.class);
- }
-
- /**
- * Resource paths that do not require authentication, especially including
- * Swagger-generated documentation.
- */
- @SuppressWarnings("squid:S1075") // URIs should not be hardcoded
- public static final String[] OPEN_PATHS = { //
- "/v2/api-docs", //
- "/swagger-resources/**", //
- "/swagger-ui.html", //
- "/webjars/**", //
- PortalApiConstants.API_PREFIX + "/**", //
- PolicyController.CONTROLLER_PATH + "/" + PolicyController.VERSION_METHOD, //
- SimpleErrorController.ERROR_PATH};
-
- @Override
- public void configure(WebSecurity web) throws Exception {
- // This disables Spring security, but not the app's filter.
- web.ignoring().antMatchers(OPEN_PATHS);
- }
-
- @Bean
- public PortalAuthManager portalAuthManagerBean() throws ClassNotFoundException, InstantiationException,
- IllegalAccessException, InvocationTargetException, NoSuchMethodException {
- return new PortalAuthManager(appName, userName, password, decryptor, userCookie);
- }
-
- /*
- * If this is annotated with @Bean, it is created automatically AND REGISTERED,
- * and Spring processes annotations in the source of the class. However, the
- * filter is added in the chain apparently in the wrong order. Alternately, with
- * no @Bean and added to the chain up in the configure() method in the desired
- * order, the ignoring() matcher pattern configured above causes Spring to
- * bypass this filter, which seems to me means the filter participates
- * correctly.
- */
- public PortalAuthenticationFilter portalAuthenticationFilterBean() throws ClassNotFoundException,
- InstantiationException, IllegalAccessException, IOException, InvocationTargetException, NoSuchMethodException {
- return new PortalAuthenticationFilter(portalapiSecurity, portalAuthManagerBean(), this.userManager);
- }
-
-}
diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/EnrichmentController.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/EnrichmentController.java
index 0037c33..0845fcd 100644
--- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/EnrichmentController.java
+++ b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/EnrichmentController.java
@@ -40,7 +40,6 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
-import org.springframework.security.access.annotation.Secured;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
@@ -66,7 +65,6 @@ public class EnrichmentController {
// Publish paths in constants so tests are easy to write
public static final String CONTROLLER_PATH = ControlPanelConstants.ENDPOINT_PREFIX + "/enrichment";
// Endpoints
- public static final String VERSION_METHOD = ControlPanelConstants.VERSION_METHOD;
public static final String EI_TYPES = "eitypes";
public static final String EI_PRODUCERS = "eiproducers";
public static final String EI_JOBS = "eijobs";
@@ -89,7 +87,6 @@ public class EnrichmentController {
*/
@ApiOperation(value = "Get the EI type identifiers")
@GetMapping(EI_TYPES)
- @Secured({ControlPanelConstants.ROLE_ADMIN, ControlPanelConstants.ROLE_STANDARD})
public ResponseEntity getAllEiTypeIds() {
logger.debug("getAllEiTypeIds");
return this.eiProducerApi.getAllEiTypeIds();
@@ -97,7 +94,6 @@ public class EnrichmentController {
@ApiOperation(value = "Get an individual EI type")
@GetMapping(EI_TYPES + "/{" + EI_TYPE_ID + "}")
- @Secured({ControlPanelConstants.ROLE_ADMIN, ControlPanelConstants.ROLE_STANDARD})
public ResponseEntity getEiType(@PathVariable(EI_TYPE_ID) String eiTypeId) {
logger.debug("getEiType {}", eiTypeId);
return this.eiProducerApi.getEiType(eiTypeId);
@@ -105,7 +101,6 @@ public class EnrichmentController {
@ApiOperation(value = "Get an individual EI producer")
@GetMapping(EI_PRODUCERS + "/{" + EI_PRODUCER_ID + "}")
- @Secured({ControlPanelConstants.ROLE_ADMIN, ControlPanelConstants.ROLE_STANDARD})
public ResponseEntity getEiProducer(@PathVariable(EI_PRODUCER_ID) String eiProducerId) {
logger.debug("getEiProducer {}", eiProducerId);
return this.eiProducerApi.getEiProducer(eiProducerId);
@@ -113,7 +108,6 @@ public class EnrichmentController {
@ApiOperation(value = "Get the EI job definitions for one EI producer")
@GetMapping(EI_PRODUCERS + "/{" + EI_PRODUCER_ID + "}/" + EI_JOBS)
- @Secured({ControlPanelConstants.ROLE_ADMIN, ControlPanelConstants.ROLE_STANDARD})
public ResponseEntity getEiJobsForOneEiProducer(@PathVariable(EI_PRODUCER_ID) String eiProducerId) {
logger.debug("getEiJobsForOneEiProducer {}", eiProducerId);
return this.eiProducerApi.getEiJobsForOneEiProducer(eiProducerId);
@@ -121,7 +115,6 @@ public class EnrichmentController {
@ApiOperation(value = "Get the EI job definitions for one EI producer")
@GetMapping(EI_JOBS)
- @Secured({ControlPanelConstants.ROLE_ADMIN, ControlPanelConstants.ROLE_STANDARD})
public ResponseEntity> getEiJobs() {
logger.debug("getEiJobs");
ResponseEntity response = this.eiProducerApi.getAllEiProducerIds();
@@ -146,7 +139,6 @@ public class EnrichmentController {
@ApiOperation(value = "Get EI producers")
@GetMapping(EI_PRODUCERS)
- @Secured({ControlPanelConstants.ROLE_ADMIN, ControlPanelConstants.ROLE_STANDARD})
public ResponseEntity> getEiProducers() {
logger.debug("getEiProducers");
ResponseEntity response = this.eiProducerApi.getAllEiProducerIds();
@@ -183,7 +175,6 @@ public class EnrichmentController {
@ApiOperation(value = "Get the status of an EI producer")
@GetMapping(EI_PRODUCERS + "/{" + EI_PRODUCER_ID + "}/" + STATUS)
- @Secured({ControlPanelConstants.ROLE_ADMIN, ControlPanelConstants.ROLE_STANDARD})
public ResponseEntity getEiProducerStatus(@PathVariable(EI_PRODUCER_ID) String eiProducerId) {
logger.debug("getEiProducerStatus {}", eiProducerId);
return this.eiProducerApi.getEiProducerStatus(eiProducerId);
diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/PolicyController.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/PolicyController.java
index 03d9d83..6cf79f1 100644
--- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/PolicyController.java
+++ b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/PolicyController.java
@@ -33,7 +33,6 @@ import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
-import org.springframework.security.access.annotation.Secured;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
@@ -61,7 +60,6 @@ public class PolicyController {
// Publish paths in constants so tests are easy to write
public static final String CONTROLLER_PATH = ControlPanelConstants.ENDPOINT_PREFIX + "/policy";
// Endpoints
- public static final String VERSION_METHOD = ControlPanelConstants.VERSION_METHOD;
public static final String POLICY_TYPES_METHOD = "policytypes";
public static final String POLICY_TYPE_PARAM = "type";
public static final String POLICIES_NAME = "policies";
@@ -82,7 +80,6 @@ public class PolicyController {
*/
@ApiOperation(value = "Gets the policy types from Near-RT RIC")
@GetMapping(POLICY_TYPES_METHOD)
- @Secured({ControlPanelConstants.ROLE_ADMIN, ControlPanelConstants.ROLE_STANDARD})
public ResponseEntity getAllPolicyTypes(HttpServletResponse response) {
logger.debug("getAllPolicyTypes");
return this.policyAgentApi.getAllPolicyTypes();
@@ -90,7 +87,6 @@ public class PolicyController {
@ApiOperation(value = "Returns the policy instances for the given policy type.")
@GetMapping(POLICIES_NAME)
- @Secured({ControlPanelConstants.ROLE_ADMIN, ControlPanelConstants.ROLE_STANDARD})
public ResponseEntity getPolicyInstances(
@RequestParam(name = "type", required = true) String policyTypeIdString) {
logger.debug("getPolicyInstances {}", policyTypeIdString);
@@ -99,7 +95,6 @@ public class PolicyController {
@ApiOperation(value = "Returns a policy instance of a type")
@GetMapping(POLICIES_NAME + "/{" + POLICY_INSTANCE_ID_NAME + "}")
- @Secured({ControlPanelConstants.ROLE_ADMIN, ControlPanelConstants.ROLE_STANDARD})
public ResponseEntity
", //
- "", //
- "");
- }
-
- /**
- * Searches the request for a cookie with the specified name.
- *
- * @param request
- * HttpServletRequest
- * @param cookieName
- * Cookie name
- * @return Cookie, or null if not found.
- */
- private Cookie getCookie(HttpServletRequest request, String cookieName) {
- Cookie[] cookies = request.getCookies();
- if (cookies != null)
- for (Cookie cookie : cookies)
- if (cookie.getName().equals(cookieName))
- return cookie;
- return null;
- }
-
- /**
- * Gets the ECOMP Portal service cookie value.
- *
- * @param request
- * @return Cookie value, or null if not found.
- */
- private String getPortalSessionId(HttpServletRequest request) {
- Cookie ep = getCookie(request, PortalApiConstants.EP_SERVICE);
- if (ep == null)
- return null;
- return ep.getValue();
- }
-
-}
diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalRestCentralServiceImpl.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalRestCentralServiceImpl.java
deleted file mode 100644
index 75ab13a..0000000
--- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalRestCentralServiceImpl.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * O-RAN-SC
- * %%
- * Copyright (C) 2019 AT&T Intellectual Property
- * Modifications Copyright (C) 2020 Nordix Foundation
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================LICENSE_END===================================
- */
-package org.oransc.portal.nonrtric.controlpanel.portalapi;
-
-import java.io.IOException;
-import java.lang.invoke.MethodHandles;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.onap.portalsdk.core.onboarding.crossapi.IPortalRestCentralService;
-import org.onap.portalsdk.core.onboarding.exception.PortalAPIException;
-import org.onap.portalsdk.core.restful.domain.EcompUser;
-import org.oransc.portal.nonrtric.controlpanel.ControlPanelUserManager;
-import org.oransc.portal.nonrtric.controlpanel.config.SpringContextCache;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.ApplicationContext;
-
-/**
- * Implements the contract used by the Portal to transmit user details to this
- * on-boarded application. The requests are intercepted first by a servlet in
- * the EPSDK-FW library, which proxies the calls to these methods.
- *
- * An instance of this class is created upon first request to the API. But this
- * class is found and instantiated via Class.forName(), so cannot use Spring
- * annotations.
- */
-public class PortalRestCentralServiceImpl implements IPortalRestCentralService {
-
- private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
-
- @Autowired
- private SpringContextCache springContextCache;
- private final PortalAuthManager authManager;
- private final ControlPanelUserManager userManager;
-
- public PortalRestCentralServiceImpl() throws IOException, PortalAPIException {
- final ApplicationContext context = springContextCache.getApplicationContext();
- authManager = context.getBean(PortalAuthManager.class);
- userManager = context.getBean(ControlPanelUserManager.class);
- }
-
- /*
- * Answers the Portal API credentials.
- */
- @Override
- public Map getAppCredentials() throws PortalAPIException {
- logger.debug("getAppCredentials");
- return authManager.getAppCredentials();
- }
-
- /*
- * Extracts the user ID from a cookie in the header
- */
- @Override
- public String getUserId(HttpServletRequest request) throws PortalAPIException {
- logger.debug("getuserId");
- return authManager.validateEcompSso(request);
- }
-
- @Override
- public void pushUser(EcompUser user) throws PortalAPIException {
- logger.debug("pushUser: {}", user);
- userManager.createUser(user);
- }
-
- @Override
- public void editUser(String loginId, EcompUser user) throws PortalAPIException {
- logger.debug("editUser: {}", user);
- userManager.updateUser(loginId, user);
- }
-
-}
diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalSdkDecryptorAes.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalSdkDecryptorAes.java
deleted file mode 100644
index 27d1fc1..0000000
--- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalSdkDecryptorAes.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * O-RAN-SC
- * %%
- * Copyright (C) 2019 AT&T Intellectual Property
- * Modifications Copyright (C) 2020 Nordix Foundation
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================LICENSE_END===================================
- */
-package org.oransc.portal.nonrtric.controlpanel.portalapi;
-
-import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
-import org.onap.portalsdk.core.onboarding.util.CipherUtil;
-
-public class PortalSdkDecryptorAes implements IPortalSdkDecryptor {
-
- @Override
- @SuppressWarnings("squid:CallToDeprecatedMethod")
- public String decrypt(String cipherText) throws CipherUtilException {
- return CipherUtil.decrypt(cipherText);
- }
-
-}
diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalSdkDecryptorPkc.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalSdkDecryptorPkc.java
deleted file mode 100644
index b0f8924..0000000
--- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalSdkDecryptorPkc.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * O-RAN-SC
- * %%
- * Copyright (C) 2019 AT&T Intellectual Property
- * Modifications Copyright (C) 2020 Nordix Foundation
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================LICENSE_END===================================
- */
-package org.oransc.portal.nonrtric.controlpanel.portalapi;
-
-import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
-import org.onap.portalsdk.core.onboarding.util.CipherUtil;
-
-public class PortalSdkDecryptorPkc implements IPortalSdkDecryptor {
-
- @Override
- public String decrypt(String cipherText) throws CipherUtilException {
- return CipherUtil.decryptPKC(cipherText);
- }
-
-}
diff --git a/webapp-backend/src/main/resources/ESAPI.properties b/webapp-backend/src/main/resources/ESAPI.properties
deleted file mode 100644
index ca45e09..0000000
--- a/webapp-backend/src/main/resources/ESAPI.properties
+++ /dev/null
@@ -1,385 +0,0 @@
-# ========================LICENSE_START=================================
-# O-RAN-SC
-# %%
-# Copyright (C) 2019 AT&T Intellectual Property
-# %%
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ========================LICENSE_END===================================
-
-#===========================================================================
-# ESAPI Configuration
-#
-# If true, then print all the ESAPI properties set here when they are loaded.
-# If false, they are not printed. Useful to reduce output when running JUnit tests.
-# If you need to troubleshoot a properties related problem, turning this on may help.
-# This is 'false' in the src/test/resources/.esapi version. It is 'true' by
-# default for reasons of backward compatibility with earlier ESAPI versions.
-ESAPI.printProperties=false
-
-# ESAPI is designed to be easily extensible. You can use the reference implementation
-# or implement your own providers to take advantage of your enterprise's security
-# infrastructure. The functions in ESAPI are referenced using the ESAPI locator, like:
-#
-# String ciphertext =
-# ESAPI.encryptor().encrypt("Secret message"); // Deprecated in 2.0
-# CipherText cipherText =
-# ESAPI.encryptor().encrypt(new PlainText("Secret message")); // Preferred
-#
-# Below you can specify the classname for the provider that you wish to use in your
-# application. The only requirement is that it implement the appropriate ESAPI interface.
-# This allows you to switch security implementations in the future without rewriting the
-# entire application.
-#
-# ExperimentalAccessController requires ESAPI-AccessControlPolicy.xml in .esapi directory
-ESAPI.AccessControl=org.owasp.esapi.reference.DefaultAccessController
-# FileBasedAuthenticator requires users.txt file in .esapi directory
-ESAPI.Authenticator=org.owasp.esapi.reference.FileBasedAuthenticator
-ESAPI.Encoder=org.owasp.esapi.reference.DefaultEncoder
-ESAPI.Encryptor=org.owasp.esapi.reference.crypto.JavaEncryptor
-
-ESAPI.Executor=org.owasp.esapi.reference.DefaultExecutor
-ESAPI.HTTPUtilities=org.owasp.esapi.reference.DefaultHTTPUtilities
-ESAPI.IntrusionDetector=org.owasp.esapi.reference.DefaultIntrusionDetector
-#ESAPI.Logger=org.owasp.esapi.reference.JavaLogFactory
-ESAPI.Randomizer=org.owasp.esapi.reference.DefaultRandomizer
-ESAPI.Validator=org.owasp.esapi.reference.DefaultValidator
-
-#===========================================================================
-# ESAPI Authenticator
-#
-Authenticator.AllowedLoginAttempts=3
-#Authenticator.MaxOldPasswordHashes=13
-Authenticator.UsernameParameterName=username
-#Authenticator.PasswordParameterName=password
-# RememberTokenDuration (in days)
-Authenticator.RememberTokenDuration=14
-# Session Timeouts (in minutes)
-Authenticator.IdleTimeoutDuration=20
-Authenticator.AbsoluteTimeoutDuration=120
-
-#===========================================================================
-# ESAPI Encoder
-#
-# ESAPI canonicalizes input before validation to prevent bypassing filters with encoded attacks.
-# Failure to canonicalize input is a very common mistake when implementing validation schemes.
-# Canonicalization is automatic when using the ESAPI Validator, but you can also use the
-# following code to canonicalize data.
-#
-# ESAPI.Encoder().canonicalize( "%22hello world"" );
-#
-# Multiple encoding is when a single encoding format is applied multiple times. Allowing
-# multiple encoding is strongly discouraged.
-Encoder.AllowMultipleEncoding=false
-
-# Mixed encoding is when multiple different encoding formats are applied, or when
-# multiple formats are nested. Allowing multiple encoding is strongly discouraged.
-Encoder.AllowMixedEncoding=false
-
-# The default list of codecs to apply when canonicalizing untrusted data. The list should include the codecs
-# for all downstream interpreters or decoders. For example, if the data is likely to end up in a URL, HTML, or
-# inside JavaScript, then the list of codecs below is appropriate. The order of the list is not terribly important.
-Encoder.DefaultCodecList=HTMLEntityCodec,PercentCodec,JavaScriptCodec
-
-
-#===========================================================================
-# ESAPI Encryption
-#
-# The ESAPI Encryptor provides basic cryptographic functions with a simplified API.
-# To get started, generate a new key using java -classpath esapi.jar org.owasp.esapi.reference.crypto.JavaEncryptor
-# There is not currently any support for key rotation, so be careful when changing your key and salt as it
-# will invalidate all signed, encrypted, and hashed data.
-#
-# WARNING: Not all combinations of algorithms and key lengths are supported.
-# If you choose to use a key length greater than 128, you MUST download the
-# unlimited strength policy files and install in the lib directory of your JRE/JDK.
-# See http://java.sun.com/javase/downloads/index.jsp for more information.
-#
-# Backward compatibility with ESAPI Java 1.4 is supported by the two deprecated API
-# methods, Encryptor.encrypt(String) and Encryptor.decrypt(String). However, whenever
-# possible, these methods should be avoided as they use ECB cipher mode, which in almost
-# all circumstances a poor choice because of it's weakness. CBC cipher mode is the default
-# for the new Encryptor encrypt / decrypt methods for ESAPI Java 2.0. In general, you
-# should only use this compatibility setting if you have persistent data encrypted with
-# version 1.4 and even then, you should ONLY set this compatibility mode UNTIL
-# you have decrypted all of your old encrypted data and then re-encrypted it with
-# ESAPI 2.0 using CBC mode. If you have some reason to mix the deprecated 1.4 mode
-# with the new 2.0 methods, make sure that you use the same cipher algorithm for both
-# (256-bit AES was the default for 1.4; 128-bit is the default for 2.0; see below for
-# more details.) Otherwise, you will have to use the new 2.0 encrypt / decrypt methods
-# where you can specify a SecretKey. (Note that if you are using the 256-bit AES,
-# that requires downloading the special jurisdiction policy files mentioned above.)
-#
-# ***** IMPORTANT: Do NOT forget to replace these with your own values! *****
-# To calculate these values, you can run:
-# java -classpath esapi.jar org.owasp.esapi.reference.crypto.JavaEncryptor
-#
-Encryptor.MasterKey=tzfztf56ftv
-Encryptor.MasterSalt=123456ztrewq
-
-# Provides the default JCE provider that ESAPI will "prefer" for its symmetric
-# encryption and hashing. (That is it will look to this provider first, but it
-# will defer to other providers if the requested algorithm is not implemented
-# by this provider.) If left unset, ESAPI will just use your Java VM's current
-# preferred JCE provider, which is generally set in the file
-# "$JAVA_HOME/jre/lib/security/java.security".
-#
-# The main intent of this is to allow ESAPI symmetric encryption to be
-# used with a FIPS 140-2 compliant crypto-module. For details, see the section
-# "Using ESAPI Symmetric Encryption with FIPS 140-2 Cryptographic Modules" in
-# the ESAPI 2.0 Symmetric Encryption User Guide, at:
-# http://owasp-esapi-java.googlecode.com/svn/trunk/documentation/esapi4java-core-2.0-symmetric-crypto-user-guide.html
-# However, this property also allows you to easily use an alternate JCE provider
-# such as "Bouncy Castle" without having to make changes to "java.security".
-# See Javadoc for SecurityProviderLoader for further details. If you wish to use
-# a provider that is not known to SecurityProviderLoader, you may specify the
-# fully-qualified class name of the JCE provider class that implements
-# java.security.Provider. If the name contains a '.', this is interpreted as
-# a fully-qualified class name that implements java.security.Provider.
-#
-# NOTE: Setting this property has the side-effect of changing it in your application
-# as well, so if you are using JCE in your application directly rather than
-# through ESAPI (you wouldn't do that, would you? ;-), it will change the
-# preferred JCE provider there as well.
-#
-# Default: Keeps the JCE provider set to whatever JVM sets it to.
-Encryptor.PreferredJCEProvider=
-
-# AES is the most widely used and strongest encryption algorithm. This
-# should agree with your Encryptor.CipherTransformation property.
-# By default, ESAPI Java 1.4 uses "PBEWithMD5AndDES" and which is
-# very weak. It is essentially a password-based encryption key, hashed
-# with MD5 around 1K times and then encrypted with the weak DES algorithm
-# (56-bits) using ECB mode and an unspecified padding (it is
-# JCE provider specific, but most likely "NoPadding"). However, 2.0 uses
-# "AES/CBC/PKCSPadding". If you want to change these, change them here.
-# Warning: This property does not control the default reference implementation for
-# ESAPI 2.0 using JavaEncryptor. Also, this property will be dropped
-# in the future.
-# @deprecated
-Encryptor.EncryptionAlgorithm=AES
-# For ESAPI Java 2.0 - New encrypt / decrypt methods use this.
-Encryptor.CipherTransformation=AES/CBC/PKCS5Padding
-
-# Applies to ESAPI 2.0 and later only!
-# Comma-separated list of cipher modes that provide *BOTH*
-# confidentiality *AND* message authenticity. (NIST refers to such cipher
-# modes as "combined modes" so that's what we shall call them.) If any of these
-# cipher modes are used then no MAC is calculated and stored
-# in the CipherText upon encryption. Likewise, if one of these
-# cipher modes is used with decryption, no attempt will be made
-# to validate the MAC contained in the CipherText object regardless
-# of whether it contains one or not. Since the expectation is that
-# these cipher modes support support message authenticity already,
-# injecting a MAC in the CipherText object would be at best redundant.
-#
-# Note that as of JDK 1.5, the SunJCE provider does not support *any*
-# of these cipher modes. Of these listed, only GCM and CCM are currently
-# NIST approved. YMMV for other JCE providers. E.g., Bouncy Castle supports
-# GCM and CCM with "NoPadding" mode, but not with "PKCS5Padding" or other
-# padding modes.
-Encryptor.cipher_modes.combined_modes=GCM,CCM,IAPM,EAX,OCB,CWC
-
-# Applies to ESAPI 2.0 and later only!
-# Additional cipher modes allowed for ESAPI 2.0 encryption. These
-# cipher modes are in _addition_ to those specified by the property
-# 'Encryptor.cipher_modes.combined_modes'.
-# Note: We will add support for streaming modes like CFB & OFB once
-# we add support for 'specified' to the property 'Encryptor.ChooseIVMethod'
-# (probably in ESAPI 2.1).
-# DISCUSS: Better name?
-Encryptor.cipher_modes.additional_allowed=CBC
-
-# 128-bit is almost always sufficient and appears to be more resistant to
-# related key attacks than is 256-bit AES. Use '_' to use default key size
-# for cipher algorithms (where it makes sense because the algorithm supports
-# a variable key size). Key length must agree to what's provided as the
-# cipher transformation, otherwise this will be ignored after logging a
-# warning.
-#
-# NOTE: This is what applies BOTH ESAPI 1.4 and 2.0. See warning above about mixing!
-Encryptor.EncryptionKeyLength=128
-
-# Because 2.0 uses CBC mode by default, it requires an initialization vector (IV).
-# (All cipher modes except ECB require an IV.) There are two choices: we can either
-# use a fixed IV known to both parties or allow ESAPI to choose a random IV. While
-# the IV does not need to be hidden from adversaries, it is important that the
-# adversary not be allowed to choose it. Also, random IVs are generally much more
-# secure than fixed IVs. (In fact, it is essential that feed-back cipher modes
-# such as CFB and OFB use a different IV for each encryption with a given key so
-# in such cases, random IVs are much preferred. By default, ESAPI 2.0 uses random
-# IVs. If you wish to use 'fixed' IVs, set 'Encryptor.ChooseIVMethod=fixed' and
-# uncomment the Encryptor.fixedIV.
-#
-# Valid values: random|fixed|specified 'specified' not yet implemented; planned for 2.1
-Encryptor.ChooseIVMethod=random
-# If you choose to use a fixed IV, then you must place a fixed IV here that
-# is known to all others who are sharing your secret key. The format should
-# be a hex string that is the same length as the cipher block size for the
-# cipher algorithm that you are using. The following is an *example* for AES
-# from an AES test vector for AES-128/CBC as described in:
-# NIST Special Publication 800-38A (2001 Edition)
-# "Recommendation for Block Cipher Modes of Operation".
-# (Note that the block size for AES is 16 bytes == 128 bits.)
-#
-Encryptor.fixedIV=0x000102030405060708090a0b0c0d0e0f
-
-# Whether or not CipherText should use a message authentication code (MAC) with it.
-# This prevents an adversary from altering the IV as well as allowing a more
-# fool-proof way of determining the decryption failed because of an incorrect
-# key being supplied. This refers to the "separate" MAC calculated and stored
-# in CipherText, not part of any MAC that is calculated as a result of a
-# "combined mode" cipher mode.
-#
-# If you are using ESAPI with a FIPS 140-2 cryptographic module, you *must* also
-# set this property to false.
-Encryptor.CipherText.useMAC=true
-
-# Whether or not the PlainText object may be overwritten and then marked
-# eligible for garbage collection. If not set, this is still treated as 'true'.
-Encryptor.PlainText.overwrite=true
-
-# Do not use DES except in a legacy situations. 56-bit is way too small key size.
-#Encryptor.EncryptionKeyLength=56
-#Encryptor.EncryptionAlgorithm=DES
-
-# TripleDES is considered strong enough for most purposes.
-# Note: There is also a 112-bit version of DESede. Using the 168-bit version
-# requires downloading the special jurisdiction policy from Sun.
-#Encryptor.EncryptionKeyLength=168
-#Encryptor.EncryptionAlgorithm=DESede
-
-Encryptor.HashAlgorithm=SHA-512
-Encryptor.HashIterations=1024
-Encryptor.DigitalSignatureAlgorithm=SHA1withDSA
-Encryptor.DigitalSignatureKeyLength=1024
-Encryptor.RandomAlgorithm=SHA1PRNG
-Encryptor.CharacterEncoding=UTF-8
-
-# This is the Pseudo Random Function (PRF) that ESAPI's Key Derivation Function
-# (KDF) normally uses. Note this is *only* the PRF used for ESAPI's KDF and
-# *not* what is used for ESAPI's MAC. (Currently, HmacSHA1 is always used for
-# the MAC, mostly to keep the overall size at a minimum.)
-#
-# Currently supported choices for JDK 1.5 and 1.6 are:
-# HmacSHA1 (160 bits), HmacSHA256 (256 bits), HmacSHA384 (384 bits), and
-# HmacSHA512 (512 bits).
-# Note that HmacMD5 is *not* supported for the PRF used by the KDF even though
-# the JDKs support it. See the ESAPI 2.0 Symmetric Encryption User Guide
-# further details.
-Encryptor.KDF.PRF=HmacSHA256
-#===========================================================================
-# ESAPI Logging
-# Set the application name if these logs are combined with other applications
-Logger.ApplicationName=portal_nonrtric_controlpanel
-# If you use an HTML log viewer that does not properly HTML escape log data, you can set LogEncodingRequired to true
-Logger.LogEncodingRequired=false
-# Determines whether ESAPI should log the application name. This might be clutter in some single-server/single-app environments.
-Logger.LogApplicationName=true
-# Determines whether ESAPI should log the server IP and port. This might be clutter in some single-server environments.
-Logger.LogServerIP=true
-# LogFileName, the name of the logging file. Provide a full directory path (e.g., C:\\ESAPI\\ESAPI_logging_file) if you
-# want to place it in a specific directory.
-Logger.LogFileName=portal_nonrtric_controlpanel_esapi_log
-# MaxLogFileSize, the max size (in bytes) of a single log file before it cuts over to a new one (default is 10,000,000)
-Logger.MaxLogFileSize=10000000
-
-
-#===========================================================================
-# ESAPI Intrusion Detection
-#
-# Each event has a base to which .count, .interval, and .action are added
-# The IntrusionException will fire if we receive "count" events within "interval" seconds
-# The IntrusionDetector is configurable to take the following actions: log, logout, and disable
-# (multiple actions separated by commas are allowed e.g. event.test.actions=log,disable
-#
-# Custom Events
-# Names must start with "event." as the base
-# Use IntrusionDetector.addEvent( "test" ) in your code to trigger "event.test" here
-# You can also disable intrusion detection completely by changing
-# the following parameter to true
-#
-IntrusionDetector.Disable=false
-#
-IntrusionDetector.event.test.count=2
-IntrusionDetector.event.test.interval=10
-IntrusionDetector.event.test.actions=disable,log
-
-# Exception Events
-# All EnterpriseSecurityExceptions are registered automatically
-# Call IntrusionDetector.getInstance().addException(e) for Exceptions that do not extend EnterpriseSecurityException
-# Use the fully qualified classname of the exception as the base
-
-# any intrusion is an attack
-IntrusionDetector.org.owasp.esapi.errors.IntrusionException.count=1
-IntrusionDetector.org.owasp.esapi.errors.IntrusionException.interval=1
-IntrusionDetector.org.owasp.esapi.errors.IntrusionException.actions=log,disable,logout
-
-# for test purposes
-# CHECKME: Shouldn't there be something in the property name itself that designates
-# that these are for testing???
-IntrusionDetector.org.owasp.esapi.errors.IntegrityException.count=10
-IntrusionDetector.org.owasp.esapi.errors.IntegrityException.interval=5
-IntrusionDetector.org.owasp.esapi.errors.IntegrityException.actions=log,disable,logout
-
-# rapid validation errors indicate scans or attacks in progress
-# org.owasp.esapi.errors.ValidationException.count=10
-# org.owasp.esapi.errors.ValidationException.interval=10
-# org.owasp.esapi.errors.ValidationException.actions=log,logout
-
-# sessions jumping between hosts indicates session hijacking
-IntrusionDetector.org.owasp.esapi.errors.AuthenticationHostException.count=2
-IntrusionDetector.org.owasp.esapi.errors.AuthenticationHostException.interval=10
-IntrusionDetector.org.owasp.esapi.errors.AuthenticationHostException.actions=log,logout
-
-
-#===========================================================================
-# ESAPI Validation
-#
-# The ESAPI Validator works on regular expressions with defined names. You can define names
-# either here, or you may define application specific patterns in a separate file defined below.
-# This allows enterprises to specify both organizational standards as well as application specific
-# validation rules.
-#
-Validator.ConfigurationFile=validation.properties
-Validator.ConfigurationFile.MultiValued=false
-
-# Validators used by ESAPI
-Validator.AccountName=^[a-zA-Z0-9]{3,20}$
-Validator.SystemCommand=^[a-zA-Z\\-\\/]{1,64}$
-Validator.RoleName=^[a-z]{1,20}$
-
-#the word TEST below should be changed to your application
-#name - only relative URL's are supported
-Validator.Redirect=^\\/test.*$
-
-# Global HTTP Validation Rules
-# Values with Base64 encoded data (e.g. encrypted state) will need at least [a-zA-Z0-9\/+=]
-Validator.HTTPScheme=^(http|https)$
-Validator.HTTPServerName=^[a-zA-Z0-9_.\\-]*$
-Validator.HTTPParameterName=^[a-zA-Z0-9_]{1,32}$
-Validator.HTTPParameterValue=^[a-zA-Z0-9.\\-\\/+=@_ ]*$
-Validator.HTTPCookieName=^[a-zA-Z0-9\\-_]{1,32}$
-Validator.HTTPCookieValue=^[a-zA-Z0-9\\-\\/+=_ ]*$
-Validator.HTTPHeaderName=^[a-zA-Z0-9\\-_]{1,32}$
-Validator.HTTPHeaderValue=^[a-zA-Z0-9()\\-=\\*\\.\\?;,+\\/:&_ ]*$
-Validator.HTTPContextPath=^\\/?[a-zA-Z0-9.\\-\\/_]*$
-Validator.HTTPServletPath=^[a-zA-Z0-9.\\-\\/_]*$
-Validator.HTTPPath=^[a-zA-Z0-9.\\-_]*$
-Validator.HTTPQueryString=^[a-zA-Z0-9()\\-=\\*\\.\\?;,+\\/:&_ %]*$
-Validator.HTTPURI=^[a-zA-Z0-9()\\-=\\*\\.\\?;,+\\/:&_ ]*$
-Validator.HTTPURL=^.*$
-Validator.HTTPJSESSIONID=^[A-Z0-9]{10,30}$
-
-# Validation of file related input
-Validator.FileName=^[a-zA-Z0-9!@#$%^&{}\\[\\]()_+\\-=,.~'` ]{1,255}$
-Validator.DirectoryName=^[a-zA-Z0-9:/\\\\!@#$%^&{}\\[\\]()_+\\-=,.~'` ]{1,255}$
diff --git a/webapp-backend/src/main/resources/application.properties b/webapp-backend/src/main/resources/application.properties
index e795dca..f21d8d5 100644
--- a/webapp-backend/src/main/resources/application.properties
+++ b/webapp-backend/src/main/resources/application.properties
@@ -30,24 +30,6 @@ server.ssl.key-store = classpath:keystore.jks
server.ssl.key-password = ericsson_kwdjfhw
server.http.port = 8080
-
-
-# path to file that stores user details;
-# use a persistent volume in a K8S deployment
-userfile = users.json
-
-# boolean flag whether to enforce Portal user and roles on requests
-portalapi.security = false
-# class that decrypts ciphertext from Portal
-portalapi.decryptor = org.oransc.portal.nonrtric.controlpanel.portalapi.PortalSdkDecryptorAes
-# name of request cookie with user ID
-portalapi.usercookie = UserId
-
-# portal credentials must be supplied at deployment time
-portalapi.appname = Non-RT RIC Control Panel
-portalapi.username =
-portalapi.password =
-
# endpoint URLs must be supplied at deployment time
# NOTE: change policycontroller.url.prefix to http://localhost:8081 when running
# controlpanel locally (i.e., not inside the docker container)
@@ -60,7 +42,3 @@ enrichmentcontroller.url.prefix = http://enrichment-service-container:8083/ei-pr
# Mimic slow endpoints by defining sleep period, in milliseconds
mock.config.delay = 0
-
-# Kibana report on metrics
-metrics.url.ac = http://jar-app-props-kibana-url-ac
-metrics.url.mc = http://jar-app-props-kibana-url-mc
diff --git a/webapp-backend/src/main/resources/portal.properties b/webapp-backend/src/main/resources/portal.properties
deleted file mode 100644
index f0d6eca..0000000
--- a/webapp-backend/src/main/resources/portal.properties
+++ /dev/null
@@ -1,34 +0,0 @@
-# ========================LICENSE_START=================================
-# O-RAN-SC
-# %%
-# Copyright (C) 2019 AT&T Intellectual Property
-# %%
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ========================LICENSE_END===================================
-
-# Template for the file that provides properties for the EPSDK-FW library.
-# This file must be present on the Java classpath.
-
-# The following properties are the same in every deployment
-
-portal.api.impl.class = org.oransc.portal.nonrtric.controlpanel.portalapi.PortalRestCentralServiceImpl
-role_access_centralized = remote
-
-# The following properties are DIFFERENT in every deployment
-
-# URL of portal login screen
-ecomp_redirect_url = http://localhost/portal
-# URL of portal API
-ecomp_rest_url = http://localhost/portal
-# Value assigned by portal instance
-ueb_app_key = abcdef1234567890
diff --git a/webapp-backend/src/main/resources/validation.properties b/webapp-backend/src/main/resources/validation.properties
deleted file mode 100644
index 22eaa4e..0000000
--- a/webapp-backend/src/main/resources/validation.properties
+++ /dev/null
@@ -1,19 +0,0 @@
-# ========================LICENSE_START=================================
-# O-RAN-SC
-# %%
-# Copyright (C) 2019 AT&T Intellectual Property
-# %%
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ========================LICENSE_END===================================
-
-# empty file to suppress OWASP complaints emitted to stdout
diff --git a/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelUserManagerTest.java b/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelUserManagerTest.java
deleted file mode 100644
index 1faf618..0000000
--- a/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/ControlPanelUserManagerTest.java
+++ /dev/null
@@ -1,82 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * O-RAN-SC
- * %%
- * Copyright (C) 2019 AT&T Intellectual Property
- * Modifications Copyright (C) 2020 Nordix Foundation
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================LICENSE_END===================================
- */
-package org.oransc.portal.nonrtric.controlpanel;
-
-import java.lang.invoke.MethodHandles;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.junit.Assert;
-import org.junit.jupiter.api.Test;
-import org.onap.portalsdk.core.onboarding.exception.PortalAPIException;
-import org.onap.portalsdk.core.restful.domain.EcompRole;
-import org.onap.portalsdk.core.restful.domain.EcompUser;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-class ControlPanelUserManagerTest {
-
- private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
-
- public static EcompUser createEcompUser(String loginId) {
- EcompUser user = new EcompUser();
- user.setActive(true);
- user.setLoginId(loginId);
- user.setFirstName("First");
- user.setLastName("Last");
- EcompRole role = new EcompRole();
- role.setId(1L);
- role.setName(ControlPanelConstants.ROLE_NAME_ADMIN);
- Set roles = new HashSet<>();
- roles.add(role);
- user.setRoles(roles);
- return user;
- }
-
- @Test
- void testUserMgr() throws Exception {
- final String loginId = "demo";
- ControlPanelUserManager dum = new ControlPanelUserManager(true);
- EcompUser user = createEcompUser(loginId);
- dum.createUser(user);
- logger.info("Created user {}", user);
- try {
- dum.createUser(user);
- throw new Exception("Unexpected success");
- } catch (PortalAPIException ex) {
- logger.info("caught expected exception: {}", ex.toString());
- }
- Assert.assertFalse(dum.getUsers().isEmpty());
- EcompUser fetched = dum.getUser(loginId);
- Assert.assertEquals(fetched, user);
- fetched.setLastName("Lastier");
- dum.updateUser(loginId, fetched);
- EcompUser missing = dum.getUser("foo");
- Assert.assertNull(missing);
- EcompUser unk = createEcompUser("unknown");
- try {
- dum.updateUser("unk", unk);
- } catch (PortalAPIException ex) {
- logger.info("caught expected exception: {}", ex.toString());
- }
- }
-
-}
diff --git a/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/mock/PortalApIMockConfiguration.java b/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/mock/PortalApIMockConfiguration.java
deleted file mode 100644
index 1a89fac..0000000
--- a/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/mock/PortalApIMockConfiguration.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * O-RAN-SC
- * %%
- * Copyright (C) 2019 AT&T Intellectual Property
- * Modifications Copyright (C) 2020 Nordix Foundation
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================LICENSE_END===================================
- */
-package org.oransc.portal.nonrtric.controlpanel.mock;
-
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.Mockito.doAnswer;
-import static org.mockito.Mockito.mock;
-
-import java.lang.invoke.MethodHandles;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletRequest;
-
-import org.onap.portalsdk.core.onboarding.crossapi.PortalRestAPIProxy;
-import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
-import org.oransc.portal.nonrtric.controlpanel.portalapi.PortalAuthManager;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.boot.web.servlet.ServletRegistrationBean;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
-
-@Configuration
-@Profile("test")
-public class PortalApIMockConfiguration {
-
- private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
-
- // Unfortunately EPSDK-FW does not define these as constants
- public static final String PORTAL_USERNAME_HEADER_KEY = "username";
- public static final String PORTAL_PASSWORD_HEADER_KEY = "password";
-
- @Bean
- public ServletRegistrationBean portalApiProxyServlet() {
- PortalRestAPIProxy servlet = new PortalRestAPIProxy();
- final ServletRegistrationBean servletBean =
- new ServletRegistrationBean<>(servlet, PortalApiConstants.API_PREFIX + "/*");
- servletBean.setName("PortalRestApiProxyServlet");
- return servletBean;
- }
-
- @Bean
- public PortalAuthManager portalAuthManager() throws Exception {
- PortalAuthManager mockManager = mock(PortalAuthManager.class);
- final Map credentialsMap = new HashMap<>();
- credentialsMap.put("appName", "appName");
- credentialsMap.put(PORTAL_USERNAME_HEADER_KEY, PORTAL_USERNAME_HEADER_KEY);
- credentialsMap.put(PORTAL_PASSWORD_HEADER_KEY, PORTAL_PASSWORD_HEADER_KEY);
- doAnswer(inv -> {
- logger.debug("getAppCredentials");
- return credentialsMap;
- }).when(mockManager).getAppCredentials();
- doAnswer(inv -> {
- logger.debug("getUserId");
- return "userId";
- }).when(mockManager).validateEcompSso(any(HttpServletRequest.class));
- doAnswer(inv -> {
- logger.debug("getAppCredentials");
- return credentialsMap;
- }).when(mockManager).getAppCredentials();
- return mockManager;
- }
-
-}
diff --git a/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/mock/WebSecurityMockConfiguration.java b/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/mock/WebSecurityMockConfiguration.java
deleted file mode 100644
index 15c2ed9..0000000
--- a/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/mock/WebSecurityMockConfiguration.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * O-RAN-SC
- * %%
- * Copyright (C) 2019 AT&T Intellectual Property
- * Modifications Copyright (C) 2020 Nordix Foundation
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================LICENSE_END===================================
- */
-package org.oransc.portal.nonrtric.controlpanel.mock;
-
-import java.lang.invoke.MethodHandles;
-
-import org.oransc.portal.nonrtric.controlpanel.ControlPanelConstants;
-import org.oransc.portal.nonrtric.controlpanel.config.WebSecurityConfiguration;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Profile;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.builders.WebSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.crypto.factory.PasswordEncoderFactories;
-import org.springframework.security.crypto.password.PasswordEncoder;
-
-@Configuration
-@EnableWebSecurity
-@EnableGlobalMethodSecurity(securedEnabled = true)
-@Profile("test")
-public class WebSecurityMockConfiguration extends WebSecurityConfigurerAdapter {
-
- public static final String TEST_CRED_ADMIN = "admin";
- public static final String TEST_CRED_STANDARD = "standard";
-
- private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
-
- public WebSecurityMockConfiguration(@Value("${userfile}") final String userFilePath) {
- logger.debug("ctor: user file path {}", userFilePath);
- }
-
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- PasswordEncoder encoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
- auth.inMemoryAuthentication() //
- .passwordEncoder(encoder) //
- // The admin user has the admin AND standard roles
- .withUser(TEST_CRED_ADMIN) //
- .password(encoder.encode(TEST_CRED_ADMIN))
- .roles(ControlPanelConstants.ROLE_NAME_ADMIN, ControlPanelConstants.ROLE_NAME_STANDARD)//
- .and()//
- // The standard user has only the standard role
- .withUser(TEST_CRED_STANDARD) //
- .password(encoder.encode(TEST_CRED_STANDARD)) //
- .roles(ControlPanelConstants.ROLE_NAME_STANDARD);
- }
-
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.authorizeRequests().anyRequest().authenticated()//
- .and().httpBasic() //
- .and().csrf().disable();
- }
-
- @Override
- public void configure(WebSecurity web) throws Exception {
- // This disables Spring security, but not the app's filter.
- web.ignoring().antMatchers(WebSecurityConfiguration.OPEN_PATHS);
- web.ignoring().antMatchers("/", "/csrf"); // allow swagger-ui to load
- }
-
-}
diff --git a/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalAuthManagerTest.java b/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalAuthManagerTest.java
deleted file mode 100644
index 382198b..0000000
--- a/webapp-backend/src/test/java/org/oransc/portal/nonrtric/controlpanel/portalapi/PortalAuthManagerTest.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * O-RAN-SC
- * %%
- * Copyright (C) 2019 AT&T Intellectual Property
- * Modifications Copyright (C) 2020 Nordix Foundation
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * ========================LICENSE_END===================================
- */
-package org.oransc.portal.nonrtric.controlpanel.portalapi;
-
-import java.io.IOException;
-import java.lang.invoke.MethodHandles;
-import java.lang.reflect.InvocationTargetException;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.Cookie;
-
-import org.junit.Assert;
-import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.extension.ExtendWith;
-import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
-import org.oransc.portal.nonrtric.controlpanel.ControlPanelUserManager;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.test.context.SpringBootTest;
-import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.context.junit.jupiter.SpringExtension;
-
-@ExtendWith(SpringExtension.class)
-@SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT)
-class PortalAuthManagerTest {
-
- @Value("${portalapi.decryptor}")
- private String decryptor;
-
- private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
-
- @Test
- void testPortalStuff() throws ClassNotFoundException, InstantiationException, IllegalAccessException,
- InvocationTargetException, NoSuchMethodException, IOException, ServletException {
-
- PortalAuthManager m = new PortalAuthManager("app", "user", "secret", decryptor, "cookie");
- Assert.assertNotNull(m.getAppCredentials());
- String s = null;
-
- MockHttpServletRequest request = new MockHttpServletRequest();
- s = m.validateEcompSso(request);
- logger.debug("validateEcompSso answers {}", s);
- Assert.assertNull(s);
-
- Cookie cookie = new Cookie(PortalApiConstants.EP_SERVICE, "bogus");
- request.setCookies(cookie);
- s = m.validateEcompSso(request);
- logger.debug("validateEcompSso answers {}", s);
- Assert.assertNull(s);
-
- ControlPanelUserManager dum = new ControlPanelUserManager(true);
- PortalAuthenticationFilter filter = new PortalAuthenticationFilter(false, m, dum);
- filter.init(null);
- filter.destroy();
- MockHttpServletResponse response = new MockHttpServletResponse();
- try {
- filter.doFilter(request, response, null);
- } catch (NullPointerException ex) {
- logger.debug("chain is null");
- }
-
- filter = new PortalAuthenticationFilter(true, m, dum);
- try {
- filter.doFilter(request, response, null);
- } catch (NullPointerException ex) {
- logger.debug("chain is null");
- }
- }
-
-}
diff --git a/webapp-backend/src/test/resources/key.properties b/webapp-backend/src/test/resources/key.properties
deleted file mode 100644
index c2cab7d..0000000
--- a/webapp-backend/src/test/resources/key.properties
+++ /dev/null
@@ -1,22 +0,0 @@
-# ========================LICENSE_START=================================
-# O-RAN-SC
-# %%
-# Copyright (C) 2019 AT&T Intellectual Property
-# %%
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ========================LICENSE_END===================================
-
-# Test properties for the EPSDK-FW library.
-# This file must be present on the Java classpath.
-
-cipher.enc.key = bogus
diff --git a/webapp-backend/src/test/resources/portal.properties b/webapp-backend/src/test/resources/portal.properties
deleted file mode 100644
index e01d9e6..0000000
--- a/webapp-backend/src/test/resources/portal.properties
+++ /dev/null
@@ -1,26 +0,0 @@
-# ========================LICENSE_START=================================
-# O-RAN-SC
-# %%
-# Copyright (C) 2019 AT&T Intellectual Property
-# %%
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ========================LICENSE_END===================================
-
-# Test properties for the EPSDK-FW library.
-# This file must be present on the Java classpath.
-
-portal.api.impl.class = org.oransc.portal.nonrtric.controlpanel.portalapi.PortalRestCentralServiceImpl
-role_access_centralized = remote
-ecomp_redirect_url = https://www.wikipedia.org
-ecomp_rest_url = http://localhost/portal
-ueb_app_key = abcdef1234567890
--
2.16.6