From 8d398eb56dc92917c7c461a5b21e2a27bffe0ba8 Mon Sep 17 00:00:00 2001 From: ecaiyanlinux Date: Wed, 13 Jan 2021 21:59:35 +0100 Subject: [PATCH] Remove JsonProperty, Use Gson to replace Jackson By default spring boot uses Jackson for json serialization and deserialization Onap community recommend to use Gson to replace Jackson due to potential vulnerabilies Signed-off-by: ecaiyanlinux Issue-ID: NONRTRIC-314 Change-Id: Ida1b9ce25003c28b1f30c37a1f43f516ff932ce3 --- docs/api.json | 69 +--------------------- .../controller/EnrichmentController.java | 10 ++-- .../nonrtric/controlpanel/model/JobInfo.java | 6 -- .../nonrtric/controlpanel/model/PolicyType.java | 4 -- .../nonrtric/controlpanel/model/ProducerInfo.java | 4 -- .../model/ProducerRegistrationInfo.java | 7 --- .../controlpanel/model/ProducerStatusInfo.java | 2 - 7 files changed, 8 insertions(+), 94 deletions(-) diff --git a/docs/api.json b/docs/api.json index 3a47572..a4ea2ed 100644 --- a/docs/api.json +++ b/docs/api.json @@ -45,10 +45,7 @@ "200": { "description": "OK", "schema": { - "type": "array", - "items": { - "$ref": "#/definitions/ei_job_request" - } + "type": "string" } }, "401": { @@ -78,10 +75,7 @@ "200": { "description": "OK", "schema": { - "type": "array", - "items": { - "$ref": "#/definitions/ei_producer" - } + "type": "string" } }, "401": { @@ -381,64 +375,5 @@ "deprecated": false } } - }, - "definitions": { - "ei_job_request": { - "type": "object", - "required": [ - "ei_job_identity" - ], - "properties": { - "ei_job_data": { - "type": "object", - "description": "Json for the job data" - }, - "ei_job_identity": { - "type": "string", - "description": "Identity of the EI job" - }, - "ei_type_identity": { - "type": "string", - "description": "Type identity for the job" - }, - "owner": { - "type": "string", - "description": "The owner of the job" - }, - "target_uri": { - "type": "string", - "description": "URI for the target of the EI" - } - }, - "title": "ei_job_request", - "description": "The EI job" - }, - "ei_producer": { - "type": "object", - "required": [ - "ei_producer_id", - "ei_producer_types", - "status" - ], - "properties": { - "ei_producer_id": { - "type": "string", - "description": "Idenitity of the EI producer" - }, - "ei_producer_types": { - "type": "array", - "description": "Types provided by the EI producer", - "items": { - "type": "string" - } - }, - "status": { - "type": "string", - "description": "Status of the EI producer" - } - }, - "title": "ei_producer", - "description": "The EI producer" - } } } diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/EnrichmentController.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/EnrichmentController.java index c874dc1..297f5bc 100644 --- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/EnrichmentController.java +++ b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/controller/EnrichmentController.java @@ -19,6 +19,7 @@ */ package org.oransc.portal.nonrtric.controlpanel.controller; +import com.google.gson.GsonBuilder; import com.google.gson.JsonArray; import com.google.gson.JsonElement; import com.google.gson.JsonParser; @@ -73,6 +74,7 @@ public class EnrichmentController { // Populated by the autowired constructor private final EiProducerApi eiProducerApi; + public static com.google.gson.Gson gson = new GsonBuilder().create(); @Autowired public EnrichmentController(final EiProducerApi eiProducerApi) { @@ -83,7 +85,7 @@ public class EnrichmentController { @ApiOperation(value = "Get the EI job definitions for one EI producer") @GetMapping(EI_JOBS) - public ResponseEntity> getEiJobs() { + public ResponseEntity getEiJobs() { logger.debug("getEiJobs"); ResponseEntity response = this.eiProducerApi.getAllEiProducerIds(); JsonArray bodyJson = JsonParser.parseString(response.getBody()).getAsJsonArray(); @@ -91,7 +93,7 @@ public class EnrichmentController { for (JsonElement producerId : bodyJson) { allJobs.addAll(getJobs(producerId)); } - return new ResponseEntity<>(allJobs, HttpStatus.OK); + return new ResponseEntity<>(gson.toJson(allJobs), HttpStatus.OK); } private List getJobs(JsonElement producerId) { @@ -102,7 +104,7 @@ public class EnrichmentController { @ApiOperation(value = "Get EI producers") @GetMapping(EI_PRODUCERS) - public ResponseEntity> getEiProducers() { + public ResponseEntity getEiProducers() { logger.debug("getEiProducers"); ResponseEntity response = this.eiProducerApi.getAllEiProducerIds(); JsonArray bodyJson = JsonParser.parseString(response.getBody()).getAsJsonArray(); @@ -116,7 +118,7 @@ public class EnrichmentController { producers.add(producerInfo); } - return new ResponseEntity<>(producers, HttpStatus.OK); + return new ResponseEntity<>(gson.toJson(producers), HttpStatus.OK); } private String[] getSupportedTypes(JsonElement producerId) { diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/JobInfo.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/JobInfo.java index 78bbd87..9f64153 100644 --- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/JobInfo.java +++ b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/JobInfo.java @@ -20,7 +20,6 @@ package org.oransc.portal.nonrtric.controlpanel.model; -import com.fasterxml.jackson.annotation.JsonProperty; import com.google.gson.annotations.SerializedName; import io.swagger.annotations.ApiModel; @@ -36,27 +35,22 @@ public class JobInfo { @ApiModelProperty(value = "Identity of the EI job", required = true) @SerializedName("ei_job_identity") - @JsonProperty("ei_job_identity") public String id; @ApiModelProperty(value = "Type identity for the job") @SerializedName("ei_type_identity") - @JsonProperty("ei_type_identity") public String typeId; @ApiModelProperty(value = "Json for the job data") @SerializedName("ei_job_data") - @JsonProperty("ei_job_data") public Object jobData; @ApiModelProperty(value = "URI for the target of the EI") @SerializedName("target_uri") - @JsonProperty("target_uri") public String targetUri; @ApiModelProperty(value = "The owner of the job") @SerializedName("owner") - @JsonProperty("owner") public String owner; } diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/PolicyType.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/PolicyType.java index ca2996e..ac114b3 100644 --- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/PolicyType.java +++ b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/PolicyType.java @@ -20,14 +20,10 @@ */ package org.oransc.portal.nonrtric.controlpanel.model; -import com.fasterxml.jackson.annotation.JsonProperty; - public class PolicyType { - @JsonProperty("name") String name; - @JsonProperty("schema") Object schema; public PolicyType(String name, Object schema) { diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerInfo.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerInfo.java index 6293871..08aeee9 100644 --- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerInfo.java +++ b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerInfo.java @@ -18,7 +18,6 @@ package org.oransc.portal.nonrtric.controlpanel.model; -import com.fasterxml.jackson.annotation.JsonProperty; import com.google.gson.annotations.SerializedName; import io.swagger.annotations.ApiModel; @@ -34,17 +33,14 @@ public class ProducerInfo { @ApiModelProperty(value = "Idenitity of the EI producer", required = true) @SerializedName("ei_producer_id") - @JsonProperty("ei_producer_id") public String id; @ApiModelProperty(value = "Types provided by the EI producer", required = true) @SerializedName("ei_producer_types") - @JsonProperty("ei_producer_types") public String[] types; @ApiModelProperty(value = "Status of the EI producer", required = true) @SerializedName("status") - @JsonProperty("status") public String status; } diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerRegistrationInfo.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerRegistrationInfo.java index 0f4499d..670beb3 100644 --- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerRegistrationInfo.java +++ b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerRegistrationInfo.java @@ -20,7 +20,6 @@ package org.oransc.portal.nonrtric.controlpanel.model; -import com.fasterxml.jackson.annotation.JsonProperty; import com.google.gson.annotations.SerializedName; import io.swagger.annotations.ApiModel; @@ -44,32 +43,26 @@ public class ProducerRegistrationInfo { @ApiModelProperty(value = "EI type identity", required = true) @SerializedName("ei_type_identity") - @JsonProperty(value = "ei_type_identity", required = true) public String eiTypeId; @ApiModelProperty(value = "Json schema for the job data") @SerializedName("ei_job_data_schema") - @JsonProperty("ei_job_data_schema") public Object jobDataSchema; } @ApiModelProperty(value = "Supported EI types", required = true) @SerializedName("supported_ei_types") - @JsonProperty(value = "supported_ei_types", required = true) public Collection types; @ApiModelProperty(value = "callback for EI job", required = true) @SerializedName("ei_job_callback_url") - @JsonProperty(value = "ei_job_callback_url", required = true) public String jobCallbackUrl; @ApiModelProperty(value = "callback for producer supervision", required = true) @SerializedName("ei_producer_supervision_callback_url") - @JsonProperty(value = "ei_producer_supervision_callback_url", required = true) public String producerSupervisionCallbackUrl; @ApiModelProperty(value = "status", required = true) @SerializedName("status") - @JsonProperty(value = "status", required = true) public ProducerStatusInfo status; } diff --git a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerStatusInfo.java b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerStatusInfo.java index 77f02a8..53daebb 100644 --- a/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerStatusInfo.java +++ b/webapp-backend/src/main/java/org/oransc/portal/nonrtric/controlpanel/model/ProducerStatusInfo.java @@ -20,7 +20,6 @@ package org.oransc.portal.nonrtric.controlpanel.model; -import com.fasterxml.jackson.annotation.JsonProperty; import com.google.gson.annotations.SerializedName; import lombok.Builder; @@ -37,7 +36,6 @@ public class ProducerStatusInfo { } @SerializedName("operational_state") - @JsonProperty(value = "operational_state", required = true) public final OperationalState opState; public ProducerStatusInfo(OperationalState state) { -- 2.16.6