The goal of this document is to investigate about removal of deprecated code such as Camel
Instruction
To be able to remove the legacy deprecated code the first rule is to isolate it, and after the successfull isolation is to go to the chopping board and do the hard code removal.
Camel
Camel utilizes two types of XML configurations, one such as REST endpoints and the other is the Routes.
- The Rest endpoints configuration accepts a specific url such as getUser and getToscaTemplate. As you can see that the getUser redirects the request to the AuthorizationController, and the getToscaTemplate redirects the request to an actual URL Rest endpoint by using a to uri tag direct:get-service-template
- Then the receiving routes XML configuration which each router has a unique id get-service-template which nested inside of the tag has a from uri direct:-get-service-template, header configurations as the paramater names and finally it redirects it to a specific REST endpoint url onap/policy/clamp/acm/v2/commission/toscaservicetemplate
Code Block |
---|
language | xml |
---|
linenumbers | true |
---|
|
<get uri="/v1/user/getUser" produces="text/plain">
<to uri="bean:org.onap.policy.clamp.authorization.UserService?method=getUser()" />
</get>
<get uri="/v2/acm/getToscaTemplate" outType="java.lang.String" bindingMode="off"
produces="application/json">
<route>
<removeHeaders pattern="*"
excludePattern="name|version|instanceName"/>
<doTry>
<to
uri="bean:org.onap.policy.clamp.flow.log.FlowLogOperation?method=startLog(*, 'GET Tosca Service Template ')"/>
<to
uri="bean:org.onap.policy.clamp.authorization.AuthorizationController?method=authorize(*,'cl','','read')"/>
<setHeader name="Content-Type">
<constant>application/json</constant>
</setHeader>
<setProperty name="raiseHttpExceptionFlag">
<simple resultType="java.lang.Boolean">false</simple>
</setProperty>
<to uri="direct:get-service-template"/>
<to
uri="bean:org.onap.policy.clamp.flow.log.FlowLogOperation?method=endLog()"/>
<doCatch>
<exception>java.lang.Exception</exception>
<handled>
<constant>true</constant>
</handled>
<to
uri="bean:org.onap.policy.clamp.flow.log.FlowLogOperation?method=errorLog()"/>
<log loggingLevel="ERROR"
message="GET Tosca Service Template JSON request failed: ${exception.stacktrace}"/>
<setHeader name="CamelHttpResponseCode">
<constant>500</constant>
</setHeader>
<setBody>
<simple>GET Tosca Service Template JSON FAILED</simple>
</setBody>
</doCatch>
</doTry>
</route>
</get> |
Code Block |
---|
language | xml |
---|
linenumbers | true |
---|
|
<route id="get-service-template">
<from uri="direct:get-service-template"/>
<doTry>
<log loggingLevel="INFO"
message="Getting the tosca service template"/>
<to
uri="bean:org.onap.policy.clamp.flow.log.FlowLogOperation?method=invokeLog('AutomationComposition', 'Getting the tosca service template')"/>
<setHeader name="CamelHttpMethod">
<constant>GET</constant>
</setHeader>
<setHeader name="Content-Type">
<constant>application/json</constant>
</setHeader>
<setProperty name="name">
<simple>${header.name}</simple>
</setProperty>
<setProperty name="version">
<simple>${header.version}</simple>
</setProperty>
<setProperty name="instanceName">
<simple>${header.instanceName}</simple>
</setProperty>
<log loggingLevel="INFO"
message="Endpoint to get Tosca Service Template: {{clamp.config.acm.runtime.url}}/onap/policy/clamp/acm/v2/commission/toscaservicetemplate"></log>
<toD uri="{{clamp.config.acm.runtime.url}}/onap/policy/clamp/acm/v2/commission/toscaservicetemplate?name=${exchangeProperty[name]}&version=${exchangeProperty[version]}&instanceName=${exchangeProperty[instanceName]}&bridgeEndpoint=true&useSystemProperties=true&throwExceptionOnFailure=${exchangeProperty[raiseHttpExceptionFlag]}&authMethod=Basic&authUsername={{clamp.config.acm.runtime.userName}}&authPassword={{clamp.config.acm.runtime.password}}&authenticationPreemptive=true&connectionClose=true"/>
<convertBodyTo type="java.lang.String"/>
<doFinally>
<to uri="direct:reset-raise-http-exception-flag"/>
<to
uri="bean:org.onap.policy.clamp.flow.log.FlowLogOperation?method=invokeReturnLog()"/>
</doFinally>
</doTry>
</route> |
How to solve it
...
language | java |
---|
linenumbers | true |
---|
...
The goal of this document is to investigate about removal of deprecated code such as Camel
Instruction
To be able to remove the legacy deprecated code the first rule is to isolate it, and after the successfull isolation is to go to the chopping board and do the hard code removal.
Distributed Services
Diagram 1 - Using Gui Server
Inc drawio |
---|
| |
---|
diagramName | ClientServer1 |
---|
includedDiagram | 1 |
---|
width | 891 |
---|
pageId | 138871171 |
---|
|
Diagram 2 - Using Legacy Clamp
Inc drawio |
---|
| |
---|
diagramName | ClientServer2 |
---|
includedDiagram | 1 |
---|
width | 891 |
---|
pageId | 138871171 |
---|
|
Diagram 3 - No Middle Server
Inc drawio |
---|
| |
---|
diagramName | ClientServer3 |
---|
includedDiagram | 1 |
---|
width | 771 |
---|
pageId | 138871171 |
---|
|
Login UI
Inc drawio |
---|
| |
---|
diagramName | LoginUI |
---|
includedDiagram | 1 |
---|
width | 1201 |
---|
pageId | 138871171 |
---|
|
Known Issues
Multiple Logins for different applications.
Suggestions
Creating new Rest Endpoints - Either on Legacy Clamp or Gui-Server
Create new rest endpoint to let the gui or postman connect to the different services, which this will request the AAF which permissions the specific user has.
Code Block |
---|
language | java |
---|
linenumbers | true |
---|
|
/*
* ============LICENSE_START=======================================================
* Copyright (C) 2022 Nordix Foundation.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* SPDX-License-Identifier: Apache-2.0
* ============LICENSE_END=========================================================
*/
package org.onap.policy.clamp.authorization.rest;
import javax.ws.rs.core.MediaType;
import org.springframework.web.bind.annotation.RequestMapping;
/**
* Abstract Rest Controller for runtime clamp to inherit from.
*/
@RequestMapping(value = "/onap/policy/clamp/clds/v3", produces = {MediaType.TEXT_PLAIN, MediaType.APPLICATION_JSON})
public abstract class AbstractRestController {
}
|
Code Block |
---|
language | java |
---|
linenumbers | true |
---|
|
/*
* ============LICENSE_START=======================================================
* Copyright (C) 2022 Nordix Foundation.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* SPDX-License-Identifier: Apache-2.0
* ============LICENSE_STARTEND=========================================================
*/
Copyright (C) 2022 Nordix Foundation.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* package org.onap.policy.clamp.authorization.rest;
import org.onap.policy.clamp.authorization.AuthorizationController;
import org.onap.policy.clamp.clds.model.ClampInformation;
import org.onap.policy.clamp.clds.model.CldsHealthCheck;
import org.onap.policy.clamp.clds.service.CldsHealthcheckService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.ws.rs.core.MediaType;
/**
* Rest clamp controller.
*/
@RestController
public class ClampController extends AbstractRestController implements ClampApi {
private AuthorizationController authorizationController;
private CldsHealthcheckService healthcheckService;
http://www.apache.org/licenses/LICENSE-2.0/**
* Unless required by* applicableConstructor lawfor orClampController agreedwith toautowires inother writing,bean softwareclasses.
* distributed under the*
License is distributed on an "AS* IS"@param BASIS,authorizationController controller *for security WITHOUTpurposes
WARRANTIES OR CONDITIONS OF ANY KIND,* either@param expresshealthcheckService orservice implied.for healthcheck on all rest endpoints
*/
@Autowired
See thepublic LicenseClampController(
for the specific language governing permissions and * limitations under theAuthorizationController License.authorizationController,
* * SPDX-License-Identifier: Apache-2.0 * ============LICENSE_END=========================================================
*/
package org.onap.policy.clamp.authorization.rest;
import javax.ws.rs.core.MediaType;
import org.springframework.web.bind.annotation.RequestMapping;
/**
* Abstract Rest Controller for runtime clamp to inherit from.
*/
@RequestMapping CldsHealthcheckService healthcheckService) {
this.authorizationController = authorizationController;
this.healthcheckService = healthcheckService;
}
@GetMapping(value = "/clampInformation", produces = MediaType.APPLICATION_JSON)
public ClampInformation getClampInfo() {
return this.authorizationController.getClampInformation();
}
@GetMapping(value = "/onap/policy/clamp/clds/v3user/getUser", produces = {MediaType.TEXT_PLAIN, MediaType.APPLICATION_JSON})
public abstract class AbstractRestController {
}
|
Code Block |
---|
language | java |
---|
linenumbers | true |
---|
|
/*
* ============LICENSE_START======================= public String getUser() {
return AuthorizationController.getPrincipalName(SecurityContextHolder.getContext());
}
@GetMapping(value = "/healthcheck", produces = MediaType.APPLICATION_JSON)
public CldsHealthCheck getHealthCheck() {
return this.healthcheckService.gethealthcheck();
}
}
|
CORS and Preflight
To solve the CORS and Preflight issue if the gui will connect directly with ACM Runtime.
Server side configuration
Code Block |
---|
language | java |
---|
linenumbers | true |
---|
|
/*
* ============LICENSE_START=======================================================
* Copyright (C) 2022 Nordix Foundation.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* SPDX-License-Identifier: Apache-2.0
* ============LICENSE_END=========================================================
*/
package org.onap.policy.clamp.acm.authorizationruntime.restconfig;
import org.onapspringframework.policycontext.clampannotation.authorization.AuthorizationControllerBean;
import org.onapspringframework.policycontext.clamp.clds.model.ClampInformation;annotation.Configuration;
import org.onapspringframework.policyweb.clamp.clds.model.CldsHealthCheckcors.CorsConfiguration;
import org.onapspringframework.policyweb.clamp.clds.service.CldsHealthcheckServicecors.CorsConfigurationSource;
import org.springframework.beansweb.factorycors.annotation.AutowiredUrlBasedCorsConfigurationSource;
import orgjava.springframework.security.core.context.SecurityContextHolderutil.Arrays;
import orgjava.springframework.web.bind.annotation.GetMappingutil.List;
import org.springframework.web.bind.annotation.RestController;
import javax.ws.rs.core.MediaType;
/**
* Rest clamp controller.
*/
@RestController
public class ClampController extends AbstractRestController implements ClampApi
@Configuration
public class CorsWebConfiguration {
@Bean
public CorsConfigurationSource corsConfigurationSource() {
private AuthorizationController authorizationController; CorsConfiguration configuration = new CorsConfiguration();
private CldsHealthcheckService healthcheckService; /**configuration.setAllowedOrigins(List.of("*"));
* Constructor for ClampController with autowires other bean classes.
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONAL"));
* configuration.setAllowCredentials(true);
* @param authorizationController controller for security purposes UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
* @param healthcheckService service for healthcheck on all rest endpoints source.registerCorsConfiguration("/**", configuration);
*/ return @Autowiredsource;
public}
ClampController(
} |
Client side configuration
Code Block |
---|
language | js |
---|
linenumbers | true |
---|
|
const response = await fetch('http://localhost:6969/onap/policy/clamp/acm/v2/instantiation', {
AuthorizationController authorizationControllermethod: 'GET',
mode: 'no-cors',
CldsHealthcheckService healthcheckService) {credentials: "include",
headers: {
this.authorizationController = authorizationController; "Content-Type": "application/json",
this.healthcheckService = healthcheckService; Authorization: }"Basic " + btoa('runtimeUser:zb!XztG34')
@GetMapping(value = "/clampInformation", produces = MediaType.APPLICATION_JSON) }
public ClampInformation getClampInfo() {
});
return this.authorizationController.getClampInformation();
}
@GetMapping(value = "/user/getUser", produces = MediaType.TEXT_PLAIN)
public String getUser() {
return AuthorizationController.getPrincipalName(SecurityContextHolder.getContext());
}
@GetMapping(value = "/healthcheck", produces = MediaType.APPLICATION_JSON)
public CldsHealthCheck getHealthCheck() {
return this.healthcheckService.gethealthcheck();
}
}
|
CORS and Preflight
...
Server Side
Code Block |
---|
language | java |
---|
linenumbers | true |
---|
|
/*
* ============LICENSE_START=======================================================
* Copyright (C) 2022 Nordix Foundation.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* SPDX-License-Identifier: Apache-2.0
* ============LICENSE_END=========================================================
*/
package org.onap.policy.clamp.acm.runtime.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import java.util.Arrays;
import java.util.List;
@Configuration
public class CorsWebConfiguration {
@Bean
public CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration configuration = new CorsConfiguration();
configuration.setAllowedOrigins(List.of("*"));
configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONAL"));
configuration.setAllowCredentials(true);
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", configuration);
return source;
}
} |
Client Side
Code Block |
---|
language | js |
---|
linenumbers | true |
---|
|
const response = await fetch('http://localhost:6969/onap/policy/clamp/acm/v2/instantiation', {
method: 'GET',
mode: 'no-cors',
credentials: "include",
headers: {
"Content-Type": "application/json",
Authorization: "Basic " + btoa('runtimeUser:zb!XztG34')
}
});
return response |
Implementation of TLS and SSL
...
Code Block |
---|
|
server
ssl
key-store: classpath:/clds/aaf/org.onap.clamp.p12
key-store-password: enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc
key-password: enc:WWCxchk4WGBNSvuzLq3MLjMs5ObRybJtts5AI0XD1Vc
key-store-type: PKCS12
key-alias: clamptest
client-auth: want
trust-store: classpath:/clds/aaf/truststoreONAPall.jks
trust-store-password: enc:iDnPBBLq_EMidXlMa1FEuBR8TZzYxrCg66vq_XfLHdJ |
|
...