0520f58b0a979319e85cfd96ebd866c09931b027
[validation.git] / UiInitializer.java
1 /*
2  * Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License"); you may
5  * not use this file except in compliance with the License. You may obtain
6  * a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
13  * implied. See the License for the specific language governing
14  * permissions and limitations under the License.
15  */
16 package org.akraino.validation.ui.conf;
17
18 import java.io.IOException;
19 import java.security.KeyManagementException;
20 import java.security.NoSuchAlgorithmException;
21 import java.security.cert.X509Certificate;
22 import java.util.List;
23 import java.util.Map;
24
25 import javax.net.ssl.HostnameVerifier;
26 import javax.net.ssl.HttpsURLConnection;
27 import javax.net.ssl.SSLContext;
28 import javax.net.ssl.SSLSession;
29 import javax.net.ssl.TrustManager;
30 import javax.net.ssl.X509TrustManager;
31
32 import org.onap.portalsdk.core.domain.User;
33 import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
34 import org.onap.portalsdk.core.onboarding.util.CipherUtil;
35 import org.onap.portalsdk.core.service.UserProfileService;
36 import org.springframework.beans.factory.annotation.Autowired;
37 import org.springframework.context.event.ContextRefreshedEvent;
38 import org.springframework.context.event.EventListener;
39 import org.springframework.stereotype.Component;
40
41 import com.sun.jersey.api.client.config.DefaultClientConfig;
42 import com.sun.jersey.client.urlconnection.HTTPSProperties;
43
44 @Component
45 public class UiInitializer {
46
47     @Autowired
48     UserProfileService userService;
49
50     // Create all-trusting host name verifier
51     private final HostnameVerifier hostnameVerifier = new HostnameVerifier() {
52         @Override
53         public boolean verify(String hostname, SSLSession session) {
54             return true;
55         }
56     };
57     // Create a trust manager that does not validate certificate chains
58     private final TrustManager[] trustAll = new TrustManager[] { new X509TrustManager() {
59         @Override
60         public X509Certificate[] getAcceptedIssuers() {
61             return null; // Not relevant.
62         }
63
64         @Override
65         public void checkClientTrusted(X509Certificate[] certs, String authType) {
66             // Do nothing. Just allow them all.
67         }
68
69         @Override
70         public void checkServerTrusted(X509Certificate[] certs, String authType) {
71             // Do nothing. Just allow them all.
72         }
73     } };
74
75     @EventListener(ContextRefreshedEvent.class)
76     public void setHttpProperties() throws NoSuchAlgorithmException, KeyManagementException {
77         if (System.getenv("TRUST_ALL") != null && System.getenv("TRUST_ALL").equals("true")) {
78             SSLContext sslContext = SSLContext.getInstance("SSL");
79             sslContext.init(null, this.trustAll, new java.security.SecureRandom());
80             HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
81             // Install the all-trusting host verifier
82             HttpsURLConnection.setDefaultHostnameVerifier(this.hostnameVerifier);
83             DefaultClientConfig config = new DefaultClientConfig();
84             Map<String, Object> properties = config.getProperties();
85             HTTPSProperties httpsProperties = new HTTPSProperties((str, sslSession) -> true, sslContext);
86             properties.put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, httpsProperties);
87         }
88     }
89
90     @EventListener(ContextRefreshedEvent.class)
91     public void updateAdminUser() throws RuntimeException, IOException, CipherUtilException {
92         User admin = null;
93         List<User> users = userService.findAllActive();
94         for (User user : users) {
95             if (user.getLoginId().equals("admin")) {
96                 admin = user;
97             }
98         }
99         if (admin == null) {
100             throw new RuntimeException("Admin user does not exist");
101         }
102         if (admin.getLoginPwd().equals("admin_password")) {
103             admin.setLoginPwd(
104                     CipherUtil.encryptPKC(System.getenv("UI_ADMIN_PASSWORD"), System.getenv("ENCRYPTION_KEY")));
105             userService.saveUser(admin);
106         }
107     }
108
109 }