2 * Copyright (c) 2019 AT&T Intellectual Property. All rights reserved.
4 * Licensed under the Apache License, Version 2.0 (the "License"); you may
5 * not use this file except in compliance with the License. You may obtain
6 * a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
13 * implied. See the License for the specific language governing
14 * permissions and limitations under the License.
16 package org.akraino.validation.ui.conf;
18 import java.io.IOException;
19 import java.security.KeyManagementException;
20 import java.security.NoSuchAlgorithmException;
21 import java.security.cert.X509Certificate;
22 import java.util.List;
25 import javax.net.ssl.HostnameVerifier;
26 import javax.net.ssl.HttpsURLConnection;
27 import javax.net.ssl.SSLContext;
28 import javax.net.ssl.SSLSession;
29 import javax.net.ssl.TrustManager;
30 import javax.net.ssl.X509TrustManager;
32 import org.onap.portalsdk.core.domain.User;
33 import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
34 import org.onap.portalsdk.core.onboarding.util.CipherUtil;
35 import org.onap.portalsdk.core.service.UserProfileService;
36 import org.springframework.beans.factory.annotation.Autowired;
37 import org.springframework.context.event.ContextRefreshedEvent;
38 import org.springframework.context.event.EventListener;
39 import org.springframework.stereotype.Component;
41 import com.sun.jersey.api.client.config.DefaultClientConfig;
42 import com.sun.jersey.client.urlconnection.HTTPSProperties;
45 public class UiInitializer {
48 UserProfileService userService;
50 // Create all-trusting host name verifier
51 private final HostnameVerifier hostnameVerifier = new HostnameVerifier() {
53 public boolean verify(String hostname, SSLSession session) {
57 // Create a trust manager that does not validate certificate chains
58 private final TrustManager[] trustAll = new TrustManager[] { new X509TrustManager() {
60 public X509Certificate[] getAcceptedIssuers() {
61 return null; // Not relevant.
65 public void checkClientTrusted(X509Certificate[] certs, String authType) {
66 // Do nothing. Just allow them all.
70 public void checkServerTrusted(X509Certificate[] certs, String authType) {
71 // Do nothing. Just allow them all.
75 @EventListener(ContextRefreshedEvent.class)
76 public void setHttpProperties() throws NoSuchAlgorithmException, KeyManagementException {
77 SSLContext sslContext = SSLContext.getInstance("SSL");
78 sslContext.init(null, this.trustAll, new java.security.SecureRandom());
79 HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
80 // Install the all-trusting host verifier
81 HttpsURLConnection.setDefaultHostnameVerifier(this.hostnameVerifier);
82 DefaultClientConfig config = new DefaultClientConfig();
83 Map<String, Object> properties = config.getProperties();
84 HTTPSProperties httpsProperties = new HTTPSProperties((str, sslSession) -> true, sslContext);
85 properties.put(HTTPSProperties.PROPERTY_HTTPS_PROPERTIES, httpsProperties);
88 @EventListener(ContextRefreshedEvent.class)
89 public void updateUsers() throws RuntimeException, IOException, CipherUtilException {
91 List<User> users = userService.findAllActive();
92 for (User user : users) {
93 if (user.getLoginId().equals("admin")) {
98 throw new RuntimeException("Admin user does not exist");
100 admin.setLoginPwd(CipherUtil.encryptPKC(System.getenv("UI_ADMIN_PASSWORD"), System.getenv("ENCRYPTION_KEY")));
101 userService.saveUser(admin);
103 for (User user : users) {
104 if (user.getLoginId().equals("akraino")) {
108 if (akraino == null) {
109 throw new RuntimeException("Akraino user does not exist");
112 CipherUtil.encryptPKC(System.getenv("UI_AKRAINO_PASSWORD"), System.getenv("ENCRYPTION_KEY")));
113 userService.saveUser(akraino);