From bcae7ad73317ff315efc663fe77842608cf92513 Mon Sep 17 00:00:00 2001 From: Christian Pape Date: Tue, 29 Aug 2023 14:21:40 +0200 Subject: [PATCH 1/6] NMS-15759: Allow metadata for notification credentials --- opennms-javamail/opennms-javamail-api/pom.xml | 10 +++++ .../java/org/opennms/javamail/JavaMailer.java | 1 + .../org/opennms/javamail/JavaMailer2.java | 15 ++++++- .../opennms/javamail/JavaMailerConfig.java | 24 +++++++++- .../org/opennms/javamail/JavaReadMailer.java | 1 - .../org/opennms/javamail/JavaSendMailer.java | 9 +++- .../org/opennms/javamail/JavaMailerTest.java | 23 ++++++++-- .../opennms/javamail/JavaReadMailerTest.java | 45 ++++++++++++++++--- .../opennms/javamail/JavaSendMailerTest.java | 35 ++++++++++++++- .../etc/javamail-configuration.properties | 4 +- opennms-services/pom.xml | 6 +++ .../netmgt/notifd/MicroblogClient.java | 26 ++++++++--- .../notifd/XMPPNotificationManager.java | 32 ++++++++++--- .../netmgt/notifd/MicroblogClientTest.java | 39 ++++++++++++++++ .../netmgt/notifd/XMPPNotificationTest.java | 28 ++++++++++-- 15 files changed, 264 insertions(+), 34 deletions(-) diff --git a/opennms-javamail/opennms-javamail-api/pom.xml b/opennms-javamail/opennms-javamail-api/pom.xml index 82f49eb4aa1f..80e381a991cd 100644 --- a/opennms-javamail/opennms-javamail-api/pom.xml +++ b/opennms-javamail/opennms-javamail-api/pom.xml @@ -51,5 +51,15 @@ org.opennms.core.test-api org.opennms.core.test-api.lib + + org.opennms.core.mate + org.opennms.core.mate.api + ${project.version} + + + org.opennms.features.scv + org.opennms.features.scv.jceks-impl + ${project.version} + diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer.java index 64797a912a7c..ca13c8637c87 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer.java @@ -63,6 +63,7 @@ import javax.mail.internet.MimeBodyPart; import javax.mail.internet.MimeMessage; import javax.mail.internet.MimeMultipart; + import org.opennms.core.utils.PropertiesUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java index 9cb39cc5d868..5166a94fe1b2 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java @@ -48,6 +48,11 @@ import javax.mail.event.TransportListener; import javax.mail.internet.MimeBodyPart; +import org.opennms.core.mate.api.Interpolator; +import org.opennms.core.mate.api.Scope; +import org.opennms.core.mate.api.SecureCredentialsVaultScope; +import org.opennms.features.scv.api.SecureCredentialsVault; +import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.util.StringUtils; @@ -63,7 +68,7 @@ public abstract class JavaMailer2 { private static final Logger LOG = LoggerFactory.getLogger(JavaMailer2.class); - + protected SecureCredentialsVault secureCredentialsVault = JCEKSSecureCredentialsVault.defaultScv(); private Session m_session = null; private Properties m_mailProps; @@ -97,10 +102,12 @@ public JavaMailer2() throws JavaMailerException { */ public Authenticator createAuthenticator(final String user, final String password) { Authenticator auth; + final Scope scope = new SecureCredentialsVaultScope(secureCredentialsVault); + auth = new Authenticator() { @Override protected PasswordAuthentication getPasswordAuthentication() { - return new PasswordAuthentication(user, password); + return new PasswordAuthentication(Interpolator.interpolate(user, scope).output, Interpolator.interpolate(password, scope).output); } }; return auth; @@ -143,6 +150,10 @@ public Message buildMessage(String m_charSet, String m_encoding, String m_conten } */ + void setSecureCredentialsVault(SecureCredentialsVault secureCredentialsVault) { + this.secureCredentialsVault = secureCredentialsVault; + } + /** * Create a file attachment as a MimeBodyPart, checking to see if the file * exists before we create the attachment. diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java index c0d49abb6b9b..d3d99d516a00 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java @@ -34,7 +34,12 @@ import java.io.InputStream; import java.util.Properties; +import org.opennms.core.mate.api.Interpolator; +import org.opennms.core.mate.api.Scope; +import org.opennms.core.mate.api.SecureCredentialsVaultScope; import org.opennms.core.utils.ConfigFileConstants; +import org.opennms.features.scv.api.SecureCredentialsVault; +import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -42,11 +47,23 @@ * Provides access to the default javamail configuration data. */ public abstract class JavaMailerConfig { - + private static final Logger LOG = LoggerFactory.getLogger(JavaMailerConfig.class); + private static SecureCredentialsVault secureCredentialsVault = JCEKSSecureCredentialsVault.defaultScv(); + + private static void interpolateProperty(final Properties properties, final Scope scope, final String key) { + final String string = properties.getProperty(key); + if (string == null) { + return; + } + properties.put(key, Interpolator.interpolate(string, scope).output); + } + + static void setSecureCredentialsVault(final SecureCredentialsVault secureCredentialsVault) { + JavaMailerConfig.secureCredentialsVault = secureCredentialsVault; + } - /** * This loads the configuration file. * @@ -60,6 +77,9 @@ public static synchronized Properties getProperties() throws IOException { InputStream in = new FileInputStream(configFile); properties.load(in); in.close(); + final Scope scope = new SecureCredentialsVaultScope(secureCredentialsVault); + interpolateProperty(properties, scope, "org.opennms.core.utils.authenticateUser"); + interpolateProperty(properties, scope, "org.opennms.core.utils.authenticatePassword"); return properties; } diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaReadMailer.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaReadMailer.java index b2728f311e54..f97a50a7082e 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaReadMailer.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaReadMailer.java @@ -117,7 +117,6 @@ public JavaReadMailer(final ReadmailConfig config, Boolean closeOnDelete) throws m_deleteOnClose = closeOnDelete; } m_config = config; - final UserAuth userAuth = getUserAuth(config); m_session = Session.getInstance(configureProperties(), createAuthenticator(userAuth.getUserName(), userAuth.getPassword())); } diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java index 99d6a3906927..662b2db635db 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java @@ -42,6 +42,9 @@ import javax.mail.Transport; import javax.mail.internet.MimeMessage; +import org.opennms.core.mate.api.Interpolator; +import org.opennms.core.mate.api.Scope; +import org.opennms.core.mate.api.SecureCredentialsVaultScope; import org.opennms.core.utils.PropertiesUtils; import org.opennms.netmgt.config.javamail.JavamailProperty; import org.opennms.netmgt.config.javamail.SendmailConfig; @@ -166,7 +169,8 @@ public Authenticator createAuthenticator() { protected PasswordAuthentication getPasswordAuthentication() { if (m_config.getUserAuth() != null) { final UserAuth userAuth = m_config.getUserAuth(); - return new PasswordAuthentication(userAuth.getUserName(), userAuth.getPassword()); + final Scope scope = new SecureCredentialsVaultScope(secureCredentialsVault); + return new PasswordAuthentication(Interpolator.interpolate(userAuth.getUserName(), scope).output, Interpolator.interpolate(userAuth.getPassword(), scope).output); } LOG.debug("No user authentication configured."); return new PasswordAuthentication(null,null); @@ -362,7 +366,8 @@ public void send(MimeMessage message) throws JavaMailerException { if (m_config.isUseAuthentication() && m_config.getUserAuth() != null) { LOG.debug("authenticating to {}", sendmailHost.getHost()); final UserAuth userAuth = m_config.getUserAuth(); - t.connect(sendmailHost.getHost(), sendmailHost.getPort(), userAuth.getUserName(), userAuth.getPassword()); + final Scope scope = new SecureCredentialsVaultScope(secureCredentialsVault); + t.connect(sendmailHost.getHost(), sendmailHost.getPort(), Interpolator.interpolate(userAuth.getUserName(), scope).output, Interpolator.interpolate(userAuth.getPassword(), scope).output); } else { LOG.debug("not authenticating to {}", sendmailHost.getHost()); t.connect(sendmailHost.getHost(), sendmailHost.getPort(), null, null); diff --git a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java index bc2073655acf..7422f05558ce 100644 --- a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java +++ b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java @@ -38,15 +38,17 @@ import org.junit.After; import org.junit.Before; -import org.junit.Ignore; +import org.junit.Rule; import org.junit.Test; +import org.junit.rules.TemporaryFolder; import org.junit.runner.RunWith; import org.opennms.core.test.MockLogAppender; import org.opennms.core.utils.InetAddressUtils; -import org.opennms.test.ThrowableAnticipator; +import org.opennms.features.scv.api.Credentials; +import org.opennms.features.scv.api.SecureCredentialsVault; +import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.Resource; -import org.springframework.test.annotation.IfProfileValue; import org.springframework.test.context.TestExecutionListeners; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; @@ -58,6 +60,10 @@ @RunWith(SpringJUnit4ClassRunner.class) @TestExecutionListeners({}) public class JavaMailerTest { + + @Rule + public TemporaryFolder tempFolder = new TemporaryFolder(); + private static final String TEST_ADDRESS = "test@opennms.org"; @Before @@ -133,4 +139,15 @@ public void testNullReplyTo() throws Exception { assertEquals(1, message.getReplyTo().length); assertEquals("test@opennms.org", jm.buildMessage().getReplyTo()[0].toString()); } + + @Test + public void testMetadata() throws Exception { + final File keystoreFile = new File(tempFolder.getRoot(), "scv.jce"); + final SecureCredentialsVault secureCredentialsVault = new JCEKSSecureCredentialsVault(keystoreFile.getAbsolutePath(), "notRealPassword"); + secureCredentialsVault.setCredentials("javamailer", new Credentials("john", "doe")); + JavaMailerConfig.setSecureCredentialsVault(secureCredentialsVault); + final JavaMailer mailer = new JavaMailer(); + assertEquals("john", mailer.getUser()); + assertEquals("doe", mailer.getPassword()); + } } diff --git a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java index b9cf3bcffe2d..7800403da8c0 100644 --- a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java +++ b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java @@ -28,20 +28,30 @@ package org.opennms.javamail; -import java.io.IOException; +import static org.junit.Assert.assertEquals; + +import java.io.File; +import java.lang.reflect.Method; import java.util.Calendar; import java.util.List; +import javax.mail.Authenticator; +import javax.mail.Flags.Flag; import javax.mail.Message; import javax.mail.MessagingException; -import javax.mail.Flags.Flag; +import javax.mail.PasswordAuthentication; import javax.mail.search.OrTerm; import javax.mail.search.SearchTerm; import javax.mail.search.SubjectTerm; import org.junit.Assert; import org.junit.Ignore; +import org.junit.Rule; import org.junit.Test; +import org.junit.rules.TemporaryFolder; +import org.opennms.features.scv.api.Credentials; +import org.opennms.features.scv.api.SecureCredentialsVault; +import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.opennms.netmgt.config.javamail.ReadmailConfig; import org.opennms.netmgt.config.javamail.ReadmailHost; import org.opennms.netmgt.config.javamail.ReadmailProtocol; @@ -52,7 +62,10 @@ import org.opennms.netmgt.config.javamail.UserAuth; public class JavaReadMailerTest { - + + @Rule + public TemporaryFolder tempFolder = new TemporaryFolder(); + /** * Un-ignore this test with a proper gmail account * @throws JavaMailerException @@ -100,7 +113,7 @@ public void testReadMessagesWithSearchTerm() throws JavaMailerException, Messagi e.printStackTrace(); } - Assert.assertEquals(3, msgs.size()); + assertEquals(3, msgs.size()); st = new OrTerm(new SubjectTerm(".*"+term1+" #.*"), new SubjectTerm(".*"+term2+" #.*")); @@ -112,7 +125,7 @@ public void testReadMessagesWithSearchTerm() throws JavaMailerException, Messagi //Should find only term1 and term2 messages Assert.assertNotNull(msgs); - Assert.assertEquals(2, msgs.size()); + assertEquals(2, msgs.size()); //Now cleanup //Delete the term1 and term2 messages @@ -222,5 +235,27 @@ private JavaReadMailer createGoogleReadMailer(String gmailAccount, String gmailP return mailer; } + private static abstract class MyAuth extends Authenticator { + public PasswordAuthentication getConfiguredPasswordAuthentication() { + return getPasswordAuthentication(); + } + } + + @Test + public void testMetadata() throws Exception { + final File keystoreFile = new File(tempFolder.getRoot(), "scv.jce"); + final SecureCredentialsVault secureCredentialsVault = new JCEKSSecureCredentialsVault(keystoreFile.getAbsolutePath(), "notRealPassword"); + secureCredentialsVault.setCredentials("javamailer2", new Credentials("john", "doe")); + final JavaReadMailer readMailer = createGoogleReadMailer(null, null); + readMailer.setSecureCredentialsVault(secureCredentialsVault); + + final Authenticator authenticator = readMailer.createAuthenticator("${scv:javamailer2:username|ABC}", "${scv:javamailer2:password|ABC}"); + final Method method = authenticator.getClass().getDeclaredMethod("getPasswordAuthentication"); + method.setAccessible(true); + final PasswordAuthentication passwordAuthentication = (PasswordAuthentication) method.invoke(authenticator); + + assertEquals("john", passwordAuthentication.getUserName()); + assertEquals("doe", passwordAuthentication.getPassword()); + } } diff --git a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java index bd7f661e920e..c1f4ae13fe1f 100644 --- a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java +++ b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java @@ -30,9 +30,19 @@ import static org.junit.Assert.assertEquals; +import java.io.File; +import java.lang.reflect.Method; + +import javax.mail.Authenticator; +import javax.mail.PasswordAuthentication; import javax.mail.internet.MimeMessage; +import org.junit.Rule; import org.junit.Test; +import org.junit.rules.TemporaryFolder; +import org.opennms.features.scv.api.Credentials; +import org.opennms.features.scv.api.SecureCredentialsVault; +import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.opennms.netmgt.config.javamail.SendmailConfig; import org.opennms.netmgt.config.javamail.SendmailHost; import org.opennms.netmgt.config.javamail.SendmailProtocol; @@ -41,6 +51,9 @@ public class JavaSendMailerTest { + @Rule + public TemporaryFolder tempFolder = new TemporaryFolder(); + private JavaSendMailer createSendMailer() throws JavaMailerException { SendmailConfig config = new SendmailConfig(); @@ -69,8 +82,8 @@ private JavaSendMailer createSendMailer() throws JavaMailerException { config.setUseAuthentication(true); config.setUseJmta(false); UserAuth auth = new UserAuth(); - auth.setUserName("foo"); - auth.setPassword("bar"); + auth.setUserName("${scv:javamailer2:username|foo}"); + auth.setPassword("${scv:javamailer2:password|bar}"); config.setUserAuth(auth); return new JavaSendMailer(config); @@ -126,4 +139,22 @@ public void testNullReplyTo() throws Exception { assertEquals(1, mimeMessage.getReplyTo().length); assertEquals("root@foo.bar.com", mimeMessage.getReplyTo()[0].toString()); } + + @Test + public void testMetadata() throws Exception { + final File keystoreFile = new File(tempFolder.getRoot(), "scv.jce"); + final SecureCredentialsVault secureCredentialsVault = new JCEKSSecureCredentialsVault(keystoreFile.getAbsolutePath(), "notRealPassword"); + secureCredentialsVault.setCredentials("javamailer2", new Credentials("john", "doe")); + + final JavaSendMailer sendMailer = createSendMailer(); + sendMailer.setSecureCredentialsVault(secureCredentialsVault); + + final Authenticator authenticator = sendMailer.createAuthenticator(); + final Method method = authenticator.getClass().getDeclaredMethod("getPasswordAuthentication"); + method.setAccessible(true); + final PasswordAuthentication passwordAuthentication = (PasswordAuthentication) method.invoke(authenticator); + + assertEquals("john", passwordAuthentication.getUserName()); + assertEquals("doe", passwordAuthentication.getPassword()); + } } diff --git a/opennms-javamail/opennms-javamail-api/src/test/resources/etc/javamail-configuration.properties b/opennms-javamail/opennms-javamail-api/src/test/resources/etc/javamail-configuration.properties index dcf916533a08..93fdda930d85 100644 --- a/opennms-javamail/opennms-javamail-api/src/test/resources/etc/javamail-configuration.properties +++ b/opennms-javamail/opennms-javamail-api/src/test/resources/etc/javamail-configuration.properties @@ -30,8 +30,8 @@ org.opennms.core.utils.useJMTA=false # These properties define the Mail authentication. # #org.opennms.core.utils.authenticate=false -#org.opennms.core.utils.authenticateUser="opennms" -#org.opennms.core.utils.authenticatePassword="opennms" +org.opennms.core.utils.authenticateUser=${scv:javamailer:username|foo} +org.opennms.core.utils.authenticatePassword=${scv:javamailer:password|foo} #org.opennms.core.utils.starttls.enable=false # diff --git a/opennms-services/pom.xml b/opennms-services/pom.xml index d76622653810..527e2507b75b 100644 --- a/opennms-services/pom.xml +++ b/opennms-services/pom.xml @@ -513,5 +513,11 @@ resilience4j-bulkhead ${resilience4jVersion} + + org.opennms.features.scv + org.opennms.features.scv.jceks-impl + ${project.version} + compile + diff --git a/opennms-services/src/main/java/org/opennms/netmgt/notifd/MicroblogClient.java b/opennms-services/src/main/java/org/opennms/netmgt/notifd/MicroblogClient.java index a43abcc74aa5..28c5dc12940f 100644 --- a/opennms-services/src/main/java/org/opennms/netmgt/notifd/MicroblogClient.java +++ b/opennms-services/src/main/java/org/opennms/netmgt/notifd/MicroblogClient.java @@ -34,6 +34,11 @@ import java.io.InputStreamReader; import java.util.Optional; +import org.opennms.core.mate.api.Interpolator; +import org.opennms.core.mate.api.Scope; +import org.opennms.core.mate.api.SecureCredentialsVaultScope; +import org.opennms.features.scv.api.SecureCredentialsVault; +import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.opennms.netmgt.config.microblog.MicroblogProfile; import org.opennms.netmgt.dao.api.MicroblogConfigurationDao; import org.opennms.netmgt.dao.jaxb.DefaultMicroblogConfigurationDao; @@ -49,6 +54,8 @@ public class MicroblogClient { private final MicroblogConfigurationDao m_configDao; + private SecureCredentialsVault m_secureCredentialsVault = JCEKSSecureCredentialsVault.defaultScv(); + public MicroblogClient(final MicroblogConfigurationDao dao) { m_configDao = dao; } @@ -60,6 +67,11 @@ public MicroblogClient(final Resource configResource) { m_configDao = dao; } + public MicroblogClient(final Resource configResource, final SecureCredentialsVault secureCredentialsVault) { + this(configResource); + m_secureCredentialsVault = secureCredentialsVault; + } + public static void main(final String[] args) throws Exception { System.out.println("=== Configure Microblog Authentication ==="); System.out.println(""); @@ -202,12 +214,14 @@ public Twitter getTwitter(final String profile) { final ConfigurationBuilder builder = new ConfigurationBuilder(); builder.setClientURL(mp.getServiceUrl()); - if (!isEmpty(mp.getOauthConsumerKey())) builder.setOAuthConsumerKey(mp.getOauthConsumerKey().orElse(null)); - if (!isEmpty(mp.getOauthConsumerSecret())) builder.setOAuthConsumerSecret(mp.getOauthConsumerSecret().orElse(null)); - if (!isEmpty(mp.getOauthAccessToken())) builder.setOAuthAccessToken(mp.getOauthAccessToken().orElse(null)); - if (!isEmpty(mp.getOauthAccessTokenSecret())) builder.setOAuthAccessTokenSecret(mp.getOauthAccessTokenSecret().orElse(null)); - if (!isEmpty(mp.getAuthenUsername())) builder.setUser(mp.getAuthenUsername().orElse(null)); - if (!isEmpty(mp.getAuthenPassword())) builder.setPassword(mp.getAuthenPassword().orElse(null)); + final Scope scope = new SecureCredentialsVaultScope(m_secureCredentialsVault); + + if (!isEmpty(mp.getOauthConsumerKey())) builder.setOAuthConsumerKey(Interpolator.interpolate(mp.getOauthConsumerKey().orElse(null), scope).output); + if (!isEmpty(mp.getOauthConsumerSecret())) builder.setOAuthConsumerSecret(Interpolator.interpolate(mp.getOauthConsumerSecret().orElse(null), scope).output); + if (!isEmpty(mp.getOauthAccessToken())) builder.setOAuthAccessToken(Interpolator.interpolate(mp.getOauthAccessToken().orElse(null),scope).output); + if (!isEmpty(mp.getOauthAccessTokenSecret())) builder.setOAuthAccessTokenSecret(Interpolator.interpolate(mp.getOauthAccessTokenSecret().orElse(null),scope).output); + if (!isEmpty(mp.getAuthenUsername())) builder.setUser(Interpolator.interpolate(mp.getAuthenUsername().orElse(null), scope).output); + if (!isEmpty(mp.getAuthenPassword())) builder.setPassword(Interpolator.interpolate(mp.getAuthenPassword().orElse(null), scope).output); return new TwitterFactory(builder.build()).getInstance(); } diff --git a/opennms-services/src/main/java/org/opennms/netmgt/notifd/XMPPNotificationManager.java b/opennms-services/src/main/java/org/opennms/netmgt/notifd/XMPPNotificationManager.java index 94cd42906939..e92e2f6fd588 100644 --- a/opennms-services/src/main/java/org/opennms/netmgt/notifd/XMPPNotificationManager.java +++ b/opennms-services/src/main/java/org/opennms/netmgt/notifd/XMPPNotificationManager.java @@ -57,8 +57,13 @@ import org.jivesoftware.smack.tcp.XMPPTCPConnection; import org.jivesoftware.smackx.muc.MultiUserChat; import org.opennms.core.logging.Logging; +import org.opennms.core.mate.api.Interpolator; +import org.opennms.core.mate.api.Scope; +import org.opennms.core.mate.api.SecureCredentialsVaultScope; import org.opennms.core.utils.AnyServerX509TrustManager; import org.opennms.core.utils.ConfigFileConstants; +import org.opennms.features.scv.api.SecureCredentialsVault; +import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -139,10 +144,18 @@ public void connected(XMPPConnection conn) { } }; + String getXmppPassword() { + return xmppPassword; + } + + String getXmppUser() { + return xmppUser; + } + /** *

Constructor for XMPPNotificationManager.

*/ - protected XMPPNotificationManager() { + protected XMPPNotificationManager(final SecureCredentialsVault secureCredentialsVault) { // mdc may be null when executing via unit tests Map mdc = Logging.getCopyOfContextMap(); try { @@ -175,8 +188,11 @@ protected XMPPNotificationManager() { xmppServer = this.props.getProperty("xmpp.server"); String xmppServiceName = this.props.getProperty("xmpp.servicename", xmppServer); - xmppUser = this.props.getProperty("xmpp.user"); - xmppPassword = this.props.getProperty("xmpp.pass"); + + final Scope scope = new SecureCredentialsVaultScope(secureCredentialsVault); + xmppUser = Interpolator.interpolate(this.props.getProperty("xmpp.user"), scope).output; + xmppPassword = Interpolator.interpolate(this.props.getProperty("xmpp.pass"), scope).output; + xmppPort = Integer.valueOf(this.props.getProperty("xmpp.port", XMPP_PORT)); ConnectionConfiguration xmppConfig = new ConnectionConfiguration(xmppServer, xmppPort, xmppServiceName); @@ -270,13 +286,17 @@ private void login() { * @return instance of XMPPNotificationManager */ public static synchronized XMPPNotificationManager getInstance() { - if (instance == null) { - instance = new XMPPNotificationManager(); + instance = new XMPPNotificationManager(JCEKSSecureCredentialsVault.defaultScv()); } - return instance; + } + public static synchronized XMPPNotificationManager getInstance(final SecureCredentialsVault secureCredentialsVault) { + if (instance == null) { + instance = new XMPPNotificationManager(secureCredentialsVault); + } + return instance; } /** diff --git a/opennms-services/src/test/java/org/opennms/netmgt/notifd/MicroblogClientTest.java b/opennms-services/src/test/java/org/opennms/netmgt/notifd/MicroblogClientTest.java index 3c474ef57a3a..a9bbb03b7fcb 100644 --- a/opennms-services/src/test/java/org/opennms/netmgt/notifd/MicroblogClientTest.java +++ b/opennms-services/src/test/java/org/opennms/netmgt/notifd/MicroblogClientTest.java @@ -28,15 +28,29 @@ package org.opennms.netmgt.notifd; +import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; +import java.io.File; + import org.junit.Ignore; +import org.junit.Rule; import org.junit.Test; +import org.junit.rules.TemporaryFolder; +import org.opennms.features.scv.api.Credentials; +import org.opennms.features.scv.api.SecureCredentialsVault; +import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.springframework.security.util.InMemoryResource; +import twitter4j.TwitterException; + public class MicroblogClientTest { + + @Rule + public TemporaryFolder tempFolder = new TemporaryFolder(); + private final String m_consumerKey = ""; private final String m_consumerSecret = ""; @@ -108,4 +122,29 @@ public void testOAuthRegistration() throws Exception { assertNotNull(auth.getUrl()); assertTrue(auth.getUrl() + " should contain twitter.com/", auth.getUrl().contains("twitter.com/")); } + + @Test + public void testMetadata() throws TwitterException { + final File keystoreFile = new File(tempFolder.getRoot(), "scv.jce"); + final SecureCredentialsVault secureCredentialsVault = new JCEKSSecureCredentialsVault(keystoreFile.getAbsolutePath(), "notRealPassword"); + secureCredentialsVault.setCredentials("authen", new Credentials("john", "doe")); + secureCredentialsVault.setCredentials("oauth", new Credentials("foo", "bar")); + final InMemoryResource configResource = new InMemoryResource( + "\n" + + "\n" + + " \n" + + "\n"); + final MicroblogClient client = new MicroblogClient(configResource, secureCredentialsVault); + assertEquals("john", client.getTwitter("twitter").getConfiguration().getUser()); + assertEquals("doe", client.getTwitter("twitter").getConfiguration().getPassword()); + assertEquals("foo", client.getTwitter("twitter").getConfiguration().getOAuthConsumerKey()); + assertEquals("bar", client.getTwitter("twitter").getConfiguration().getOAuthConsumerSecret()); + } } diff --git a/opennms-services/src/test/java/org/opennms/netmgt/notifd/XMPPNotificationTest.java b/opennms-services/src/test/java/org/opennms/netmgt/notifd/XMPPNotificationTest.java index e3fd9dd0d35d..10819bff1dbc 100644 --- a/opennms-services/src/test/java/org/opennms/netmgt/notifd/XMPPNotificationTest.java +++ b/opennms-services/src/test/java/org/opennms/netmgt/notifd/XMPPNotificationTest.java @@ -28,23 +28,39 @@ package org.opennms.netmgt.notifd; +import static junit.framework.TestCase.assertEquals; + +import java.io.File; + import org.junit.Before; import org.junit.Ignore; +import org.junit.Rule; import org.junit.Test; +import org.junit.rules.TemporaryFolder; +import org.opennms.features.scv.api.Credentials; +import org.opennms.features.scv.api.SecureCredentialsVault; +import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; public class XMPPNotificationTest { + + @Rule + public TemporaryFolder tempFolder = new TemporaryFolder(); + private XMPPNotificationManager m_xmppManager; @Before public void setUp() { + final File keystoreFile = new File(tempFolder.getRoot(), "scv.jce"); + final SecureCredentialsVault secureCredentialsVault = new JCEKSSecureCredentialsVault(keystoreFile.getAbsolutePath(), "notRealPassword"); + secureCredentialsVault.setCredentials("xmpp", new Credentials("john", "doe")); System.setProperty("useSystemXMPPConfig", "true"); System.setProperty("xmpp.server", "jabber.example.com"); System.setProperty("xmpp.port", "5222"); System.setProperty("xmpp.TLSEnabled", "true"); System.setProperty("xmpp.selfSignedCertificateEnabled", "true"); - System.setProperty("xmpp.user", "test"); - System.setProperty("xmpp.pass", "testpass"); - m_xmppManager = XMPPNotificationManager.getInstance(); + System.setProperty("xmpp.user", "${scv:xmpp:username|test}"); + System.setProperty("xmpp.pass", "${scv:xmpp:password|testpass}"); + m_xmppManager = XMPPNotificationManager.getInstance(secureCredentialsVault); } @Test @@ -58,4 +74,10 @@ public void testNotification() { public void testGroupNotification() { m_xmppManager.sendGroupChat("test@conference.jabber.example.com", "This is a conference test."); } + + @Test + public void testMetadata() { + assertEquals("john", m_xmppManager.getXmppUser()); + assertEquals("doe", m_xmppManager.getXmppPassword()); + } } From 6a8cfdf067b820057df064c256be7272631f22cf Mon Sep 17 00:00:00 2001 From: Christian Pape Date: Wed, 30 Aug 2023 09:56:23 +0200 Subject: [PATCH 2/6] NMS-15759: Fixing Minion deployment issues --- .../netmgt/ackd/readers/MailAckProcessor.java | 12 ++++++-- .../opennms/applicationContext-ackd.xml | 1 + .../northbounder/email/EmailNorthbounder.java | 9 ++++-- .../email/EmailNorthbounderManager.java | 6 +++- .../service/JavaMailDeliveryService.java | 10 ++++++- .../opennms/applicationContext-reportd.xml | 1 + opennms-javamail/opennms-javamail-api/pom.xml | 5 ---- .../org/opennms/javamail/JavaMailer2.java | 13 +-------- .../opennms/javamail/JavaMailerConfig.java | 22 --------------- .../org/opennms/javamail/JavaSendMailer.java | 9 ++---- .../org/opennms/javamail/JavaMailerTest.java | 19 ------------- .../opennms/javamail/JavaReadMailerTest.java | 28 ------------------- .../opennms/javamail/JavaSendMailerTest.java | 8 +----- 13 files changed, 37 insertions(+), 106 deletions(-) diff --git a/opennms-ackd/src/main/java/org/opennms/netmgt/ackd/readers/MailAckProcessor.java b/opennms-ackd/src/main/java/org/opennms/netmgt/ackd/readers/MailAckProcessor.java index 3e64ac49f5b6..6a4e12a2c338 100644 --- a/opennms-ackd/src/main/java/org/opennms/netmgt/ackd/readers/MailAckProcessor.java +++ b/opennms-ackd/src/main/java/org/opennms/netmgt/ackd/readers/MailAckProcessor.java @@ -44,6 +44,8 @@ import javax.mail.MessagingException; import javax.mail.internet.InternetAddress; +import org.opennms.core.mate.api.EntityScopeProvider; +import org.opennms.core.mate.api.Interpolator; import org.opennms.core.utils.StringUtils; import org.opennms.javamail.JavaMailerException; import org.opennms.javamail.JavaReadMailer; @@ -78,6 +80,8 @@ class MailAckProcessor implements AckProcessor { private AcknowledgmentDao m_ackDao; private volatile JavaMailConfigurationDao m_jmConfigDao; + + private EntityScopeProvider m_entityScopeProvider; /** *

afterPropertiesSet

@@ -286,7 +290,7 @@ protected List retrieveAckMessages() throws JavaMailerException { //TODO: make flag for folder open mode //TODO: Make sure configuration supports flag for deleting acknowledgments - JavaReadMailer readMailer = new JavaReadMailer(readMailConfig, true); + JavaReadMailer readMailer = new JavaReadMailer((ReadmailConfig) Interpolator.interpolate(readMailConfig, m_entityScopeProvider.getScopeForScv()), true); String notifRe = m_ackdDao.getConfig().getNotifyidMatchExpression(); notifRe = notifRe.startsWith("~") ? notifRe.substring(1) : notifRe; @@ -405,7 +409,11 @@ public synchronized void setAckdConfigDao(final AckdConfigurationDao configDao) public synchronized void setAcknowledgmentDao(final AcknowledgmentDao ackDao) { m_ackDao = ackDao; } - + + public void setEntityScopeProvider(final EntityScopeProvider entityScopeProvider) { + m_entityScopeProvider = entityScopeProvider; + } + /** *

reloadConfigs

*/ diff --git a/opennms-ackd/src/main/resources/META-INF/opennms/applicationContext-ackd.xml b/opennms-ackd/src/main/resources/META-INF/opennms/applicationContext-ackd.xml index 6c34bc77391a..ac628c61e68f 100644 --- a/opennms-ackd/src/main/resources/META-INF/opennms/applicationContext-ackd.xml +++ b/opennms-ackd/src/main/resources/META-INF/opennms/applicationContext-ackd.xml @@ -44,6 +44,7 @@ + diff --git a/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounder.java b/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounder.java index b2c70ce1ab47..e0a59451f94f 100644 --- a/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounder.java +++ b/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounder.java @@ -31,6 +31,8 @@ import java.util.List; import java.util.Map; +import org.opennms.core.mate.api.EntityScopeProvider; +import org.opennms.core.mate.api.Interpolator; import org.opennms.core.utils.PropertiesUtils; import org.opennms.core.xml.JaxbUtils; import org.opennms.javamail.JavaMailerException; @@ -87,6 +89,8 @@ public class EmailNorthbounder extends AbstractNorthbounder implements Initializ /** The initialized flag (it will be true when the NBI is properly initialized). */ private boolean initialized = false; + private EntityScopeProvider m_entityScopeProvider; + /** * Instantiates a new SNMP Trap northbounder. * @@ -94,8 +98,9 @@ public class EmailNorthbounder extends AbstractNorthbounder implements Initializ * @param javaMailDao the JavaMail configuration DAO * @param destinationName the destination name */ - public EmailNorthbounder(EmailNorthbounderConfigDao configDao, JavaMailConfigurationDao javaMailDao, String destinationName) { + public EmailNorthbounder(EmailNorthbounderConfigDao configDao, JavaMailConfigurationDao javaMailDao, String destinationName, EntityScopeProvider entityScopeProvider) { super(NBI_NAME + ":" + destinationName); + m_entityScopeProvider = entityScopeProvider; m_configDao = configDao; m_destination = configDao.getConfig().getEmailDestination(destinationName); @@ -189,7 +194,7 @@ public void forwardAlarms(List alarms) throws NorthbounderExcep LOG.info("Forwarding {} alarms to destination {}", alarms.size(), m_destination.getName()); for (NorthboundAlarm alarm : alarms) { try { - JavaSendMailer mailer = new JavaSendMailer(getSendmailConfig(alarm), false); + JavaSendMailer mailer = new JavaSendMailer((SendmailConfig) Interpolator.interpolate(getSendmailConfig(alarm), m_entityScopeProvider.getScopeForScv()), false); mailer.send(); } catch (JavaMailerException e) { LOG.error("Can't send email for {}", alarm, e); diff --git a/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounderManager.java b/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounderManager.java index 83536a1534c1..705c8d1db458 100644 --- a/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounderManager.java +++ b/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounderManager.java @@ -31,6 +31,7 @@ import java.util.HashMap; import java.util.Map; +import org.opennms.core.mate.api.EntityScopeProvider; import org.opennms.core.soa.Registration; import org.opennms.core.soa.ServiceRegistry; import org.opennms.netmgt.alarmd.api.NorthboundAlarm; @@ -66,6 +67,9 @@ public class EmailNorthbounderManager implements InitializingBean, Northbounder, @Autowired private JavaMailConfigurationDao m_javaMailDao; + @Autowired + private EntityScopeProvider m_entityScopeProvider; + /** The registrations map. */ private Map m_registrations = new HashMap(); @@ -98,7 +102,7 @@ private void registerNorthbounders() throws Exception { } for (EmailDestination destination : m_configDao.getConfig().getEmailDestinations()) { LOG.info("Registering Email northbound configuration for destination {}.", destination.getName()); - EmailNorthbounder nbi = new EmailNorthbounder(m_configDao, m_javaMailDao, destination.getName()); + EmailNorthbounder nbi = new EmailNorthbounder(m_configDao, m_javaMailDao, destination.getName(), m_entityScopeProvider); nbi.afterPropertiesSet(); m_registrations.put(nbi.getName(), m_serviceRegistry.register(nbi, Northbounder.class)); } diff --git a/opennms-enterprise-reporting/opennms-reportd/src/main/java/org/opennms/netmgt/reporting/service/JavaMailDeliveryService.java b/opennms-enterprise-reporting/opennms-reportd/src/main/java/org/opennms/netmgt/reporting/service/JavaMailDeliveryService.java index c73d0c9ffd20..89d9afb729f2 100644 --- a/opennms-enterprise-reporting/opennms-reportd/src/main/java/org/opennms/netmgt/reporting/service/JavaMailDeliveryService.java +++ b/opennms-enterprise-reporting/opennms-reportd/src/main/java/org/opennms/netmgt/reporting/service/JavaMailDeliveryService.java @@ -33,6 +33,8 @@ import javax.mail.MessagingException; import javax.mail.internet.MimeMessage; +import org.opennms.core.mate.api.EntityScopeProvider; +import org.opennms.core.mate.api.Interpolator; import org.opennms.javamail.JavaMailerException; import org.opennms.javamail.JavaSendMailer; import org.opennms.netmgt.config.javamail.SendmailConfig; @@ -53,6 +55,8 @@ */ public class JavaMailDeliveryService implements ReportDeliveryService { + private EntityScopeProvider m_entityScopeProvider; + /** The Constant LOG. */ private static final Logger LOG = LoggerFactory.getLogger(JavaMailDeliveryService.class); @@ -76,7 +80,7 @@ public void deliverReport(Report report, String fileName) throws ReportDeliveryE config = m_JavamailConfigDao.getDefaultSendmailConfig(); } - JavaSendMailer sm = new JavaSendMailer(config); + JavaSendMailer sm = new JavaSendMailer((SendmailConfig) Interpolator.interpolate(config, m_entityScopeProvider.getScopeForScv())); MimeMessage msg = new MimeMessage(sm.getSession()); if (config.getSendmailMessage() != null && config.getSendmailProtocol() != null) { @@ -132,6 +136,10 @@ public void setJavamailConfigDao(JavaMailConfigurationDao javamailConfigDao) { m_JavamailConfigDao = javamailConfigDao; } + public void setEntityScopeProvider(EntityScopeProvider entityScopeProvider) { + m_entityScopeProvider = entityScopeProvider; + } + /* (non-Javadoc) * @see org.opennms.netmgt.reporting.service.ReportDeliveryService#reloadConfiguration() */ diff --git a/opennms-enterprise-reporting/opennms-reportd/src/main/resources/META-INF/opennms/applicationContext-reportd.xml b/opennms-enterprise-reporting/opennms-reportd/src/main/resources/META-INF/opennms/applicationContext-reportd.xml index 783aa6337b40..bbc897a9b528 100644 --- a/opennms-enterprise-reporting/opennms-reportd/src/main/resources/META-INF/opennms/applicationContext-reportd.xml +++ b/opennms-enterprise-reporting/opennms-reportd/src/main/resources/META-INF/opennms/applicationContext-reportd.xml @@ -37,6 +37,7 @@ + diff --git a/opennms-javamail/opennms-javamail-api/pom.xml b/opennms-javamail/opennms-javamail-api/pom.xml index 80e381a991cd..1977cc8914c9 100644 --- a/opennms-javamail/opennms-javamail-api/pom.xml +++ b/opennms-javamail/opennms-javamail-api/pom.xml @@ -56,10 +56,5 @@ org.opennms.core.mate.api ${project.version} - - org.opennms.features.scv - org.opennms.features.scv.jceks-impl - ${project.version} - diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java index 5166a94fe1b2..f4c45d55bdb2 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java @@ -48,11 +48,6 @@ import javax.mail.event.TransportListener; import javax.mail.internet.MimeBodyPart; -import org.opennms.core.mate.api.Interpolator; -import org.opennms.core.mate.api.Scope; -import org.opennms.core.mate.api.SecureCredentialsVaultScope; -import org.opennms.features.scv.api.SecureCredentialsVault; -import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.util.StringUtils; @@ -68,7 +63,6 @@ public abstract class JavaMailer2 { private static final Logger LOG = LoggerFactory.getLogger(JavaMailer2.class); - protected SecureCredentialsVault secureCredentialsVault = JCEKSSecureCredentialsVault.defaultScv(); private Session m_session = null; private Properties m_mailProps; @@ -102,12 +96,11 @@ public JavaMailer2() throws JavaMailerException { */ public Authenticator createAuthenticator(final String user, final String password) { Authenticator auth; - final Scope scope = new SecureCredentialsVaultScope(secureCredentialsVault); auth = new Authenticator() { @Override protected PasswordAuthentication getPasswordAuthentication() { - return new PasswordAuthentication(Interpolator.interpolate(user, scope).output, Interpolator.interpolate(password, scope).output); + return new PasswordAuthentication(user, password); } }; return auth; @@ -150,10 +143,6 @@ public Message buildMessage(String m_charSet, String m_encoding, String m_conten } */ - void setSecureCredentialsVault(SecureCredentialsVault secureCredentialsVault) { - this.secureCredentialsVault = secureCredentialsVault; - } - /** * Create a file attachment as a MimeBodyPart, checking to see if the file * exists before we create the attachment. diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java index d3d99d516a00..2d08cb84b933 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java @@ -34,12 +34,7 @@ import java.io.InputStream; import java.util.Properties; -import org.opennms.core.mate.api.Interpolator; -import org.opennms.core.mate.api.Scope; -import org.opennms.core.mate.api.SecureCredentialsVaultScope; import org.opennms.core.utils.ConfigFileConstants; -import org.opennms.features.scv.api.SecureCredentialsVault; -import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -50,20 +45,6 @@ public abstract class JavaMailerConfig { private static final Logger LOG = LoggerFactory.getLogger(JavaMailerConfig.class); - private static SecureCredentialsVault secureCredentialsVault = JCEKSSecureCredentialsVault.defaultScv(); - - private static void interpolateProperty(final Properties properties, final Scope scope, final String key) { - final String string = properties.getProperty(key); - if (string == null) { - return; - } - properties.put(key, Interpolator.interpolate(string, scope).output); - } - - static void setSecureCredentialsVault(final SecureCredentialsVault secureCredentialsVault) { - JavaMailerConfig.secureCredentialsVault = secureCredentialsVault; - } - /** * This loads the configuration file. * @@ -77,9 +58,6 @@ public static synchronized Properties getProperties() throws IOException { InputStream in = new FileInputStream(configFile); properties.load(in); in.close(); - final Scope scope = new SecureCredentialsVaultScope(secureCredentialsVault); - interpolateProperty(properties, scope, "org.opennms.core.utils.authenticateUser"); - interpolateProperty(properties, scope, "org.opennms.core.utils.authenticatePassword"); return properties; } diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java index 662b2db635db..99d6a3906927 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java @@ -42,9 +42,6 @@ import javax.mail.Transport; import javax.mail.internet.MimeMessage; -import org.opennms.core.mate.api.Interpolator; -import org.opennms.core.mate.api.Scope; -import org.opennms.core.mate.api.SecureCredentialsVaultScope; import org.opennms.core.utils.PropertiesUtils; import org.opennms.netmgt.config.javamail.JavamailProperty; import org.opennms.netmgt.config.javamail.SendmailConfig; @@ -169,8 +166,7 @@ public Authenticator createAuthenticator() { protected PasswordAuthentication getPasswordAuthentication() { if (m_config.getUserAuth() != null) { final UserAuth userAuth = m_config.getUserAuth(); - final Scope scope = new SecureCredentialsVaultScope(secureCredentialsVault); - return new PasswordAuthentication(Interpolator.interpolate(userAuth.getUserName(), scope).output, Interpolator.interpolate(userAuth.getPassword(), scope).output); + return new PasswordAuthentication(userAuth.getUserName(), userAuth.getPassword()); } LOG.debug("No user authentication configured."); return new PasswordAuthentication(null,null); @@ -366,8 +362,7 @@ public void send(MimeMessage message) throws JavaMailerException { if (m_config.isUseAuthentication() && m_config.getUserAuth() != null) { LOG.debug("authenticating to {}", sendmailHost.getHost()); final UserAuth userAuth = m_config.getUserAuth(); - final Scope scope = new SecureCredentialsVaultScope(secureCredentialsVault); - t.connect(sendmailHost.getHost(), sendmailHost.getPort(), Interpolator.interpolate(userAuth.getUserName(), scope).output, Interpolator.interpolate(userAuth.getPassword(), scope).output); + t.connect(sendmailHost.getHost(), sendmailHost.getPort(), userAuth.getUserName(), userAuth.getPassword()); } else { LOG.debug("not authenticating to {}", sendmailHost.getHost()); t.connect(sendmailHost.getHost(), sendmailHost.getPort(), null, null); diff --git a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java index 7422f05558ce..bad31c802e80 100644 --- a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java +++ b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java @@ -38,15 +38,10 @@ import org.junit.After; import org.junit.Before; -import org.junit.Rule; import org.junit.Test; -import org.junit.rules.TemporaryFolder; import org.junit.runner.RunWith; import org.opennms.core.test.MockLogAppender; import org.opennms.core.utils.InetAddressUtils; -import org.opennms.features.scv.api.Credentials; -import org.opennms.features.scv.api.SecureCredentialsVault; -import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.Resource; import org.springframework.test.context.TestExecutionListeners; @@ -61,9 +56,6 @@ @TestExecutionListeners({}) public class JavaMailerTest { - @Rule - public TemporaryFolder tempFolder = new TemporaryFolder(); - private static final String TEST_ADDRESS = "test@opennms.org"; @Before @@ -139,15 +131,4 @@ public void testNullReplyTo() throws Exception { assertEquals(1, message.getReplyTo().length); assertEquals("test@opennms.org", jm.buildMessage().getReplyTo()[0].toString()); } - - @Test - public void testMetadata() throws Exception { - final File keystoreFile = new File(tempFolder.getRoot(), "scv.jce"); - final SecureCredentialsVault secureCredentialsVault = new JCEKSSecureCredentialsVault(keystoreFile.getAbsolutePath(), "notRealPassword"); - secureCredentialsVault.setCredentials("javamailer", new Credentials("john", "doe")); - JavaMailerConfig.setSecureCredentialsVault(secureCredentialsVault); - final JavaMailer mailer = new JavaMailer(); - assertEquals("john", mailer.getUser()); - assertEquals("doe", mailer.getPassword()); - } } diff --git a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java index 7800403da8c0..5d3ae10f2ffc 100644 --- a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java +++ b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java @@ -30,8 +30,6 @@ import static org.junit.Assert.assertEquals; -import java.io.File; -import java.lang.reflect.Method; import java.util.Calendar; import java.util.List; @@ -46,12 +44,7 @@ import org.junit.Assert; import org.junit.Ignore; -import org.junit.Rule; import org.junit.Test; -import org.junit.rules.TemporaryFolder; -import org.opennms.features.scv.api.Credentials; -import org.opennms.features.scv.api.SecureCredentialsVault; -import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.opennms.netmgt.config.javamail.ReadmailConfig; import org.opennms.netmgt.config.javamail.ReadmailHost; import org.opennms.netmgt.config.javamail.ReadmailProtocol; @@ -63,9 +56,6 @@ public class JavaReadMailerTest { - @Rule - public TemporaryFolder tempFolder = new TemporaryFolder(); - /** * Un-ignore this test with a proper gmail account * @throws JavaMailerException @@ -240,22 +230,4 @@ public PasswordAuthentication getConfiguredPasswordAuthentication() { return getPasswordAuthentication(); } } - - @Test - public void testMetadata() throws Exception { - final File keystoreFile = new File(tempFolder.getRoot(), "scv.jce"); - final SecureCredentialsVault secureCredentialsVault = new JCEKSSecureCredentialsVault(keystoreFile.getAbsolutePath(), "notRealPassword"); - secureCredentialsVault.setCredentials("javamailer2", new Credentials("john", "doe")); - - final JavaReadMailer readMailer = createGoogleReadMailer(null, null); - readMailer.setSecureCredentialsVault(secureCredentialsVault); - - final Authenticator authenticator = readMailer.createAuthenticator("${scv:javamailer2:username|ABC}", "${scv:javamailer2:password|ABC}"); - final Method method = authenticator.getClass().getDeclaredMethod("getPasswordAuthentication"); - method.setAccessible(true); - final PasswordAuthentication passwordAuthentication = (PasswordAuthentication) method.invoke(authenticator); - - assertEquals("john", passwordAuthentication.getUserName()); - assertEquals("doe", passwordAuthentication.getPassword()); - } } diff --git a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java index c1f4ae13fe1f..7a8e2c7460c7 100644 --- a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java +++ b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java @@ -40,14 +40,11 @@ import org.junit.Rule; import org.junit.Test; import org.junit.rules.TemporaryFolder; -import org.opennms.features.scv.api.Credentials; -import org.opennms.features.scv.api.SecureCredentialsVault; -import org.opennms.features.scv.jceks.JCEKSSecureCredentialsVault; import org.opennms.netmgt.config.javamail.SendmailConfig; import org.opennms.netmgt.config.javamail.SendmailHost; +import org.opennms.netmgt.config.javamail.SendmailMessage; import org.opennms.netmgt.config.javamail.SendmailProtocol; import org.opennms.netmgt.config.javamail.UserAuth; -import org.opennms.netmgt.config.javamail.SendmailMessage; public class JavaSendMailerTest { @@ -143,11 +140,8 @@ public void testNullReplyTo() throws Exception { @Test public void testMetadata() throws Exception { final File keystoreFile = new File(tempFolder.getRoot(), "scv.jce"); - final SecureCredentialsVault secureCredentialsVault = new JCEKSSecureCredentialsVault(keystoreFile.getAbsolutePath(), "notRealPassword"); - secureCredentialsVault.setCredentials("javamailer2", new Credentials("john", "doe")); final JavaSendMailer sendMailer = createSendMailer(); - sendMailer.setSecureCredentialsVault(secureCredentialsVault); final Authenticator authenticator = sendMailer.createAuthenticator(); final Method method = authenticator.getClass().getDeclaredMethod("getPasswordAuthentication"); From 625d1f0b850f6df68ffa2cf91be067ed14d7e312 Mon Sep 17 00:00:00 2001 From: Christian Pape Date: Wed, 30 Aug 2023 10:11:32 +0200 Subject: [PATCH 3/6] NMS-15759: Reverting some changes --- opennms-ackd/pom.xml | 4 ++ .../netmgt/ackd/readers/MailAckProcessor.java | 12 +--- .../opennms/applicationContext-ackd.xml | 1 - .../ackd/readers/JavaMailAckReaderIT.java | 9 +-- .../northbounder/email/EmailNorthbounder.java | 9 +-- .../email/EmailNorthbounderManager.java | 6 +- .../service/JavaMailDeliveryService.java | 10 +-- .../opennms/applicationContext-reportd.xml | 1 - .../java/org/opennms/javamail/JavaMailer.java | 1 - .../org/opennms/javamail/JavaMailer2.java | 4 +- .../opennms/javamail/JavaMailerConfig.java | 68 ++++++++++++++++++- .../org/opennms/javamail/JavaReadMailer.java | 1 + .../org/opennms/javamail/JavaSendMailer.java | 4 +- .../org/opennms/javamail/JavaMailerTest.java | 19 +++++- .../opennms/javamail/JavaReadMailerTest.java | 31 +++++++-- .../opennms/javamail/JavaSendMailerTest.java | 31 +++++---- .../etc/javamail-configuration.properties | 4 +- 17 files changed, 148 insertions(+), 67 deletions(-) diff --git a/opennms-ackd/pom.xml b/opennms-ackd/pom.xml index fab5a0f0ccb2..a1a5a466c451 100644 --- a/opennms-ackd/pom.xml +++ b/opennms-ackd/pom.xml @@ -118,5 +118,9 @@ postgresql test + + org.opennms.core.mate + org.opennms.core.mate.model + diff --git a/opennms-ackd/src/main/java/org/opennms/netmgt/ackd/readers/MailAckProcessor.java b/opennms-ackd/src/main/java/org/opennms/netmgt/ackd/readers/MailAckProcessor.java index 6a4e12a2c338..3e64ac49f5b6 100644 --- a/opennms-ackd/src/main/java/org/opennms/netmgt/ackd/readers/MailAckProcessor.java +++ b/opennms-ackd/src/main/java/org/opennms/netmgt/ackd/readers/MailAckProcessor.java @@ -44,8 +44,6 @@ import javax.mail.MessagingException; import javax.mail.internet.InternetAddress; -import org.opennms.core.mate.api.EntityScopeProvider; -import org.opennms.core.mate.api.Interpolator; import org.opennms.core.utils.StringUtils; import org.opennms.javamail.JavaMailerException; import org.opennms.javamail.JavaReadMailer; @@ -80,8 +78,6 @@ class MailAckProcessor implements AckProcessor { private AcknowledgmentDao m_ackDao; private volatile JavaMailConfigurationDao m_jmConfigDao; - - private EntityScopeProvider m_entityScopeProvider; /** *

afterPropertiesSet

@@ -290,7 +286,7 @@ protected List retrieveAckMessages() throws JavaMailerException { //TODO: make flag for folder open mode //TODO: Make sure configuration supports flag for deleting acknowledgments - JavaReadMailer readMailer = new JavaReadMailer((ReadmailConfig) Interpolator.interpolate(readMailConfig, m_entityScopeProvider.getScopeForScv()), true); + JavaReadMailer readMailer = new JavaReadMailer(readMailConfig, true); String notifRe = m_ackdDao.getConfig().getNotifyidMatchExpression(); notifRe = notifRe.startsWith("~") ? notifRe.substring(1) : notifRe; @@ -409,11 +405,7 @@ public synchronized void setAckdConfigDao(final AckdConfigurationDao configDao) public synchronized void setAcknowledgmentDao(final AcknowledgmentDao ackDao) { m_ackDao = ackDao; } - - public void setEntityScopeProvider(final EntityScopeProvider entityScopeProvider) { - m_entityScopeProvider = entityScopeProvider; - } - + /** *

reloadConfigs

*/ diff --git a/opennms-ackd/src/main/resources/META-INF/opennms/applicationContext-ackd.xml b/opennms-ackd/src/main/resources/META-INF/opennms/applicationContext-ackd.xml index ac628c61e68f..6c34bc77391a 100644 --- a/opennms-ackd/src/main/resources/META-INF/opennms/applicationContext-ackd.xml +++ b/opennms-ackd/src/main/resources/META-INF/opennms/applicationContext-ackd.xml @@ -44,7 +44,6 @@ - diff --git a/opennms-ackd/src/test/java/org/opennms/netmgt/ackd/readers/JavaMailAckReaderIT.java b/opennms-ackd/src/test/java/org/opennms/netmgt/ackd/readers/JavaMailAckReaderIT.java index 8f40e8db35f1..b08f9cc7b796 100644 --- a/opennms-ackd/src/test/java/org/opennms/netmgt/ackd/readers/JavaMailAckReaderIT.java +++ b/opennms-ackd/src/test/java/org/opennms/netmgt/ackd/readers/JavaMailAckReaderIT.java @@ -28,22 +28,17 @@ package org.opennms.netmgt.ackd.readers; -import static org.junit.Assert.fail; - import java.util.ArrayList; import java.util.List; import java.util.Properties; -import java.util.concurrent.Future; -import java.util.concurrent.ScheduledThreadPoolExecutor; -import java.util.concurrent.TimeUnit; import javax.mail.Address; import javax.mail.BodyPart; import javax.mail.Message; +import javax.mail.Message.RecipientType; import javax.mail.MessagingException; import javax.mail.Multipart; import javax.mail.Session; -import javax.mail.Message.RecipientType; import javax.mail.internet.AddressException; import javax.mail.internet.InternetAddress; import javax.mail.internet.MimeBodyPart; @@ -51,7 +46,6 @@ import javax.mail.internet.MimeMultipart; import org.junit.Assert; - import org.junit.Ignore; import org.junit.Test; import org.junit.runner.RunWith; @@ -60,7 +54,6 @@ import org.opennms.core.test.db.annotations.JUnitTemporaryDatabase; import org.opennms.javamail.JavaMailerException; import org.opennms.javamail.JavaSendMailer; -import org.opennms.netmgt.ackd.AckReader; import org.opennms.netmgt.ackd.Ackd; import org.opennms.netmgt.config.ackd.AckdConfiguration; import org.opennms.netmgt.config.javamail.End2endMailConfig; diff --git a/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounder.java b/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounder.java index e0a59451f94f..b2c70ce1ab47 100644 --- a/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounder.java +++ b/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounder.java @@ -31,8 +31,6 @@ import java.util.List; import java.util.Map; -import org.opennms.core.mate.api.EntityScopeProvider; -import org.opennms.core.mate.api.Interpolator; import org.opennms.core.utils.PropertiesUtils; import org.opennms.core.xml.JaxbUtils; import org.opennms.javamail.JavaMailerException; @@ -89,8 +87,6 @@ public class EmailNorthbounder extends AbstractNorthbounder implements Initializ /** The initialized flag (it will be true when the NBI is properly initialized). */ private boolean initialized = false; - private EntityScopeProvider m_entityScopeProvider; - /** * Instantiates a new SNMP Trap northbounder. * @@ -98,9 +94,8 @@ public class EmailNorthbounder extends AbstractNorthbounder implements Initializ * @param javaMailDao the JavaMail configuration DAO * @param destinationName the destination name */ - public EmailNorthbounder(EmailNorthbounderConfigDao configDao, JavaMailConfigurationDao javaMailDao, String destinationName, EntityScopeProvider entityScopeProvider) { + public EmailNorthbounder(EmailNorthbounderConfigDao configDao, JavaMailConfigurationDao javaMailDao, String destinationName) { super(NBI_NAME + ":" + destinationName); - m_entityScopeProvider = entityScopeProvider; m_configDao = configDao; m_destination = configDao.getConfig().getEmailDestination(destinationName); @@ -194,7 +189,7 @@ public void forwardAlarms(List alarms) throws NorthbounderExcep LOG.info("Forwarding {} alarms to destination {}", alarms.size(), m_destination.getName()); for (NorthboundAlarm alarm : alarms) { try { - JavaSendMailer mailer = new JavaSendMailer((SendmailConfig) Interpolator.interpolate(getSendmailConfig(alarm), m_entityScopeProvider.getScopeForScv()), false); + JavaSendMailer mailer = new JavaSendMailer(getSendmailConfig(alarm), false); mailer.send(); } catch (JavaMailerException e) { LOG.error("Can't send email for {}", alarm, e); diff --git a/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounderManager.java b/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounderManager.java index 705c8d1db458..83536a1534c1 100644 --- a/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounderManager.java +++ b/opennms-alarms/email-northbounder/src/main/java/org/opennms/netmgt/alarmd/northbounder/email/EmailNorthbounderManager.java @@ -31,7 +31,6 @@ import java.util.HashMap; import java.util.Map; -import org.opennms.core.mate.api.EntityScopeProvider; import org.opennms.core.soa.Registration; import org.opennms.core.soa.ServiceRegistry; import org.opennms.netmgt.alarmd.api.NorthboundAlarm; @@ -67,9 +66,6 @@ public class EmailNorthbounderManager implements InitializingBean, Northbounder, @Autowired private JavaMailConfigurationDao m_javaMailDao; - @Autowired - private EntityScopeProvider m_entityScopeProvider; - /** The registrations map. */ private Map m_registrations = new HashMap(); @@ -102,7 +98,7 @@ private void registerNorthbounders() throws Exception { } for (EmailDestination destination : m_configDao.getConfig().getEmailDestinations()) { LOG.info("Registering Email northbound configuration for destination {}.", destination.getName()); - EmailNorthbounder nbi = new EmailNorthbounder(m_configDao, m_javaMailDao, destination.getName(), m_entityScopeProvider); + EmailNorthbounder nbi = new EmailNorthbounder(m_configDao, m_javaMailDao, destination.getName()); nbi.afterPropertiesSet(); m_registrations.put(nbi.getName(), m_serviceRegistry.register(nbi, Northbounder.class)); } diff --git a/opennms-enterprise-reporting/opennms-reportd/src/main/java/org/opennms/netmgt/reporting/service/JavaMailDeliveryService.java b/opennms-enterprise-reporting/opennms-reportd/src/main/java/org/opennms/netmgt/reporting/service/JavaMailDeliveryService.java index 89d9afb729f2..c73d0c9ffd20 100644 --- a/opennms-enterprise-reporting/opennms-reportd/src/main/java/org/opennms/netmgt/reporting/service/JavaMailDeliveryService.java +++ b/opennms-enterprise-reporting/opennms-reportd/src/main/java/org/opennms/netmgt/reporting/service/JavaMailDeliveryService.java @@ -33,8 +33,6 @@ import javax.mail.MessagingException; import javax.mail.internet.MimeMessage; -import org.opennms.core.mate.api.EntityScopeProvider; -import org.opennms.core.mate.api.Interpolator; import org.opennms.javamail.JavaMailerException; import org.opennms.javamail.JavaSendMailer; import org.opennms.netmgt.config.javamail.SendmailConfig; @@ -55,8 +53,6 @@ */ public class JavaMailDeliveryService implements ReportDeliveryService { - private EntityScopeProvider m_entityScopeProvider; - /** The Constant LOG. */ private static final Logger LOG = LoggerFactory.getLogger(JavaMailDeliveryService.class); @@ -80,7 +76,7 @@ public void deliverReport(Report report, String fileName) throws ReportDeliveryE config = m_JavamailConfigDao.getDefaultSendmailConfig(); } - JavaSendMailer sm = new JavaSendMailer((SendmailConfig) Interpolator.interpolate(config, m_entityScopeProvider.getScopeForScv())); + JavaSendMailer sm = new JavaSendMailer(config); MimeMessage msg = new MimeMessage(sm.getSession()); if (config.getSendmailMessage() != null && config.getSendmailProtocol() != null) { @@ -136,10 +132,6 @@ public void setJavamailConfigDao(JavaMailConfigurationDao javamailConfigDao) { m_JavamailConfigDao = javamailConfigDao; } - public void setEntityScopeProvider(EntityScopeProvider entityScopeProvider) { - m_entityScopeProvider = entityScopeProvider; - } - /* (non-Javadoc) * @see org.opennms.netmgt.reporting.service.ReportDeliveryService#reloadConfiguration() */ diff --git a/opennms-enterprise-reporting/opennms-reportd/src/main/resources/META-INF/opennms/applicationContext-reportd.xml b/opennms-enterprise-reporting/opennms-reportd/src/main/resources/META-INF/opennms/applicationContext-reportd.xml index bbc897a9b528..783aa6337b40 100644 --- a/opennms-enterprise-reporting/opennms-reportd/src/main/resources/META-INF/opennms/applicationContext-reportd.xml +++ b/opennms-enterprise-reporting/opennms-reportd/src/main/resources/META-INF/opennms/applicationContext-reportd.xml @@ -37,7 +37,6 @@ - diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer.java index ca13c8637c87..64797a912a7c 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer.java @@ -63,7 +63,6 @@ import javax.mail.internet.MimeBodyPart; import javax.mail.internet.MimeMessage; import javax.mail.internet.MimeMultipart; - import org.opennms.core.utils.PropertiesUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java index f4c45d55bdb2..8fb4036ff6dc 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailer2.java @@ -63,6 +63,7 @@ public abstract class JavaMailer2 { private static final Logger LOG = LoggerFactory.getLogger(JavaMailer2.class); + private Session m_session = null; private Properties m_mailProps; @@ -96,11 +97,10 @@ public JavaMailer2() throws JavaMailerException { */ public Authenticator createAuthenticator(final String user, final String password) { Authenticator auth; - auth = new Authenticator() { @Override protected PasswordAuthentication getPasswordAuthentication() { - return new PasswordAuthentication(user, password); + return new PasswordAuthentication(JavaMailerConfig.interpolate(user), JavaMailerConfig.interpolate(password)); } }; return auth; diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java index 2d08cb84b933..e855c46bca9b 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaMailerConfig.java @@ -34,17 +34,47 @@ import java.io.InputStream; import java.util.Properties; +import org.opennms.core.mate.api.EntityScopeProvider; +import org.opennms.core.mate.api.Interpolator; +import org.opennms.core.mate.api.Scope; +import org.opennms.core.spring.BeanUtils; import org.opennms.core.utils.ConfigFileConstants; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.beans.FatalBeanException; /** * Provides access to the default javamail configuration data. */ public abstract class JavaMailerConfig { - + private static final Logger LOG = LoggerFactory.getLogger(JavaMailerConfig.class); + private static Scope secureCredentialsVaultScope; + + private static synchronized Scope getSecureCredentialsScope() { + if (secureCredentialsVaultScope == null) { + try { + final EntityScopeProvider entityScopeProvider = BeanUtils.getBean("daoContext", "entityScopeProvider", EntityScopeProvider.class); + + if (entityScopeProvider != null) { + secureCredentialsVaultScope = entityScopeProvider.getScopeForScv(); + } else { + LOG.warn("JavaMailConfig: EntityScopeProvider is null, SecureCredentialsVault not available for metadata interpolation"); + } + } catch (FatalBeanException e) { + e.printStackTrace(); + LOG.warn("JavaMailConfig: Error retrieving EntityScopeProvider bean"); + } + } + + return secureCredentialsVaultScope; + } + + public static void setSecureCredentialsVaultScope(final Scope secureCredentialsVaultScope) { + JavaMailerConfig.secureCredentialsVaultScope = secureCredentialsVaultScope; + } + /** * This loads the configuration file. * @@ -52,13 +82,47 @@ public abstract class JavaMailerConfig { * @throws java.io.IOException if any. */ public static synchronized Properties getProperties() throws IOException { - LOG.debug("Loading javamail properties."); + LOG.debug("JavaMailConfig: Loading javamail properties"); Properties properties = new Properties(); File configFile = ConfigFileConstants.getFile(ConfigFileConstants.JAVA_MAIL_CONFIG_FILE_NAME); InputStream in = new FileInputStream(configFile); properties.load(in); in.close(); + return interpolate(properties); + } + + private static Properties interpolate(final Properties properties, final String key, final Scope scope) { + final String value = properties.getProperty(key); + + if (value != null) { + properties.put(key, Interpolator.interpolate(value, scope).output); + } + + return properties; + } + + private static Properties interpolate(final Properties properties) { + final Scope scope = getSecureCredentialsScope(); + + if (scope == null) { + LOG.warn("JavaMailConfig: Scope is null, cannot interpolate metadata of properties"); + return properties; + } + + interpolate(properties, "org.opennms.core.utils.authenticateUser", scope); + interpolate(properties, "org.opennms.core.utils.authenticatePassword", scope); + return properties; } + public static String interpolate(final String string) { + final Scope scope = getSecureCredentialsScope(); + + if (scope == null) { + LOG.warn("JavaMailConfig: Scope is null, cannot interpolate metadata of string"); + return string; + } + + return Interpolator.interpolate(string, scope).output; + } } diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaReadMailer.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaReadMailer.java index f97a50a7082e..b2728f311e54 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaReadMailer.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaReadMailer.java @@ -117,6 +117,7 @@ public JavaReadMailer(final ReadmailConfig config, Boolean closeOnDelete) throws m_deleteOnClose = closeOnDelete; } m_config = config; + final UserAuth userAuth = getUserAuth(config); m_session = Session.getInstance(configureProperties(), createAuthenticator(userAuth.getUserName(), userAuth.getPassword())); } diff --git a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java index 99d6a3906927..d53cf7a4c6b6 100644 --- a/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java +++ b/opennms-javamail/opennms-javamail-api/src/main/java/org/opennms/javamail/JavaSendMailer.java @@ -166,7 +166,7 @@ public Authenticator createAuthenticator() { protected PasswordAuthentication getPasswordAuthentication() { if (m_config.getUserAuth() != null) { final UserAuth userAuth = m_config.getUserAuth(); - return new PasswordAuthentication(userAuth.getUserName(), userAuth.getPassword()); + return new PasswordAuthentication(JavaMailerConfig.interpolate(userAuth.getUserName()), JavaMailerConfig.interpolate(userAuth.getPassword())); } LOG.debug("No user authentication configured."); return new PasswordAuthentication(null,null); @@ -362,7 +362,7 @@ public void send(MimeMessage message) throws JavaMailerException { if (m_config.isUseAuthentication() && m_config.getUserAuth() != null) { LOG.debug("authenticating to {}", sendmailHost.getHost()); final UserAuth userAuth = m_config.getUserAuth(); - t.connect(sendmailHost.getHost(), sendmailHost.getPort(), userAuth.getUserName(), userAuth.getPassword()); + t.connect(sendmailHost.getHost(), sendmailHost.getPort(), JavaMailerConfig.interpolate(userAuth.getUserName()), JavaMailerConfig.interpolate(userAuth.getPassword())); } else { LOG.debug("not authenticating to {}", sendmailHost.getHost()); t.connect(sendmailHost.getHost(), sendmailHost.getPort(), null, null); diff --git a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java index bad31c802e80..bbdf514afd7a 100644 --- a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java +++ b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaMailerTest.java @@ -32,6 +32,8 @@ import java.io.File; import java.io.IOException; +import java.util.HashMap; +import java.util.Map; import java.util.Properties; import javax.mail.Message; @@ -40,6 +42,9 @@ import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; +import org.opennms.core.mate.api.ContextKey; +import org.opennms.core.mate.api.MapScope; +import org.opennms.core.mate.api.Scope; import org.opennms.core.test.MockLogAppender; import org.opennms.core.utils.InetAddressUtils; import org.springframework.core.io.ClassPathResource; @@ -55,7 +60,6 @@ @RunWith(SpringJUnit4ClassRunner.class) @TestExecutionListeners({}) public class JavaMailerTest { - private static final String TEST_ADDRESS = "test@opennms.org"; @Before @@ -68,6 +72,12 @@ public void setUp() throws IOException { System.out.println("homeDir: "+homeDir.getAbsolutePath()); System.setProperty("opennms.home", homeDir.getAbsolutePath()); + + final Map map = new HashMap<>(); + map.put(new ContextKey("scv","javamailer:username"), "john"); + map.put(new ContextKey("scv","javamailer:password"), "doe"); + + JavaMailerConfig.setSecureCredentialsVaultScope(new MapScope(Scope.ScopeName.GLOBAL, map)); } @After @@ -131,4 +141,11 @@ public void testNullReplyTo() throws Exception { assertEquals(1, message.getReplyTo().length); assertEquals("test@opennms.org", jm.buildMessage().getReplyTo()[0].toString()); } + + @Test + public void testMetadata() throws Exception { + final JavaMailer jm = new JavaMailer(); + assertEquals("john", jm.getUser()); + assertEquals("doe", jm.getPassword()); + } } diff --git a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java index 5d3ae10f2ffc..e1883569d6ad 100644 --- a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java +++ b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaReadMailerTest.java @@ -30,8 +30,11 @@ import static org.junit.Assert.assertEquals; +import java.lang.reflect.Method; import java.util.Calendar; +import java.util.HashMap; import java.util.List; +import java.util.Map; import javax.mail.Authenticator; import javax.mail.Flags.Flag; @@ -43,8 +46,12 @@ import javax.mail.search.SubjectTerm; import org.junit.Assert; +import org.junit.Before; import org.junit.Ignore; import org.junit.Test; +import org.opennms.core.mate.api.ContextKey; +import org.opennms.core.mate.api.MapScope; +import org.opennms.core.mate.api.Scope; import org.opennms.netmgt.config.javamail.ReadmailConfig; import org.opennms.netmgt.config.javamail.ReadmailHost; import org.opennms.netmgt.config.javamail.ReadmailProtocol; @@ -56,6 +63,15 @@ public class JavaReadMailerTest { + @Before + public void setup() { + final Map map = new HashMap<>(); + map.put(new ContextKey("scv","javamailer:username"), "john"); + map.put(new ContextKey("scv","javamailer:password"), "doe"); + + JavaMailerConfig.setSecureCredentialsVaultScope(new MapScope(Scope.ScopeName.GLOBAL, map)); + } + /** * Un-ignore this test with a proper gmail account * @throws JavaMailerException @@ -225,9 +241,16 @@ private JavaReadMailer createGoogleReadMailer(String gmailAccount, String gmailP return mailer; } - private static abstract class MyAuth extends Authenticator { - public PasswordAuthentication getConfiguredPasswordAuthentication() { - return getPasswordAuthentication(); - } + @Test + public void testMetadata() throws Exception { + final JavaReadMailer javaReadMailer = createGoogleReadMailer(null, null); + + Authenticator authenticator = javaReadMailer.createAuthenticator("${scv:javamailer:username|ABC}", "${scv:javamailer:password|DEF}"); + final Method method = authenticator.getClass().getDeclaredMethod("getPasswordAuthentication"); + method.setAccessible(true); + final PasswordAuthentication passwordAuthentication = (PasswordAuthentication) method.invoke(authenticator); + + assertEquals("john", passwordAuthentication.getUserName()); + assertEquals("doe", passwordAuthentication.getPassword()); } } diff --git a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java index 7a8e2c7460c7..7d66f911b2c4 100644 --- a/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java +++ b/opennms-javamail/opennms-javamail-api/src/test/java/org/opennms/javamail/JavaSendMailerTest.java @@ -30,26 +30,35 @@ import static org.junit.Assert.assertEquals; -import java.io.File; import java.lang.reflect.Method; +import java.util.HashMap; +import java.util.Map; import javax.mail.Authenticator; import javax.mail.PasswordAuthentication; import javax.mail.internet.MimeMessage; -import org.junit.Rule; +import org.junit.Before; import org.junit.Test; -import org.junit.rules.TemporaryFolder; +import org.opennms.core.mate.api.ContextKey; +import org.opennms.core.mate.api.MapScope; +import org.opennms.core.mate.api.Scope; import org.opennms.netmgt.config.javamail.SendmailConfig; import org.opennms.netmgt.config.javamail.SendmailHost; -import org.opennms.netmgt.config.javamail.SendmailMessage; import org.opennms.netmgt.config.javamail.SendmailProtocol; import org.opennms.netmgt.config.javamail.UserAuth; +import org.opennms.netmgt.config.javamail.SendmailMessage; public class JavaSendMailerTest { - @Rule - public TemporaryFolder tempFolder = new TemporaryFolder(); + @Before + public void setup() { + final Map map = new HashMap<>(); + map.put(new ContextKey("scv","javamailer:username"), "john"); + map.put(new ContextKey("scv","javamailer:password"), "doe"); + + JavaMailerConfig.setSecureCredentialsVaultScope(new MapScope(Scope.ScopeName.GLOBAL, map)); + } private JavaSendMailer createSendMailer() throws JavaMailerException { @@ -79,8 +88,8 @@ private JavaSendMailer createSendMailer() throws JavaMailerException { config.setUseAuthentication(true); config.setUseJmta(false); UserAuth auth = new UserAuth(); - auth.setUserName("${scv:javamailer2:username|foo}"); - auth.setPassword("${scv:javamailer2:password|bar}"); + auth.setUserName("foo"); + auth.setPassword("bar"); config.setUserAuth(auth); return new JavaSendMailer(config); @@ -139,11 +148,9 @@ public void testNullReplyTo() throws Exception { @Test public void testMetadata() throws Exception { - final File keystoreFile = new File(tempFolder.getRoot(), "scv.jce"); - - final JavaSendMailer sendMailer = createSendMailer(); + final JavaSendMailer javaSendMailer = createSendMailer(); - final Authenticator authenticator = sendMailer.createAuthenticator(); + Authenticator authenticator = javaSendMailer.createAuthenticator("${scv:javamailer:username|ABC}", "${scv:javamailer:password|DEF}"); final Method method = authenticator.getClass().getDeclaredMethod("getPasswordAuthentication"); method.setAccessible(true); final PasswordAuthentication passwordAuthentication = (PasswordAuthentication) method.invoke(authenticator); diff --git a/opennms-javamail/opennms-javamail-api/src/test/resources/etc/javamail-configuration.properties b/opennms-javamail/opennms-javamail-api/src/test/resources/etc/javamail-configuration.properties index 93fdda930d85..46b049bc2f19 100644 --- a/opennms-javamail/opennms-javamail-api/src/test/resources/etc/javamail-configuration.properties +++ b/opennms-javamail/opennms-javamail-api/src/test/resources/etc/javamail-configuration.properties @@ -30,8 +30,8 @@ org.opennms.core.utils.useJMTA=false # These properties define the Mail authentication. # #org.opennms.core.utils.authenticate=false -org.opennms.core.utils.authenticateUser=${scv:javamailer:username|foo} -org.opennms.core.utils.authenticatePassword=${scv:javamailer:password|foo} +org.opennms.core.utils.authenticateUser=${scv:javamailer:username|ABC} +org.opennms.core.utils.authenticatePassword=${scv:javamailer:password|DEF} #org.opennms.core.utils.starttls.enable=false # From f44ccec79105076c2803151d4496956921a22ec8 Mon Sep 17 00:00:00 2001 From: Christian Pape Date: Thu, 31 Aug 2023 11:57:52 +0200 Subject: [PATCH 4/6] NMS-15759: Added docs --- .../pages/daemons/daemon-config-files/notifd.adoc | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc b/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc index 1f75cc7d2064..7386a10ae5a2 100644 --- a/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc +++ b/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc @@ -44,7 +44,17 @@ Generates xref:operation:deep-dive/notifications/introduction.adoc[notifications | no | javamail-configuration.properties -| Configuration to send notification mails via specific mail servers. +| Configuration to send notification mails via specific mail servers. Metadata expression can be used for the authenticateUser and authenticatePassword fields in order to reference credentials stored in the secure credentials vault. +| no +| no + +| microblog-configuration.properties +| Configuration to send notification mails via specific mail servers. Metadata expression can be used for the authen-* and oauth-* fields in order to reference credentials stored in the secure credentials vault. +| no +| no + +| xmpp-configuration.properties +| Configuration to send notification mails via specific mail servers. Metadata expression can be used for the xmpp.user and xmpp.pass fields in order to reference credentials stored in the secure credentials vault. | no | no |=== From bb537db3d0908573f539a6006c54560f93ff820b Mon Sep 17 00:00:00 2001 From: Christian Pape Date: Fri, 1 Sep 2023 07:36:51 +0200 Subject: [PATCH 5/6] Apply suggestions from code review Co-authored-by: Bonrob2 <59453630+Bonrob2@users.noreply.github.com> --- .../reference/pages/daemons/daemon-config-files/notifd.adoc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc b/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc index 7386a10ae5a2..033851005997 100644 --- a/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc +++ b/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc @@ -44,17 +44,17 @@ Generates xref:operation:deep-dive/notifications/introduction.adoc[notifications | no | javamail-configuration.properties -| Configuration to send notification mails via specific mail servers. Metadata expression can be used for the authenticateUser and authenticatePassword fields in order to reference credentials stored in the secure credentials vault. +| Configuration to send notification emails via specific mail servers. Metadata expression can be used for the authenticateUser and authenticatePassword fields in order to reference credentials stored in the secure credentials vault. | no | no | microblog-configuration.properties -| Configuration to send notification mails via specific mail servers. Metadata expression can be used for the authen-* and oauth-* fields in order to reference credentials stored in the secure credentials vault. +| Configuration to send notification emails via specific mail servers. Metadata expression can be used for the authen-* and oauth-* fields in order to reference credentials stored in the secure credentials vault. | no | no | xmpp-configuration.properties -| Configuration to send notification mails via specific mail servers. Metadata expression can be used for the xmpp.user and xmpp.pass fields in order to reference credentials stored in the secure credentials vault. +| Configuration to send notification emails via specific mail servers. Metadata expression can be used for the xmpp.user and xmpp.pass fields in order to reference credentials stored in the secure credentials vault. | no | no |=== From c693fb988be740d593734d4126f3a5074d1a0464 Mon Sep 17 00:00:00 2001 From: Christian Pape Date: Fri, 1 Sep 2023 07:38:47 +0200 Subject: [PATCH 6/6] NMS-15759: Added carriage-returns between sentences --- .../pages/daemons/daemon-config-files/notifd.adoc | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc b/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc index 033851005997..39ccddbf6cd3 100644 --- a/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc +++ b/docs/modules/reference/pages/daemons/daemon-config-files/notifd.adoc @@ -44,17 +44,20 @@ Generates xref:operation:deep-dive/notifications/introduction.adoc[notifications | no | javamail-configuration.properties -| Configuration to send notification emails via specific mail servers. Metadata expression can be used for the authenticateUser and authenticatePassword fields in order to reference credentials stored in the secure credentials vault. +| Configuration to send notification emails via specific mail servers. +Metadata expression can be used for the authenticateUser and authenticatePassword fields in order to reference credentials stored in the secure credentials vault. | no | no | microblog-configuration.properties -| Configuration to send notification emails via specific mail servers. Metadata expression can be used for the authen-* and oauth-* fields in order to reference credentials stored in the secure credentials vault. +| Configuration to send notification emails via specific mail servers. +Metadata expression can be used for the authen-* and oauth-* fields in order to reference credentials stored in the secure credentials vault. | no | no | xmpp-configuration.properties -| Configuration to send notification emails via specific mail servers. Metadata expression can be used for the xmpp.user and xmpp.pass fields in order to reference credentials stored in the secure credentials vault. +| Configuration to send notification emails via specific mail servers. +Metadata expression can be used for the xmpp.user and xmpp.pass fields in order to reference credentials stored in the secure credentials vault. | no | no |===