diff options
| author |   Instrumental <jonathan.gathman@att.com> | 2018-11-06 11:04:35 -0600 |
|---|---|---|
| committer | Instrumental <jonathan.gathman@att.com> | 2018-11-06 11:28:25 -0600 |
| commit | 762dabc6f9577b5b1a8211dddf38ce34295f22a4 (patch) | |
| tree | 56edac4f13123407cc7dd75b6b73888b394e40c0 | |
| parent | d5c59b3a4b37d3f2ddb9ff4df98dc8664ea29447 (diff) | |
API Version backward compat
Issue-ID: AAF-610
Change-Id: I574270119af8836e30ed25be27ae702497aa8fa8
Signed-off-by: Instrumental <jonathan.gathman@att.com>
22 files changed, 195 insertions, 184 deletions
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java index 0222965f..ad997d16 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java @@ -500,7 +500,7 @@ public class AAFcli { // } TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF)); -// HMangr hman = new HMangr(access, loc).readTimeout(TIMEOUT).apiVersion(Config.AAF_DEFAULT_VERSION); +// HMangr hman = new HMangr(access, loc).readTimeout(TIMEOUT).apiVersion(Config.AAF_DEFAULT_API_VERSION); if (access.getProperty(Config.AAF_DEFAULT_REALM)==null) { access.setProperty(Config.AAF_DEFAULT_REALM, "people.osaaf.org"); diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java index 9bb01956..1064c9b8 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java @@ -37,7 +37,7 @@ public class Version extends Cmd { protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException { pw().println("AAF Command Line Tool"); pw().print("Version: "); - pw().println(Config.AAF_DEFAULT_VERSION); + pw().println(Config.AAF_DEFAULT_API_VERSION); return 200 /*HttpStatus.OK_200;*/; } } diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java index 0120fa7f..abe4c342 100644 --- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java +++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java @@ -193,7 +193,7 @@ public class JU_AAFCli { Locator loc; loc = new PropertyLocator(aafUrl); TIMEOUT = Integer.parseInt(env.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF)); - HMangr hman = new HMangr(env, loc).readTimeout(TIMEOUT).apiVersion(Config.AAF_DEFAULT_VERSION); + HMangr hman = new HMangr(env, loc).readTimeout(TIMEOUT).apiVersion(Config.AAF_DEFAULT_API_VERSION); // TODO: Consider requiring a default in properties env.setProperty(Config.AAF_DEFAULT_REALM, diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java index df80ec6d..435b8845 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java @@ -158,11 +158,11 @@ public abstract class AbsService<ENV extends BasicEnv, TRANS extends Trans> exte } public Rcli<?> client() throws CadiException { - return aafCon.client(Config.AAF_DEFAULT_VERSION); + return aafCon.client(); } public Rcli<?> clientAsUser(TaggedPrincipal p) throws CadiException { - return aafCon.client(Config.AAF_DEFAULT_VERSION).forUser( + return aafCon.client().forUser( new HTransferSS(p,app_name, aafCon.securityInfo())); } diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java index 6d7fa207..5d1d0219 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java @@ -79,7 +79,7 @@ public class NsDetail extends Page { if (gw_url==null) { gw_url=""; } else { - gw_url+="/aaf/"+Config.AAF_DEFAULT_VERSION; + gw_url+="/aaf/"+Config.AAF_DEFAULT_API_VERSION; } } diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java index bd44dfce..c8294d1f 100644 --- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java +++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java @@ -62,7 +62,6 @@ import org.onap.aaf.cadi.register.Registrant; import org.onap.aaf.misc.env.APIException; import org.onap.aaf.misc.env.Data; import org.onap.aaf.misc.env.Env; -import org.onap.aaf.misc.rosetta.env.RosettaEnv; import com.datastax.driver.core.Cluster; @@ -187,7 +186,7 @@ public class AAF_Locate extends AbsService<AuthzEnv, AuthzTrans> { protected AAFConHttp _newAAFConHttp() throws CadiException { try { if (dal==null) { - dal = AbsAAFLocator.create(aaf_service_name,Config.AAF_DEFAULT_VERSION); + dal = AbsAAFLocator.create(aaf_service_name,Config.AAF_DEFAULT_API_VERSION); } // utilize pre-constructed DirectAAFLocator return new AAFConHttp(env.access(),dal); @@ -198,7 +197,7 @@ public class AAF_Locate extends AbsService<AuthzEnv, AuthzTrans> { public Locator<URI> getGUILocator() throws LocatorException { if (gui_locator==null) { - gui_locator = AbsAAFLocator.create(aaf_gui_name,Config.AAF_DEFAULT_VERSION); + gui_locator = AbsAAFLocator.create(aaf_gui_name,Config.AAF_DEFAULT_API_VERSION); } return gui_locator; } diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java index 8bceb2ab..e3179aea 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java @@ -47,7 +47,7 @@ public class JSONPermLoaderFactory { public static JSONPermLoader remote(final AAFCon<?> aafcon, final int timeout) { return new JSONPermLoader() { public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException { - Rcli<?> c = aafcon.clientAs(Config.AAF_DEFAULT_VERSION,trans.getUserPrincipal()); + Rcli<?> c = aafcon.clientAs(Config.AAF_DEFAULT_API_VERSION,trans.getUserPrincipal()); StringBuilder pathinfo = new StringBuilder("/authz/perms/user/"); pathinfo.append(user); pathinfo.append("?scopes="); diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java index 529a6ae2..786b4282 100644 --- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java +++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java @@ -84,7 +84,7 @@ public class JU_JSONPermLoaderFactoryTest { @Test public void testRemoteWithTimeOut() throws APIException, CadiException { when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt); - when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c); + when(aafcon.clientAs(Config.AAF_DEFAULT_API_VERSION, trans.getUserPrincipal())).thenReturn(c); when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER", "application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs); when(fs.get(0)).thenReturn(true); @@ -105,7 +105,7 @@ public class JU_JSONPermLoaderFactoryTest { @Test public void testRemoteWith404() throws APIException, CadiException { when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt); - when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c); + when(aafcon.clientAs(Config.AAF_DEFAULT_API_VERSION, trans.getUserPrincipal())).thenReturn(c); when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER", "application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs); when(fs.get(0)).thenReturn(false); @@ -127,7 +127,7 @@ public class JU_JSONPermLoaderFactoryTest { @Test public void testRemote() throws APIException, CadiException { when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt); - when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c); + when(aafcon.clientAs(Config.AAF_DEFAULT_API_VERSION, trans.getUserPrincipal())).thenReturn(c); when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER", "application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs); when(fs.get(0)).thenReturn(false); diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java index 5253513d..4f34fd56 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java @@ -211,11 +211,11 @@ public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> { public void route(HttpMethods meth, String path, API api, Code code) throws Exception { Class<?> respCls = facade.mapper().getClass(api); if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name()); - String application = applicationJSON(respCls, Config.AAF_DEFAULT_VERSION); + String application = applicationJSON(respCls, Config.AAF_DEFAULT_API_VERSION); - route(env,meth,path,code,application,"application/json;version="+Config.AAF_DEFAULT_VERSION,"*/*"); - application = applicationXML(respCls, Config.AAF_DEFAULT_VERSION); - route(env,meth,path,code.clone(facade_XML,false),application,"text/xml;version=Config.AAF_DEFAULT_VERSION"); + route(env,meth,path,code,application,"application/json;version="+Config.AAF_DEFAULT_API_VERSION,"*/*"); + application = applicationXML(respCls, Config.AAF_DEFAULT_API_VERSION); + route(env,meth,path,code.clone(facade_XML,false),application,"text/xml;version="+Config.AAF_DEFAULT_API_VERSION); } /** diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java index a38904d4..43709ccc 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java @@ -21,13 +21,14 @@ package org.onap.aaf.cadi.aaf; public interface Defaults { - public static String AAF_VERSION = "2.1"; - public static String AAF_NS = "AAF_NS"; - public static String AAF_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".service:" + AAF_VERSION; - public static String GUI_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".gui:" + AAF_VERSION; - public static String CM_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".cm:" + AAF_VERSION; - public static String FS_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".fs:" + AAF_VERSION; - public static String HELLO_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".hello:" + AAF_VERSION; - public static String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".token:" + AAF_VERSION; - public static String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".introspect:" + AAF_VERSION; + public final static String AAF_VERSION = "2.1"; + public final static String AAF_NS = "AAF_NS"; + public final static String AAF_ROOT = "https://AAF_LOCATE_URL/" + AAF_NS; + public final static String AAF_URL = AAF_ROOT + ".service:" + AAF_VERSION; + public final static String GUI_URL = AAF_ROOT + ".gui:" + AAF_VERSION; + public final static String CM_URL = AAF_ROOT + ".cm:" + AAF_VERSION; + public final static String FS_URL = AAF_ROOT + ".fs:" + AAF_VERSION; + public final static String HELLO_URL = AAF_ROOT + ".hello:" + AAF_VERSION; + public final static String OAUTH2_TOKEN_URL = AAF_ROOT + ".token:" + AAF_VERSION; + public final static String OAUTH2_INTROSPECT_URL = AAF_ROOT + ".introspect:" + AAF_VERSION; } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java index dd3cde7e..c23e9b23 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java @@ -125,7 +125,7 @@ public class AAFListedCertIdentity implements CertIdentity { userLookup.add(s); } for (String authMech : authMechanisms) { - Future<Users> fusr = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authz/users/perm/com.att.aaf.trust/"+authMech+"/authenticate", Users.class, aafcon.usersDF); + Future<Users> fusr = aafcon.client().read("/authz/users/perm/com.att.aaf.trust/"+authMech+"/authenticate", Users.class, aafcon.usersDF); if (fusr.get(5000)) { List<User> users = fusr.value.getUser(); if (users.isEmpty()) { @@ -146,7 +146,7 @@ public class AAFListedCertIdentity implements CertIdentity { } for (String u : userLookup) { - Future<Certs> fc = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authn/cert/id/"+u, Certs.class, aafcon.certsDF); + Future<Certs> fc = aafcon.client().read("/authn/cert/id/"+u, Certs.class, aafcon.certsDF); XMLGregorianCalendar now = Chrono.timeStamp(); if (fc.get(5000)) { List<Cert> certs = fc.value.getCert(); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java index 167fae9f..606638a4 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java @@ -30,7 +30,6 @@ import org.onap.aaf.cadi.User; import org.onap.aaf.cadi.aaf.AAFPermission; import org.onap.aaf.cadi.client.Future; import org.onap.aaf.cadi.client.Rcli; -import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.lur.ConfigPrincipal; public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> { @@ -140,7 +139,7 @@ public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> { try { Miss missed = missed(getName(),getCred()); if (missed==null || missed.mayContinue()) { - Rcli<CLIENT> client = con.client(Config.AAF_DEFAULT_VERSION).forUser(con.basicAuth(getName(), new String(getCred()))); + Rcli<CLIENT> client = con.client().forUser(con.basicAuth(getName(), new String(getCred()))); Future<String> fp = client.read( "/authn/basicAuth", "text/plain" diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java index b6644368..77489633 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java @@ -69,26 +69,142 @@ public abstract class AAFCon<CLIENT> implements Connector { final public RosettaDF<Error> errDF; private String realm; public final String app; + protected final String apiVersion; protected SecurityInfoC<CLIENT> si; private AAFLurPerm lur; final public RosettaEnv env; - protected abstract URI initURI(); + protected AAFCon(AAFCon<CLIENT> copy) { + access = copy.access; + apiVersion = access.getProperty(Config.AAF_API_VERSION, Config.AAF_DEFAULT_API_VERSION); + timeout = copy.timeout; + cleanInterval = copy.cleanInterval; + connTimeout = copy.connTimeout; + highCount = copy.highCount; + userExpires = copy.userExpires; + usageRefreshTriggerCount = copy.usageRefreshTriggerCount; + permsDF = copy.permsDF; + certsDF = copy.certsDF; + usersDF = copy.usersDF; + errDF = copy.errDF; + app = copy.app; + si = copy.si; + env = copy.env; + realm = copy.realm; + } + protected AAFCon(Access access, String tag, SecurityInfoC<CLIENT> si) throws CadiException{ + apiVersion = access.getProperty(Config.AAF_API_VERSION, Config.AAF_DEFAULT_API_VERSION); + if (tag==null) { + throw new CadiException("AAFCon cannot be constructed without a property tag or URL"); + } else { + String str = access.getProperty(tag,null); + if (str==null) { + if (tag.contains("://")) { // assume a URL + str = tag; + } else { + throw new CadiException("A URL or " + tag + " property is required."); + } + } + setInitURI(str); + } + try { + this.access = access; + this.si = si; + if (si.defSS.getID().equals(SecurityInfoC.DEF_ID)) { // it's the Preliminary SS, try to get a better one + String mechid = access.getProperty(Config.AAF_APPID, null); + if (mechid==null) { + mechid=access.getProperty(Config.OAUTH_CLIENT_ID,null); + } + String encpass = access.getProperty(Config.AAF_APPPASS, null); + if (encpass==null) { + encpass = access.getProperty(Config.OAUTH_CLIENT_SECRET,null); + } + if (encpass==null) { + String alias = access.getProperty(Config.CADI_ALIAS, mechid); + if (alias==null) { + access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID); + set(si.defSS); + } else { + si.defSS=x509Alias(alias); + set(si.defSS); + } + } else { + if (mechid!=null) { + si.defSS=basicAuth(mechid, encpass); + set(si.defSS); + } else { + si.defSS=new SecuritySetter<CLIENT>() { + + @Override + public String getID() { + return ""; + } + + @Override + public void setSecurity(CLIENT client) throws CadiException { + throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)"); + } + + @Override + public int setLastResponse(int respCode) { + return 0; + } + }; + set(si.defSS); + } + } + } + + timeout = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT, Config.AAF_CALL_TIMEOUT_DEF)); + cleanInterval = Integer.parseInt(access.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF)); + highCount = Integer.parseInt(access.getProperty(Config.AAF_HIGH_COUNT, Config.AAF_HIGH_COUNT_DEF).trim()); + connTimeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF).trim()); + userExpires = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim()); + usageRefreshTriggerCount = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim())-1; // zero based + + app=FQI.reverseDomain(si.defSS.getID()); + //TODO Get Realm from AAF + realm="people.osaaf.org"; + + env = new RosettaEnv(); + permsDF = env.newDataFactory(Perms.class); + usersDF = env.newDataFactory(Users.class); + certsDF = env.newDataFactory(Certs.class); + certsDF.rootMarshal(new CertsMarshal()); // Speedier Marshaling + errDF = env.newDataFactory(Error.class); + } catch (APIException e) { + throw new CadiException("AAFCon cannot be configured",e); + } + } + protected abstract URI initURI(); protected abstract void setInitURI(String uriString) throws CadiException; - /* - protected abstract SecuritySetter<CLIENT> bestSS(SecurityInfoC<CLIENT> si) throws CadiException; - */ + + public final String aafVersion() { + return apiVersion; + } /** * Use this call to get the appropriate client based on configuration (HTTP, future) + * using default AAF API Version + * + * @param apiVersion + * @return + * @throws CadiException + */ + public Rcli<CLIENT> client() throws CadiException { + return client(apiVersion); + } + + /** + * Use this call to get the appropriate client based on configuration (HTTP, future) * * @param apiVersion * @return * @throws CadiException */ - public Rcli<CLIENT> client(String apiVersion) throws CadiException { - Rcli<CLIENT> client = clients.get(apiVersion); + public Rcli<CLIENT> client(final String apiVersion) throws CadiException { + Rcli<CLIENT> client = clients.get(apiVersion); if (client==null) { client = rclient(initURI(),si.defSS); client.apiVersion(apiVersion) @@ -112,112 +228,25 @@ public abstract class AAFCon<CLIENT> implements Connector { * @return * @throws CadiException */ + public Rcli<CLIENT> clientAs(TaggedPrincipal p) throws CadiException { + return clientAs(apiVersion,p); + } + + /** + * Use this API when you have permission to have your call act as the end client's ID. + * + * Your calls will get 403 errors if you do not have this permission. it is a special setup, rarely given. + * + * @param apiVersion + * @param req + * @return + * @throws CadiException + */ public Rcli<CLIENT> clientAs(String apiVersion, TaggedPrincipal p) throws CadiException { Rcli<CLIENT> cl = client(apiVersion); return cl.forUser(transferSS(p)); } - - protected AAFCon(AAFCon<CLIENT> copy) { - access = copy.access; - timeout = copy.timeout; - cleanInterval = copy.cleanInterval; - connTimeout = copy.connTimeout; - highCount = copy.highCount; - userExpires = copy.userExpires; - usageRefreshTriggerCount = copy.usageRefreshTriggerCount; - permsDF = copy.permsDF; - certsDF = copy.certsDF; - usersDF = copy.usersDF; - errDF = copy.errDF; - app = copy.app; - si = copy.si; - env = copy.env; - realm = copy.realm; - } - - protected AAFCon(Access access, String tag, SecurityInfoC<CLIENT> si) throws CadiException{ - if (tag==null) { - throw new CadiException("AAFCon cannot be constructed without a property tag or URL"); - } else { - String str = access.getProperty(tag,null); - if (str==null) { - if (tag.contains("://")) { // assume a URL - str = tag; - } else { - throw new CadiException("A URL or " + tag + " property is required."); - } - } - setInitURI(str); - } - try { - this.access = access; - this.si = si; - if (si.defSS.getID().equals(SecurityInfoC.DEF_ID)) { // it's the Preliminary SS, try to get a better one - String mechid = access.getProperty(Config.AAF_APPID, null); - if (mechid==null) { - mechid=access.getProperty(Config.OAUTH_CLIENT_ID,null); - } - String encpass = access.getProperty(Config.AAF_APPPASS, null); - if (encpass==null) { - encpass = access.getProperty(Config.OAUTH_CLIENT_SECRET,null); - } - if (encpass==null) { - String alias = access.getProperty(Config.CADI_ALIAS, mechid); - if (alias==null) { - access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID); - set(si.defSS); - } else { - si.defSS=x509Alias(alias); - set(si.defSS); - } - } else { - if (mechid!=null) { - si.defSS=basicAuth(mechid, encpass); - set(si.defSS); - } else { - si.defSS=new SecuritySetter<CLIENT>() { - - @Override - public String getID() { - return ""; - } - - @Override - public void setSecurity(CLIENT client) throws CadiException { - throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)"); - } - @Override - public int setLastResponse(int respCode) { - return 0; - } - }; - set(si.defSS); - } - } - } - - timeout = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT, Config.AAF_CALL_TIMEOUT_DEF)); - cleanInterval = Integer.parseInt(access.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF)); - highCount = Integer.parseInt(access.getProperty(Config.AAF_HIGH_COUNT, Config.AAF_HIGH_COUNT_DEF).trim()); - connTimeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF).trim()); - userExpires = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim()); - usageRefreshTriggerCount = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim())-1; // zero based - - app=FQI.reverseDomain(si.defSS.getID()); - //TODO Get Realm from AAF - realm="people.osaaf.org"; - - env = new RosettaEnv(); - permsDF = env.newDataFactory(Perms.class); - usersDF = env.newDataFactory(Users.class); - certsDF = env.newDataFactory(Certs.class); - certsDF.rootMarshal(new CertsMarshal()); // Speedier Marshaling - errDF = env.newDataFactory(Error.class); - } catch (APIException e) { - throw new CadiException("AAFCon cannot be configured",e); - } - } public RosettaEnv env() { return env; diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java index 9b5e9389..d39fc1d6 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java @@ -1,5 +1,5 @@ /** - * ============LICENSE_START==================================================== +r * ============LICENSE_START==================================================== * org.onap.aaf * =========================================================================== * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java index dc0e2cae..e48ae169 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java @@ -190,7 +190,7 @@ public class AAFLurPerm extends AbsAAFLur<AAFPermission> { @Override public Resp code(Rcli<?> client) throws CadiException, ConnectException, APIException { final long remoteStart = System.nanoTime(); - Future<Perms> fp = aaf.client(Config.AAF_DEFAULT_VERSION).read( + Future<Perms> fp = aaf.client().read( "/authz/perms/user/"+name, aaf.permsDF ); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java index 83b66a08..c27dd123 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java @@ -209,7 +209,7 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT if (prin instanceof BasicPrincipal) { Future<String> fp; try { - Rcli<CLIENT> userAAF = aaf.client(Config.AAF_DEFAULT_VERSION).forUser(aaf.transferSS((BasicPrincipal)prin)); + Rcli<CLIENT> userAAF = aaf.client().forUser(aaf.transferSS((BasicPrincipal)prin)); fp = userAAF.read("/authn/basicAuth", "text/plain"); return fp.get(aaf.timeout)?Resp.REVALIDATED:Resp.UNVALIDATED; } catch (Exception e) { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java index 09f007c9..c7246466 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java @@ -32,11 +32,10 @@ import java.util.NoSuchElementException; import org.onap.aaf.cadi.Access; import org.onap.aaf.cadi.Access.Level; -import org.onap.aaf.cadi.aaf.Defaults; import org.onap.aaf.cadi.Locator; import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.aaf.Defaults; import org.onap.aaf.cadi.config.Config; -import org.onap.aaf.cadi.locator.PropertyLocator; import org.onap.aaf.cadi.routing.GreatCircle; import org.onap.aaf.misc.env.Trans; import org.onap.aaf.misc.env.util.Split; @@ -96,11 +95,11 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> } if (name.startsWith("http")) { // simple URL this.name = name; - this.version = Config.AAF_DEFAULT_VERSION; + this.version = access.getProperty(Config.AAF_API_VERSION,Config.AAF_DEFAULT_API_VERSION); } else { String[] split = Split.split(':', name); this.name = split[0]; - this.version = (split.length > 1) ? split[1] : Config.AAF_DEFAULT_VERSION; + this.version = (split.length > 1) ? split[1] : access.getProperty(Config.AAF_API_VERSION,Config.AAF_DEFAULT_API_VERSION); } } @@ -113,9 +112,9 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> locatorCreator = lc; } - public static Locator<URI> create(String key) throws LocatorException { + /*public static Locator<URI> create(String key) throws LocatorException { String name = null; - String version = Config.AAF_DEFAULT_VERSION; + String version = Config.AAF_DEFAULT_API_VERSION; String pathInfo = null; int prev = key.indexOf("/locate"); if (prev>0) { @@ -156,6 +155,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> } return null; } + */ public static Locator<URI> create(final String name, final String version) throws LocatorException { return locatorCreator.create(name, version); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java index a03b3fdf..9552d397 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java @@ -308,8 +308,13 @@ public class AAFSSO { addProp(Config.AAF_LOCATE_URL, locateUrl); } - access.setProperty(Config.AAF_URL, Defaults.AAF_URL); - access.setProperty(Config.CM_URL, Defaults.CM_URL); + final String apiVersion = access.getProperty(Config.AAF_API_VERSION); + if(access.getProperty(Config.AAF_URL)==null) { + access.setProperty(Config.AAF_URL, apiVersion==null?Defaults.AAF_URL:Defaults.AAF_ROOT+".service:"+apiVersion); + } + if(access.getProperty(Config.CM_URL)==null) { + access.setProperty(Config.CM_URL, apiVersion==null?Defaults.CM_URL:Defaults.AAF_ROOT+".cm:"+apiVersion); + } String cadiLatitude = access.getProperty(Config.CADI_LATITUDE); if (cadiLatitude==null) { System.out.println("# If you do not know your Global Coordinates, we suggest bing.com/maps"); diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java index 1d1c6163..4c1139d4 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java @@ -117,7 +117,7 @@ public class JU_AAFListedCertIdentity { @Test public void test() throws APIException, CadiException, CertificateException { - doReturn(rcliMock).when(conMock).client(Config.AAF_DEFAULT_VERSION); + doReturn(rcliMock).when(conMock).client(); when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/tguard/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock); when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/basicAuth/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock); when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/csp/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock); diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java index 825e3c91..14f96733 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java @@ -74,40 +74,17 @@ public class JU_AbsAAFLocator { // Test with http loc = new AAFLocatorStub(access, "httpname"); assertThat(loc.getName(), is("httpname")); - assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_VERSION)); + assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_API_VERSION)); assertThat(loc.toString(), is("AAFLocator for " + "httpname" + " on " + loc.getURI())); loc = new AAFLocatorStub(access, "name"); assertThat(loc.getName(), is("name")); - assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_VERSION)); + assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_API_VERSION)); loc = new AAFLocatorStub(access, "name:v2.0"); assertThat(loc.getName(), is("name")); assertThat(loc.getVersion(), is("v2.0")); } - @Test - public void createTest() throws LocatorException { - AbsAAFLocator.setCreator(locatorCreatorMock); - - assertThat(AbsAAFLocator.create("nonsense"), is(nullValue())); - assertThat(AbsAAFLocator.create("nonsense/locate"), is(nullValue())); - assertThat(AbsAAFLocator.create("nonsense/locate/"), is(nullValue())); - assertThat(AbsAAFLocator.create("nonsense/locate//"), is(nullValue())); - assertThat(AbsAAFLocator.create("nonsense/locate/name:v2.0"), is(nullValue())); - - assertThat(AbsAAFLocator.create("http/locate/name:v2.0"), is(nullValue())); - - doReturn(mock(AbsAAFLocator.class)).when(locatorCreatorMock).create(anyString(), anyString()); - assertThat(AbsAAFLocator.create("http/locate/name:v2.0/path"), is(not(nullValue()))); - - AbsAAFLocator.setCreator(null); - assertThat(AbsAAFLocator.create("http/locate/name:v2.0"), is(nullValue())); - - assertThat(AbsAAFLocator.create("http"), is(not(nullValue()))); - - AbsAAFLocator.setCreator(locatorCreatorMock); - assertThat(AbsAAFLocator.create("first", "second"), is(not(nullValue()))); - } @Test public void nameFromLocatorURITest() throws LocatorException, URISyntaxException { diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java index b7d5abe5..2f9de6cf 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java @@ -140,15 +140,16 @@ public class Config { public static final String AAF_ROOT_COMPANY = "aaf_root_company"; public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator private static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables. - public static final String AAF_DEFAULT_VERSION = "2.1"; + public static final String AAF_DEFAULT_API_VERSION = "2.1"; + public static final String AAF_API_VERSION = "aaf_api_version"; public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration - public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.service:" + AAF_DEFAULT_VERSION; - public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.gui:" + AAF_DEFAULT_VERSION; - public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:" + AAF_DEFAULT_VERSION; - public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.fs:" + AAF_DEFAULT_VERSION; - public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.hello:" + AAF_DEFAULT_VERSION; - public static final String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/AAF_NS.token:" + AAF_DEFAULT_VERSION; - public static final String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/AAF_NS.introspect:" + AAF_DEFAULT_VERSION; + public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.service:" + AAF_DEFAULT_API_VERSION; + public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.gui:" + AAF_DEFAULT_API_VERSION; + public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:" + AAF_DEFAULT_API_VERSION; + public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.fs:" + AAF_DEFAULT_API_VERSION; + public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.hello:" + AAF_DEFAULT_API_VERSION; + public static final String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/AAF_NS.token:" + AAF_DEFAULT_API_VERSION; + public static final String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/AAF_NS.introspect:" + AAF_DEFAULT_API_VERSION; public static final String AAF_REGISTER_AS = "aaf_register_as"; public static final String AAF_APPID = "aaf_id"; diff --git a/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java index 7d1eae96..adb95d9b 100644 --- a/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java +++ b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java @@ -100,8 +100,8 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal; }; } // This call will be "as the user calling", but only if permission is set to trust. -// Future<String> future = aafcon.clientAs(Config.AAF_DEFAULT_VERSION,tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json"); - Future<String> future = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json"); +// Future<String> future = aafcon.clientAs(Config.AAF_DEFAULT_API_VERSION,tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json"); + Future<String> future = aafcon.client(Config.AAF_DEFAULT_API_VERSION).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json"); if (future.get(4000 /* timeout */)) { res.getOutputStream().print(future.value); } else { |