[AAF-21] Initial code import

Change-Id: I63d7d499bbd46f500b5f5a4db966166f613f327a Signed-off-by: sg481n <sg481n@att.com>
author: sg481n <sg481n@att.com> 2017-08-03 17:27:34 -0400
committer: sg481n <sg481n@att.com> 2017-08-03 17:27:34 -0400
commit: 43854a9e3310ff7a92257d16c4fc0a8321eaec68 (patch)
tree: 46af936c5da4f9c60d7d63dade5c61a8fd5ef9f4 /authz-client
parent: f691a8b8dfc9eea4c6b3bfa45ea60f07ad347e69 (diff)
4 files changed, 811 insertions, 0 deletions
diff --git a/authz-client/.gitignore b/authz-client/.gitignore
new file mode 100644
index 00000000..f99ab6a2
--- /dev/null
+++ b/authz-client/.gitignore
@@ -0,0 +1,5 @@
+.metadata
+.settings
+.classpath
+.project
+target
diff --git a/authz-client/pom.xml b/authz-client/pom.xml
new file mode 100644
index 00000000..9dbb288d
--- /dev/null
+++ b/authz-client/pom.xml
@@ -0,0 +1,208 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ============LICENSE_START====================================================
+  * org.onap.aai
+  * ===========================================================================
+  * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+  * Copyright © 2017 Amdocs
+  * ===========================================================================
+  * Licensed under the Apache License, Version 2.0 (the "License");
+  * you may not use this file except in compliance with the License.
+  * You may obtain a copy of the License at
+  * 
+   *      http://www.apache.org/licenses/LICENSE-2.0
+  * 
+   * Unless required by applicable law or agreed to in writing, software
+  * distributed under the License is distributed on an "AS IS" BASIS,
+  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  * See the License for the specific language governing permissions and
+  * limitations under the License.
+  * ============LICENSE_END====================================================
+  *
+  * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+  *
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+
+	<!-- No Parent on Purpose!!! -->
+	<artifactId>authz-client</artifactId>
+	<name>Authz Client</name>
+	<description>Client and XSD Generated code for Authz</description>
+	<groupId>com.att.authz</groupId>
+	<version>2.6</version>
+	<packaging>jar</packaging>
+	<url>https://github.com/att/AAF</url>
+	<licenses>
+		<license>
+		<name>BSD License</name>
+		<url> </url>
+		</license>
+	</licenses>
+	<developers>
+		<developer>
+		<name>Jonathan Gathman</name>
+		<email></email>
+	<organization>ATT</organization>
+	<organizationUrl></organizationUrl>
+		</developer>
+	</developers>
+	
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<swm-distFiles-path>/opt/app/aft/${project.artifactId}/${project.version}</swm-distFiles-path>
+		<maven.test.failure.ignore>true</maven.test.failure.ignore>
+	</properties>
+	
+	<dependencies>
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<version>4.10</version>
+			<scope>test</scope>
+		</dependency>
+			
+	</dependencies>
+
+	<build>
+			<plugins>
+				<plugin>
+					<groupId>org.codehaus.mojo</groupId>
+					<artifactId>jaxb2-maven-plugin</artifactId>
+					<version>1.3</version>
+					<executions>
+						<execution>
+							<phase>generate-sources</phase>
+							<goals>
+								<goal>xjc</goal>
+							</goals>
+						</execution>
+					</executions>
+					<configuration>
+						<schemaDirectory>src/main/xsd</schemaDirectory>
+					</configuration>
+				</plugin>
+				<plugin>
+					<groupId>org.apache.maven.plugins</groupId>
+					<artifactId>maven-compiler-plugin</artifactId>
+					<configuration>
+						<source>1.6</source>
+						<target>1.6</target>
+					</configuration>
+				</plugin>
+				<plugin>
+					<groupId>org.apache.maven.plugins</groupId>
+					<artifactId>maven-deploy-plugin</artifactId>
+					<version>2.5</version>
+					<configuration>
+						<skip>false</skip>
+					</configuration>
+				</plugin>
+
+				<!--This plugin's configuration is used to store Eclipse m2e settings 
+					only. It has no influence on the Maven build itself. -->
+				<plugin>
+					<groupId>org.eclipse.m2e</groupId>
+					<artifactId>lifecycle-mapping</artifactId>
+					<version>1.0.0</version>
+					<configuration>
+						<lifecycleMappingMetadata>
+							<pluginExecutions>
+								<pluginExecution>
+									<pluginExecutionFilter>
+										<groupId>
+											org.codehaus.mojo
+										</groupId>
+										<artifactId>
+											jaxb2-maven-plugin
+										</artifactId>
+										<versionRange>
+											[1.3,)
+										</versionRange>
+										<goals>
+											<goal>xjc</goal>
+										</goals>
+									</pluginExecutionFilter>
+									<action>
+										<ignore></ignore>
+									</action>
+								</pluginExecution>
+							</pluginExecutions>
+						</lifecycleMappingMetadata>
+					</configuration>
+				</plugin>
+				<plugin>
+					<groupId>org.apache.maven.plugins</groupId>
+					<artifactId>maven-compiler-plugin</artifactId>
+					<version>2.3.2</version>
+					<configuration>
+						<source>1.6</source>
+						<target>1.6</target>
+					</configuration>
+				</plugin>
+				
+		<plugin>
+			<groupId>org.apache.maven.plugins</groupId>
+			<artifactId>maven-javadoc-plugin</artifactId>
+			<configuration>
+			<failOnError>false</failOnError>
+			</configuration>
+			<executions>
+				<execution>
+					<id>attach-javadocs</id>
+					<goals>
+						<goal>jar</goal>
+					</goals>
+				</execution>
+			</executions>
+		</plugin> 
+	   
+	   
+	       <plugin>
+		      <groupId>org.apache.maven.plugins</groupId>
+		      <artifactId>maven-source-plugin</artifactId>
+		      <version>2.2.1</version>
+		      <executions>
+			<execution>
+			  <id>attach-sources</id>
+			  <goals>
+			    <goal>jar-no-fork</goal>
+			  </goals>
+			</execution>
+		      </executions>
+		    </plugin>
+			
+		<plugin>
+			<groupId>org.sonatype.plugins</groupId>
+			<artifactId>nexus-staging-maven-plugin</artifactId>
+			<version>1.6.7</version>
+			<extensions>true</extensions>
+			<configuration>
+			<serverId>ossrhdme</serverId>
+			<nexusUrl>https://oss.sonatype.org/</nexusUrl>
+			<autoReleaseAfterClose>true</autoReleaseAfterClose>
+			</configuration>
+		</plugin>
+			</plugins>
+	</build>
+	
+	<distributionManagement>
+    		<snapshotRepository>
+      			<id>ossrhdme</id>
+      			<url>https://oss.sonatype.org/content/repositories/snapshots</url>
+    		</snapshotRepository>
+    		<repository>
+      			<id>ossrhdme</id>
+      			<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
+    		</repository>
+	</distributionManagement>
+	
+	<scm>
+		<connection>https://github.com/att/AAF.git</connection>
+		<developerConnection>${project.scm.connection}</developerConnection>
+		<url>http://github.com/att/AAF/tree/master</url>
+	</scm>
+
+</project>
+
diff --git a/authz-client/src/main/xsd/aaf_2_0.xsd b/authz-client/src/main/xsd/aaf_2_0.xsd
new file mode 100644
index 00000000..4b04d6c1
--- /dev/null
+++ b/authz-client/src/main/xsd/aaf_2_0.xsd
@@ -0,0 +1,467 @@
+<!-- Used by AAF (ATT inc 2013) -->
+<xs:schema 
+	xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+	xmlns:aaf="urn:aaf:v2_0" 
+	targetNamespace="urn:aaf:v2_0" 
+	elementFormDefault="qualified">
+	
+<!-- 
+	Note: jan 22, 2015.  Deprecating the "force" element in the "Request" Structure.  Do that
+	with Query Params. 
+	
+	Eliminate in 3.0 
+ -->
+<!--
+	Errors
+	Note: This Error Structure has been made to conform to the AT&T TSS Policies
+	
+	 
+ -->
+	<xs:element name="error">
+		<xs:complexType>
+			<xs:sequence>
+				<!--
+				Unique message identifier of the format ‘ABCnnnn’ where ‘ABC’ is
+					either ‘SVC’ for Service Exceptions or ‘POL’ for Policy Exception.
+					Exception numbers may be in the	range of 0001 to 9999 where :
+					* 0001 to 0199 are reserved for	common exception messages
+					* 0200 to 0999 are reserved for Parlay Web Services specification use
+					* 1000-9999 are available for exceptions 
+				 -->
+				<xs:element name="messageId" type="xs:string" minOccurs="1" maxOccurs="1"/>
+				
+				<!-- 
+				Message text, with replacement
+					variables marked with %n, where n is
+					an index into the list of <variables>
+					elements, starting at 1
+				 -->
+				<xs:element name="text" type="xs:string" minOccurs="1" maxOccurs="1"/>
+				
+				<!-- 
+				List of zero or more strings that
+					represent the contents of the variables
+					used by the message text. -->
+				<xs:element name="variables" type="xs:string" minOccurs="0" maxOccurs="unbounded" />
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+<!-- 
+	Requests
+ -->
+	<xs:complexType name="Request">
+		<xs:sequence>
+			<xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+			<xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/>
+			<!-- Deprecated.  Use Query Command 
+			<xs:element name="force" type="xs:string" minOccurs="1" maxOccurs="1" default="false"/>
+			-->
+		</xs:sequence>
+	</xs:complexType>
+
+<!--
+	Keys
+ -->
+    <xs:element name="keys">
+    	<xs:complexType>
+    		<xs:sequence>
+    			<xs:element name="key" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+    		</xs:sequence>
+    	</xs:complexType>
+    </xs:element>
+ 
+ 
+<!-- 
+	Permissions 
+-->	
+	<xs:complexType name = "pkey">
+		<xs:sequence>
+			<xs:element name="type" type="xs:string"/>
+			<xs:element name="instance" type="xs:string"/>
+			<xs:element name="action" type="xs:string"/>
+		</xs:sequence>
+	</xs:complexType>
+
+	<xs:element name="permKey">
+		<xs:complexType >
+			<xs:complexContent>
+				<xs:extension base="aaf:pkey" />
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:element name="perm">
+		<xs:complexType >
+			<xs:complexContent>
+				<xs:extension base="aaf:pkey">
+					<xs:sequence>					
+						<xs:element name="roles" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+						<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+ 						<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:element name="perms">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element ref="aaf:perm" minOccurs="0" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="permRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="type" type="xs:string"/>
+						<xs:element name="instance" type="xs:string"/>
+						<xs:element name="action" type="xs:string"/>
+						<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+						<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+
+
+<!-- 
+	Roles 
+-->	
+	<xs:complexType name="rkey">
+		<xs:sequence>
+			<xs:element name="name" type="xs:string"/>
+		</xs:sequence>
+	</xs:complexType>
+	
+	<xs:element name="roleKey">
+		<xs:complexType >
+			<xs:complexContent>
+				<xs:extension base="aaf:rkey" />
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="role">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:rkey">
+					<xs:sequence>
+						<xs:element name="perms" type="aaf:pkey" minOccurs="0" maxOccurs="unbounded"/>
+						<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+						<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:element name="roles">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element ref="aaf:role" minOccurs="0" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="roleRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
+						<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+						<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+
+	<!-- Added userRole return types 9/16/2015 -->
+	<xs:element name="userRole">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+				<xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+				<xs:element name="expires" type="xs:date" minOccurs="1" maxOccurs="1" />
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	
+	<!-- Added userRoles return types 9/16/2015 -->
+	<xs:element name="userRoles">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element ref="aaf:userRole" minOccurs="0" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="userRoleRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+						<xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:element name="rolePermRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="perm" type="aaf:pkey" minOccurs="1" maxOccurs="1"/>
+						<xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+
+	<xs:element name="nsRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
+						<xs:element name="admin" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+						<xs:element name="responsible" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+						<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+						<xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+						<!-- Note: dec 11, 2015.  Request-able NS Type JG -->
+						<xs:element name="type" type="xs:string" minOccurs="0" maxOccurs="1"/>
+
+						<!-- "scope" is deprecated and unused as of AAF 2.0.11.  It will be removed in future versions
+							-->
+						<xs:element name="scope" type="xs:int" minOccurs="0" maxOccurs="1"/>
+
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:element name = "nss">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name = "ns" minOccurs="0" maxOccurs="unbounded">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name = "name" type = "xs:string" minOccurs="1" maxOccurs="1"/>
+							<xs:element name = "responsible" type = "xs:string" minOccurs="0" maxOccurs="unbounded"/>
+							<xs:element name = "admin" type = "xs:string" minOccurs="0" maxOccurs="unbounded"/>
+							<!-- Note: feb 23, 2015.  Added description field. Verify backward compatibility. JR -->
+							<xs:element name = "description" type = "xs:string" minOccurs="0" maxOccurs="1"/>
+							<!-- Note: Dec 16, 2015.  Added description field. Verify backward compatibility. JG -->
+							<xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
+								<xs:complexType>
+									<xs:sequence>
+										<xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+										<xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
+									</xs:sequence>
+								</xs:complexType>
+							</xs:element>
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+<!-- 
+	Users 
+-->	
+	<xs:element name="users">
+		<xs:complexType>
+			<xs:sequence>
+		   		<xs:element name="user" minOccurs="0" maxOccurs="unbounded">
+		   			<xs:complexType>
+		   				<xs:sequence>
+				       		<xs:element name="id" type="xs:string"  minOccurs="1" maxOccurs="1" />
+				       		<!-- Changed type to dateTime, because of importance of Certs -->
+				       		<xs:element name="expires" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+				       		<!-- need to differentiate User Cred Types, 5/20/2015
+				       			 This Return Object is shared by multiple functions: 
+				       			 	Type is not returned for "UserRole", but only "Cred" 
+				       		-->
+				       		<xs:element name="type" type="xs:int" minOccurs="0" maxOccurs="1" />
+		   				</xs:sequence>
+		   			</xs:complexType>
+		   		</xs:element>
+		   	</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+<!-- 
+	Certs
+	Added 5/20/2015 to support identifying Certificate based Services
+ -->
+	<xs:element name="certs">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="cert" minOccurs="0" maxOccurs="unbounded">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="1" />
+							<xs:element name="x500" type="xs:string" minOccurs="1" maxOccurs="1" />
+							<xs:element name="expires" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+							<xs:element name="fingerprint" type="xs:hexBinary" minOccurs="1" maxOccurs="1" />
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+
+<!-- 
+	Credentials 
+-->	
+	<xs:element name="credRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+						<xs:element name="id" type="xs:string"/>
+						<xs:element name="type" type="xs:int" minOccurs="0" maxOccurs="1"/>
+						<xs:choice >
+							<xs:element name="password" type="xs:string" />
+							<xs:element name="entry" type="xs:string" />
+						</xs:choice>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+<!--
+	History 
+ -->
+ 	<xs:element name="history">
+ 		<xs:complexType>
+ 			<xs:sequence>
+ 				<xs:element name="item" minOccurs="0" maxOccurs="unbounded">
+			 		<xs:complexType>
+			 			<xs:sequence>
+			 				<xs:element name="YYYYMM" type="xs:string" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="timestamp" type="xs:dateTime" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="subject" type="xs:string" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="target" type = "xs:string" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="action" type="xs:string" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="memo" type="xs:string" minOccurs="1" maxOccurs="1"/>
+			 				<xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+			 			</xs:sequence>
+			 		</xs:complexType>
+			 	</xs:element>
+		 	</xs:sequence>
+		 </xs:complexType>
+ 	</xs:element>
+ 
+<!-- 
+	Approvals
+ -->
+ 	<xs:complexType name="approval">
+	   <xs:sequence>
+	   	   <!-- Note, id is set by system -->
+	   	   <xs:element name="id" type="xs:string" minOccurs="0" maxOccurs="1"/>
+	   	   <xs:element name="ticket" type="xs:string"/>
+	       <xs:element name="user" type="xs:string"/>
+	       <xs:element name="approver" type="xs:string"/>
+	       <xs:element name="type" type="xs:string"/>
+	       <xs:element name="memo" type="xs:string"/>
+	       <xs:element name="updated" type="xs:dateTime"/>
+	       <xs:element name="status">
+			  <xs:simpleType>
+			    <xs:restriction base="xs:string">
+			      <xs:enumeration value="approve"/>
+			      <xs:enumeration value="reject"/>
+			      <xs:enumeration value="pending"/>
+			    </xs:restriction>
+			  </xs:simpleType>
+		   </xs:element> 	
+		   <xs:element name="operation">
+			  <xs:simpleType>
+			    <xs:restriction base="xs:string">
+			      <xs:enumeration value="C"/>
+			      <xs:enumeration value="U"/>
+			      <xs:enumeration value="D"/>
+			      <xs:enumeration value="G"/>
+			      <xs:enumeration value="UG"/>
+			    </xs:restriction>
+			  </xs:simpleType>
+		   </xs:element> 	
+	   </xs:sequence>
+	</xs:complexType>
+	<xs:element name="approvals">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="approvals" type="aaf:approval" minOccurs="1" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	
+<!-- 
+	Delegates 
+-->	
+	<xs:complexType name="delg">
+	   <xs:sequence>
+	       <xs:element name="user" type="xs:string"/>
+	       <xs:element name="delegate" type="xs:string"/>
+	       <xs:element name="expires" type="xs:date"/>
+	   </xs:sequence>
+	</xs:complexType>
+	
+	<xs:element name="delgRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="aaf:Request">
+					<xs:sequence>
+				       <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+				       <xs:element name="delegate" type="xs:string" minOccurs="1" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="delgs">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="delgs" type="aaf:delg" minOccurs="0" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	
+	<!-- jg 3/11/2015 New for 2.0.8 -->
+	<xs:element name="api">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="route" minOccurs="0" maxOccurs="unbounded">
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="meth" type="xs:string" minOccurs="1" maxOccurs="1"/>
+							<xs:element name="path" type="xs:string" minOccurs="1" maxOccurs="1"/>
+							<xs:element name="param" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+							<xs:element name="desc" type="xs:string" minOccurs="1" maxOccurs="1"/>
+							<xs:element name="comments" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+							<xs:element name="contentType" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+							<xs:element name="expected" type="xs:int" minOccurs="1" maxOccurs="1"/>
+							<xs:element name="explicitErr" type="xs:int" minOccurs="0" maxOccurs="unbounded"/>
+						</xs:sequence>	
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+</xs:schema>
diff --git a/authz-client/src/main/xsd/certman_1_0.xsd b/authz-client/src/main/xsd/certman_1_0.xsd
new file mode 100644
index 00000000..d99c144b
--- /dev/null
+++ b/authz-client/src/main/xsd/certman_1_0.xsd
@@ -0,0 +1,131 @@
+<!-- Used by AAF (ATT inc 2016) -->
+<xs:schema 
+	xmlns:xs="http://www.w3.org/2001/XMLSchema" 
+	xmlns:certman="urn:certman:v1_0"
+	targetNamespace="urn:certman:v1_0" 
+	elementFormDefault="qualified">
+
+	<!-- jg 4/21/2016 New for Certificate Info  -->
+	<xs:element name="certInfo">
+		<xs:complexType>
+			<xs:sequence>
+				<!-- Base64 Encoded Private Key -->
+				<xs:element name="privatekey" type="xs:string" minOccurs="0" maxOccurs="1"/>
+				<!-- Base64 Encoded Certificate -->
+				<xs:element name="certs" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+				<!-- Challenge Password (2 method Auth) -->
+				<xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
+				<!-- Notes from Server concerning Cert (not an error) -->
+				<xs:element name="notes" type="xs:string" minOccurs="0" maxOccurs="1"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:complexType name="baseRequest">
+		<xs:sequence>
+			<xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/>
+			<!-- Sponsor is only required if the caller is not Sponsor.  In that case, the calling ID must be delegated to do the work. -->
+			<xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1"/>
+			<xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+			<xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/>
+		</xs:sequence>
+	</xs:complexType>
+
+	<xs:complexType name="specificRequest">
+		<xs:complexContent>
+			<xs:extension base="certman:baseRequest">
+				<xs:sequence>
+					<xs:element name="serial" type="xs:string" minOccurs="1" maxOccurs="1"/>
+					<!-- Certificate has been compromised or other security issue -->
+					<xs:element name="revoke" type="xs:boolean" minOccurs="0" maxOccurs="1" default="false"/>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+		
+	<xs:element name="certificateRequest">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="certman:baseRequest">
+					<xs:sequence>
+						<!-- One FQDN is required.  Multiple driven by Policy -->
+						<xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+						<!-- Optional Email for getting Public Certificate -->
+						<xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+
+	<xs:element name="certificateRenew">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="certman:specificRequest">
+					<xs:sequence>
+						<!-- One FQDN is required.  Multiple driven by Policy -->
+						<xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+						<!-- Challenge Password (for accessing manually) TODO Is it necessary? -->
+						<xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
+						<!-- Optional Email for getting Public Certificate -->
+						<xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<xs:element name="certificateDrop">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="certman:specificRequest">
+					<xs:sequence>
+						<!-- Challenge Password (for accessing manually) TODO Is it necessary? -->
+						<xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
+					</xs:sequence>
+				</xs:extension>
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	
+	<!-- Placement Structures -->
+	
+	<xs:element name="artifacts">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="artifact" minOccurs="0" maxOccurs="unbounded"> 
+					<xs:complexType>
+						<xs:sequence>
+							<xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/>
+							<xs:element name="machine" type="xs:string" minOccurs="0" maxOccurs="1" />
+						    <xs:element name="type" minOccurs="1" maxOccurs="3">
+						    	<xs:simpleType>
+								    <xs:restriction base="xs:string">
+								      <xs:enumeration value="file"/>
+								      <xs:enumeration value="jks"/>
+								      <xs:enumeration value="print"/>
+								    </xs:restriction>
+							    </xs:simpleType>
+						    </xs:element>
+							<xs:element name="ca" type="xs:string" minOccurs="1" maxOccurs="1" />
+						    <xs:element name="dir" type="xs:string" minOccurs="1" maxOccurs="1"/>
+							<xs:element name="os_user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+							<!-- Ignored on input, and set by TABLES.  However, returned  on output -->
+							<xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1" />
+						    <!-- Optional... if empty, will use MechID Namespace -->
+						    <xs:element name="appName" type="xs:string" minOccurs="0" maxOccurs="1"/>
+						    <!-- Optional... if empty, will notify Sponsor -->
+						    <xs:element name="notification" type="xs:string" minOccurs="0" maxOccurs="1"/>
+						    <!-- Optional... Days before auto renewal.  Min is 10.  Max is 1/3 expiration (60) -->
+						    <xs:element name="renewDays" type="xs:int" minOccurs="0" maxOccurs="1" default="30"/>
+						    
+						</xs:sequence>
+					</xs:complexType>
+				</xs:element>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	
+	
+				
+</xs:schema>
+\ No newline at end of file
author	sg481n <sg481n@att.com>	2017-08-03 17:27:34 -0400
committer	sg481n <sg481n@att.com>	2017-08-03 17:27:34 -0400
commit	43854a9e3310ff7a92257d16c4fc0a8321eaec68 (patch)
tree	46af936c5da4f9c60d7d63dade5c61a8fd5ef9f4 /authz-client
parent	f691a8b8dfc9eea4c6b3bfa45ea60f07ad347e69 (diff)