Improve tests in cadi-core

* Added tests for LocalLur and AbsTafResp
* Fixed several warnings on old tests

Issue-ID: AAF-225
Change-Id: I3583424a734c9999934153bcd069c50f306d235b
Signed-off-by: IanHowell <ian.howell@att.com>

4 files changed, 112 insertions, 104 deletions

diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
index cf5c92d0..c65a9b22 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
@@ -60,7 +60,6 @@ public abstract class AbsUserCache<PERM extends Permission> {
 	
 	private Clean clean;
 	protected Access access;
-//	private final static Permission teaser = new LocalPermission("***NoPERM****");
 	
 	protected AbsUserCache(Access access, long cleanInterval, int highCount, int usageCount) {
 		this.access = access;
@@ -322,7 +321,6 @@ public abstract class AbsUserCache<PERM extends Permission> {
 				for(User<PERM> user : al) {
 					++total;
 						if(user.count>usageTriggerCount) {
-	//						access.log(Level.AUDIT, "Checking Thread", new Date(now));
 							boolean touched = false, removed=false;
 							if(user.principal instanceof CachedPrincipal) {
 								CachedPrincipal cp = (CachedPrincipal)user.principal;
@@ -333,7 +331,6 @@ public abstract class AbsUserCache<PERM extends Permission> {
 											break;
 										case REVALIDATED:
 											user.resetCount();
-			//								access.log(Level.AUDIT, "CACHE revalidated credentials");
 											touched = true;
 											break;
 										default:
@@ -346,9 +343,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
 								}
 							}
 						
-	//						access.log(Level.AUDIT, "User Perm Expires", new Date(user.permExpires));
 							if(!removed && lur!=null && user.permExpires<= now ) {
-	//							access.log(Level.AUDIT, "Reloading");
 								if(lur.reload(user).equals(Resp.REVALIDATED)) {
 									user.renewPerm();
 									access.log(Level.DEBUG, "Reloaded Perms for",user);
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
index c1a27fa7..0f9adb94 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
@@ -7,9 +7,9 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *      http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -38,10 +38,9 @@ import org.onap.aaf.cadi.User;
 import org.onap.aaf.cadi.Access.Level;
 import org.onap.aaf.cadi.config.Config;
 
-
 /**
  * An in-memory Lur that can be configured locally with User info via properties, similar to Tomcat-users.xml mechanisms.
- * 
+ *
  * @author Jonathan
  *
  */
@@ -50,120 +49,69 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur
 	public static final String COLON = "\\s*:\\s*";
 	public static final String COMMA = "\\s*,\\s*";
 	public static final String PERCENT = "\\s*%\\s*";
-	
+
 	// Use to quickly determine whether any given group is supported by this LUR
 	private final Set<String> supportingGroups;
-	private String supportedRealm; 
-	
+	private String supportedRealm;
+
 	/**
 	 * Construct by building structure, see "build"
-	 * 
+	 *
 	 * Reconstruct with "build"
-	 * 
-	 * @param userProperty
-	 * @param groupProperty
+	 *
+	 * @param userProperties
+	 * @param groupProperties
 	 * @param decryptor
 	 * @throws IOException
 	 */
-	public LocalLur(Access access, String userProperty, String groupProperty) throws IOException {
+	public LocalLur(Access access, String userProperties, String groupProperties) throws IOException {
 		super(access, 0, 0, Integer.MAX_VALUE);  // data doesn't expire
 		supportedRealm = access.getProperty(Config.BASIC_REALM, "localized");
-		supportingGroups = new TreeSet<String>();
-		
-		if(userProperty!=null) {
-			// For each User name...
-			for(String user : userProperty.trim().split(SEMI)) {
-				String[] us = user.split(COLON,2);
-				String[] userpass = us[0].split(PERCENT,2);
-				String u;
-				User<LocalPermission> usr;
-				if(userpass.length>1) {
-					if(userpass.length>0 && userpass[0].indexOf('@')<0) {
-						userpass[0]=userpass[0] + '@' + access.getProperty(Config.AAF_DEFAULT_REALM,Config.getDefaultRealm());
-					}
-
-					u = userpass[0];
-					byte[] pass = access.decrypt(userpass[1], true).getBytes();
-					usr = new User<LocalPermission>(new ConfigPrincipal(u, pass));
-				} else {
-					u = us[0];
-					usr = new User<LocalPermission>(new ConfigPrincipal(u, (byte[])null));
-				}
-				addUser(usr);
-				access.log(Level.INIT, "Local User:",usr.principal);
-				
-				if(us.length>1) {
-					Map<String, Permission> newMap = usr.newMap();
-					for(String group : us[1].split(COMMA)) {
-						supportingGroups.add(group);
-						usr.add(newMap,new LocalPermission(group));
-					}
-					usr.setMap(newMap);
-				}
-			}
+		supportingGroups = new TreeSet<>();
+
+		if (userProperties != null) {
+			parseUserProperties(userProperties);
 		}
-		if(groupProperty!=null) {
-			// For each Group name...
-			for(String group : groupProperty.trim().split(SEMI)) {
-				String[] gs = group.split(COLON,2);
-				if(gs.length>1) {
-					supportingGroups.add(gs[0]);
-					LocalPermission p = new LocalPermission(gs[0]);
-					// Add all users (known by comma separators)	
-					
-					for(String grpMem : gs[1].split(COMMA)) {
-						// look for password, if so, put in passMap
-						String[] userpass = grpMem.split(PERCENT,2);
-						if(userpass.length>0 && userpass[0].indexOf('@')<0) {
-							userpass[0]=userpass[0] + '@' + access.getProperty(Config.AAF_DEFAULT_REALM,Config.getDefaultRealm());
-						}
-						User<LocalPermission> usr = null;
-						if(userpass.length>1) {
-							byte[] pass = access.decrypt(userpass[1], true).getBytes();
-							usr = getUser(userpass[0],pass);
-							if(usr==null)addUser(usr=new User<LocalPermission>(new ConfigPrincipal(userpass[0],pass)));
-							else usr.principal=new ConfigPrincipal(userpass[0],pass);
-						} else {
-							addUser(usr=new User<LocalPermission>(new ConfigPrincipal(userpass[0],(byte[])null)));
-						}
-						usr.add(p);
-						access.log(Level.INIT, "Local User:",usr.principal);
-					}
-				}
-			}
+
+		if (groupProperties != null) {
+			parseGroupProperties(groupProperties);
 		}
 	}
-	
+
 	public boolean validate(String user, CredVal.Type type, byte[] cred, Object state) {
-		User<LocalPermission> usr = getUser(user,cred);
-		switch(type) {
-			case PASSWORD:
-				// covers null as well as bad pass
-				if(usr!=null && cred!=null && usr.principal instanceof ConfigPrincipal) {
-					return Hash.isEqual(cred,((ConfigPrincipal)usr.principal).getCred());
-				}
-				break;
+		if (cred == null) {
+			return false;
+		}
+		User<LocalPermission> usr = getUser(user, cred);
+		if (usr == null) {
+			return false;
+		}
+		// covers null as well as bad pass
+		if ((type == Type.PASSWORD) && (usr.principal instanceof ConfigPrincipal)) {;
+			return Hash.isEqual(cred, ((ConfigPrincipal)usr.principal).getCred());
 		}
 		return false;
 	}
 
 	//	@Override
 	public boolean fish(Principal bait, Permission pond) {
-		if(pond == null) {
+		if (pond == null) {
 			return false;
 		}
-		if(handles(bait) && pond instanceof LocalPermission) { // local Users only have LocalPermissions
-				User<LocalPermission> user = getUser(bait);
-				return user==null?false:user.contains((LocalPermission)pond);
+		if (handles(bait) && pond instanceof LocalPermission) { // local Users only have LocalPermissions
+			User<LocalPermission> user = getUser(bait);
+			if (user != null) {
+				return user.contains((LocalPermission)pond);
 			}
+		}
 		return false;
 	}
 
 	// We do not want to expose the actual Group, so make a copy.
 	public void fishAll(Principal bait, List<Permission> perms) {
-		if(handles(bait)) {
+		if (handles(bait)) {
 			User<LocalPermission> user = getUser(bait);
-			if(user!=null) {
+			if (user != null) {
 				user.copyPermsTo(perms);
 			}
 		}
@@ -174,13 +122,12 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur
 	 */
 	@Override
 	public boolean handles(Principal principal) {
-		return principal!=null && principal.getName().endsWith(supportedRealm);
+		if (principal == null) {
+			return false;
+		}
+		return principal.getName().endsWith(supportedRealm);
 	}
 
-//	public boolean supports(String userName) {
-//		return userName!=null && userName.endsWith(supportedRealm);
-//	}
-//
 	public boolean handlesExclusively(Permission pond) {
 		return supportingGroups.contains(pond.getKey());
 	}
@@ -192,5 +139,74 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur
 	public Permission createPerm(String p) {
 		return new LocalPermission(p);
 	}
+	
+	private void parseUserProperties(String userProperties) throws IOException {
+		// For each User name...
+		for (String userProperty : userProperties.trim().split(SEMI)) {
+			String[] userInfo = userProperty.split(COLON, 2);
+			String[] userPass = userInfo[0].split(PERCENT, 2);
+			String userName = userPass[0];
+
+			byte[] password = null;
+			if (userPass.length > 1) {
+				password = access.decrypt(userPass[1], true).getBytes();
+				if (userName.indexOf('@') < 0) {
+					userName += '@' + access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm());
+				}
+			}
+			User<LocalPermission> usr;
+			usr = new User<>(new ConfigPrincipal(userName, password));
+			addUser(usr);
+			access.log(Level.INIT, "Local User:", usr.principal);
+
+			if (userInfo.length > 1) {
+				Map<String, Permission> newMap = usr.newMap();
+				for (String group : userInfo[1].split(COMMA)) {
+					supportingGroups.add(group);
+					usr.add(newMap, new LocalPermission(group));
+				}
+				usr.setMap(newMap);
+			}
+		}
+	}
+
+	
+	private void parseGroupProperties(String groupProperties) throws IOException {
+		// For each Group name...
+		for (String group : groupProperties.trim().split(SEMI)) {
+			String[] groups = group.split(COLON, 2);
+			if (groups.length <= 1) {
+				continue;
+			}
+			supportingGroups.add(groups[0]);
+			LocalPermission p = new LocalPermission(groups[0]);
+
+			// Add all users (known by comma separators)
+			for (String groupMember : groups[1].split(COMMA)) {
+				// look for password, if so, put in passMap
+				String[] userPass = groupMember.split(PERCENT, 2);
+				String userName = userPass[0];
+				if (userName.indexOf('@') < 0) {
+					userName += '@' + access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm());
+				}
+
+				User<LocalPermission> usr = null;
+				byte[] password = null;
+				if (userPass.length > 1) {
+					password = access.decrypt(userPass[1], true).getBytes();
+				}
+				usr = getUser(userName, password);
+				if (usr == null) {
+					usr = new User<>(new ConfigPrincipal(userName, password));
+					addUser(usr);
+				}
+				else {
+					usr.principal = new ConfigPrincipal(userName, password);
+				}
+				usr.add(p);
+				access.log(Level.INIT, "Local User:", usr.principal);
+			}
+		}
+	}
 
 }
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java
index a2fc730e..c216fb57 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java
@@ -62,7 +62,7 @@ public abstract class AbsTafResp implements TafResp {
 	 * Respond in the affirmative if the TAF was able to Authenticate
 	 */
 	public boolean isValid() {
-		return principal!=null;
+		return principal != null;
 	}
 
 	/**
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java
index 9e36c11f..017337b1 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java
@@ -21,7 +21,6 @@
 
 package org.onap.aaf.cadi.wsse;
 
-import java.io.IOException;
 import java.io.InputStream;
 
 import javax.xml.stream.XMLStreamException;
@@ -46,7 +45,6 @@ public class WSSEParser {
 	private static final String SOAP_NS = "http://schemas.xmlsoap.org/soap/envelope/";
 	private static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 	private Match<BasicCred> parseTree;
-	//private XMLInputFactory inputFactory;
 
 	public WSSEParser() {
 		// soap:Envelope/soap:Header/wsse:Security/wsse:UsernameToken/[wsse:Password&wsse:Username]
@@ -72,10 +70,9 @@ public class WSSEParser {
 				).stopAfter() // Stop Processing when Header Ends
 			).exclusive()// Envelope must match Header, and no other.  FYI, Body comes after Header short circuits (see above), so it's ok
 		).exclusive(); // root must be Envelope
-		//inputFactory = XMLInputFactory.newInstance();
 	}
 	
-	public XMLStreamException parse(BasicCred bc, InputStream is) throws IOException {
+	public XMLStreamException parse(BasicCred bc, InputStream is) {
 		try {
 			parseTree.onMatch(bc, new XReader(is));
 			return null;