diff options
author | Instrumental <jonathan.gathman@att.com> | 2018-07-19 13:29:32 -0500 |
---|---|---|
committer | Instrumental <jonathan.gathman@att.com> | 2018-07-19 13:29:44 -0500 |
commit | 32cdd553a8668e6d03a9cf5b11b360d35a63c87f (patch) | |
tree | 48c02e4be820d87efb777d7be20bad57d517b61c /cadi/core/src/main | |
parent | 9c8a8b0926b13b07fb1e5394903401e7a3f1ff79 (diff) |
Configuration and Auto-Certificates
Issue-ID: AAF-378
Change-Id: Ic820a4e43684a6130f00b28b415a974876099fc3
Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'cadi/core/src/main')
7 files changed, 36 insertions, 16 deletions
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java index 1d01a3e8..39631894 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java @@ -246,7 +246,7 @@ public abstract class AbsUserCache<PERM extends Permission> { /** * The default behavior of a LUR is to not handle something exclusively. */ - public boolean handlesExclusively(Permission pond) { + public boolean handlesExclusively(Permission ... pond) { return false; } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java index fd73d00b..0beb4856 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java @@ -52,7 +52,7 @@ public interface Lur { * @param principalName * @return */ - public boolean fish(Principal bait, Permission pond); + public boolean fish(Principal bait, Permission ... pond); /** * Fish all the Principals out a Pond @@ -77,7 +77,7 @@ public interface Lur { * @param pond * @return */ - public boolean handlesExclusively(Permission pond); + public boolean handlesExclusively(Permission ... pond); /** * Does the LUR support a particular kind of Principal diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java index 4067f160..04743b85 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java @@ -662,6 +662,9 @@ public class Symm { * @throws IOException */ public void enpass(final String password, final OutputStream os) throws IOException { + if(password==null) { + throw new IOException("Invalid password passed"); + } final ByteArrayOutputStream baos = new ByteArrayOutputStream(); DataOutputStream dos = new DataOutputStream(baos); byte[] bytes = password.getBytes(); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java index 42c38896..efe5503b 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java @@ -134,12 +134,21 @@ public class Config { public static final String OAUTH_CLIENT_SECRET="client_secret"; public static final String AAF_ENV = "aaf_env"; - public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration public static final String AAF_ROOT_NS = "aaf_root_ns"; public static final String AAF_ROOT_NS_DEF = "org.osaaf.aaf"; public static final String AAF_ROOT_COMPANY = "aaf_root_company"; public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator private static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables. + public static final String AAF_DEFAULT_VERSION = "2.1"; + public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration + public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.service:" + AAF_DEFAULT_VERSION; + public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.gui:" + AAF_DEFAULT_VERSION; + public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:" + AAF_DEFAULT_VERSION; + public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.fs:" + AAF_DEFAULT_VERSION; + public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.hello:" + AAF_DEFAULT_VERSION; + public static final String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/AAF_NS.token:" + AAF_DEFAULT_VERSION; + public static final String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/AAF_NS.introspect:" + AAF_DEFAULT_VERSION; + public static final String AAF_REGISTER_AS = "aaf_register_as"; public static final String AAF_APPID = "aaf_id"; public static final String AAF_APPPASS = "aaf_password"; @@ -174,7 +183,6 @@ public class Config { public static final String AAF_COMPONENT = "aaf_component"; public static final String AAF_CERT_IDS = "aaf_cert_ids"; public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited - public static final String AAF_DEFAULT_VERSION = "2.0"; public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only. diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java index 2813dca8..b442c7d9 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java @@ -60,7 +60,7 @@ public final class EpiLur implements Lur { if(lurs.length==0) throw new CadiException("Need at least one Lur implementation in constructor"); } - public boolean fish(Principal bait, Permission pond) { + public boolean fish(Principal bait, Permission ... pond) { if(pond==null) { return false; } @@ -99,7 +99,7 @@ public final class EpiLur implements Lur { } // Never needed... Only EpiLur uses... - public boolean handlesExclusively(Permission pond) { + public boolean handlesExclusively(Permission ... pond) { return false; } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java index 0f9adb94..e177a22f 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java @@ -94,14 +94,16 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur } // @Override - public boolean fish(Principal bait, Permission pond) { + public boolean fish(Principal bait, Permission ... pond) { if (pond == null) { return false; } - if (handles(bait) && pond instanceof LocalPermission) { // local Users only have LocalPermissions - User<LocalPermission> user = getUser(bait); - if (user != null) { - return user.contains((LocalPermission)pond); + for(Permission p : pond) { + if (handles(bait) && p instanceof LocalPermission) { // local Users only have LocalPermissions + User<LocalPermission> user = getUser(bait); + if (user != null) { + return user.contains((LocalPermission)p); + } } } return false; @@ -128,8 +130,15 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur return principal.getName().endsWith(supportedRealm); } - public boolean handlesExclusively(Permission pond) { - return supportingGroups.contains(pond.getKey()); + @Override + public boolean handlesExclusively(Permission ... pond) { + boolean rv = false; + for (Permission p : pond) { + if(rv=supportingGroups.contains(p.getKey())) { + break; + } + } + return rv; } /* (non-Javadoc) diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java index 1e44726a..b314f20e 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java @@ -44,7 +44,7 @@ public class NullLur implements Lur { return false; }}; - public boolean fish(Principal bait, Permission pond) { + public boolean fish(Principal bait, Permission ... pond) { // Well, for Jenkins, this is ok... It finds out it can't do J2EE Security, and then looks at it's own // System.err.println("CADI's LUR has not been configured, but is still being called. Access is being denied"); return false; @@ -56,7 +56,7 @@ public class NullLur implements Lur { public void destroy() { } - public boolean handlesExclusively(Permission pond) { + public boolean handlesExclusively(Permission ... pond) { return false; } |