Configuration and Auto-Certificates

Issue-ID: AAF-378
Change-Id: Ic820a4e43684a6130f00b28b415a974876099fc3
Signed-off-by: Instrumental <jonathan.gathman@att.com>

7 files changed, 36 insertions, 16 deletions

diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
index 1d01a3e8..39631894 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
@@ -246,7 +246,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
 	/**
 	 * The default behavior of a LUR is to not handle something exclusively.
 	 */
-	public boolean handlesExclusively(Permission pond) {
+	public boolean handlesExclusively(Permission ... pond) {
 		return false;
 	}
 	
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
index fd73d00b..0beb4856 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
@@ -52,7 +52,7 @@ public interface Lur {
 	 * @param principalName
 	 * @return
 	 */
-	public boolean fish(Principal bait, Permission pond);
+	public boolean fish(Principal bait, Permission ... pond);
 
 	/** 
 	 * Fish all the Principals out a Pond
@@ -77,7 +77,7 @@ public interface Lur {
 	 * @param pond
 	 * @return
 	 */
-	public boolean handlesExclusively(Permission pond);  
+	public boolean handlesExclusively(Permission ... pond);  
 	
 	/**
 	 *  Does the LUR support a particular kind of Principal
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
index 4067f160..04743b85 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
@@ -662,6 +662,9 @@ public class Symm {
    * @throws IOException
    */
   public void enpass(final String password, final OutputStream os) throws IOException {
+	    if(password==null) {
+	    	throw new IOException("Invalid password passed");
+	    }
 		final ByteArrayOutputStream baos = new ByteArrayOutputStream();
 		DataOutputStream dos = new DataOutputStream(baos);
 		byte[] bytes = password.getBytes();
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index 42c38896..efe5503b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -134,12 +134,21 @@ public class Config {
 	public static final String OAUTH_CLIENT_SECRET="client_secret";
 	
 	public static final String AAF_ENV = "aaf_env";
-	public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
 	public static final String AAF_ROOT_NS = "aaf_root_ns";
 	public static final String AAF_ROOT_NS_DEF = "org.osaaf.aaf";
 	public static final String AAF_ROOT_COMPANY = "aaf_root_company";
 	public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator
 	private static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables.
+	public static final String AAF_DEFAULT_VERSION = "2.1";
+	public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
+	public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.service:" + AAF_DEFAULT_VERSION;
+	public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.gui:" + AAF_DEFAULT_VERSION;
+	public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:" + AAF_DEFAULT_VERSION;
+	public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.fs:" + AAF_DEFAULT_VERSION;
+	public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.hello:" + AAF_DEFAULT_VERSION;
+	public static final String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/AAF_NS.token:" + AAF_DEFAULT_VERSION;
+	public static final String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/AAF_NS.introspect:" + AAF_DEFAULT_VERSION;
+
 	public static final String AAF_REGISTER_AS = "aaf_register_as";
 	public static final String AAF_APPID = "aaf_id";
 	public static final String AAF_APPPASS = "aaf_password";
@@ -174,7 +183,6 @@ public class Config {
 	public static final String AAF_COMPONENT = "aaf_component";
 	public static final String AAF_CERT_IDS = "aaf_cert_ids";
 	public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited
-	public static final String AAF_DEFAULT_VERSION = "2.0";
 	public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only.
 
 
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
index 2813dca8..b442c7d9 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
@@ -60,7 +60,7 @@ public final class EpiLur implements Lur {
 		if(lurs.length==0) throw new CadiException("Need at least one Lur implementation in constructor");
 	}
 
-	public boolean fish(Principal bait, Permission pond) {
+	public boolean fish(Principal bait, Permission ... pond) {
 		if(pond==null) {
 			return false;
 		}
@@ -99,7 +99,7 @@ public final class EpiLur implements Lur {
 	}
 
 	// Never needed... Only EpiLur uses...
-	public boolean handlesExclusively(Permission pond) {
+	public boolean handlesExclusively(Permission ... pond) {
 		return false;
 	}
 	
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
index 0f9adb94..e177a22f 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
@@ -94,14 +94,16 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur
 	}
 
 	//	@Override
-	public boolean fish(Principal bait, Permission pond) {
+	public boolean fish(Principal bait, Permission ... pond) {
 		if (pond == null) {
 			return false;
 		}
-		if (handles(bait) && pond instanceof LocalPermission) { // local Users only have LocalPermissions
-			User<LocalPermission> user = getUser(bait);
-			if (user != null) {
-				return user.contains((LocalPermission)pond);
+		for(Permission p : pond) {
+			if (handles(bait) && p instanceof LocalPermission) { // local Users only have LocalPermissions
+				User<LocalPermission> user = getUser(bait);
+				if (user != null) {
+					return user.contains((LocalPermission)p);
+				}
 			}
 		}
 		return false;
@@ -128,8 +130,15 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur
 		return principal.getName().endsWith(supportedRealm);
 	}
 
-	public boolean handlesExclusively(Permission pond) {
-		return supportingGroups.contains(pond.getKey());
+	@Override
+	public boolean handlesExclusively(Permission ... pond) {
+		boolean rv = false;
+		for (Permission p : pond) {
+			if(rv=supportingGroups.contains(p.getKey())) {
+				break;
+			}
+		}
+		return rv;
 	}
 
 	/* (non-Javadoc)
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
index 1e44726a..b314f20e 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
@@ -44,7 +44,7 @@ public class NullLur implements Lur {
 			return false;
 		}};
 
-	public boolean fish(Principal bait, Permission pond) {
+	public boolean fish(Principal bait, Permission ... pond) {
 		// Well, for Jenkins, this is ok... It finds out it can't do J2EE Security, and then looks at it's own
 //		System.err.println("CADI's LUR has not been configured, but is still being called.  Access is being denied");
 		return false;
@@ -56,7 +56,7 @@ public class NullLur implements Lur {
 	public void destroy() {
 	}
 
-	public boolean handlesExclusively(Permission pond) {
+	public boolean handlesExclusively(Permission ... pond) {
 		return false;
 	}