summaryrefslogtreecommitdiffstats
path: root/cadi/core/src/main
diff options
context:
space:
mode:
authorInstrumental <jonathan.gathman@att.com>2019-10-15 08:19:50 -0500
committerInstrumental <jonathan.gathman@att.com>2019-10-15 08:35:35 -0500
commit1296352d8eafee57f982a4342ad79ada4aa56d28 (patch)
tree355cdb89d85530a861319f892b0f24236e6adc50 /cadi/core/src/main
parentbdce7667a6e272e2fa32e298d957a0d9090c5bc9 (diff)
Sonar Fixes, Formatting
Issue-ID: AAF-1019 Change-Id: Ica49d9e7323aad9622ff9d95cc21b87430c22c54 Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'cadi/core/src/main')
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/AES.java18
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java102
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Access.java32
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/BasicCred.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java40
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CachedPrincipal.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CachingLur.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CadiException.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java44
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java44
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java36
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Connector.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CredVal.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CredValDomain.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/GetCred.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java40
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Locator.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/LocatorException.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java40
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Permission.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java70
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Revalidator.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/SecuritySetter.java14
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java172
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Taf.java26
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Transmutate.java14
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/TrustChecker.java8
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/User.java26
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/UserChain.java18
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java108
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java16
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java8
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/MultiGet.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java36
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java40
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoInit.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java20
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZ.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java10
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/AccessGetter.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java18
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java58
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java38
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java10
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapBathConverter.java36
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java10
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/PermConverter.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/RolesAllowed.java18
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/ServletImpl.java16
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/SideChain.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java28
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalPermission.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java22
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/BearerPrincipal.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java8
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java8
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java14
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/UnAuthPrincipal.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java10
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java44
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java24
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpTaf.java18
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/LoginPageTafResp.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTaf.java14
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java18
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java14
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/Redirectable.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/TafResp.java36
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java46
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTafResp.java8
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/CertIdentity.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509HttpTafResp.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java48
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java58
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTafResp.java8
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/CSV.java46
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/Chmod.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java10
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/MaskFormatException.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/MyConsole.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java16
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java74
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java8
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/Timing.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java10
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java14
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Action.java8
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java22
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java18
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XEvent.java22
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java82
105 files changed, 1119 insertions, 1119 deletions
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java
index 4ec51682..d32df881 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -47,14 +47,14 @@ import org.onap.aaf.cadi.util.Chmod;
* AES Class wraps Cipher AES, 128
* NOTE: While not explicitly stated in JavaDocs, Ciphers AND SecretKeySpecs are NOT ThreadSafe
* Ciphers take time to create, therefore, we have pooled them.
- *
+ *
* @author Jonathan
*
*/
public class AES implements Encryption {
public static final String AES = AES.class.getSimpleName();
public static final int AES_KEY_SIZE = 128; // 256 isn't supported on all JDKs.
-
+
private SecretKeySpec aeskeySpec;
public static SecretKey newKey() throws NoSuchAlgorithmException {
@@ -66,7 +66,7 @@ public class AES implements Encryption {
public AES(byte[] aeskey, int offset, int len){
aeskeySpec = new SecretKeySpec(aeskey,offset,len,AES);
}
-
+
public byte[] encrypt(byte[] in) throws CadiException {
try {
Cipher c = Cipher.getInstance(AES);
@@ -76,17 +76,17 @@ public class AES implements Encryption {
throw new CadiException(e);
}
}
-
+
public byte[] decrypt(byte[] in) throws CadiException {
try {
Cipher c = Cipher.getInstance(AES);
- c.init(Cipher.DECRYPT_MODE,aeskeySpec);
+ c.init(Cipher.DECRYPT_MODE,aeskeySpec);
return c.doFinal(in);
} catch (InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException | NoSuchPaddingException e) {
throw new CadiException(e);
}
}
-
+
public void save(File keyfile) throws IOException {
FileOutputStream fis = new FileOutputStream(keyfile);
try {
@@ -112,7 +112,7 @@ public class AES implements Encryption {
return null; // should never get here.
}
}
-
+
public CipherInputStream inputStream(InputStream is, boolean encrypt) {
try {
Cipher c = Cipher.getInstance(AES);
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
index e6d24dab..561995de 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -39,11 +39,11 @@ import org.onap.aaf.cadi.principal.CachedBasicPrincipal;
/**
* Implement Fast lookup and Cache for Local User Info
- *
+ *
* Include ability to add and remove Users
- *
+ *
* Also includes a Timer Thread (when necessary) to invoke cleanup on expiring Credentials
- *
+ *
* @author Jonathan
*
*/
@@ -57,10 +57,10 @@ public abstract class AbsUserCache<PERM extends Permission> {
private final Map<String, User<PERM>> userMap;
private static final Map<String, Miss> missMap = new TreeMap<>();
private final Symm missEncrypt;
-
+
private Clean clean;
protected Access access;
-
+
protected AbsUserCache(Access access, long cleanInterval, int highCount, int usageCount) {
this.access = access;
Symm s;
@@ -72,29 +72,29 @@ public abstract class AbsUserCache<PERM extends Permission> {
s = Symm.base64noSplit;
}
missEncrypt = s;
-
+
userMap = new ConcurrentHashMap<>();
-
+
if (cleanInterval>0) {
cleanInterval = Math.max(MIN_INTERVAL, cleanInterval);
synchronized(AbsUserCache.class) { // Lazy instantiate.. in case there is no cleanup needed
if (timer==null) {
timer = new Timer("CADI Cleanup Timer",true);
}
-
+
timer.schedule(clean = new Clean(access, cleanInterval, highCount, usageCount), cleanInterval, cleanInterval);
access.log(Access.Level.INIT, "Cleaning Thread initialized with interval of",cleanInterval, "ms and max objects of", highCount);
}
}
}
-
+
@SuppressWarnings("unchecked")
public AbsUserCache(AbsUserCache<PERM> cache) {
this.access = cache.access;
userMap = cache.userMap;
missEncrypt = cache.missEncrypt;
-
+
synchronized(AbsUserCache.class) {
if (cache.clean!=null && cache.clean.lur==null && this instanceof CachingLur) {
cache.clean.lur=(CachingLur<PERM>)this;
@@ -104,9 +104,9 @@ public abstract class AbsUserCache<PERM extends Permission> {
protected void setLur(CachingLur<PERM> lur) {
if (clean!=null)clean.lur = lur;
-
+
}
-
+
protected void addUser(User<PERM> user) {
Principal p = user.principal;
String key;
@@ -132,16 +132,16 @@ public abstract class AbsUserCache<PERM extends Permission> {
protected void addUser(String key, User<PERM> user) {
userMap.put(key, user);
}
-
+
/**
* Add miss to missMap. If Miss exists, or too many tries, returns false.
- *
+ *
* otherwise, returns true to allow another attempt.
- *
+ *
* @param key
* @param bs
* @return
- * @throws IOException
+ * @throws IOException
*/
protected synchronized boolean addMiss(String key, byte[] bs) {
String mkey;
@@ -156,7 +156,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
missMap.put(mkey, new Miss(bs,clean==null?MIN_INTERVAL:clean.timeInterval,key));
return true;
}
- return miss.mayContinue();
+ return miss.mayContinue();
}
protected Miss missed(String key, byte[] bs) throws IOException {
@@ -182,11 +182,11 @@ public abstract class AbsUserCache<PERM extends Permission> {
}
return u;
}
-
+
protected User<PERM> getUser(CachedBasicPrincipal cbp) {
return getUser(cbp.getName(), cbp.getCred());
}
-
+
protected User<PERM> getUser(String user, byte[] cred) {
User<PERM> u;
String key=null;
@@ -207,7 +207,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
}
return u;
}
-
+
/**
* Removes User from the Cache
* @param user
@@ -215,10 +215,10 @@ public abstract class AbsUserCache<PERM extends Permission> {
protected void remove(User<PERM> user) {
userMap.remove(user.principal.getName());
}
-
+
/**
* Removes user from the Cache
- *
+ *
* @param user
*/
public void remove(String user) {
@@ -227,14 +227,14 @@ public abstract class AbsUserCache<PERM extends Permission> {
access.log(Level.INFO, user,"removed from Client Cache by Request");
}
}
-
+
/**
* Clear all Users from the Client Cache
*/
public void clearAll() {
userMap.clear();
}
-
+
public final List<DumpInfo> dumpInfo() {
List<DumpInfo> rv = new ArrayList<>();
for (User<PERM> user : userMap.values()) {
@@ -249,10 +249,10 @@ public abstract class AbsUserCache<PERM extends Permission> {
public boolean handlesExclusively(Permission ... pond) {
return false;
}
-
+
/**
- * Container calls when cleaning up...
- *
+ * Container calls when cleaning up...
+ *
* If overloading in Derived class, be sure to call "super.destroy()"
*/
public void destroy() {
@@ -261,8 +261,8 @@ public abstract class AbsUserCache<PERM extends Permission> {
timer.cancel();
}
}
-
-
+
+
// Simple map of Group name to a set of User Names
// private Map<String, Set<String>> groupMap = new HashMap<>();
@@ -273,34 +273,34 @@ public abstract class AbsUserCache<PERM extends Permission> {
public final class DumpInfo {
public String user;
public List<String> perms;
-
+
public DumpInfo(User<PERM> user) {
this.user = user.principal.getName();
perms = new ArrayList<>(user.perms.keySet());
}
}
-
+
/**
* Clean will examine resources, and remove those that have expired.
- *
+ *
* If "highs" have been exceeded, then we'll expire 10% more the next time. This will adjust after each run
* without checking contents more than once, making a good average "high" in the minimum speed.
- *
+ *
* @author Jonathan
*
*/
private final class Clean extends TimerTask {
private final Access access;
private CachingLur<PERM> lur;
-
- // The idea here is to not be too restrictive on a high, but to Expire more items by
+
+ // The idea here is to not be too restrictive on a high, but to Expire more items by
// shortening the time to expire. This is done by judiciously incrementing "advance"
// when the "highs" are exceeded. This effectively reduces numbers of cached items quickly.
private final int high;
private long advance;
private final long timeInterval;
private final int usageTriggerCount;
-
+
public Clean(Access access, long cleanInterval, int highCount, int usageTriggerCount) {
this.access = access;
lur = null;
@@ -342,7 +342,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
}
}
}
-
+
if (!removed && lur!=null && user.permExpires<= now ) {
if (lur.reload(user).equals(Resp.REVALIDATED)) {
user.renewPerm();
@@ -354,7 +354,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
if (touched) {
++renewed;
}
-
+
} else {
if (user.permExpired()) {
remove(user);
@@ -362,7 +362,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
}
}
}
-
+
// Clean out Misses
int missTotal = missMap.keySet().size();
int miss = 0;
@@ -385,12 +385,12 @@ public abstract class AbsUserCache<PERM extends Permission> {
}
}
}
-
+
if (count+renewed+miss>0) {
access.log(Level.INFO, (lur==null?"Cache":lur.getClass().getSimpleName()), "removed",count,
"and renewed",renewed,"expired Permissions out of", total,"and removed", miss, "password misses out of",missTotal);
}
-
+
// If High (total) is reached during this period, increase the number of expired services removed for next time.
// There's no point doing it again here, as there should have been cleaned items.
if (total>high) {
@@ -421,17 +421,17 @@ public abstract class AbsUserCache<PERM extends Permission> {
private long tries;
private final String name;
-
+
public Miss(final byte[] first, final long timeInterval, final String name) {
timestamp = System.currentTimeMillis() + timeInterval;
this.timetolive = timeInterval;
tries = 0L;
this.name = name;
}
-
-
+
+
public synchronized boolean mayContinue() {
- long ts = System.currentTimeMillis();
+ long ts = System.currentTimeMillis();
if (ts>timestamp) {
tries = 0;
timestamp = ts + timetolive;
@@ -440,20 +440,20 @@ public abstract class AbsUserCache<PERM extends Permission> {
}
return true;
}
-
+
}
-
+
/**
* Report on state
*/
public String toString() {
- return getClass().getSimpleName() +
+ return getClass().getSimpleName() +
" Cache:\n Users Cached: " +
userMap.size() +
"\n Misses Saved: " +
missMap.size() +
'\n';
-
+
}
public void clear(Principal p, StringBuilder sb) {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java
index a673ab4f..4009521c 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -29,8 +29,8 @@ import java.util.Properties;
* Various Environments require different logging mechanisms, or at least allow
* for different ones. We need the Framework to be able to hook into any particular instance of logging
* mechanism, whether it be a Logging Object within a Servlet Context, or a direct library like log4j.
- * This interface, therefore, allows maximum pluggability in a variety of different app styles.
- *
+ * This interface, therefore, allows maximum pluggability in a variety of different app styles.
+ *
* @author Jonathan
*
*/
@@ -39,15 +39,15 @@ public interface Access {
public enum Level {
DEBUG(0x1), INFO(0x10), AUDIT(0x100), WARN(0x2000), ERROR(0x4000), INIT(0x8000),TRACE(0x10000),NONE(0XFFFF);
private final int bit;
-
+
Level(int ord) {
bit = ord;
}
-
+
public boolean inMask(int mask) {
return (mask & bit) == bit;
}
-
+
public int addToMask(int mask) {
return mask | bit;
}
@@ -89,8 +89,8 @@ public interface Access {
* @param elements
*/
public void printf(Level level, String fmt, Object ... elements);
-
- /**
+
+ /**
* Check if message will log before constructing
* @param level
* @return
@@ -98,24 +98,24 @@ public interface Access {
public boolean willLog(Level level);
/**
- * Write the contents of an exception, followed by a variable list of Object's text via the
+ * Write the contents of an exception, followed by a variable list of Object's text via the
* toString() method with appropriate space, etc.
- *
+ *
* The Loglevel is always "ERROR"
- *
+ *
* @param elements
*/
public void log(Exception e, Object ... elements);
-
+
/**
* Set the Level to compare logging too
*/
public void setLogLevel(Level level);
-
+
/**
* It is important in some cases to create a class from within the same Classloader that created
* Security Objects. Specifically, it's pretty typical for Web Containers to separate classloaders
- * so as to allow Apps with different dependencies.
+ * so as to allow Apps with different dependencies.
* @return
*/
public ClassLoader classLoader();
@@ -127,7 +127,7 @@ public interface Access {
public void load(InputStream is) throws IOException;
/**
- * if "anytext" is true, then decryption will always be attempted. Otherwise, only if starts with
+ * if "anytext" is true, then decryption will always be attempted. Otherwise, only if starts with
* Symm.ENC
* @param encrypted
* @param anytext
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/BasicCred.java b/cadi/core/src/main/java/org/onap/aaf/cadi/BasicCred.java
index ebb41aba..bdbef713 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/BasicCred.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/BasicCred.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -25,7 +25,7 @@ package org.onap.aaf.cadi;
* An Interface for testing on Requests to see if we can get a User and Password
* It works for CadiWrap, but also, Container Specific Wraps (aka Tomcat) should also
* implement.
- *
+ *
* @author Jonathan
*
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java b/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java
index 8202183d..b6aabf32 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -28,21 +28,21 @@ import javax.servlet.ServletInputStream;
/**
* BufferedServletInputStream
- *
+ *
* There are cases in brain-dead middleware (SOAP) where they store routing information in the content.
- *
+ *
* In HTTP, this requires reading the content from the InputStream which, of course, cannot be re-read.
- *
- * BufferedInputStream exists to implement the "Mark" protocols for Streaming, which will enable being
+ *
+ * BufferedInputStream exists to implement the "Mark" protocols for Streaming, which will enable being
* re-read. Unfortunately, J2EE chose to require a "ServletInputStream" as an abstract class, rather than
- * an interface, which requires we create a delegating pattern, rather than the preferred inheriting pattern.
- *
+ * an interface, which requires we create a delegating pattern, rather than the preferred inheriting pattern.
+ *
* Unfortunately, the standard "BufferedInputStream" cannot be used, because it simply creates a byte array
- * in the "mark(int)" method of that size. This is not appropriate for this application, because the Header
- * can be potentially huge, and if a buffer was allocated to accommodate all possibilities, the cost of memory
+ * in the "mark(int)" method of that size. This is not appropriate for this application, because the Header
+ * can be potentially huge, and if a buffer was allocated to accommodate all possibilities, the cost of memory
* allocation would be too large for high performance transactions.
*
- *
+ *
* @author Jonathan
*
*/
@@ -50,7 +50,7 @@ public class BufferedServletInputStream extends ServletInputStream {
private static final int NONE = 0;
private static final int STORE = 1;
private static final int READ = 2;
-
+
private InputStream is;
private int state = NONE;
private Capacitor capacitor;
@@ -81,7 +81,7 @@ public class BufferedServletInputStream extends ServletInputStream {
value = is.read();
}
}
- }
+ }
return value;
}
@@ -113,7 +113,7 @@ public class BufferedServletInputStream extends ServletInputStream {
if (temp>0) { // watch for -1
count+=temp;
} else if (count<=0) {
- count = temp; // must account for Stream coming back -1
+ count = temp; // must account for Stream coming back -1
}
}
break;
@@ -134,9 +134,9 @@ public class BufferedServletInputStream extends ServletInputStream {
public int available() throws IOException {
int count = is.available();
if (capacitor!=null)count+=capacitor.available();
- return count;
+ return count;
}
-
+
/**
* Return just amount buffered (for debugging purposes, mostly)
* @return
@@ -156,7 +156,7 @@ public class BufferedServletInputStream extends ServletInputStream {
/**
- * Note: Readlimit is ignored in this implementation, because the need was for unknown buffer size which wouldn't
+ * Note: Readlimit is ignored in this implementation, because the need was for unknown buffer size which wouldn't
* require allocating and dumping huge chunks of memory every use, or risk overflow.
*/
public synchronized void mark(int readlimit) {
@@ -174,10 +174,10 @@ public class BufferedServletInputStream extends ServletInputStream {
/**
* Reset Stream
- *
+ *
* Calling this twice is not supported in typical Stream situations, but it is allowed in this service. The caveat is that it can only reset
* the data read in since Mark has been called. The data integrity is only valid if you have not continued to read past what is stored.
- *
+ *
*/
public synchronized void reset() throws IOException {
switch(state) {
@@ -188,7 +188,7 @@ public class BufferedServletInputStream extends ServletInputStream {
case READ:
capacitor.reset();
break;
- case NONE:
+ case NONE:
throw new IOException("InputStream has not been marked");
}
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CachedPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CachedPrincipal.java
index 6f3fe126..68fa1f63 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CachedPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CachedPrincipal.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -25,20 +25,20 @@ import java.security.Principal;
/**
* Cached Principals need to be able to revalidate in the background.
- *
+ *
* @author Jonathan
*
*/
public interface CachedPrincipal extends Principal {
public enum Resp {NOT_MINE,UNVALIDATED,REVALIDATED,INACCESSIBLE,DENIED};
-
+
/**
* Re-validate with Creator
- *
+ *
* @return
*/
public abstract Resp revalidate(Object state);
-
+
/**
* Store when last updated.
* @return
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CachingLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CachingLur.java
index c790f39e..6f4d8d8a 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CachingLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CachingLur.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CadiException.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CadiException.java
index 96a55f93..89d42b25 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CadiException.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CadiException.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -27,7 +27,7 @@ package org.onap.aaf.cadi;
*/
public class CadiException extends Exception {
/**
- * Generated ID
+ * Generated ID
*/
private static final long serialVersionUID = -4180145363107742619L;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java
index 34d11623..102782a4 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -41,23 +41,23 @@ import org.onap.aaf.cadi.util.Timing;
/**
* Inherit the HttpServletRequestWrapper, which calls methods of delegate it's created with, but
* overload the key security mechanisms with CADI mechanisms
- *
+ *
* This works with mechanisms working strictly with HttpServletRequest (i.e. Servlet Filters)
- *
+ *
* Specialty cases, i.e. Tomcat, which for their containers utilize their own mechanisms and Wrappers, you may
* need something similar. See AppServer specific code (i.e. tomcat) for these.
- *
+ *
* @author Jonathan
*
*/
public class CadiWrap extends HttpServletRequestWrapper implements HttpServletRequest, BasicCred {
private TaggedPrincipal principal;
private Lur lur;
- private String user; // used to set user/pass from brain-dead protocols like WSSE
+ private String user; // used to set user/pass from brain-dead protocols like WSSE
private byte[] password;
private PermConverter pconv;
- private Access access;
-
+ private Access access;
+
/**
* Standard Wrapper constructor for Delegate pattern
* @param request
@@ -93,35 +93,35 @@ public class CadiWrap extends HttpServletRequestWrapper implements HttpServletRe
}
/**
- * Part of the HTTP Security API. Return the User Principal associated with this HTTP
+ * Part of the HTTP Security API. Return the User Principal associated with this HTTP
* Transaction.
*/
@Override
public Principal getUserPrincipal() {
return principal;
}
-
+
/**
* This is the key API call for AUTHZ in J2EE. Given a Role (String passed in), is the user
* associated with this HTTP Transaction allowed to function in this Role?
- *
+ *
* For CADI, we pass the responsibility for determining this to the "LUR", which may be
* determined by the Enterprise.
- *
+ *
* Note: Role check is also done in "CadiRealm" in certain cases...
- *
+ *
*
*/
@Override
public boolean isUserInRole(String perm) {
return perm==null?false:checkPerm(access,"isUserInRole",principal,pconv,lur,perm);
}
-
+
public static boolean checkPerm(Access access, String caller, Principal principal, PermConverter pconv, Lur lur, String perm) {
if (principal== null) {
access.log(Level.AUDIT,caller, "No Principal in Transaction");
return false;
- } else {
+ } else {
final long start = System.nanoTime();
perm = pconv.convert(perm);
if (lur.fish(principal,lur.createPerm(perm))) {
@@ -135,10 +135,10 @@ public class CadiWrap extends HttpServletRequestWrapper implements HttpServletRe
}
- /**
+ /**
* CADI Function (Non J2EE standard). GetPermissions will read the Permissions from AAF (if configured) and Roles from Local Lur, etc
* as implemented with lur.fishAll
- *
+ *
* To utilize, the Request must be a "CadiWrap" object, then call.
*/
public List<Permission> getPermissions(Principal p) {
@@ -148,7 +148,7 @@ public class CadiWrap extends HttpServletRequestWrapper implements HttpServletRe
}
/**
* Allow setting of tafResp and lur after construction
- *
+ *
* This can happen if the CadiWrap is constructed in a Valve other than CadiValve
*/
public void set(TafResp tafResp, Lur lur) {
@@ -175,12 +175,12 @@ public class CadiWrap extends HttpServletRequestWrapper implements HttpServletRe
public void setCred(byte[] passwd) {
password = passwd;
}
-
+
public CadiWrap setPermConverter(PermConverter pc) {
pconv = pc;
return this;
}
-
+
// Add a feature
public void invalidate(String id) {
if (lur instanceof EpiLur) {
@@ -189,11 +189,11 @@ public class CadiWrap extends HttpServletRequestWrapper implements HttpServletRe
((CachingLur<?>)lur).remove(id);
}
}
-
+
public Lur getLur() {
return lur;
}
-
+
public Access access() {
return access;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java
index f3a2a7fa..57ee115d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -26,10 +26,10 @@ import java.util.ArrayList;
/**
* Capacitor
- *
+ *
* Storage mechanism for read data, specifically designed for InputStreams.
- *
- * The Standard BufferedInputStream requires a limit to be set for buffered reading, which is
+ *
+ * The Standard BufferedInputStream requires a limit to be set for buffered reading, which is
* impractical for reading SOAP headers, which can be quite large.
* @author Jonathan
*
@@ -39,22 +39,22 @@ public class Capacitor {
private ArrayList<ByteBuffer> bbs = new ArrayList<>();
private ByteBuffer curr = null;
private int idx;
-
+
// Maintain a private RingBuffer for Memory, for efficiency
private static ByteBuffer[] ring = new ByteBuffer[16];
private static int start, end;
-
-
+
+
public void put(byte b) {
if (curr == null || curr.remaining()==0) { // ensure we have a "curr" buffer ready for data
curr = ringGet();
bbs.add(curr);
}
- curr.put(b);
+ curr.put(b);
}
public int read() {
- if (curr!=null) {
+ if (curr!=null) {
if (curr.remaining()>0) { // have a buffer, use it!
return curr.get();
} else if (idx<bbs.size()){ // Buffer not enough, get next one from array
@@ -64,10 +64,10 @@ public class Capacitor {
} // if no curr buffer, treat as end of stream
return -1;
}
-
+
/**
* read into an array like Streams
- *
+ *
* @param array
* @param offset
* @param length
@@ -99,7 +99,7 @@ public class Capacitor {
/**
* Put an array of data into Capacitor
- *
+ *
* @param array
* @param offset
* @param length
@@ -109,7 +109,7 @@ public class Capacitor {
curr = ringGet();
bbs.add(curr);
}
-
+
int len;
while (length>0) {
if ((len=curr.remaining())>length) {
@@ -125,7 +125,7 @@ public class Capacitor {
}
}
}
-
+
/**
* Move state from Storage mode into Read mode, changing all internal buffers to read mode, etc
*/
@@ -141,7 +141,7 @@ public class Capacitor {
idx=1;
}
}
-
+
/**
* reuse all the buffers
*/
@@ -152,10 +152,10 @@ public class Capacitor {
bbs.clear();
curr = null;
}
-
+
/**
* Declare amount of data available to be read at once.
- *
+ *
* @return
*/
public int available() {
@@ -165,7 +165,7 @@ public class Capacitor {
}
return count;
}
-
+
/**
* Returns how many are left that were not skipped
* @param n
@@ -184,7 +184,7 @@ public class Capacitor {
n=0;
} else {
curr.position(curr.limit());
-
+
skipped-=skip;
if (idx<bbs.size()) {
curr=bbs.get(idx++);
@@ -214,7 +214,7 @@ public class Capacitor {
}
/*
- * Ring Functions. Reuse allocated memory
+ * Ring Functions. Reuse allocated memory
*/
private ByteBuffer ringGet() {
ByteBuffer bb = null;
@@ -230,7 +230,7 @@ public class Capacitor {
}
return bb;
}
-
+
private void ringPut(ByteBuffer bb) {
synchronized(ring) {
ring[end]=bb; // if null or not, BB will just be Garbage collected
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java
index b697f373..53c35fc5 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -37,7 +37,7 @@ import org.onap.aaf.cadi.util.JsonOutputStream;
/**
* A Class to run on command line to determine suitability of environment for certain TAFs.
- * *
+ * *
* @author Jonathan
*
*/
@@ -90,7 +90,7 @@ public class CmdLine {
System.out.println(args[1]);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
b64.enpass(args[1], baos);
- String pass;
+ String pass;
System.out.println(pass=new String(baos.toByteArray()));
ByteArrayOutputStream reconstituted = new ByteArrayOutputStream();
b64.depass(pass, reconstituted);
@@ -104,13 +104,13 @@ public class CmdLine {
}
System.out.flush();
*/
-
+
} catch (IOException e) {
System.err.println("Cannot digest password");
System.err.println(" \""+ e.getMessage() + '"');
}
// DO NOT LEAVE THIS METHOD Compiled IN CODE... Do not want looking at passwords on disk too easy
-// Jonathan. Oh, well, Deployment services need this behavior. I will put this code in, but leave it undocumented.
+// Jonathan. Oh, well, Deployment services need this behavior. I will put this code in, but leave it undocumented.
// One still needs access to the keyfile to read.
// July 2016 - thought of a tool "CMPass" to regurgitate from properties, but only if allowed.
} else if (("regurgitate".equalsIgnoreCase(args[0]) || "undigest".equalsIgnoreCase(args[0]))
@@ -151,7 +151,7 @@ public class CmdLine {
}
} else {
int idx;
- if ((idx = line.indexOf(' '))>=0
+ if ((idx = line.indexOf(' '))>=0
&& (idx = line.indexOf(' ',++idx))>0
&& (idx = line.indexOf('=',++idx))>0
) {
@@ -249,7 +249,7 @@ public class CmdLine {
int salt = Integer.parseInt(args[i]);
System.out.println(Hash.hashSHA256asStringHex(args[1],salt));
}
- } else {
+ } else {
System.out.println(Hash.hashSHA256asStringHex(args[1]));
}
} catch (NoSuchAlgorithmException e) {
@@ -280,13 +280,13 @@ public class CmdLine {
System.err.println("Cannot create a key " + args[0]);
System.err.println(" \""+ e.getMessage() + '"');
}
-
+
} else if ("passgen".equalsIgnoreCase(args[0])) {
int numDigits;
if (args.length <= 1) {
numDigits = 24;
} else {
- numDigits = Integer.parseInt(args[1]);
+ numDigits = Integer.parseInt(args[1]);
if (numDigits<8)numDigits = 8;
}
String pass;
@@ -305,17 +305,17 @@ public class CmdLine {
}
if (noLower) {
noLower=!(c>=0x61 && c<=0x7A);
- }
+ }
if (noUpper) {
noUpper=!(c>=0x41 && c<=0x5A);
- }
+ }
if (noDigits) {
noDigits=!(c>=0x30 && c<=0x39);
- }
+ }
if (noSpecial) {
noSpecial = "+!@#$%^&*(){}[]?:;,.".indexOf(c)<0;
- }
-
+ }
+
missingChars = (noLower || noUpper || noDigits || noSpecial);
}
} while (missingChars || repeatingChars);
@@ -325,7 +325,7 @@ public class CmdLine {
if (args.length <= 1) {
numDigits = 24;
} else {
- numDigits = Integer.parseInt(args[1]);
+ numDigits = Integer.parseInt(args[1]);
}
System.out.println(Symm.randomGen(Symm.base64url.codeset, numDigits).substring(0,numDigits));
}
@@ -349,9 +349,9 @@ public class CmdLine {
System.exit(1);
}
}
-
+
public static void setSystemExit(boolean shouldExit) {
systemExit = shouldExit;
}
-
+
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Connector.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Connector.java
index f88c3fbe..88ac57e6 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Connector.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Connector.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CredVal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CredVal.java
index 6019f551..dcb30088 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CredVal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CredVal.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -24,16 +24,16 @@ package org.onap.aaf.cadi;
/**
* UserPass
- *
- * The essential interface required by BasicAuth to determine if a given User/Password combination is
+ *
+ * The essential interface required by BasicAuth to determine if a given User/Password combination is
* valid. This is done as an interface.
- *
+ *
* @author Jonathan
*/
public interface CredVal {
public enum Type{PASSWORD};
/**
- * Validate if the User/Password combination matches records
+ * Validate if the User/Password combination matches records
* @param user
* @param pass
* @return
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CredValDomain.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CredValDomain.java
index db5ab0f2..4a8015a3 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CredValDomain.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CredValDomain.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/GetCred.java b/cadi/core/src/main/java/org/onap/aaf/cadi/GetCred.java
index 039ba8f7..4c5ca543 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/GetCred.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/GetCred.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java
index 3027fd74..26c33c84 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -27,7 +27,7 @@ import java.security.NoSuchAlgorithmException;
public class Hash {
private static char hexDigit[] = "0123456789abcdef".toCharArray();
-
+
/////////////////////////////////
// MD5
/////////////////////////////////
@@ -38,9 +38,9 @@ public class Hash {
* @throws NoSuchAlgorithmException
*/
public static byte[] hashMD5 (byte[] input) throws NoSuchAlgorithmException {
- // Note: Protect against Multi-thread issues with new MessageDigest
+ // Note: Protect against Multi-thread issues with new MessageDigest
MessageDigest md = MessageDigest.getInstance("MD5");
- md.update(input);
+ md.update(input);
return md.digest();
}
@@ -51,17 +51,17 @@ public class Hash {
* @throws NoSuchAlgorithmException
*/
public static byte[] hashMD5 (byte[] input, int offset, int length) throws NoSuchAlgorithmException {
- // Note: Protect against Multi-thread issues with new MessageDigest
+ // Note: Protect against Multi-thread issues with new MessageDigest
MessageDigest md = MessageDigest.getInstance("MD5");
- md.update(input,offset,length);
+ md.update(input,offset,length);
return md.digest();
}
/**
- * Convenience Function: Encrypt MD5 from String to String Hex representation
- *
+ * Convenience Function: Encrypt MD5 from String to String Hex representation
+ *
* @param input
* @return
* @throws NoSuchAlgorithmException
@@ -83,9 +83,9 @@ public class Hash {
* SHA256 Hashing
*/
public static byte[] hashSHA256(byte[] input) throws NoSuchAlgorithmException {
- // Note: Protect against Multi-thread issues with new MessageDigest
+ // Note: Protect against Multi-thread issues with new MessageDigest
MessageDigest md = MessageDigest.getInstance("SHA-256");
- md.update(input);
+ md.update(input);
return md.digest();
}
@@ -93,15 +93,15 @@ public class Hash {
* SHA256 Hashing
*/
public static byte[] hashSHA256(byte[] input, int offset, int length) throws NoSuchAlgorithmException {
- // Note: Protect against Multi-thread issues with new MessageDigest
+ // Note: Protect against Multi-thread issues with new MessageDigest
MessageDigest md = MessageDigest.getInstance("SHA-256");
- md.update(input,offset,length);
+ md.update(input,offset,length);
return md.digest();
}
-
+
/**
* Convenience Function: Hash from String to String Hex representation
- *
+ *
* @param input
* @return
* @throws NoSuchAlgorithmException
@@ -112,7 +112,7 @@ public class Hash {
/**
* Convenience Function: Hash from String to String Hex representation
- *
+ *
* @param input
* @return
* @throws NoSuchAlgorithmException
@@ -124,7 +124,7 @@ public class Hash {
bb.put(input.getBytes());
return toHex(Hash.hashSHA256(bb.array()));
}
-
+
/**
* Compare two byte arrays for equivalency
* @param ba1
@@ -166,7 +166,7 @@ public class Hash {
}
return sb.toString();
}
-
+
public static String toHex(byte[] ba, int start, int length) {
StringBuilder sb = new StringBuilder("0x");
for (int i=start;i<length;++i) {
@@ -176,7 +176,7 @@ public class Hash {
return sb.toString();
}
-
+
public static byte[] fromHex(String s) throws CadiException{
if (!s.startsWith("0x")) {
throw new CadiException("HexString must start with \"0x\"");
@@ -212,7 +212,7 @@ public class Hash {
/**
* Does not expect to start with "0x"
* if Any Character doesn't match, it returns null;
- *
+ *
* @param s
* @return
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Locator.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Locator.java
index c40cb998..46e6f7e5 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Locator.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Locator.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -30,7 +30,7 @@ public interface Locator<T> {
public Item next(Item item) throws LocatorException;
public boolean refresh();
public void destroy();
-
+
public interface Item {}
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/LocatorException.java b/cadi/core/src/main/java/org/onap/aaf/cadi/LocatorException.java
index da56d4b2..8eb0e27a 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/LocatorException.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/LocatorException.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -23,7 +23,7 @@ package org.onap.aaf.cadi;
public class LocatorException extends Exception {
/**
- *
+ *
*/
private static final long serialVersionUID = -4267929804321134469L;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
index bdc9f643..cce91e06 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -30,37 +30,37 @@ import java.util.List;
* LUR: Local User Registry
*
* Concept by Robert Garskof, Implementation by Jonathan Gathman
- *
+ *
* Where we can keep local copies of users and roles for faster Authorization when asked.
- *
- * Note: Author cannot resist the mental image of using a Fishing Lure to this LUR pattern
- *
+ *
+ * Note: Author cannot resist the mental image of using a Fishing Lure to this LUR pattern
+ *
* @author Jonathan
*
*/
public interface Lur {
/**
- * Allow the Lur, which has correct Permission access, to create and hand back.
+ * Allow the Lur, which has correct Permission access, to create and hand back.
*/
public Permission createPerm(String p);
-
- /**
+
+ /**
* Fish for Principals in a Pond
- *
+ *
* or more boringly, is the User identified within a named collection representing permission.
- *
+ *
* @param principalName
* @return
*/
public boolean fish(Principal bait, Permission ... pond);
- /**
+ /**
* Fish all the Principals out a Pond
- *
+ *
* For additional humor, pronounce the following with a Southern Drawl, "FishOil"
- *
+ *
* or more boringly, load the List with Permissions found for Principal
- *
+ *
* @param principalName
* @return
*/
@@ -72,19 +72,19 @@ public interface Lur {
public void destroy();
/**
- * Does this LUR handle this pond exclusively? Important for EpiLUR to determine whether
- * to try another (more expensive) LUR
+ * Does this LUR handle this pond exclusively? Important for EpiLUR to determine whether
+ * to try another (more expensive) LUR
* @param pond
* @return
*/
- public boolean handlesExclusively(Permission ... pond);
-
+ public boolean handlesExclusively(Permission ... pond);
+
/**
* Does the LUR support a particular kind of Principal
* This can be used to check name's domain, like above, or Principal type
*/
public boolean handles(Principal principal);
-
+
/**
* Clear: Clear any Caching, if exists
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Permission.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Permission.java
index 2537c386..f45e5e07 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Permission.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Permission.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java b/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java
index 92756d8c..c4719f86 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java
@@ -3,15 +3,15 @@
* org.onap.aaf
* ===========================================================================
* Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
- *
+ *
* Modifications Copyright (C) 2018 IBM.
* ===========================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -59,7 +59,7 @@ public class PropAccess implements Access {
logIt = new StreamLogIt(System.out);
init(null);
}
-
+
/**
* This Constructor soly exists to instantiate Servlet Context Based Logging that will call "init" later.
* @param sc
@@ -68,29 +68,29 @@ public class PropAccess implements Access {
logIt = new StreamLogIt(System.out);
props = new Properties();
}
-
+
public PropAccess(String ... args) {
this(System.out,args);
}
-
+
public PropAccess(PrintStream ps, String[] args) {
logIt = new StreamLogIt(ps==null?System.out:ps);
init(logIt,args);
}
-
+
public PropAccess(LogIt logit, String[] args) {
init(logit, args);
}
-
+
public PropAccess(Properties p) {
this(System.out,p);
}
-
+
public PropAccess(PrintStream ps, Properties p) {
logIt = new StreamLogIt(ps==null?System.out:ps);
init(p);
}
-
+
protected void init(final LogIt logIt, final String[] args) {
this.logIt = logIt;
Properties nprops=new Properties();
@@ -102,7 +102,7 @@ public class PropAccess implements Access {
}
init(nprops);
}
-
+
public static SimpleDateFormat newISO8601() {
return new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ");
}
@@ -110,7 +110,7 @@ public class PropAccess implements Access {
protected synchronized void init(Properties p) {
// Make sure these two are set before any changes in Logging
name = "cadi";
-
+
props = new Properties();
// First, load related System Properties
for (Entry<Object,Object> es : System.getProperties().entrySet()) {
@@ -119,24 +119,24 @@ public class PropAccess implements Access {
if (key.startsWith(start)) {
props.put(key, es.getValue());
}
- }
+ }
}
// Second, overlay or fill in with Passed in Props
if (p!=null) {
props.putAll(p);
}
-
+
// Preset LogLevel
- String sLevel = props.getProperty(Config.CADI_LOGLEVEL);
+ String sLevel = props.getProperty(Config.CADI_LOGLEVEL);
// Third, load any Chained Property Files
load(props.getProperty(Config.CADI_PROP_FILES));
-
+
if(sLevel==null) { // if LogLev wasn't set before, check again after Chained Load
- sLevel = props.getProperty(Config.CADI_LOGLEVEL);
+ sLevel = props.getProperty(Config.CADI_LOGLEVEL);
if (sLevel==null) {
level=DEFAULT.maskOf();
} else {
- level=Level.valueOf(sLevel).maskOf();
+ level=Level.valueOf(sLevel).maskOf();
}
}
// Setup local Symmetrical key encryption
@@ -149,21 +149,21 @@ public class PropAccess implements Access {
System.exit(1);
}
}
-
+
name = props.getProperty(Config.CADI_LOGNAME, name);
-
+
SecurityInfo.setHTTPProtocols(this);
-
+
}
-
-
+
+
private void load(String cadi_prop_files) {
if (cadi_prop_files==null) {
return;
}
String prevKeyFile = props.getProperty(Config.CADI_KEYFILE);
-
+
for(String filename : Split.splitTrim(File.pathSeparatorChar, cadi_prop_files)) {
Properties fileProps = new Properties();
File file = new File(filename);
@@ -208,8 +208,8 @@ public class PropAccess implements Access {
printf(Level.WARN,"Warning: recursive CADI Property %s does not exist",file.getAbsolutePath());
}
}
-
- // Trim
+
+ // Trim
for (Entry<Object, Object> es : props.entrySet()) {
Object value = es.getValue();
if (value instanceof String) {
@@ -237,7 +237,7 @@ public class PropAccess implements Access {
prevKeyFile=newKeyFile;
}
-
+
String loglevel = props.getProperty(Config.CADI_LOGLEVEL);
if (loglevel!=null) {
try {
@@ -247,7 +247,7 @@ public class PropAccess implements Access {
}
}
}
-
+
@Override
public void load(InputStream is) throws IOException {
props.load(is);
@@ -264,7 +264,7 @@ public class PropAccess implements Access {
public StringBuilder buildMsg(Level level, Object[] elements) {
return buildMsg(name,iso8601,level,elements);
}
-
+
/*
* Need to pass in DateFormat per thread, because not marked as thread safe
*/
@@ -286,7 +286,7 @@ public class PropAccess implements Access {
sb.append("] ");
} else {
int idx = 0;
- if(elements[idx]!=null &&
+ if(elements[idx]!=null &&
elements[idx] instanceof Integer) {
sb.append('-');
sb.append(elements[idx]);
@@ -298,7 +298,7 @@ public class PropAccess implements Access {
}
return sb;
}
-
+
private static boolean write(boolean first, StringBuilder sb, Object[] elements) {
String s;
for (Object o : elements) {
@@ -374,7 +374,7 @@ public class PropAccess implements Access {
? symm.depass(encrypted)
: encrypted;
}
-
+
public String encrypt(String unencrypted) throws IOException {
return Symm.ENC+symm.enpass(unencrypted);
}
@@ -385,7 +385,7 @@ public class PropAccess implements Access {
public String getProperty(String tag) {
return props.getProperty(tag);
}
-
+
public Properties getProperties() {
return props;
@@ -410,10 +410,10 @@ public class PropAccess implements Access {
public interface LogIt {
public void push(Level level, Object ... elements) ;
}
-
+
private class StreamLogIt implements LogIt {
private PrintStream ps;
-
+
public StreamLogIt(PrintStream ps) {
this.ps = ps;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Revalidator.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Revalidator.java
index 66ba86ae..33a5bc91 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Revalidator.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Revalidator.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -25,7 +25,7 @@ package org.onap.aaf.cadi;
public interface Revalidator<TRANS> {
/**
* Re-Validate Credential
- *
+ *
* @param prin
* @return
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/SecuritySetter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/SecuritySetter.java
index 194712e0..7e263831 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/SecuritySetter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/SecuritySetter.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -24,17 +24,17 @@ package org.onap.aaf.cadi;
/**
* Apply any particular security mechanism
- *
- * This allows the definition of various mechanisms involved outside of DRcli jars
- *
+ *
+ * This allows the definition of various mechanisms involved outside of DRcli jars
+ *
* @author Jonathan
*
*/
public interface SecuritySetter<CT> {
public String getID();
-
+
public void setSecurity(CT client) throws CadiException;
-
+
/**
* Returns number of bad logins registered
* @param respCode
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java b/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java
index 998b87c9..be6e5329 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
index e7533610..b1ec4caf 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -43,37 +43,37 @@ import org.onap.aaf.cadi.config.Config;
/**
* Key Conversion, primarily "Base64"
- *
+ *
* Base64 is required for "Basic Authorization", which is an important part of the overall CADI Package.
- *
- * Note: This author found that there is not a "standard" library for Base64 conversion within Java.
- * The source code implementations available elsewhere were surprisingly inefficient, requiring, for
+ *
+ * Note: This author found that there is not a "standard" library for Base64 conversion within Java.
+ * The source code implementations available elsewhere were surprisingly inefficient, requiring, for
* instance, multiple string creation, on a transaction pass. Integrating other packages that might be
- * efficient enough would put undue Jar File Dependencies given this Framework should have none-but-Java
+ * efficient enough would put undue Jar File Dependencies given this Framework should have none-but-Java
* dependencies.
- *
+ *
* The essential algorithm is good for a symmetrical key system, as Base64 is really just
- * a symmetrical key that everyone knows the values.
- *
- * This code is quite fast, taking about .016 ms for encrypting, decrypting and even .08 for key
- * generation. The speed quality, especially of key generation makes this a candidate for a short term token
+ * a symmetrical key that everyone knows the values.
+ *
+ * This code is quite fast, taking about .016 ms for encrypting, decrypting and even .08 for key
+ * generation. The speed quality, especially of key generation makes this a candidate for a short term token
* used for identity.
- *
- * It may be used to easily avoid placing Clear-Text passwords in configurations, etc. and contains
- * supporting functions such as 2048 keyfile generation (see keygen). This keyfile should, of course,
- * be set to "400" (Unix) and protected as any other mechanism requires.
- *
+ *
+ * It may be used to easily avoid placing Clear-Text passwords in configurations, etc. and contains
+ * supporting functions such as 2048 keyfile generation (see keygen). This keyfile should, of course,
+ * be set to "400" (Unix) and protected as any other mechanism requires.
+ *
* AES Encryption is also employed to include standards.
- *
+ *
* @author Jonathan
*
*/
public class Symm {
- private static final byte[] DOUBLE_EQ = new byte[] {'=','='};
+ private static final byte[] DOUBLE_EQ = new byte[] {'=','='};
public static final String ENC = "enc:";
private static final Object LOCK = new Object();
private static final SecureRandom random = new SecureRandom();
-
+
public final char[] codeset;
private final int splitLinesAt;
private final String encoding;
@@ -83,7 +83,7 @@ public class Symm {
//Note: AES Encryption is not Thread Safe. It is Synchronized
//private AES aes = null; // only initialized from File, and only if needed for Passwords
private String name;
-
+
/**
* This is the standard base64 Key Set.
* RFC 2045
@@ -116,15 +116,15 @@ public class Symm {
* Note, this is too large to fit into the algorithm. Only use with PassGen
*/
private static char passChars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+!@#$%^&*(){}[]?:;,.".toCharArray();
-
+
private static Symm internalOnly = null;
-
+
/**
* Use this to create special case Case Sets and/or Line breaks
- *
+ *
* If you don't know why you need this, use the Singleton Method
- *
+ *
* @param codeset
* @param split
*/
@@ -136,8 +136,8 @@ public class Symm {
this.name = name;
char prev = 0, curr=0, first = 0;
int offset=Integer.SIZE; // something that's out of range for integer array
-
- // There can be time efficiencies gained when the underlying keyset consists mainly of ordered
+
+ // There can be time efficiencies gained when the underlying keyset consists mainly of ordered
// data (i.e. abcde...). Therefore, we'll quickly analyze the keyset. If it proves to have
// too much entropy, the "Unordered" algorithm, which is faster in such cases is used.
ArrayList<int[]> la = new ArrayList<>();
@@ -146,7 +146,7 @@ public class Symm {
if (prev+1==curr) { // is next character in set
prev = curr;
} else {
- if (offset!=Integer.SIZE) { // add previous range
+ if (offset!=Integer.SIZE) { // add previous range
la.add(new int[]{first,prev,offset});
}
first = prev = curr;
@@ -162,11 +162,11 @@ public class Symm {
convert = new Ordered(range);
}
}
-
+
public Symm copy(int lines) {
return new Symm(codeset,lines,encoding,endEquals, "Copied " + lines);
}
-
+
// Only used by keygen, which is intentionally randomized. Therefore, always use unordered
private Symm(char[] codeset, Symm parent) {
this.codeset = codeset;
@@ -186,7 +186,7 @@ public class Symm {
}
/**
- * Obtain the base64() behavior of this class, for use in standard BASIC AUTH mechanism, etc.
+ * Obtain the base64() behavior of this class, for use in standard BASIC AUTH mechanism, etc.
* No Line Splitting
* @return
*/
@@ -222,7 +222,7 @@ public class Symm {
}
return exec.exec(new AES(keyBytes,0,keyBytes.length));
}
-
+
public interface Encryption {
public CipherOutputStream outputStream(OutputStream os, boolean encrypt);
public CipherInputStream inputStream(InputStream is, boolean encrypt);
@@ -231,7 +231,7 @@ public class Symm {
public static interface SyncExec<T> {
public T exec(Encryption enc) throws IOException, Exception;
}
-
+
public byte[] encode(byte[] toEncrypt) throws IOException {
if (toEncrypt==null) {
return EMPTY;
@@ -251,7 +251,7 @@ public class Symm {
/**
* Helper function for String API of "Encode"
* use "getBytes" with appropriate char encoding, etc.
- *
+ *
* @param str
* @return
* @throws IOException
@@ -259,7 +259,7 @@ public class Symm {
public String encode(String str) throws IOException {
byte[] array;
boolean useDefaultEncoding = false;
- try {
+ try {
array = str.getBytes(encoding);
} catch (IOException e) {
array = str.getBytes(); // take default
@@ -267,14 +267,14 @@ public class Symm {
}
// Calculate expected size to avoid any buffer expansion copies within the ByteArrayOutput code
ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(array.length*1.363)); // account for 4 bytes for 3 and a byte or two more
-
+
encode(new ByteArrayInputStream(array),baos);
if (useDefaultEncoding) {
return baos.toString();
}
return baos.toString(encoding);
}
-
+
/**
* Helper function for the String API of "Decode"
* use "getBytes" with appropriate char encoding, etc.
@@ -285,7 +285,7 @@ public class Symm {
public String decode(String str) throws IOException {
byte[] array;
boolean useDefaultEncoding = false;
- try {
+ try {
array = str.getBytes(encoding);
} catch (IOException e) {
array = str.getBytes(); // take default
@@ -302,9 +302,9 @@ public class Symm {
/**
* Convenience Function
- *
+ *
* encode String into InputStream and call encode(InputStream, OutputStream)
- *
+ *
* @param string
* @param out
* @throws IOException
@@ -315,9 +315,9 @@ public class Symm {
/**
* Convenience Function
- *
+ *
* encode String into InputStream and call decode(InputStream, OutputStream)
- *
+ *
* @param string
* @param out
* @throws IOException
@@ -331,16 +331,16 @@ public class Symm {
encode(is,os);
}
- /**
+ /**
* encode InputStream onto Output Stream
- *
+ *
* @param is
* @param estimate
* @return
* @throws IOException
*/
public void encode(InputStream is, OutputStream os) throws IOException {
- // StringBuilder sb = new StringBuilder((int)(estimate*1.255)); // try to get the right size of StringBuilder from start.. slightly more than 1.25 times
+ // StringBuilder sb = new StringBuilder((int)(estimate*1.255)); // try to get the right size of StringBuilder from start.. slightly more than 1.25 times
int prev=0;
int read, idx=0, line=0;
boolean go;
@@ -360,7 +360,7 @@ public class Symm {
os.write(codeset[((prev & 0x03)<<4) | (read>>4)]);
prev = read;
break;
- default: //(3+)
+ default: //(3+)
// Char 1 is last 4 bits of prev plus the first 2 bits of read
// Char 2 is the last 6 bits of read
os.write(codeset[(((prev & 0xF)<<2) | (read>>6))]);
@@ -387,7 +387,7 @@ public class Symm {
}
idx = 0;
}
-
+
} while (go);
}
@@ -412,7 +412,7 @@ public class Symm {
if (index>=0) {
switch(++idx) { // 1 based cases, slightly faster ++
case 1: // index goes into first 6 bits of prev
- prev = index<<2;
+ prev = index<<2;
break;
case 2: // write second 2 bits of into prev, write byte, last 4 bits go into prev
os.write((byte)(prev|(index>>4)));
@@ -430,7 +430,7 @@ public class Symm {
};
os.flush();
}
-
+
/**
* Interface to allow this class to choose which algorithm to find index of character in Key
* @author Jonathan
@@ -454,7 +454,7 @@ public class Symm {
public int convert(int read) throws IOException {
// System.out.print((char)read);
switch(read) {
- case -1:
+ case -1:
case '=':
case ' ':
case '\n':
@@ -469,7 +469,7 @@ public class Symm {
throw new IOException("Unacceptable Character in Stream");
}
}
-
+
/**
* Unordered, i.e. the key is purposely randomized, simply has to investigate each character
* until we find a match.
@@ -483,7 +483,7 @@ public class Symm {
}
public int convert(int read) throws IOException {
switch(read) {
- case -1:
+ case -1:
case '=':
case '\n':
case '\r':
@@ -499,7 +499,7 @@ public class Symm {
/**
* Generate a 2048 based Key from which we extract our code base
- *
+ *
* @return
* @throws IOException
*/
@@ -510,7 +510,7 @@ public class Symm {
base64url.encode(new ByteArrayInputStream(inkey), baos);
return baos.toByteArray();
}
-
+
// A class allowing us to be less predictable about significant digits (i.e. not picking them up from the
// beginning, and not picking them up in an ordered row. Gives a nice 2048 with no visible patterns.
private class Obtain {
@@ -518,7 +518,7 @@ public class Symm {
private int skip;
private int length;
private byte[] key;
-
+
private Obtain(Symm b64, byte[] key) {
skip = Math.abs(key[key.length-13]%key.length);
if ((key.length&0x1) == (skip&0x1)) { // if both are odd or both are even
@@ -528,19 +528,19 @@ public class Symm {
last = 17+length%59; // never start at beginning
this.key = key;
}
-
+
private int next() {
return Math.abs(key[(++last*skip)%key.length])%length;
}
};
-
+
/**
* Obtain a Symm from "keyfile" (Config.KEYFILE) property
- *
+ *
* @param acesss
* @return
- * @throws IOException
- * @throws CadiException
+ * @throws IOException
+ * @throws CadiException
*/
public static Symm obtain(Access access) throws CadiException {
String keyfile = access.getProperty(Config.CADI_KEYFILE,null);
@@ -586,7 +586,7 @@ public class Symm {
}
}
/**
- * Create a new random key
+ * Create a new random key
*/
public Symm obtain() throws IOException {
byte inkey[] = new byte[0x800];
@@ -595,10 +595,10 @@ public class Symm {
s.name = "from Random";
return s;
}
-
+
/**
* Obtain a Symm from 2048 key from a String
- *
+ *
* @param key
* @return
* @throws IOException
@@ -608,10 +608,10 @@ public class Symm {
s.name = "from String";
return s;
}
-
+
/**
* Obtain a Symm from 2048 key from a Stream
- *
+ *
* @param is
* @return
* @throws IOException
@@ -635,7 +635,7 @@ public class Symm {
/**
* Convenience for picking up Keyfile
- *
+ *
* @param f
* @return
* @throws IOException
@@ -654,7 +654,7 @@ public class Symm {
* Decrypt into a String
*
* Convenience method
- *
+ *
* @param password
* @return
* @throws IOException
@@ -667,7 +667,7 @@ public class Symm {
/**
* Create an encrypted password, making sure that even short passwords have a minimum length.
- *
+ *
* @param password
* @param os
* @throws IOException
@@ -682,7 +682,7 @@ public class Symm {
if (this.getClass().getSimpleName().startsWith("base64")) { // don't expose randomization
dos.write(bytes);
} else {
-
+
Random r = new SecureRandom();
int start = 0;
byte b;
@@ -710,7 +710,7 @@ public class Symm {
dos.write(bytes);
}
}
-
+
// 7/21/2016 Jonathan add AES Encryption to the mix
try {
exec(new SyncExec<Void>() {
@@ -735,9 +735,9 @@ public class Symm {
/**
* Decrypt a password into a String
- *
+ *
* Convenience method
- *
+ *
* @param password
* @return
* @throws IOException
@@ -748,12 +748,12 @@ public class Symm {
depass(password,baos);
return new String(baos.toByteArray());
}
-
+
/**
* Decrypt a password
- *
+ *
* Skip Symm.ENC
- *
+ *
* @param password
* @param os
* @return
@@ -803,7 +803,7 @@ public class Symm {
dos.writeByte(dis.readByte());
}
} else {
- int pre =((Byte.SIZE*3+Integer.SIZE+Byte.SIZE)/Byte.SIZE)+start;
+ int pre =((Byte.SIZE*3+Integer.SIZE+Byte.SIZE)/Byte.SIZE)+start;
os.write(bytes, pre, bytes.length-pre);
}
}
@@ -811,9 +811,9 @@ public class Symm {
}
public static String randomGen(int numBytes) {
- return randomGen(passChars,numBytes);
+ return randomGen(passChars,numBytes);
}
-
+
public static String randomGen(char[] chars ,int numBytes) {
int rint;
StringBuilder sb = new StringBuilder(numBytes);
@@ -824,11 +824,11 @@ public class Symm {
return sb.toString();
}
// Internal mechanism for helping to randomize placement of characters within a Symm codeset
- // Based on an incoming data stream (originally created randomly, but can be recreated within
+ // Based on an incoming data stream (originally created randomly, but can be recreated within
// 2048 key), go after a particular place in the new codeset. If that codeset spot is used, then move
- // right or left (depending on iteration) to find the next available slot. In this way, key generation
+ // right or left (depending on iteration) to find the next available slot. In this way, key generation
// is speeded up by only enacting N iterations, but adds a spreading effect of the random number stream, so that keyset is also
- // shuffled for a good spread. It is, however, repeatable, given the same number set, allowing for
+ // shuffled for a good spread. It is, however, repeatable, given the same number set, allowing for
// quick recreation when the official stream is actually obtained.
public Symm obtain(byte[] key) throws IOException {
int filled = codeset.length;
@@ -844,7 +844,7 @@ public class Symm {
if (index<0 || index>=codeset.length) {
System.out.println("uh, oh");
}
- if (right) { // alternate going left or right to find the next open slot (keeps it from taking too long to hit something)
+ if (right) { // alternate going left or right to find the next open slot (keeps it from taking too long to hit something)
for (int j=index;j<end;++j) {
if (seq[j]==0) {
seq[j]=codeset[filled];
@@ -879,12 +879,12 @@ public class Symm {
return newSymm;
}
-
- /**
+
+ /**
* This Symm is generated for internal JVM use. It has no external keyfile, but can be used
* for securing Memory, as it remains the same ONLY of the current JVM
* @return
- * @throws IOException
+ * @throws IOException
*/
public static synchronized Symm internalOnly() throws IOException {
if (internalOnly==null) {
@@ -897,7 +897,7 @@ public class Symm {
}
return internalOnly;
}
-
+
@Override
public String toString() {
return name;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Taf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Taf.java
index 771ebcf4..ee9b343a 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Taf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Taf.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -25,33 +25,33 @@ import org.onap.aaf.cadi.taf.TafResp;
/**
- * TAF - Transmutative Assertion Framework.
- *
+ * TAF - Transmutative Assertion Framework.
+ *
* This main Interface embodies the essential of the assertion, where a number of different TAFs might be used to authenticate
* and that authentication to be recognized through other elements.
- *
+ *
* Concept by Robert Garskof. Implemented by Jonathan Gathman
- *
+ *
* @author Jonathan
*
*/
public interface Taf {
enum LifeForm {CBLF, SBLF, LFN};
/**
- * The lifeForm param is a humorous way of describing whether the interaction is proceeding from direct Human Interaction via a browser
+ * The lifeForm param is a humorous way of describing whether the interaction is proceeding from direct Human Interaction via a browser
* or App which can directly query a memorized password, key sequence, bio-feedback, from that user, or a machine mechanism for which identity
- * can more easily be determined by Certificate, Mechanical ID/Password etc. Popularized in modern culture and Science Fiction (especially
- * Star Trek), we (starting with Robert Garskof) use the terms "Carbon Based Life Form" (CBLF) for mechanisms with people at the end of them, or
+ * can more easily be determined by Certificate, Mechanical ID/Password etc. Popularized in modern culture and Science Fiction (especially
+ * Star Trek), we (starting with Robert Garskof) use the terms "Carbon Based Life Form" (CBLF) for mechanisms with people at the end of them, or
* "Silicon Based Life Forms" (SBLF) to indicate machine only interactions. I have added "LFN" for (Life-Form Neutral) to aid identifying
- * processes for which it doesn't matter whether there is a human at the immediate end of the chain, or cannot be determined mechanically.
- *
+ * processes for which it doesn't matter whether there is a human at the immediate end of the chain, or cannot be determined mechanically.
+ *
* The variable parameter is not necessarily ideal, but with too many unknown Tafs to be created, flexibility,
* is unfortunately required at this point. Future versions could lock this down more. Jonathan 10/18/2012
- *
+ *
* @param lifeForm
* @param info
* @return
*/
public TafResp validate(LifeForm reading, String ... info);
-
+
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Transmutate.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Transmutate.java
index 1203b8d2..b88591fa 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Transmutate.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Transmutate.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -26,18 +26,18 @@ import java.security.Principal;
/**
* The unique element of TAF is that we establish the relationship/mechanism to mutate the Principal derived from
* one Authentication mechanism into a trustable Principal of another. The mechanism needs to be decided by system
- * trusting.
- *
+ * trusting.
+ *
* The Generic "T" is used so that the code used will be very specific for the implementation, enforced by Compiler
- *
- * This interface will allow differences of trusting Transmutation of Authentication
+ *
+ * This interface will allow differences of trusting Transmutation of Authentication
* @author Jonathan
*
*/
public interface Transmutate<T> {
/**
* Mutate the (assumed validated) Principal into the expected Principal name to be used to construct
- *
+ *
* @param p
* @return
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/TrustChecker.java b/cadi/core/src/main/java/org/onap/aaf/cadi/TrustChecker.java
index 6b1433f4..3ab9c290 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/TrustChecker.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/TrustChecker.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -27,13 +27,13 @@ import org.onap.aaf.cadi.taf.TafResp;
/**
* Change to another Principal based on Trust of caller and User Chain (if desired)
- *
+ *
* @author Jonathan
*
*/
public interface TrustChecker {
public TafResp mayTrust(TafResp tresp, HttpServletRequest req);
-
+
/**
* A class that trusts no-one else, so just return same TResp
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/User.java b/cadi/core/src/main/java/org/onap/aaf/cadi/User.java
index cb3b4e8f..97837555 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/User.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/User.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -31,7 +31,7 @@ import org.onap.aaf.cadi.lur.LocalPermission;
/**
* Class to hold info from the User Perspective.
- *
+ *
* @author Jonathan
*
*/
@@ -44,7 +44,7 @@ public final class User<PERM extends Permission> {
long permExpires;
private final long interval;
int count;
-
+
// Note: This should only be used for Local RBAC (in memory)
public User(Principal principal) {
this.principal = principal;
@@ -86,23 +86,23 @@ public final class User<PERM extends Permission> {
count = 0;
renewPerm();
}
-
+
public void renewPerm() {
permExpires = System.currentTimeMillis()+interval;
}
-
+
public long permExpires() {
return permExpires;
}
-
+
public boolean permExpired() {
return System.currentTimeMillis() > permExpires;
}
public boolean noPerms() {
- return perms==null || perms==NULL_MAP || perms.values().size()==0;
+ return perms==null || perms==NULL_MAP || perms.values().size()==0;
}
-
+
public synchronized void setNoPerms() {
perms=NULL_MAP;
renewPerm();
@@ -115,11 +115,11 @@ public final class User<PERM extends Permission> {
public synchronized void incCount() {
++count;
}
-
+
public synchronized void resetCount() {
count=0;
}
-
+
public Map<String,Permission> newMap() {
return new ConcurrentHashMap<>();
}
@@ -146,11 +146,11 @@ public final class User<PERM extends Permission> {
}
return false;
}
-
+
public void copyPermsTo(List<Permission> sink) {
sink.addAll(perms.values());
}
-
+
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append(principal.getName());
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/UserChain.java b/cadi/core/src/main/java/org/onap/aaf/cadi/UserChain.java
index f6a98085..f299f931 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/UserChain.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/UserChain.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -23,17 +23,17 @@ package org.onap.aaf.cadi;
/**
* Interface to add a User Chain String to Principal
- *
- *
- *
+ *
+ *
+ *
* Where
- * APP is name suitable for Logging (i.e. official App Acronym)
+ * APP is name suitable for Logging (i.e. official App Acronym)
* ID is official User or MechID, best if includes Identity Source (i.e. ab1234@people.osaaf.org)
* Protocol is the Security protocol,
- *
+ *
* Format:<ID>:<APP>:<protocol>[:AS][,<ID>:<APP>:<protocol>]*
- *
- *
+ *
+ *
* @author Jonathan
*
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index 7bd578a5..a231b393 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -64,7 +64,7 @@ import org.onap.aaf.cadi.util.Split;
/**
* Create a Consistent Configuration mechanism, even when configuration styles are as vastly different as
* Properties vs JavaBeans vs FilterConfigs...
- *
+ *
* @author Jonathan
*
*/
@@ -110,16 +110,16 @@ public class Config {
public static final String CADI_PROTOCOLS = "cadi_protocols";
public static final String CADI_NOAUTHN = "cadi_noauthn";
public static final String CADI_LOC_LIST = "cadi_loc_list";
-
+
// Special Behaviors
public static final String CADI_BATH_CONVERT = "cadi_bath_convert";
public static final String CADI_API_ENFORCEMENT = "cadi_api_enforcement";
public static final String CADI_ADD_TAFS = "cadi_add_tafs";
public static final String CADI_ADD_LURS = "cadi_add_lurs";
-
+
public static final String CADI_USER_CHAIN_TAG = "cadi_user_chain";
public static final String CADI_USER_CHAIN = "USER_CHAIN";
-
+
public static final String CADI_OAUTH2_URL="cadi_oauth2_url";
public static final String CADI_TOKEN_DIR = "cadi_token_dir";
@@ -133,20 +133,20 @@ public class Config {
+ "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,"
+ "TLS_ECDH_RSA_WITH_RC4_128_SHA,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,"
+ "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
-
+
public static final String LOCALHOST_ALLOW = "localhost_allow";
public static final String LOCALHOST_DENY = "localhost_deny";
-
- public static final String BASIC_REALM = "basic_realm"; // what is sent to the client
- public static final String BASIC_WARN = "basic_warn"; // Warning of insecure channel
+
+ public static final String BASIC_REALM = "basic_realm"; // what is sent to the client
+ public static final String BASIC_WARN = "basic_warn"; // Warning of insecure channel
public static final String USERS = "local_users";
public static final String GROUPS = "local_groups";
public static final String WRITE_TO = "local_writeto"; // dump RBAC to local file in Tomcat Style (some apps use)
-
+
public static final String OAUTH_CLIENT_ID="client_id";
public static final String OAUTH_CLIENT_SECRET="client_secret";
-
+
public static final String AAF_ENV = "aaf_env";
public static final String AAF_ROOT_NS = "aaf_root_ns";
public static final String AAF_ROOT_NS_DEF = "org.osaaf.aaf";
@@ -159,15 +159,15 @@ public class Config {
public static final String AAF_DEFAULT_API_VERSION = "2.1";
public static final String AAF_DEPLOYED_VERSION="aaf_deployed_version";
public static final String AAF_API_VERSION = "aaf_api_version";
- public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
+ public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
public static final String AAF_LOCATOR_CLASS = "aaf_locator_class";
// AAF Locator Entries are ADDITIONAL entries, which also gives the Property ability
// to set these entries manually
// example: adding a K8S name like "oom"
- // this will allow Registrations to pick up
+ // this will allow Registrations to pick up
// locator_ns.oom for onap's "OOM" based k8s entries, etc.
public static final String AAF_LOCATOR_CONTAINER="aaf_locator_container";
- // An ID for another Container, to be used to avoid picking up the wrong internal info
+ // An ID for another Container, to be used to avoid picking up the wrong internal info
// for another container.
public static final String AAF_LOCATOR_CONTAINER_ID = "aaf_locator_container_id";
public static final String AAF_LOCATOR_CONTAINER_NS = "aaf_locator_container_ns";
@@ -181,7 +181,7 @@ public class Config {
public static final String AAF_LOCATOR_PUBLIC_PORT = "aaf_locator_public_port";
public static final String AAF_LOCATOR_PUBLIC_FQDN = "aaf_locator_public_fqdn";
public static final String AAF_LOCATOR_PUBLIC_NAME = "aaf_locator_public_name";
-
+
// AAF Service will write to the Audit Log if a past due AAF stored Password
// is being used within # of days specified.
public static final String AAF_CRED_WARN_DAYS="aaf_cred_warn_days";
@@ -196,7 +196,7 @@ public class Config {
public static final String AAF_CONN_TIMEOUT_DEF = "3000";
public static final String AAF_CONN_IDLE_TIMEOUT = "aaf_conn_idle_timeout"; // only for Direct Jetty Access.
public static final String AAF_CONN_IDLE_TIMEOUT_DEF = "10000"; // only for Direct Jetty Access.
-
+
// Default Classes: These are for Class loading to avoid direct compile links
public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf";
public static final String AAF_LOCATOR_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFLocator";
@@ -212,7 +212,7 @@ public class Config {
public static final String AAF_CLEAN_INTERVAL_DEF = "30000"; // Default is 30 seconds
public static final String AAF_REFRESH_TRIGGER_COUNT = "aaf_refresh_trigger_count";
public static final String AAF_REFRESH_TRIGGER_COUNT_DEF = "3"; // Default is 10 mins
-
+
public static final String AAF_HIGH_COUNT = "aaf_high_count";
public static final String AAF_HIGH_COUNT_DEF = "1000"; // Default is 1000 entries
public static final String AAF_PERM_MAP = "aaf_perm_map";
@@ -251,7 +251,7 @@ public class Config {
public static final String AAF_OAUTH2_INTROSPECT_URL = "aaf_oauth2_introspect_url";
public static final String AAF_ALT_OAUTH2_TOKEN_URL = "aaf_alt_oauth2_token_url";
public static final String AAF_ALT_OAUTH2_INTROSPECT_URL = "aaf_alt_oauth2_introspect_url";
- public static final String AAF_ALT_OAUTH2_DOMAIN = "aaf_alt_oauth2_domain";
+ public static final String AAF_ALT_OAUTH2_DOMAIN = "aaf_alt_oauth2_domain";
public static final String AAF_ALT_CLIENT_ID = "aaf_alt_oauth2_client_id";
public static final String AAF_ALT_CLIENT_SECRET = "aaf_alt_oauth2_client_secret";
public static final String AAF_OAUTH2_HELLO_URL = "aaf_oauth2_hello_url";
@@ -300,9 +300,9 @@ public class Config {
// IMPORTANT! Don't attempt to load AAF Connector if there is no AAF URL
String aafURL = logProp(rph, AAF_URL,null);
if (!hasDirectAAF && aafcon==null && aafURL!=null) {
- aafcon = loadAAFConnector(si, aafURL);
+ aafcon = loadAAFConnector(si, aafURL);
}
-
+
HttpTaf taf;
// Setup Host, in case Network reports an unusable Hostname (i.e. VTiers, VPNs, etc)
String hostname = logProp(access, HOSTNAME,null);
@@ -313,7 +313,7 @@ public class Config {
throw new CadiException("Unable to determine Hostname",e1);
}
}
-
+
access.log(Level.INIT, "Hostname set to",hostname);
// Get appropriate TAFs
ArrayList<Priori<HttpTaf>> htlist = new ArrayList<>();
@@ -355,7 +355,7 @@ public class Config {
} else {
access.log(Level.INIT,"Certificate Authorization not enabled");
}
-
+
/////////////////////////////////////////////////////
// Configure Basic Auth (local content)
/////////////////////////////////////////////////////
@@ -406,7 +406,7 @@ public class Config {
} else {
access.log(Level.INIT,"Local Basic Authorization is disabled. Enable by setting basicRealm=<appropriate realm, i.e. my.att.com>");
}
-
+
/////////////////////////////////////////////////////
// Configure AAF Driven Basic Auth
/////////////////////////////////////////////////////
@@ -414,10 +414,10 @@ public class Config {
access.log(Level.INIT,"AAF Connection (AAFcon) is null. Cannot create an AAF TAF");
} else if (aafURL==null) {
access.log(Level.INIT,"No AAF URL in properties, Cannot create an AAF TAF");
- } else {// There's an AAF_URL... try to configure an AAF
+ } else {// There's an AAF_URL... try to configure an AAF
String aafTafClassName = logProp(access, AAF_TAF_CLASS,AAF_TAF_CLASS_DEF);
// Only 2.0 available at this time
- if (AAF_TAF_CLASS_DEF.equals(aafTafClassName)) {
+ if (AAF_TAF_CLASS_DEF.equals(aafTafClassName)) {
try {
Class<?> aafTafClass = loadClass(access,aafTafClassName);
if (aafTafClass!=null) {
@@ -447,7 +447,7 @@ public class Config {
}
}
}
-
+
/////////////////////////////////////////////////////
// Configure OAuth TAF
/////////////////////////////////////////////////////
@@ -490,7 +490,7 @@ public class Config {
access.log(Level.INIT,"OAuth TAF is not configured");
}
}
-
+
/////////////////////////////////////////////////////
// Adding BasicAuth (AAF) last, after other primary Cookie Based
// Needs to be before Cert... see below
@@ -498,7 +498,7 @@ public class Config {
if (aaftaf!=null) {
htlist.add(new Priori<HttpTaf>(aaftaf,40));
}
- }
+ }
/////////////////////////////////////////////////////
// Any Additional Tafs passed in Constructor
@@ -534,7 +534,7 @@ public class Config {
}
}
}
-
+
// Add BasicAuth, if any, to x509Taf
if (x509TAF!=null) {
for ( Priori<HttpTaf> ht : htlist) {
@@ -543,12 +543,12 @@ public class Config {
}
}
}
-
+
/////////////////////////////////////////////////////
// Additional TAFs by Plugin
/////////////////////////////////////////////////////
Priori.add(access, CADI_ADD_TAFS, htlist);
-
+
/////////////////////////////////////////////////////
// Create EpiTaf from configured TAFs
/////////////////////////////////////////////////////
@@ -571,17 +571,17 @@ public class Config {
access.log(Level.INIT, sb);
Locator<URI> locator = loadLocator(si, aafURL);
-
+
taf = new HttpEpiTaf(access,locator, tc, htarray); // ok to pass locator == null
String level = logProp(access, CADI_LOGLEVEL, null);
if (level!=null) {
access.setLogLevel(Level.valueOf(level));
}
}
-
+
return taf;
}
-
+
public static String logProp(RegistrationPropHolder rph, String tag, String def) {
String rv = rph.access().getProperty(tag, def);
if (rv == null) {
@@ -591,9 +591,9 @@ public class Config {
rph.access().log(Level.INIT,tag,"is set to",rv);
}
return rv;
-
+
}
-
+
public static String logProp(Access access,String tag, String def) {
String rv = access.getProperty(tag, def);
if (rv == null) {
@@ -603,7 +603,7 @@ public class Config {
}
return rv;
}
-
+
public static Lur configLur(SecurityInfoC<HttpURLConnection> si, Connector con, Object ... additionalTafLurs) throws CadiException {
Access access = si.access;
RegistrationPropHolder rph;
@@ -614,7 +614,7 @@ public class Config {
}
List<Priori<Lur>> lurs = new ArrayList<>();
-
+
/////////////////////////////////////////////////////
// Configure a Local Property Based RBAC/LUR
/////////////////////////////////////////////////////
@@ -625,7 +625,7 @@ public class Config {
if (groups!=null || users!=null) {
LocalLur ll = new LocalLur(access, users, groups); // note b64==null is ok.. just means no encryption.
lurs.add(new Priori<Lur>(ll,10));
-
+
String writeto = access.getProperty(WRITE_TO,null);
if (writeto!=null) {
String msg = UsersDump.updateUsers(writeto, ll);
@@ -660,14 +660,14 @@ public class Config {
msg = e.getCause().getMessage();
}
access.log(Level.INIT,"AAF/OAuth LUR is not instantiated.",msg,e);
- }
+ }
} else {
access.log(Level.INIT, "OAuth2 Lur disabled");
}
if (con!=null) { // try to reutilize connector
lurs.add(new Priori<Lur>(con.newLur(),30));
- } else {
+ } else {
/////////////////////////////////////////////////////
// Configure the AAF Lur (if any)
/////////////////////////////////////////////////////
@@ -693,7 +693,7 @@ public class Config {
} else {// There's an AAF_URL... try to configure an AAF
String aafLurClassStr = logProp(access,AAF_LUR_CLASS,AAF_V2_0_AAF_LUR_PERM);
////////////AAF Lur 2.0 /////////////
- if (aafLurClassStr!=null && aafLurClassStr.startsWith(AAF_V2_0)) {
+ if (aafLurClassStr!=null && aafLurClassStr.startsWith(AAF_V2_0)) {
try {
Object aafcon = loadAAFConnector(si, aafURL);
if (aafcon==null) {
@@ -703,7 +703,7 @@ public class Config {
if (aafAbsAAFCon!=null) {
Method mNewLur = aafAbsAAFCon.getMethod("newLur");
Object aaflur = mNewLur.invoke(aafcon);
-
+
if (aaflur==null) {
access.log(Level.INIT,"ERROR! AAF LUR Failed construction. NOT Configured");
} else {
@@ -719,7 +719,7 @@ public class Config {
} catch (Exception e) {
access.log(e,"AAF LUR class,",aafLurClassStr,"could not be constructed with given Constructors.");
}
- }
+ }
}
}
}
@@ -740,13 +740,13 @@ public class Config {
/////////////////////////////////////////////////////
// Additional LURs by Plugin
/////////////////////////////////////////////////////
- Priori.add(access, CADI_ADD_LURS, lurs);
+ Priori.add(access, CADI_ADD_LURS, lurs);
/////////////////////////////////////////////////////
- // Return a Lur based on how many there are...
+ // Return a Lur based on how many there are...
/////////////////////////////////////////////////////
switch(lurs.size()) {
- case 0:
+ case 0:
access.log(Level.INIT,"WARNING! No CADI LURs configured");
// Return a NULL Lur that does nothing.
return new NullLur();
@@ -770,7 +770,7 @@ public class Config {
return new EpiLur(la);
}
}
-
+
private static boolean hasDirect(String simpleClassName, Object[] additionalTafLurs) {
if (additionalTafLurs!=null) {
for (Object tf : additionalTafLurs) {
@@ -922,7 +922,7 @@ public class Config {
locator = (Locator<URI>)cnst.newInstance(new Object[] {si,locatorURI});
int port = fui.getPort();
String portS = port<0?"":(":"+port);
-
+
access.log(Level.INFO, "AAFLocator enabled using " + locatorURI.getScheme() +"://"+fui.getHost() + portS);
} else {
access.log(Level.INFO, "AAFLocator enabled using preloaded " + locator.getClass().getSimpleName());
@@ -943,7 +943,7 @@ public class Config {
public static String getDefaultRealm() {
return defaultRealm;
}
-
+
public static String getAAFLocateUrl(Access access) {
String rv = null;
String cont = access.getProperty(AAF_LOCATOR_CONTAINER,null);
@@ -959,7 +959,7 @@ public class Config {
private static class Priori<T> implements Comparable<Priori<T>> {
public final T t;
public final int priority;
-
+
public Priori(final T t, final int priority) {
this.t = t;
this.priority = priority;
@@ -997,7 +997,7 @@ public class Config {
access.printf(Level.ERROR, "%s format is <classname>,priority[;...]\n",CADI_ADD_TAFS);
}
}
-
+
if(clssn!=null) {
Class<?> cls = loadClass(access, clssn);
if(cls!=null) {
@@ -1009,7 +1009,7 @@ public class Config {
} catch (InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
String hostname = access.getProperty(Config.HOSTNAME,null);
if(hostname==null) {
- access.printf(Level.ERROR, "%s cannot be constructed on this machine. Set valid 'hostname' in your properties\n",clssn);
+ access.printf(Level.ERROR, "%s cannot be constructed on this machine. Set valid 'hostname' in your properties\n",clssn);
} else {
access.printf(Level.ERROR, "%s cannot be constructed on %s with Access.\n",clssn, hostname);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java
index b48dd74d..0f65b374 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -28,8 +28,8 @@ import org.onap.aaf.cadi.Access.Level;
public interface Get {
public String get(String name, String def, boolean print);
-
-
+
+
/**
* A class for Getting info out of "JavaBean" format
* @author Jonathan
@@ -40,24 +40,24 @@ public interface Get {
private Class<?> bc;
private Class<?>[] params;
private Object[] args;
-
+
public Bean(Object bean) {
this.bean = bean;
bc = bean.getClass();
params = new Class<?>[0]; // note, this will allow to go out of scope after config
args = new Object[0];
}
-
+
public String get(String name, String def, boolean print) {
String str = null;
String gname = "get"+Character.toUpperCase(name.charAt(0))+name.substring(1);
try {
Method meth = bc.getMethod(gname, params);
Object obj = meth.invoke(bean, args);
- str = obj==null?null:obj.toString(); // easy string convert...
+ str = obj==null?null:obj.toString(); // easy string convert...
} catch (Exception e) {
}
-
+
// Take def if nothing else
if (str==null) {
str = def;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java
index 30adcc97..65501a67 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -25,12 +25,12 @@ import org.onap.aaf.cadi.PropAccess;
public class GetAccess extends PropAccess {
private final Get getter;
-
+
public GetAccess(Get getter) {
super(new String[]{"cadi_prop_files="+getter.get("cadi_prop_files", null, true)});
this.getter = getter;
}
-
+
/* (non-Javadoc)
* @see org.onap.aaf.cadi.PropAccess#getProperty(java.lang.String, java.lang.String)
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/MultiGet.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/MultiGet.java
index c5e5a50e..d73e1b71 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/MultiGet.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/MultiGet.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -33,7 +33,7 @@ public class MultiGet implements Get {
String str;
for (Get getter : getters) {
str = getter.get(name, null, print);
- if (str!=null)
+ if (str!=null)
return str;
}
return def;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java
index f73179a9..2825e9a5 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -99,11 +99,11 @@ public class RegistrationPropHolder {
}
}
default_name = container_public_name;
-
+
if(firstlog) {
access.printf(Level.INIT, REGI,"default_name",default_name);
}
-
+
latitude=null;
String slatitude = access.getProperty(Config.CADI_LATITUDE, null);
if(slatitude == null) {
@@ -138,7 +138,7 @@ public class RegistrationPropHolder {
}
}
}
-
+
default_fqdn = access.getProperty(Config.AAF_LOCATOR_FQDN, hostname);
if(firstlog) {
access.printf(Level.INIT, REGI,"default_fqdn",default_fqdn);
@@ -157,7 +157,7 @@ public class RegistrationPropHolder {
errs.append('\n');
errs.append(propname);
errs.append(" must be defined.");
-
+
}
public String getEntryFQDN(final String entry, final String dot_le) {
@@ -169,7 +169,7 @@ public class RegistrationPropHolder {
}
return replacements("RegistrationPropHolder.getEntryFQDN",str,entry,dot_le);
}
-
+
public String getEntryName(final String entry, final String dot_le) {
String str;
if(dot_le.isEmpty()) {
@@ -179,7 +179,7 @@ public class RegistrationPropHolder {
}
return replacements("RegistrationPropHolder.getEntryName",str,entry,dot_le);
}
-
+
public String getPublicEntryName(final String entry, final String dot_le) {
String str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_NAME+dot_le, null);
if(str==null) {
@@ -190,8 +190,8 @@ public class RegistrationPropHolder {
}
return replacements("RegistrationPropHolder.getEntryName",str,entry,dot_le);
}
-
-
+
+
private String getNS(String dot_le) {
String ns;
ns = access.getProperty(Config.AAF_LOCATOR_APP_NS+dot_le,null);
@@ -201,7 +201,7 @@ public class RegistrationPropHolder {
return ns;
}
-
+
public String replacements(final String fromCode, final String source, final String name, final String _dot_le) {
if(source == null) {
return "";
@@ -238,13 +238,13 @@ public class RegistrationPropHolder {
value = value.replace("http://AAF_LOCATE_URL/", str);
} else {
value = value.replace("https://AAF_LOCATE_URL/", str);
-
+
}
}
}
}
- int atC = value.indexOf("%C");
+ int atC = value.indexOf("%C");
if(atC>=0) {
// aaf_locator_container_ns
str = access.getProperty(Config.AAF_LOCATOR_CONTAINER_NS+dot_le, default_container_ns);
@@ -252,14 +252,14 @@ public class RegistrationPropHolder {
value = value.replace("%CNS"+'.', str);
}
value = value.replace("%CNS", str);
-
+
str = access.getProperty(Config.AAF_LOCATOR_CONTAINER+dot_le,default_container);
if(str.isEmpty()) {
value = value.replace("%C"+'.', str);
}
value = value.replace("%C", str);
}
-
+
if(value.indexOf("%NS")>=0) {
str = getNS(dot_le);
if(str==null || str.isEmpty()) {
@@ -280,7 +280,7 @@ public class RegistrationPropHolder {
}
}
-
+
if(value.indexOf('%')>=0) {
// These shouldn't be expected to have dot elements
if(name!=null) {
@@ -293,13 +293,13 @@ public class RegistrationPropHolder {
value = value.replace("%PH", public_fqdn);
}
}
- access.printf(Level.DEBUG,
+ access.printf(Level.DEBUG,
"RegistrationReplacement from %s, source: %s, dot_le: %s, value: %s",
fromCode,source,dot_le,value);
return value;
}
-
+
public int getEntryPort(final String dot_le) {
return public_port!=null && dot_le.isEmpty()?
public_port:
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
index 8dbc38e1..60c75719 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -64,7 +64,7 @@ public class SecurityInfo {
private static final String LOADED_FROM_SYSTEM_PROPERTIES = "%s loaded from System Properties";
public static final String SSL_KEY_MANAGER_FACTORY_ALGORITHM;
-
+
private SSLSocketFactory socketFactory;
private X509KeyManager[] x509KeyManager;
private X509TrustManager[] x509TrustManager;
@@ -83,21 +83,21 @@ public class SecurityInfo {
SSL_KEY_MANAGER_FACTORY_ALGORITHM = "SunX509";
}
}
-
+
public SecurityInfo(final Access access) throws CadiException {
String msgHelp = "";
try {
this.access = access;
// reuse DME2 Properties for convenience if specific Properties don't exist
-
+
String str = access.getProperty(Config.CADI_ALIAS, null);
if(str==null || str.isEmpty()) {
defaultAlias = null;
} else {
defaultAlias = str;
}
-
+
str = access.getProperty(Config.CADI_CLIENT_ALIAS, null);
if(str==null) {
defaultClientAlias = defaultAlias;
@@ -110,17 +110,17 @@ public class SecurityInfo {
msgHelp = String.format(INITIALIZING_ERR_FMT,"Keystore", access.getProperty(Config.CADI_KEYSTORE, ""));
initializeKeyManager();
-
+
msgHelp = String.format(INITIALIZING_ERR_FMT,"Truststore", access.getProperty(Config.CADI_TRUSTSTORE, ""));
initializeTrustManager();
-
+
msgHelp = String.format(INITIALIZING_ERR_FMT,"Trustmasks", access.getProperty(Config.CADI_TRUST_MASKS, ""));
initializeTrustMasks();
msgHelp = String.format(INITIALIZING_ERR_FMT,"HTTP Protocols", "access properties");
setHTTPProtocols(access);
-
+
msgHelp = String.format(INITIALIZING_ERR_FMT,"Context", "TLS");
context = SSLContext.getInstance("TLS");
context.init(x509KeyManager, x509TrustManager, null);
@@ -146,7 +146,7 @@ public class SecurityInfo {
// This needs to be set when people do not.
System.setProperty(HTTPS_PROTOCOLS, httpsProtocols);
}
- String httpsClientProtocols = System.getProperty(JDK_TLS_CLIENT_PROTOCOLS,null);
+ String httpsClientProtocols = System.getProperty(JDK_TLS_CLIENT_PROTOCOLS,null);
if(httpsClientProtocols!=null) {
access.printf(Level.INIT, LOADED_FROM_SYSTEM_PROPERTIES, JDK_TLS_CLIENT_PROTOCOLS);
} else {
@@ -197,7 +197,7 @@ public class SecurityInfo {
hsuc.setHostnameVerifier(maskHV);
}
}
-
+
protected void initializeKeyManager() throws CadiException, IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException, UnrecoverableKeyException {
String keyStore = access.getProperty(Config.CADI_KEYSTORE, null);
if(keyStore==null) {
@@ -208,7 +208,7 @@ public class SecurityInfo {
String keyStorePasswd = access.getProperty(Config.CADI_KEYSTORE_PASSWORD, null);
keyStorePasswd = (keyStorePasswd == null) ? null : access.decrypt(keyStorePasswd, false);
- if (keyStore == null || keyStorePasswd == null) {
+ if (keyStore == null || keyStorePasswd == null) {
x509KeyManager = new X509KeyManager[0];
return;
}
@@ -240,7 +240,7 @@ public class SecurityInfo {
}
}
}
-
+
StringBuilder sb = null;
for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) {
if (keyManager instanceof X509KeyManager) {
@@ -263,12 +263,12 @@ public class SecurityInfo {
}
x509KeyManager = new X509KeyManager[keyManagers.size()];
keyManagers.toArray(x509KeyManager);
-
+
if(sb!=null) {
access.log(Level.INIT, sb);
}
}
-
+
private void x509Info(StringBuilder sb, X509Certificate[] chain) {
if(chain!=null) {
int i=0;
@@ -290,7 +290,7 @@ public class SecurityInfo {
protected void initializeTrustManager() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException, CadiException {
String trustStore = access.getProperty(Config.CADI_TRUSTSTORE, null);
if(trustStore==null) {
- return;
+ return;
} else if(!new File(trustStore).exists()) {
throw new CadiException(trustStore + " does not exist");
}
@@ -307,7 +307,7 @@ public class SecurityInfo {
try {
KeyStore ts = KeyStore.getInstance("JKS");
ts.load(fis, trustStorePasswd.toCharArray());
- trustManagerFactory.init(ts);
+ trustManagerFactory.init(ts);
} finally {
fis.close();
}
@@ -328,7 +328,7 @@ public class SecurityInfo {
}
}
}
-
+
protected void initializeTrustMasks() throws AccessException {
String tips = access.getProperty(Config.CADI_TRUST_MASKS, null);
if (tips == null) {
@@ -345,7 +345,7 @@ public class SecurityInfo {
throw new AccessException("Invalid IP Mask in " + Config.CADI_TRUST_MASKS, e);
}
}
-
+
final HostnameVerifier origHV = HttpsURLConnection.getDefaultHostnameVerifier();
maskHV = new HostnameVerifier() {
@Override
@@ -366,5 +366,5 @@ public class SecurityInfo {
};
HttpsURLConnection.setDefaultHostnameVerifier(maskHV);
}
-
+
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java
index 4e365fba..7c5f50ed 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -34,13 +34,13 @@ public class SecurityInfoC<CLIENT> extends SecurityInfo {
public static final String DEF_ID = "ID not Set";
private static Map<Class<?>,SecurityInfoC<?>> sicMap = new HashMap<>();
public SecuritySetter<CLIENT> defSS;
-
+
public SecurityInfoC(Access access) throws CadiException {
super(access);
defSS = new DEFSS<CLIENT>();
}
-
+
@SuppressWarnings("unchecked")
public static synchronized <CLIENT> SecurityInfoC<CLIENT> instance(Access access, Class<CLIENT> cls) throws CadiException {
SecurityInfoInit<CLIENT> sii;
@@ -58,9 +58,9 @@ public class SecurityInfoC<CLIENT> extends SecurityInfo {
public SecuritySetter<CLIENT> bestDefault(SecurityInfoC<CLIENT> si) throws CadiException {
return new DEFSS<CLIENT>();
}
- };
+ };
}
-
+
SecurityInfoC<CLIENT> sic = (SecurityInfoC<CLIENT>) sicMap.get(cls);
if (sic==null) {
sic = new SecurityInfoC<CLIENT>(access);
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoInit.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoInit.java
index 614f363b..e5b7a0ea 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoInit.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoInit.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java
index 98ab4706..4f7db1ab 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -56,7 +56,7 @@ public class UsersDump {
// We loop through Users, but want to write Groups first... therefore, save off print
StringBuilder sb = new StringBuilder();
-
+
// Obtain all unique role names
HashSet<String> groups = new HashSet<>();
for (AbsUserCache<?>.DumpInfo di : lur.dumpInfo()) {
@@ -80,7 +80,7 @@ public class UsersDump {
ps.print(group);
ps.println("\"/>");
}
-
+
ps.println(sb);
ps.println("</tomcat-users>");
@@ -91,13 +91,13 @@ public class UsersDump {
}
return true;
}
-
+
/**
- *
+ *
* Note: This method returns a String if there's an error, or null if ok.
- * This unusual style is necessitated by the fact that any Exceptions thrown are likely to
+ * This unusual style is necessitated by the fact that any Exceptions thrown are likely to
* be unlogged and hidden from view, making debugging almost impossible.
- *
+ *
* @param writeto
* @param up
* @return
@@ -129,7 +129,7 @@ public class UsersDump {
int startA=0, startB=0;
for (int i=0;startA<orig.length && i<3;++startA) if (orig[startA]=='<')++i;
for (int i=0;startB<orig.length && i<3;++startB) if (postulate[startB]=='<')++i;
-
+
writeIt=orig.length-startA!=postulate.length-startB; // first, check if remaining length is the same
while (!writeIt && startA<orig.length && startB<postulate.length) {
if (orig[startA++]!=postulate[startB++])writeIt = true;
@@ -141,7 +141,7 @@ public class UsersDump {
} else {
writeIt = true;
}
-
+
if (writeIt) {
try {
FileOutputStream fos = new FileOutputStream(file);
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZ.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZ.java
index 5aa502d4..fefb0970 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZ.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZ.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java
index 0bd87d98..8073249c 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -32,7 +32,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
- *
+ *
* @author Jonathan
*
*/
@@ -53,14 +53,14 @@ public class AUTHZServlet<S extends Servlet> implements Servlet {
roles = rolesAllowed.value();
}
}
-
+
public void init(ServletConfig sc) throws ServletException {
if (delegate == null) {
throw new ServletException("Invalid Servlet Delegate");
}
delegate.init(sc);
}
-
+
public ServletConfig getServletConfig() {
return delegate.getServletConfig();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AccessGetter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AccessGetter.java
index ae4347d3..96eebf5e 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AccessGetter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AccessGetter.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java
index 292f8e1c..d97fe28b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -41,15 +41,15 @@ import org.onap.aaf.cadi.util.Split;
/**
* This filter allows one to protect the APIs from data stored in AAF
- *
+ *
* @author Instrumental(Jonathan)
*/
public class CadiApiEnforcementFilter implements Filter {
private String type;
private Map<String,List<String>> publicPaths;
private Access access;
-
-
+
+
public CadiApiEnforcementFilter(Access access, String enforce) throws ServletException {
this.access = access;
init(enforce);
@@ -60,12 +60,12 @@ public class CadiApiEnforcementFilter implements Filter {
public void init(FilterConfig fc) throws ServletException {
init(fc.getInitParameter(Config.CADI_API_ENFORCEMENT));
// need the Context for Logging, instantiating ClassLoader, etc
- ServletContextAccess sca=new ServletContextAccess(fc);
+ ServletContextAccess sca=new ServletContextAccess(fc);
if (access==null) {
access = sca;
}
}
-
+
private void init(final String ptypes) throws ServletException {
if(ptypes==null) {
throw new ServletException("CadiApiEnforcement requires " + Config.CADI_API_ENFORCEMENT + " property");
@@ -99,10 +99,10 @@ public class CadiApiEnforcementFilter implements Filter {
HttpServletRequest hreq = (HttpServletRequest)req;
final String meth = hreq.getMethod();
String path = hreq.getContextPath()+hreq.getPathInfo();
-
+
if(path == null || path.isEmpty() || "null".equals(path))
path = hreq.getRequestURI().substring(hreq.getContextPath().length());
-
+
List<String> list = publicPaths.get(meth);
if(list!=null) {
for( String p : publicPaths.get(meth)) {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java
index 50efe8b4..a2f168a1 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -52,16 +52,16 @@ import org.onap.aaf.cadi.util.Timing;
/**
* CadiFilter
- *
+ *
* This class implements Servlet Filter, and ties together CADI implementations
- *
+ *
* This class can be used in a standard J2EE Servlet manner. Optimal usage is for POJO operations, where
- * one can enforce this Filter being first and primary. Depending on the Container, it
- * may be more effective, in some cases, to utilize features that allow earlier determination of
+ * one can enforce this Filter being first and primary. Depending on the Container, it
+ * may be more effective, in some cases, to utilize features that allow earlier determination of
* AUTHN (Authorization). An example would be "Tomcat Valve". These implementations, however, should
* be modeled after the "init" and "doFilter" functions, and be kept up to date as this class changes.
- *
- *
+ *
+ *
* @author Jonathan
*
*/
@@ -73,18 +73,18 @@ public class CadiFilter implements Filter {
private Object[] additionalTafLurs;
private SideChain sideChain;
private static int count=0;
-
+
public Lur getLur() {
return httpChecker.getLur();
}
-
+
/**
* Construct a viable Filter
- *
- * Due to the vagaries of many containers, there is a tendency to create Objects and call "Init" on
+ *
+ * Due to the vagaries of many containers, there is a tendency to create Objects and call "Init" on
* them at a later time. Therefore, this object creates with an object that denies all access
* until appropriate Init happens, just in case the container lets something slip by in the meantime.
- *
+ *
*/
public CadiFilter() {
additionalTafLurs = CadiHTTPManip.noAdditional;
@@ -92,10 +92,10 @@ public class CadiFilter implements Filter {
/**
* This constructor to be used when directly constructing and placing in HTTP Engine
- *
+ *
* @param access
* @param moreTafLurs
- * @throws ServletException
+ * @throws ServletException
*/
public CadiFilter(Access access, Object ... moreTafLurs) throws ServletException {
additionalTafLurs = moreTafLurs;
@@ -120,7 +120,7 @@ public class CadiFilter implements Filter {
/**
* Init
- *
+ *
* Standard Filter "init" call with FilterConfig to obtain properties. POJOs can construct a
* FilterConfig with the mechanism of their choice, and standard J2EE Servlet engines utilize this
* mechanism already.
@@ -128,15 +128,15 @@ public class CadiFilter implements Filter {
//TODO Always validate changes against Tomcat AbsCadiValve and Jaspi CadiSAM Init functions
public void init(FilterConfig filterConfig) throws ServletException {
// need the Context for Logging, instantiating ClassLoader, etc
- ServletContextAccess sca=new ServletContextAccess(filterConfig);
+ ServletContextAccess sca=new ServletContextAccess(filterConfig);
if (access==null) {
access = sca;
}
-
+
// Set Protected getter with base Access, for internal class instantiations
init(new FCGet(access, sca.context(), filterConfig));
}
-
+
@SuppressWarnings("unchecked")
protected void init(Get getter) throws ServletException {
@@ -154,7 +154,7 @@ public class CadiFilter implements Filter {
} catch (Exception e) {
access.log(Level.INIT, "AAFTrustChecker cannot be loaded",e.getMessage());
}
-
+
try {
Class<Filter> cf=null;
try {
@@ -167,7 +167,7 @@ public class CadiFilter implements Filter {
access.log(Level.INIT, "AAFTrustChecker cannot be loaded",e.getMessage());
}
-
+
// Synchronize, because some instantiations call init several times on the same object
// In this case, the epiTaf will be changed to a non-NullTaf, and thus not instantiate twice.
synchronized(CadiHTTPManip.noAdditional /*will always remain same Object*/) {
@@ -194,8 +194,8 @@ public class CadiFilter implements Filter {
pathExceptions = str.split("\\s*:\\s*");
}
}
-
- /*
+
+ /*
* SETUP Permission Converters... those that can take Strings from a Vendor Product, and convert to appropriate AAF Permissions
*/
if (mapPairs==null) {
@@ -227,7 +227,7 @@ public class CadiFilter implements Filter {
}
// Add API Enforcement Point
- String enforce = getter.get(Config.CADI_API_ENFORCEMENT, null, true);
+ String enforce = getter.get(Config.CADI_API_ENFORCEMENT, null, true);
if(enforce!=null && enforce.length()>0) {
sideChain.add(new CadiApiEnforcementFilter(access,enforce));
}
@@ -236,7 +236,7 @@ public class CadiFilter implements Filter {
}
/**
- * Containers call "destroy" when time to cleanup
+ * Containers call "destroy" when time to cleanup
*/
public void destroy() {
// Synchronize, in case multiCadiFilters are used.
@@ -252,7 +252,7 @@ public class CadiFilter implements Filter {
/**
* doFilter
- *
+ *
* This is the standard J2EE invocation. Analyze the request, modify response as necessary, and
* only call the next item in the filterChain if request is suitably Authenticated.
*/
@@ -295,7 +295,7 @@ public class CadiFilter implements Filter {
}
- /**
+ /**
* If PathExceptions exist, report if these should not have Authn applied.
* @param hreq
* @return
@@ -317,7 +317,7 @@ public class CadiFilter implements Filter {
}
return false;
}
-
+
/**
* Get Converter by Path
*/
@@ -332,7 +332,7 @@ public class CadiFilter implements Filter {
}
return NullPermConverter.singleton();
}
-
+
/**
* store PermConverters by Path prefix
* @author Jonathan
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java
index 0a89af0c..7c63a822 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -47,10 +47,10 @@ import org.onap.aaf.cadi.util.UserChainManip;
/**
* Encapsulate common HTTP Manipulation Behavior. It will appropriately set
* HTTPServletResponse for Redirect or Forbidden, as needed.
- *
+ *
* Further, this is useful, because it avoids multiple creates of Connections, where some Filters
* are created and destroyed regularly.
- *
+ *
* @author Jonathan
*
*/
@@ -73,7 +73,7 @@ public class CadiHTTPManip {
private CredVal up;
private Lur lur;
private String thisPerm,companyPerm,aaf_id;
-
+
public static final Object[] noAdditional = new Object[0]; // CadiFilter can be created each call in some systems
@@ -82,7 +82,7 @@ public class CadiHTTPManip {
this.access = access;
// Get getter = new AccessGetter(access);
Config.setDefaultRealm(access);
-
+
aaf_id = access.getProperty(Config.CADI_ALIAS,access.getProperty(Config.AAF_APPID, null));
if (aaf_id==null) {
access.printf(Level.INIT, "%s is not set. %s can be used instead",Config.AAF_APPID,Config.CADI_ALIAS);
@@ -107,9 +107,9 @@ public class CadiHTTPManip {
}
SecurityInfoC<HttpURLConnection> si;
si = SecurityInfoC.instance(access, HttpURLConnection.class);
-
+
lur = Config.configLur(si, con, additionalTafLurs);
-
+
tc.setLur(lur);
if (lur instanceof EpiLur) {
up = ((EpiLur)lur).getUserPassImpl();
@@ -126,33 +126,33 @@ public class CadiHTTPManip {
TafResp tresp = taf.validate(Taf.LifeForm.LFN, hreq, hresp);
switch(tresp.isAuthenticated()) {
case IS_AUTHENTICATED:
- access.printf(Level.DEBUG,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(),
+ access.printf(Level.DEBUG,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(),
hreq.getRemotePort(),AUTHENTICATED,tresp.desc());
break;
case TRY_AUTHENTICATING:
switch (tresp.authenticate()) {
case IS_AUTHENTICATED:
- access.printf(Level.DEBUG,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(),
+ access.printf(Level.DEBUG,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(),
hreq.getRemotePort(),AUTHENTICATED,tresp.desc());
break;
case HTTP_REDIRECT_INVOKED:
- access.printf(Level.DEBUG,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(),
+ access.printf(Level.DEBUG,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(),
hreq.getRemotePort(),AUTHENTICATING_VIA_REDIRECTION,tresp.desc());
break;
case NO_FURTHER_PROCESSING:
- access.printf(Level.AUDIT,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(),
+ access.printf(Level.AUDIT,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(),
hreq.getRemotePort(),AUTHENTICATION_FAILURE,tresp.desc());
hresp.sendError(403, tresp.desc()); // Forbidden
break;
default:
- access.printf(Level.AUDIT,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(),
+ access.printf(Level.AUDIT,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(),
hreq.getRemotePort(),NO_TAF_WILL_AUTHORIZE,tresp.desc());
hresp.sendError(403, tresp.desc()); // Forbidden
}
break;
case NO_FURTHER_PROCESSING:
- access.printf(Level.AUDIT,MSG_FMT, tresp.getTarget(),hreq.getRemoteAddr(),
+ access.printf(Level.AUDIT,MSG_FMT, tresp.getTarget(),hreq.getRemoteAddr(),
hreq.getRemotePort(),NO_TAF_WILL_AUTHORIZE,tresp.desc());
hresp.sendError(403, ACCESS_DENIED); // FORBIDDEN
break;
@@ -161,12 +161,12 @@ public class CadiHTTPManip {
hreq.getRemotePort(),NO_TAF_WILL_AUTHORIZE,tresp.desc());
hresp.sendError(403, ACCESS_DENIED); // FORBIDDEN
}
-
+
return tresp;
}
-
+
public boolean notCadi(CadiWrap req, HttpServletResponse resp) {
-
+
String pathInfo = req.getPathInfo();
if (METH.equalsIgnoreCase(req.getMethod()) && pathInfo!=null && pathInfo.contains(CADI)) {
if (req.getUser().equals(aaf_id) || req.isUserInRole(thisPerm) || req.isUserInRole(companyPerm)) {
@@ -201,11 +201,11 @@ public class CadiHTTPManip {
}
return true;
}
-
+
public Lur getLur() {
return lur;
}
-
+
public void destroy() {
access.log(Level.INFO,"CadiHttpChecker destroyed.");
if (lur!=null) {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java
index 1805c782..e9cb59ce 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -34,7 +34,7 @@ import org.onap.aaf.cadi.config.Get;
*/
public class FCGet implements Get {
/**
- *
+ *
*/
private final Access access;
private FilterConfig filterConfig;
@@ -52,12 +52,12 @@ public class FCGet implements Get {
if (context!=null) {
str = context.getInitParameter(name);
}
-
+
// Try Filter Context next
if (str==null && filterConfig != null) {
str = filterConfig.getInitParameter(name);
}
-
+
if (str==null) {
str = access.getProperty(name, def);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapBathConverter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapBathConverter.java
index 8c616f4a..7ad1921c 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapBathConverter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapBathConverter.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -39,21 +39,21 @@ import org.onap.aaf.cadi.util.CSV;
import org.onap.aaf.cadi.util.CSV.Visitor;
/**
- * This Filter is designed to help MIGRATE users from systems that don't match the FQI style.
- *
+ * This Filter is designed to help MIGRATE users from systems that don't match the FQI style.
+ *
* Style 1, where just the ID is translated, i.e. OLD => new@something.onap.org, that is acceptable
* longer term, because it does not store Creds locally. The passwords are in appropriate systems, but
* it's still painful operationally, though it does ease migration.
*
* Style 3, however, which is Direct match of Authorization Header to replacement, is only there
* because some passwords are simply not acceptable for AAF, (too easy, for instance), and it is
- * not feasible to break Organization Password rules for a Migration. Therefore, this method
+ * not feasible to break Organization Password rules for a Migration. Therefore, this method
* should not considered something that is in any way a permanent
- *
+ *
- *
+ *
* It goes without saying that any file with the password conversion should be protected by "400", etc.
- *
+ *
* @author Instrumental (Jonathan)
*
*/
@@ -63,15 +63,15 @@ public class MapBathConverter {
/**
* Create with colon separated name value pairs
- * Enter the entire "Basic dXNlcjpwYXNz" "Authorization" header, where "dXNlcjpwYXNz" is
+ * Enter the entire "Basic dXNlcjpwYXNz" "Authorization" header, where "dXNlcjpwYXNz" is
* base64 encoded, which can be created with "cadi" tool (in jar)
- *
- * The replacement should also be an exact replacement of what you want. Recognize that
- * this should be TEMPORARY as you are storing credentials outside the users control.
- *
+ *
+ * The replacement should also be an exact replacement of what you want. Recognize that
+ * this should be TEMPORARY as you are storing credentials outside the users control.
+ *
* @param value
- * @throws IOException
- * @throws CadiException
+ * @throws IOException
+ * @throws CadiException
*/
public MapBathConverter(final Access access, final CSV csv) throws IOException, CadiException {
map = new TreeMap<>();
@@ -110,7 +110,7 @@ public class MapBathConverter {
}
});
}
-
+
private static String idFromBasic(String bath, Holder<String> hpass) throws IOException, CadiException {
if(bath.startsWith(BASIC)) {
String cred = Symm.base64noSplit.decode(bath.substring(6));
@@ -128,8 +128,8 @@ public class MapBathConverter {
}
/**
- * use to instantiate entries
- *
+ * use to instantiate entries
+ *
* @return
*/
public Map<String,String> map() {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java
index 7953e076..24c7d290 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -30,7 +30,7 @@ public class MapPermConverter implements PermConverter {
/**
* Create with colon separated name value pairs
* i.e. teAdmin=com.att.myNS.myPerm|*|*:teUser=...
- *
+ *
* @param value
*/
public MapPermConverter() {
@@ -38,8 +38,8 @@ public class MapPermConverter implements PermConverter {
}
/**
- * use to instantiate entries
- *
+ * use to instantiate entries
+ *
* @return
*/
public Map<String,String> map() {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PermConverter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PermConverter.java
index dfd0f64b..e074a7fe 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PermConverter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PermConverter.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -23,7 +23,7 @@ package org.onap.aaf.cadi.filter;
/**
* Convert a simplistic, single string Permission into an Enterprise Scoped Perm
- *
+ *
* @author Jonathan
*
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/RolesAllowed.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/RolesAllowed.java
index ac61a5c6..c27519fb 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/RolesAllowed.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/RolesAllowed.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -20,16 +20,16 @@
*/
/**
- * RolesAllowed
- *
+ * RolesAllowed
+ *
* @author Jonathan
- *
+ *
* Similar to Java EE's Spec from Annotations 1.1, 2.8
- *
+ *
* That Spec, however, was geared towards being able to route calls to Methods on Objects, and thus needed a more refined
* sense of permissions hierarchy. The same mechanism, however, can easily be achieved on single Servlet/Handlers in
* POJOs like Jetty by simply adding the Roles Allowed in a similar Annotation
- *
+ *
*/
package org.onap.aaf.cadi.filter;
import static java.lang.annotation.ElementType.TYPE;
@@ -39,9 +39,9 @@ import java.lang.annotation.Retention;
import java.lang.annotation.Target;
/**
- * JASPI Style Annotation of RolesAllowed when the coding style is desired but actually including all
+ * JASPI Style Annotation of RolesAllowed when the coding style is desired but actually including all
* JEE jars is not. If using actual JASPI, use official @interface classes, not this one...
- *
+ *
* @author Jonathan
*/
@Target({TYPE})
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/ServletImpl.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/ServletImpl.java
index 5386eb2d..33bc29de 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/ServletImpl.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/ServletImpl.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -20,16 +20,16 @@
*/
/**
- * RolesAllowed
- *
+ * RolesAllowed
+ *
* @author Jonathan
- *
+ *
* Similar to Java EE's Spec from Annotations 1.1, 2.8
- *
+ *
* That Spec, however, was geared towards being able to route calls to Methods on Objects, and thus needed a more refined
* sense of permissions hierarchy. The same mechanism, however, can easily be achieved on single Servlet/Handlers in
* POJOs like Jetty by simply adding the Roles Allowed in a similar Annotation
- *
+ *
*/
package org.onap.aaf.cadi.filter;
import static java.lang.annotation.ElementType.TYPE;
@@ -41,7 +41,7 @@ import java.lang.annotation.Target;
import javax.servlet.Servlet;
/**
- *
+ *
* @author Jonathan
*/
@Target({TYPE})
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/SideChain.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/SideChain.java
index 18e76b96..0f69b5b0 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/SideChain.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/SideChain.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -33,21 +33,21 @@ import javax.xml.ws.Holder;
/**
* Add various Filters by CADI Property not in the official Chain
- *
+ *
* @author Instrumental(Jonathan)
*
*/
public class SideChain {
private List<Filter> sideChain;
-
+
public SideChain() {
sideChain = new ArrayList<Filter>();
}
-
+
public void add(Filter f) {
sideChain.add(f);
}
-
+
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)throws IOException, ServletException {
final Holder<Boolean> hbool = new Holder<Boolean>(Boolean.TRUE);
FilterChain truth = new FilterChain() {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java
index a41c5eb7..56ba80a7 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -47,7 +47,7 @@ public class ConfigPrincipal implements Principal, GetCred {
public String getName() {
return name;
}
-
+
public byte[] getCred() {
return cred;
}
@@ -55,14 +55,14 @@ public class ConfigPrincipal implements Principal, GetCred {
public String toString() {
return name;
}
-
+
public String getAsBasicAuthHeader() throws IOException {
if (content ==null) {
String s = name + ':' + new String(cred);
- content = "Basic " + Symm.base64.encode(s);
+ content = "Basic " + Symm.base64.encode(s);
} else if (!content.startsWith("Basic ")) { // content is the saved password from construction
String s = name + ':' + content;
- content = "Basic " + Symm.base64.encode(s);
+ content = "Basic " + Symm.base64.encode(s);
}
return content;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
index 5443dec2..3504290b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -32,25 +32,25 @@ import org.onap.aaf.cadi.Permission;
/**
* EpiLUR
- *
+ *
* Short for "Epic LUR". Be able to run through a series of LURs to obtain the validation needed.
- *
- * The pun is better for the other pattern... "TAF" (aka EpiTaf), but it's still the larger picture of
+ *
+ * The pun is better for the other pattern... "TAF" (aka EpiTaf), but it's still the larger picture of
* LURs that will be accomplished.
- *
+ *
* FYI, the reason we separate LURs, rather than combine, is that Various User Repository Resources have
* different Caching requirements. For instance, the Local User Repo (with stand alone names), never expire, but might be
- * refreshed with a change in Configuration File, while the Remote Service based LURs will need to expire at prescribed intervals
- *
+ * refreshed with a change in Configuration File, while the Remote Service based LURs will need to expire at prescribed intervals
+ *
* @author Jonathan
*
*/
public final class EpiLur implements Lur {
private final Lur[] lurs;
-
+
/**
* EpiLur constructor
- *
+ *
* Construct the EpiLur from variable TAF parameters
* @param lurs
* @throws CadiException
@@ -86,7 +86,7 @@ public final class EpiLur implements Lur {
}
/**
- * Return the first Lur (if any) which also implements UserPass
+ * Return the first Lur (if any) which also implements UserPass
* @return
*/
public CredVal getUserPassImpl() {
@@ -102,7 +102,7 @@ public final class EpiLur implements Lur {
public boolean handlesExclusively(Permission ... pond) {
return false;
}
-
+
/**
* Get Lur for index. Returns null if out of range
* @param idx
@@ -131,7 +131,7 @@ public final class EpiLur implements Lur {
}
}
}
-
+
public Lur subLur(Class<? extends Lur> cls ) {
for (Lur l : lurs) {
if (l.getClass().isAssignableFrom(cls)) {
@@ -155,7 +155,7 @@ public final class EpiLur implements Lur {
lur.clear(p, report);
}
}
-
+
public String toString() {
StringBuilder sb = new StringBuilder();
for (Lur lur : lurs) {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
index f8fa02e5..d6db6f4d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
@@ -148,7 +148,7 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur
public Permission createPerm(String p) {
return new LocalPermission(p);
}
-
+
private void parseUserProperties(String userProperties) throws IOException {
// For each User name...
for (String userProperty : userProperties.trim().split(SEMI)) {
@@ -179,7 +179,7 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur
}
}
-
+
private void parseGroupProperties(String groupProperties) throws IOException {
// For each Group name...
for (String group : groupProperties.trim().split(SEMI)) {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalPermission.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalPermission.java
index ee7bab9c..64cb7550 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalPermission.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalPermission.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -25,11 +25,11 @@ import org.onap.aaf.cadi.Permission;
public class LocalPermission implements Permission {
private String key;
-
+
public LocalPermission(String role) {
this.key = role;
}
-
+
public String getKey() {
return key;
}
@@ -45,6 +45,6 @@ public class LocalPermission implements Permission {
public String permType() {
return "LOCAL";
}
-
-
+
+
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
index fe9bbd30..c8ff2747 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -80,7 +80,7 @@ public class NullLur implements Lur {
report.append(NullLur.class.getSimpleName());
report.append('\n');
}
-
+
public String toString() {
return NullLur.class.getSimpleName() + '\n';
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java
index 746e67d8..8846f5f6 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -66,7 +66,7 @@ public class BasicPrincipal extends BearerPrincipal implements GetCred {
name = name + '@' + defaultDomain;
}
}
-
+
public BasicPrincipal(BasicCred bc, String domain) {
name = bc.getUser();
cred = bc.getCred();
@@ -76,7 +76,7 @@ public class BasicPrincipal extends BearerPrincipal implements GetCred {
private class BasicOS extends OutputStream {
private boolean first = true;
private ByteArrayOutputStream baos;
-
+
public BasicOS(int size) {
baos = new ByteArrayOutputStream(size);
}
@@ -86,33 +86,33 @@ public class BasicPrincipal extends BearerPrincipal implements GetCred {
if (b==':' && first) {
first = false;
name = new String(baos.toByteArray());
- baos.reset(); //
+ baos.reset(); //
} else {
baos.write(b);
}
}
-
+
private byte[] toCred() {
return baos.toByteArray();
}
}
-
+
public String getName() {
return name;
}
-
+
public String getShortName() {
return shortName;
}
-
+
public String getDomain() {
return domain;
}
-
+
public byte[] getCred() {
return cred;
}
-
+
public long created() {
return created;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BearerPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BearerPrincipal.java
index 6fdcdc0d..4930796c 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BearerPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BearerPrincipal.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java
index 4a6e4cda..1a733e04 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -29,7 +29,7 @@ import org.onap.aaf.cadi.taf.HttpTaf;
/**
* Cached Principals need to be able to revalidate in the Background
- *
+ *
* @author Jonathan
*
*/
@@ -44,7 +44,7 @@ public class CachedBasicPrincipal extends BasicPrincipal implements CachedPrinci
this.timeToLive = timeToLive;
expires = System.currentTimeMillis()+timeToLive;
}
-
+
public CachedBasicPrincipal(HttpTaf creator, String content, String domain, long timeToLive) throws IOException {
super(content, domain);
this.creator = creator;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java
index 20f22846..368908a8 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -29,8 +29,8 @@ public class Kind {
public static final char AAF_OAUTH='A';
public static final char BASIC_AUTH = 'B';
public static final char UNKNOWN = 'U';
-
-
+
+
public static char getKind(final Principal principal) {
Principal check;
if (principal instanceof TrustPrincipal) {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java
index 01326054..5a7a7761 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -24,20 +24,20 @@ package org.onap.aaf.cadi.principal;
public class OAuth2FormPrincipal extends TaggedPrincipal {
private final String username;
private final String client_id;
-
+
/*
* Note: client_id and username might be the same, if only authenticating the Client_ID
*/
public OAuth2FormPrincipal(final String client_id, final String username) {
this.username = username;
- this.client_id = client_id;
+ this.client_id = client_id;
}
-
+
@Override
public String getName() {
return username;
}
-
+
public String client_id() {
return client_id;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java
index 7bb4ff52..8aaad117 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java
@@ -39,9 +39,9 @@ public abstract class TaggedPrincipal implements Principal {
public interface TagLookup {
public String lookup() throws CadiException;
}
-
+
private TagLookup tagLookup;
-
+
public void setTagLookup(TagLookup tl) {
tagLookup = tl;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java
index 7e92aaca..352b4e1d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -29,7 +29,7 @@ public class TrustPrincipal extends BearerPrincipal implements UserChain {
private final String name;
private final Principal original;
private String userChain;
-
+
public TrustPrincipal(final Principal actual, final String asName) {
this.original = actual;
name = asName.trim();
@@ -42,17 +42,17 @@ public class TrustPrincipal extends BearerPrincipal implements UserChain {
userChain = actual.getClass().getSimpleName();
}
}
-
+
@Override
public String getName() {
return name;
}
-
+
@Override
public String userChain() {
return userChain;
}
-
+
public Principal original() {
return original;
}
@@ -66,5 +66,5 @@ public class TrustPrincipal extends BearerPrincipal implements UserChain {
public String personalName() {
return original.getName() + '[' + userChain + ']';
}
-
+
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/UnAuthPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/UnAuthPrincipal.java
index f0cacd8d..872f4aa4 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/UnAuthPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/UnAuthPrincipal.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -25,7 +25,7 @@ import java.security.Principal;
public class UnAuthPrincipal implements Principal {
private String name;
-
+
public UnAuthPrincipal(final String name) {
this.name = name;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java
index 0348cd1f..f5303584 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -34,7 +34,7 @@ public class X509Principal extends BearerPrincipal implements GetCred {
private final X509Certificate cert;
private final String name;
private byte[] content;
- private BasicHttpTaf bht;
+ private BasicHttpTaf bht;
public X509Principal(String identity, X509Certificate cert) {
name = identity;
@@ -71,7 +71,7 @@ public class X509Principal extends BearerPrincipal implements GetCred {
name = _name;
this.bht = bht;
}
-
+
public String getAsHeader() throws IOException {
try {
if (content==null) {
@@ -82,7 +82,7 @@ public class X509Principal extends BearerPrincipal implements GetCred {
}
return "X509 " + content;
}
-
+
public String toString() {
return "X509 Authentication for " + name;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java
index f420f41f..c8f2a629 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -27,9 +27,9 @@ import org.onap.aaf.cadi.util.Timing;
/**
* AbsTafResp
- *
+ *
* Base class for TafResp (TAF Response Objects)
- *
+ *
* @author Jonathan
*
*/
@@ -45,14 +45,14 @@ public abstract class AbsTafResp implements TafResp {
/**
* AbsTafResp
- *
+ *
* Set and hold
* Description (for logging)
* Principal (as created by derived class)
* Access (for access to underlying container, i.e. for Logging, auditing, ClassLoaders, etc)
- *
+ *
* @param access
- * @param tafname
+ * @param tafname
* @param principal
* @param description
*/
@@ -63,17 +63,17 @@ public abstract class AbsTafResp implements TafResp {
this.target = principal==null?"unknown":principal.getName();
this.desc = description;
}
-
+
/**
* AbsTafResp
- *
+ *
* Set and hold
* Description (for logging)
* Principal (as created by derived class)
* Access (for access to underlying container, i.e. for Logging, auditing, ClassLoaders, etc)
- *
+ *
* @param access
- * @param tafname
+ * @param tafname
* @param principal
* @param description
*/
@@ -87,7 +87,7 @@ public abstract class AbsTafResp implements TafResp {
/**
* isValid()
- *
+ *
* Respond in the affirmative if the TAF was able to Authenticate
*/
public boolean isValid() {
@@ -96,8 +96,8 @@ public abstract class AbsTafResp implements TafResp {
/**
* desc()
- *
- * Respond with description of response as given by the TAF
+ *
+ * Respond with description of response as given by the TAF
*/
public String desc() {
return desc;
@@ -105,11 +105,11 @@ public abstract class AbsTafResp implements TafResp {
/**
* isAuthenticated()
- *
+ *
* Respond with the TAF's code of whether Authenticated, or suggested next steps
* default is either IS_AUTHENTICATED, or TRY_ANOTHER_TAF. The TAF can overload
* and suggest others, such as "NO_FURTHER_PROCESSING", if it can detect that this
- * is some sort of security breach (i.e. Denial of Service)
+ * is some sort of security breach (i.e. Denial of Service)
*/
public RESP isAuthenticated() {
return principal==null?RESP.TRY_ANOTHER_TAF:RESP.IS_AUTHENTICATED;
@@ -117,9 +117,9 @@ public abstract class AbsTafResp implements TafResp {
/**
* getPrincipal()
- *
- * Return the principal created by the TAF based on Authentication.
- *
+ *
+ * Return the principal created by the TAF based on Authentication.
+ *
* Returns "null" if Authentication failed (no principal)
*/
public TaggedPrincipal getPrincipal() {
@@ -133,10 +133,10 @@ public abstract class AbsTafResp implements TafResp {
public String getTarget() {
return target;
}
-
+
/**
* getAccess()
- *
+ *
* Get the Access object from the TAF, so that appropriate Logging, etc can be coordinated.
*/
public Access getAccess() {
@@ -154,7 +154,7 @@ public abstract class AbsTafResp implements TafResp {
public float timing() {
return timing;
}
-
+
@Override
public void timing(final long start) {
timing = Timing.millis(start);
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java
index d2cbf3fa..683b10ba 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -26,21 +26,21 @@ import org.onap.aaf.cadi.Taf;
/**
* EpiTAF
- *
+ *
* Short for "Epic TAF". Be able to run through a series of TAFs to obtain the validation needed.
- *
+ *
* OK, the name could probably be better as "Tafs", like it was originally, but the pun was too
* irresistible for this author to pass up.
- *
+ *
* @author Jonathan
*
*/
public class EpiTaf implements Taf {
private Taf[] tafs;
-
+
/**
* EpiTaf constructor
- *
+ *
* Construct the EpiTaf from variable TAF parameters
* @param tafs
* @throws CadiException
@@ -52,13 +52,13 @@ public class EpiTaf implements Taf {
/**
* validate
- *
- * Respond with the first TAF to authenticate user based on variable info and "LifeForm" (is it
+ *
+ * Respond with the first TAF to authenticate user based on variable info and "LifeForm" (is it
* a human behind an interface, or a server behind a protocol).
- *
+ *
* If there is no TAF that can authenticate, respond with the first TAF that suggests it can
* establish an Authentication conversation (TRY_AUTHENTICATING).
- *
+ *
* If no TAF declares either, respond with NullTafResp (which denies all questions)
*/
public TafResp validate(LifeForm reading, String... info) {
@@ -76,7 +76,7 @@ public class EpiTaf implements Taf {
}
}
- // No TAFs configured, at this point. It is safer at this point to be "not validated",
+ // No TAFs configured, at this point. It is safer at this point to be "not validated",
// rather than "let it go"
return firstTryAuth == null?NullTafResp.singleton():firstTryAuth;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java
index 6334164e..f8eb089e 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java
@@ -181,7 +181,7 @@ public class HttpEpiTaf implements HttpTaf {
}
return Resp.NOT_MINE;
}
-
+
private void addToLog(List<TafResp> log, final TafResp tresp, final long start) {
if (log == null) {
return;
@@ -189,7 +189,7 @@ public class HttpEpiTaf implements HttpTaf {
tresp.timing(start);
log.add(tresp);
}
-
+
private void printLog(List<TafResp> log) {
if (log == null) {
return;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpTaf.java
index 77976ce2..76938036 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpTaf.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -28,31 +28,31 @@ import org.onap.aaf.cadi.CachedPrincipal;
import org.onap.aaf.cadi.Taf.LifeForm;
/**
- * A TAF which is in a specific HTTP environment in which the engine implements
+ * A TAF which is in a specific HTTP environment in which the engine implements
* javax Servlet.
- *
+ *
* Using the Http Request and Response interfaces takes the effort out of implementing in almost any kind of
* HTTP Container or Engine.
- *
+ *
* @author Jonathan
*
*/
public interface HttpTaf {
/**
* validate
- *
+ *
* Validate the Request, and respond with created TafResp object.
- *
+ *
* @param reading
* @param req
* @param resp
* @return
*/
public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp);
-
+
/**
* Re-Validate Credential
- *
+ *
* @param prin
* @return
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/LoginPageTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/LoginPageTafResp.java
index d64fbe0d..541fa395 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/LoginPageTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/LoginPageTafResp.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -47,15 +47,15 @@ public class LoginPageTafResp extends AbsTafResp {
httpResp.sendRedirect(loginPageURL);
return RESP.HTTP_REDIRECT_INVOKED;
}
-
+
@Override
public RESP isAuthenticated() {
return RESP.TRY_AUTHENTICATING;
}
-
+
public static TafResp create(Access access, Locator<URI> locator, final HttpServletResponse resp, List<Redirectable> redirectables) {
if (locator == null) {
- if (!redirectables.isEmpty()) {
+ if (!redirectables.isEmpty()) {
access.log(Level.DEBUG,"LoginPage Locator is not configured. Taking first Redirectable Taf");
return redirectables.get(0);
}
@@ -91,7 +91,7 @@ public class LoginPageTafResp extends AbsTafResp {
return NullTafResp.singleton();
}
-
+
@Override
public String taf() {
return "LoginPage";
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTaf.java
index 7e834794..5b31e103 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTaf.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -32,7 +32,7 @@ import org.onap.aaf.cadi.CachedPrincipal.Resp;
/**
* This TAF is set at the very beginning of Filters and Valves so that if any configuration issues hit while
* starting, the default behavior is to shut down traffic rather than leaving an open hole
- *
+ *
* @author Jonathan
*
*/
@@ -41,8 +41,8 @@ public class NullTaf implements Taf, HttpTaf {
public NullTaf() {}
/**
- * validate
- *
+ * validate
+ *
* Always Respond with a NullTafResp, which declares it is unauthenticated, and unauthorized
*/
public TafResp validate(LifeForm reading, String... info) {
@@ -50,8 +50,8 @@ public class NullTaf implements Taf, HttpTaf {
}
/**
- * validate
- *
+ * validate
+ *
* Always Respond with a NullTafResp, which declares it is unauthenticated, and unauthorized
*/
public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java
index b3b7fb59..3e77cfac 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -33,25 +33,25 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
*/
class NullTafResp implements TafResp {
private NullTafResp(){}
-
+
private static TafResp singleton = new NullTafResp();
-
+
public static TafResp singleton() {
return singleton;
}
-
+
public boolean isValid() {
return false;
}
-
+
public RESP isAuthenticated() {
return RESP.NO_FURTHER_PROCESSING;
}
-
+
public String desc() {
return "All Authentication denied";
}
-
+
public RESP authenticate() throws IOException {
return RESP.NO_FURTHER_PROCESSING;
}
@@ -87,7 +87,7 @@ class NullTafResp implements TafResp {
@Override
public void timing(long start) {
}
-
+
@Override
public String taf() {
return "NULL";
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java
index 6bb57d36..aa5f34ca 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -42,19 +42,19 @@ public class PuntTafResp implements TafResp {
this.name = name;
desc = "Not processing this transaction: " + explanation;
}
-
+
public boolean isValid() {
return false;
}
-
+
public RESP isAuthenticated() {
return RESP.TRY_ANOTHER_TAF;
}
-
+
public String desc() {
return desc;
}
-
+
public RESP authenticate() throws IOException {
return RESP.TRY_ANOTHER_TAF;
}
@@ -88,7 +88,7 @@ public class PuntTafResp implements TafResp {
public void timing(long start) {
timing = Timing.millis(start);
}
-
+
@Override
public String taf() {
return name;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/Redirectable.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/Redirectable.java
index 47c262b0..37b531c9 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/Redirectable.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/Redirectable.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TafResp.java
index 6850a372..c1563f59 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TafResp.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -29,38 +29,38 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
/**
* Response from Taf objects, which inform users what has happened and/or what should be done
- *
+ *
* @author Jonathan
*
*/
public interface TafResp {
public static enum RESP {
- IS_AUTHENTICATED,
- NO_FURTHER_PROCESSING,
- TRY_AUTHENTICATING,
+ IS_AUTHENTICATED,
+ NO_FURTHER_PROCESSING,
+ TRY_AUTHENTICATING,
TRY_ANOTHER_TAF,
- FAIL,
- // A note was made to avoid the response REDIRECT. However, I have deemed that it is
+ FAIL,
+ // A note was made to avoid the response REDIRECT. However, I have deemed that it is
// unavoidable when the underlying TAF did do a REDIRECT, because it requires a HTTP
// Service code to exit without modifying the Response any further.
- // Therefore, I have changed this to indicate what HAS happened, with should accommodate
+ // Therefore, I have changed this to indicate what HAS happened, with should accommodate
// both positions. Jonathan 10/18/2012
// public static final int HTTP_REDIRECT_INVOKED = 11;
HTTP_REDIRECT_INVOKED,
HAS_PROCESSED};
-
+
/**
* Basic success check
* @return
*/
public boolean isValid();
-
+
/**
* String description of what has occurred (for logging/exceptions)
* @return
*/
public String desc();
-
+
/**
* Check Response
* @return
@@ -69,10 +69,10 @@ public interface TafResp {
/**
* Authenticate, returning FAIL or Other Valid indication
- *
+ *
* HTTP implementations should watch for "HTTP_REDIRECT_INVOKED", and end the HTTP call appropriately.
* @return
- * @throws CadiException
+ * @throws CadiException
*/
public RESP authenticate() throws IOException;
@@ -81,7 +81,7 @@ public interface TafResp {
* @return
*/
public TaggedPrincipal getPrincipal();
-
+
/** Target - when Authentication Fails, need to know what ID was being attempted
* @return
*/
@@ -91,12 +91,12 @@ public interface TafResp {
* get the Access object which created this object, allowing the responder to appropriate Log, etc
*/
public Access getAccess();
-
+
/**
* Be able to check if part of a Failed attempt
*/
public boolean isFailedAttempt();
-
+
/**
* report how long this took
* @return
@@ -108,7 +108,7 @@ public interface TafResp {
* @param start
*/
void timing(long start);
-
+
/**
* Support Taf Name
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java
index dee0ba07..290d5f03 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -31,12 +31,12 @@ public class TrustNotTafResp implements TafResp {
private final TafResp delegate;
private final String desc;
private float timing;
-
+
public TrustNotTafResp(final TafResp delegate, final String desc) {
this.delegate = delegate;
this.desc = desc;
}
-
+
@Override
public boolean isValid() {
return false;
@@ -88,12 +88,12 @@ public class TrustNotTafResp implements TafResp {
public void timing(long start) {
timing = Timing.millis(start);
}
-
+
@Override
public String toString() {
return desc();
}
-
+
@Override
public String taf() {
return "TrustNot";
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java
index 2701c27a..5a85ebfd 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -32,13 +32,13 @@ public class TrustTafResp implements TafResp {
private final TaggedPrincipal principal;
private final String desc;
private float timing;
-
+
public TrustTafResp(final TafResp delegate, final TaggedPrincipal principal, final String desc) {
this.delegate = delegate;
this.principal = principal;
this.desc = desc + ' ' + delegate.desc();
}
-
+
@Override
public boolean isValid() {
return delegate.isValid();
@@ -90,11 +90,11 @@ public class TrustTafResp implements TafResp {
public void timing(long start) {
timing = Timing.millis(start);
}
-
+
public String toString() {
return principal.getName() + " by trust of " + desc();
}
-
+
@Override
public String taf() {
return "Trust";
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java
index 93360761..b3cf4a7d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -51,15 +51,15 @@ import org.onap.aaf.cadi.util.CSV;
/**
* BasicHttpTaf
- *
- * This TAF implements the "Basic Auth" protocol.
- *
- * WARNING! It is true for any implementation of "Basic Auth" that the password is passed unencrypted.
- * This is because the expectation, when designed years ago, was that it would only be used in
+ *
+ * This TAF implements the "Basic Auth" protocol.
+ *
+ * WARNING! It is true for any implementation of "Basic Auth" that the password is passed unencrypted.
+ * This is because the expectation, when designed years ago, was that it would only be used in
* conjunction with SSL (https). It is common, however, for users to ignore this on the assumption that
* their internal network is secure, or just ignorance. Therefore, a WARNING will be printed
* when the HTTP Channel is not encrypted (unless explicitly turned off).
- *
+ *
* @author Jonathan
*
*/
@@ -71,7 +71,7 @@ public class BasicHttpTaf implements HttpTaf {
private boolean warn;
private long timeToLive;
private MapBathConverter mapIds;
-
+
public BasicHttpTaf(Access access, CredVal rbac, String realm, long timeToLive, boolean turnOnWarning) {
this.access = access;
this.realm = realm;
@@ -93,9 +93,9 @@ public class BasicHttpTaf implements HttpTaf {
public void add(final CredValDomain cvd) {
rbacs.put(cvd.domain(), cvd);
}
-
+
/**
- * Note: BasicHttp works for either Carbon Based (Humans) or Silicon Based (machine) Lifeforms.
+ * Note: BasicHttp works for either Carbon Based (Humans) or Silicon Based (machine) Lifeforms.
* @see Taf
*/
public TafResp validate(Taf.LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
@@ -107,20 +107,20 @@ public class BasicHttpTaf implements HttpTaf {
return DenialOfServiceTaf.respDenyID(access,bc.getUser());
}
CachedBasicPrincipal bp = new CachedBasicPrincipal(this,bc,realm,timeToLive);
-
+
// Be able to do Organizational specific lookups by Domain
CredVal cv = rbacs.get(bp.getDomain());
if (cv==null) {
cv = rbac;
}
-
- // ONLY FOR Last Ditch DEBUGGING...
+
+ // ONLY FOR Last Ditch DEBUGGING...
// access.log(Level.WARN,bp.getName() + ":" + new String(bp.getCred()));
if (cv.validate(bp.getName(),Type.PASSWORD,bp.getCred(),req)) {
return new BasicHttpTafResp(access,bp,bp.getName()+" authenticated by password",RESP.IS_AUTHENTICATED,resp,realm,false);
} else {
//TODO may need timed retries in a given time period
- return new BasicHttpTafResp(access,bc.getUser(),buildMsg(bp,req,"user/pass combo invalid for ",bc.getUser(),"from",req.getRemoteAddr()),
+ return new BasicHttpTafResp(access,bc.getUser(),buildMsg(bp,req,"user/pass combo invalid for ",bc.getUser(),"from",req.getRemoteAddr()),
RESP.TRY_AUTHENTICATING,resp,realm,true);
}
}
@@ -142,20 +142,20 @@ public class BasicHttpTaf implements HttpTaf {
if (DenialOfServiceTaf.isDeniedID(ba.getName())!=null) {
return DenialOfServiceTaf.respDenyID(access,ba.getName());
}
-
+
final int at = ba.getName().indexOf('@');
CredVal cv = rbacs.get(ba.getName().substring(at+1));
- if (cv==null) {
+ if (cv==null) {
cv = rbac; // default
}
- // ONLY FOR Last Ditch DEBUGGING...
+ // ONLY FOR Last Ditch DEBUGGING...
// access.log(Level.WARN,ba.getName() + ":" + new String(ba.getCred()));
if (cv.validate(ba.getName(), Type.PASSWORD, ba.getCred(), req)) {
return new BasicHttpTafResp(access,ba, ba.getName()+" authenticated by BasicAuth password",RESP.IS_AUTHENTICATED,resp,realm,false);
} else {
//TODO may need timed retries in a given time period
- return new BasicHttpTafResp(access,target,buildMsg(ba,req,"user/pass combo invalid"),
+ return new BasicHttpTafResp(access,target,buildMsg(ba,req,"user/pass combo invalid"),
RESP.TRY_AUTHENTICATING,resp,realm,true);
}
} catch (IOException e) {
@@ -166,7 +166,7 @@ public class BasicHttpTaf implements HttpTaf {
}
return new BasicHttpTafResp(access,target,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,realm,false);
}
-
+
protected String buildMsg(Principal pr, HttpServletRequest req, Object ... msg) {
StringBuilder sb = new StringBuilder();
if (pr!=null) {
@@ -187,7 +187,7 @@ public class BasicHttpTaf implements HttpTaf {
}
return sb.toString();
}
-
+
public void addCredVal(final String realm, final CredVal cv) {
rbacs.put(realm, cv);
}
@@ -199,7 +199,7 @@ public class BasicHttpTaf implements HttpTaf {
}
return cv;
}
-
+
@Override
public Resp revalidate(CachedPrincipal prin, Object state) {
if (prin instanceof BasicPrincipal) {
@@ -211,7 +211,7 @@ public class BasicHttpTaf implements HttpTaf {
}
return Resp.NOT_MINE;
}
-
+
public String toString() {
return "Basic Auth enabled on realm: " + realm;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTafResp.java
index e2174493..36da354b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTafResp.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -36,7 +36,7 @@ public class BasicHttpTafResp extends AbsTafResp implements TafResp {
private String realm;
private RESP status;
private final boolean wasFailed;
-
+
public BasicHttpTafResp(Access access, TaggedPrincipal principal, String description, RESP status, HttpServletResponse resp, String realm, boolean wasFailed) {
super(access, tafName, principal, description);
httpResp = resp;
@@ -54,7 +54,7 @@ public class BasicHttpTafResp extends AbsTafResp implements TafResp {
}
public RESP authenticate() throws IOException {
- httpResp.setStatus(401); // Unauthorized
+ httpResp.setStatus(401); // Unauthorized
httpResp.setHeader("WWW-Authenticate", "Basic realm=\""+realm+'"');
return RESP.HTTP_REDIRECT_INVOKED;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/CertIdentity.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/CertIdentity.java
index f597159e..18c0049f 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/CertIdentity.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/CertIdentity.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -31,16 +31,16 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
public interface CertIdentity {
/**
* identity from X509Certificate Object and/or certBytes
- *
+ *
* If you have both, include them. If you only have one, leave the other null, and it will be generated if needed
- *
+ *
* The Request is there to obtain Header or Attribute info of ultimate user
- *
+ *
* @param req
* @param cert
* @param certBytes
* @return
- * @throws CertificateException
+ * @throws CertificateException
*/
public TaggedPrincipal identity(HttpServletRequest req, X509Certificate cert, byte[] certBytes) throws CertificateException;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509HttpTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509HttpTafResp.java
index d51cc86a..46a01d3e 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509HttpTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509HttpTafResp.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -32,7 +32,7 @@ public class X509HttpTafResp extends AbsTafResp implements TafResp {
private static final String tafName = X509Taf.class.getSimpleName();
private RESP status;
-
+
public X509HttpTafResp(Access access, TaggedPrincipal principal, String description, RESP status) {
super(access, tafName, principal, description);
this.status = status;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java
index 914c57b5..a06fb8e1 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -77,7 +77,7 @@ public class X509Taf implements HttpTaf {
throw new RuntimeException("X.509 and SHA-256 are required for X509Taf",e);
}
}
-
+
public X509Taf(Access access, Lur lur, CertIdentity ... cis) throws CertificateException, NoSuchAlgorithmException, CadiException {
this.access = access;
env = access.getProperty(Config.AAF_ENV,null);
@@ -103,7 +103,7 @@ public class X509Taf implements HttpTaf {
} catch (Exception e) {
certIdents = cis;
}
-
+
si = new SecurityInfo(access);
}
@@ -141,7 +141,7 @@ public class X509Taf implements HttpTaf {
int end = 1;
int comma;
int length = subject.length();
-
+
compare:
while(start<length) {
while(Character.isWhitespace(subject.charAt(start))) {
@@ -165,9 +165,9 @@ public class X509Taf implements HttpTaf {
int at = subject.indexOf('@', start);
if(at<end && at>=0) {
String[] sa = Split.splitTrim(':', subject, start+3,end+1);
- if (sa.length==1 || (sa.length>1 && env!=null && env.equals(sa[1]))) { // Check Environment
- return new X509HttpTafResp(access,
- new X509Principal(sa[0], certarr[0],(byte[])null,bht),
+ if (sa.length==1 || (sa.length>1 && env!=null && env.equals(sa[1]))) { // Check Environment
+ return new X509HttpTafResp(access,
+ new X509Principal(sa[0], certarr[0],(byte[])null,bht),
"X509Taf validated " + sa[0] + (sa.length<2?"":" for aaf_env " + env ), RESP.IS_AUTHENTICATED);
} else {
access.printf(Level.DEBUG,"Certificate is not for environment '%s'",env);
@@ -184,7 +184,7 @@ public class X509Taf implements HttpTaf {
} else {
access.log(Level.DEBUG,"There is no client certificate on the transaction");
}
-
+
byte[] array = null;
byte[] certBytes = null;
@@ -213,30 +213,30 @@ public class X509Taf implements HttpTaf {
Symm.base64noSplit.decode(bais, baos, 5);
certBytes = baos.toByteArray();
cert = getCert(certBytes);
-
- /**
+
+ /**
* Identity from CERT if well know CA and specific encoded information
*/
// If found Identity doesn't work, try SignedStuff Protocol
// cert.checkValidity();
// cert.--- GET FINGERPRINT?
String stuff = req.getHeader("Signature");
- if (stuff==null)
+ if (stuff==null)
return new X509HttpTafResp(access, null, "Header entry 'Signature' required to validate One way X509 Certificate", RESP.TRY_ANOTHER_TAF);
- String data = req.getHeader("Data");
- // if (data==null)
+ String data = req.getHeader("Data");
+ // if (data==null)
// return new X509HttpTafResp(access, null, "No signed Data to validate with X509 Certificate", RESP.TRY_ANOTHER_TAF);
-
+
// Note: Data Pos shows is "<signatureType> <data>"
// int dataPos = (stuff.indexOf(' ')); // determine what is Algorithm
- // Get Signature
+ // Get Signature
bais = new ByteArrayInputStream(stuff.getBytes());
baos = new ByteArrayOutputStream(stuff.length());
Symm.base64noSplit.decode(bais, baos);
array = baos.toByteArray();
// Signature sig = Signature.getInstance(stuff.substring(0, dataPos)); // get Algorithm from first part of Signature
-
- Signature sig = Signature.getInstance(cert.getSigAlgName());
+
+ Signature sig = Signature.getInstance(cert.getSigAlgName());
sig.initVerify(cert.getPublicKey());
sig.update(data.getBytes());
if (!sig.verify(array)) {
@@ -254,16 +254,16 @@ public class X509Taf implements HttpTaf {
if (cert==null) {
return new X509HttpTafResp(access, null, "No Certificate Info on Transaction", RESP.TRY_ANOTHER_TAF);
}
-
+
// A cert has been found, match Identify
TaggedPrincipal prin=null;
-
+
for (int i=0;prin==null && i<certIdents.length;++i) {
if ((prin=certIdents[i].identity(req, cert, certBytes))!=null) {
responseText = prin.getName() + " matches Certificate " + cert.getSubjectX500Principal().getName() + responseText;
}
}
-
+
// if Principal is found, check for "AS_USER" and whether this entity is trusted to declare
if (prin!=null) {
// Note: Tag for Certs is Fingerprint, but that takes computation... leaving off
@@ -275,9 +275,9 @@ public class X509Taf implements HttpTaf {
}
}
} catch (Exception e) {
- return new X509HttpTafResp(access, null, e.getMessage(), RESP.TRY_ANOTHER_TAF);
+ return new X509HttpTafResp(access, null, e.getMessage(), RESP.TRY_ANOTHER_TAF);
}
-
+
return new X509HttpTafResp(access, null, "Certificate cannot be used for authentication", RESP.TRY_ANOTHER_TAF);
}
@@ -289,7 +289,7 @@ public class X509Taf implements HttpTaf {
public void add(BasicHttpTaf bht) {
this.bht = bht;
}
-
+
public CredVal getCredVal(final String key) {
if (bht==null) {
return null;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java
index f083e5aa..1eadc1ae 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -52,9 +52,9 @@ public class DenialOfServiceTaf implements HttpTaf {
private Access access;
private final TafResp puntNotDenied;
private static File dosIP, dosID;
-
+
/**
- *
+ *
* @param hostname
* @param prod
* @throws CadiException
@@ -84,7 +84,7 @@ public class DenialOfServiceTaf implements HttpTaf {
return respDenyIP(access,ip);
}
}
-
+
// Note: Can't process Principal, because this is the first TAF, and no Principal is created.
// Other TAFs use "isDenied()" on this Object to validate.
return puntNotDenied;
@@ -97,7 +97,7 @@ public class DenialOfServiceTaf implements HttpTaf {
}
/*
- * for use in Other TAFs, before they attempt backend validation of
+ * for use in Other TAFs, before they attempt backend validation of
*/
public static Counter isDeniedID(String identity) {
if (deniedID!=null) {
@@ -105,9 +105,9 @@ public class DenialOfServiceTaf implements HttpTaf {
}
return null;
}
-
+
/**
- *
+ *
*/
public static Counter isDeniedIP(String ipvX) {
if (deniedIP!=null) {
@@ -119,7 +119,7 @@ public class DenialOfServiceTaf implements HttpTaf {
/**
* Return of "True" means IP has been added.
* Return of "False" means IP already added.
- *
+ *
* @param ip
* @return
*/
@@ -138,7 +138,7 @@ public class DenialOfServiceTaf implements HttpTaf {
}
return rv;
}
-
+
private static void writeIP() {
if (dosIP!=null && deniedIP!=null) {
if (deniedIP.isEmpty()) {
@@ -162,7 +162,7 @@ public class DenialOfServiceTaf implements HttpTaf {
}
}
}
-
+
private static void readIP() {
if (dosIP!=null && dosIP.exists()) {
BufferedReader br;
@@ -190,7 +190,7 @@ public class DenialOfServiceTaf implements HttpTaf {
/**
* Return of "True" means IP has was removed.
* Return of "False" means IP wasn't being denied.
- *
+ *
* @param ip
* @return
*/
@@ -208,7 +208,7 @@ public class DenialOfServiceTaf implements HttpTaf {
/**
* Return of "True" means ID has been added.
* Return of "False" means ID already added.
- *
+ *
* @param ip
* @return
*/
@@ -262,7 +262,7 @@ public class DenialOfServiceTaf implements HttpTaf {
if (deniedID==null) {
deniedID=new HashMap<>();
}
-
+
String line;
while ((line=br.readLine())!=null) {
deniedID.put(line, new Counter(line));
@@ -279,12 +279,12 @@ public class DenialOfServiceTaf implements HttpTaf {
/**
* Return of "True" means ID has was removed.
* Return of "False" means ID wasn't being denied.
- *
+ *
* @param ip
* @return
*/
public static synchronized boolean removeDenyID(String id) {
- if (deniedID!=null && deniedID.remove(id)!=null) {
+ if (deniedID!=null && deniedID.remove(id)!=null) {
writeID();
if (deniedID.isEmpty()) {
deniedID=null;
@@ -294,7 +294,7 @@ public class DenialOfServiceTaf implements HttpTaf {
}
return false;
}
-
+
public List<String> report() {
int initSize = 0;
if (deniedIP!=null)initSize+=deniedIP.size();
@@ -312,24 +312,24 @@ public class DenialOfServiceTaf implements HttpTaf {
}
return al;
}
-
+
public static class Counter {
- private final String name;
+ private final String name;
private int count = 0;
private Date first;
private long last; // note, we use "last" as long, to avoid popping useless dates on Heap.
-
+
public Counter(String name) {
this.name = name;
first = null;
last = 0L;
count = 0;
}
-
+
public String getName() {
return name;
}
-
+
public int getCount() {
return count;
}
@@ -337,7 +337,7 @@ public class DenialOfServiceTaf implements HttpTaf {
public long getLast() {
return last;
}
-
+
/*
* Only allow Denial of ServiceTaf to increment
*/
@@ -348,12 +348,12 @@ public class DenialOfServiceTaf implements HttpTaf {
first = new Date(last);
}
}
-
+
public String toString() {
- if (count==0)
- return name + " is on the denied list, but has not attempted Access";
- else
- return
+ if (count==0)
+ return name + " is on the denied list, but has not attempted Access";
+ else
+ return
name +
" has been denied " +
count +
@@ -367,7 +367,7 @@ public class DenialOfServiceTaf implements HttpTaf {
public static TafResp respDenyID(Access access, String identity) {
return new DenialOfServiceTafResp(access, RESP.NO_FURTHER_PROCESSING, identity + " is on the Identity Denial list");
}
-
+
public static TafResp respDenyIP(Access access, String ip) {
return new DenialOfServiceTafResp(access, RESP.NO_FURTHER_PROCESSING, ip + " is on the IP Denial list");
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTafResp.java
index 2215a6f9..eea0d928 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTafResp.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -41,12 +41,12 @@ public class DenialOfServiceTafResp extends AbsTafResp {
public RESP isAuthenticated() {
return ect;
}
-
+
public RESP authenticate() throws IOException {
return ect;
}
-
+
@Override
public String taf() {
return "DOS";
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/CSV.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/CSV.java
index 2c9bb8c4..476b2df1 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/CSV.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/CSV.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -36,7 +36,7 @@ import org.onap.aaf.cadi.CadiException;
/**
* Read CSV file for various purposes
- *
+ *
* @author Instrumental(Jonathan)
*
*/
@@ -46,26 +46,26 @@ public class CSV {
private boolean processAll;
private char delimiter = ',';
private boolean go;
-
+
public CSV(Access access, File file) {
this.access = access;
csv = file;
processAll = false;
go = true;
}
-
+
public CSV(Access access, String csvFilename) {
this.access = access;
csv = new File(csvFilename);
processAll = false;
go = true;
}
-
+
public CSV setDelimiter(char delimiter) {
this.delimiter = delimiter;
return this;
}
-
+
public String name() {
return csv.getName();
}
@@ -76,16 +76,16 @@ public class CSV {
}
/*
* Create your code to accept the List<String> row.
- *
+ *
* Your code may keep the List... CSV does not hold onto it.
- *
+ *
* @author Instrumental(Jonathan)
*
*/
public interface Visitor {
void visit(List<String> row) throws IOException, CadiException;
}
-
+
public void visit(Visitor visitor) throws IOException, CadiException {
BufferedReader br = new BufferedReader(new FileReader(csv));
try {
@@ -165,7 +165,7 @@ public class CSV {
br.close();
}
}
-
+
public Writer writer() throws FileNotFoundException {
return new Writer(false);
}
@@ -177,10 +177,10 @@ public class CSV {
public interface RowSetter {
public void row(Object ... objs);
}
-
+
public static class Saver implements RowSetter {
List<String> ls= new ArrayList<>();
-
+
@Override
public void row(Object ... objs) {
if(objs.length>0) {
@@ -197,7 +197,7 @@ public class CSV {
}
}
}
-
+
public List<String> asList() {
List<String> rv = ls;
ls = new ArrayList<>();
@@ -210,7 +210,7 @@ public class CSV {
private Writer(final boolean append) throws FileNotFoundException {
ps = new PrintStream(new FileOutputStream(csv,append));
}
-
+
@Override
public void row(Object ... objs) {
if(objs.length>0) {
@@ -233,7 +233,7 @@ public class CSV {
ps.println();
}
}
-
+
private void print(String s) {
boolean quote = s.matches(".*[,|\"].*");
if(quote) {
@@ -246,7 +246,7 @@ public class CSV {
ps.append(s);
}
-
+
}
/**
* Note: CSV files do not actually support Comments as a standard, but it is useful
@@ -257,32 +257,32 @@ public class CSV {
ps.printf(comment,objs);
ps.println();
}
-
+
public void flush() {
ps.flush();
}
-
+
public void close() {
flush();
ps.close();
}
-
+
public String toString() {
return csv.getAbsolutePath();
}
}
-
+
/**
* Provides a way to stop processing records from inside a Visit
*/
public void stop() {
- go = false;
+ go = false;
}
public void delete() {
csv.delete();
}
-
+
public String toString() {
return csv.getAbsolutePath();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Chmod.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Chmod.java
index 70fabd82..037bd4a0 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Chmod.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Chmod.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -26,7 +26,7 @@ import java.io.IOException;
public interface Chmod {
public void chmod(File f) throws IOException;
-
+
public static final Chmod to755 = new Chmod() {
public void chmod(File f) throws IOException {
f.setExecutable(true, false);
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java
index 07389aad..69d429c9 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -44,7 +44,7 @@ public class FQI {
sb.append(split[i]);
}
}
-
+
return sb==null?"":sb.toString();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java
index f2c6be6f..3943cdcd 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -24,7 +24,7 @@ import java.net.URI;
/**
* URI and URL, if the host does not have "dots", will interpret Host:port as Authority
- *
+ *
* This is very problematic for Containers, which like single name entries.
* @author Instrumental(Jonathan)
*
@@ -33,7 +33,7 @@ public class FixURIinfo {
private String auth;
private String host;
private int port;
-
+
public FixURIinfo(URI uri) {
auth = uri.getAuthority();
host = uri.getHost();
@@ -51,11 +51,11 @@ public class FixURIinfo {
}
}
}
-
+
public String getHost() {
return host;
}
-
+
public int getPort() {
return port;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java
index e790766b..c4079d1a 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -50,12 +50,12 @@ public class JsonOutputStream extends OutputStream {
}
switch(b) {
case '{':
- case '[':
+ case '[':
ret = '\n';
++indent;
break;
case '}':
- case ']':
+ case ']':
--indent;
os.write('\n');
for (int i=0;i<indent;++i) {
@@ -65,7 +65,7 @@ public class JsonOutputStream extends OutputStream {
case ',':
ret = '\n';
break;
-
+
}
os.write(b);
prev = b;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/MaskFormatException.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/MaskFormatException.java
index 15390285..58bf5a6d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/MaskFormatException.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/MaskFormatException.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/MyConsole.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/MyConsole.java
index b930bc28..78e8b719 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/MyConsole.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/MyConsole.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java
index 19fd1e2d..99105989 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -21,10 +21,10 @@
package org.onap.aaf.cadi.util;
-/*
+/*
* NetMask - a class to quickly validate whether a given IP is part of a mask, as defined by bytes or standard String format.
- *
- * Needs the IPV6 Mask Builder.
+ *
+ * Needs the IPV6 Mask Builder.
*/
public class NetMask {
private long mask;
@@ -32,16 +32,16 @@ public class NetMask {
public NetMask(byte[] inBytes) {
mask = derive(inBytes);
}
-
+
public NetMask(String string) throws MaskFormatException {
mask = derive(string,true);
}
-
+
public boolean isInNet(byte[] inBytes) {
long addr = derive(inBytes);
return (mask & addr) == addr;
}
-
+
public boolean isInNet(String str) {
long addr;
try {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java
index 156397b6..72d09bfe 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -21,7 +21,7 @@
/*
* Pool
- *
+ *
* Author: Jonathan
* 5/27/2011
*/
@@ -35,29 +35,29 @@ import org.onap.aaf.cadi.CadiException;
/**
* This Class pools on an As-Needed-Basis any particular kind of class, which is
* quite suitable for expensive operations.
- *
+ *
* The user calls "get" on a Pool, and if a waiting resource (T) is available,
* it will be returned. Otherwise, one will be created with the "Creator" class
* (must be defined for (T)).
- *
+ *
* You can Prime the instances to avoid huge startup costs
- *
+ *
* The returned "Pooled" object simply has to call "done()" and the object is
* returned to the pool. If the developer does not return the object, a memory
* leak does not occur. There are no references to the object once "get" is
* called. However, the developer who does not return the object when done
* obviates the point of the pool, as new Objects are created in place of the
* Object not returned when another call to "get" is made.
- *
+ *
* There is a cushion of extra objects, currently defaulted to MAX_RANGE. If the
* items returned become higher than the MAX_RANGE, the object is allowed to go
* out of scope, and be cleaned up. the default can be changed on a per-pool
* basis.
- *
+ *
* Class revamped for CadiExceptions and Access logging 10/4/2017
- *
+ *
* @author Jonathan
- *
+ *
* @param <T>
*/
public class Pool<T> {
@@ -69,7 +69,7 @@ public class Pool<T> {
/**
* only Simple List needed.
- *
+ *
* NOTE TO MAINTAINERS: THIS OBJECT DOES IT'S OWN SYNCHRONIZATION. All
* changes that touch list must account for correctly synchronizing list.
*/
@@ -101,7 +101,7 @@ public class Pool<T> {
/**
* Create a new Pool, given the implementation of Creator<T>, which must be
* able to create/destroy T objects at will.
- *
+ *
* @param creator
*/
public Pool(Creator<T> creator) {
@@ -110,7 +110,7 @@ public class Pool<T> {
list = new LinkedList<>();
logger = Log.NULL;
}
-
+
/**
* Attach Pool Logging activities to any other Logging Mechanism.
* @param logger
@@ -118,7 +118,7 @@ public class Pool<T> {
public void setLogger(Log logger) {
this.logger = logger;
}
-
+
public void log(Object ...objects) {
logger.log(objects);
}
@@ -126,10 +126,10 @@ public class Pool<T> {
/**
* Preallocate a certain number of T Objects. Useful for services so that
* the first transactions don't get hit with all the Object creation costs
- *
+ *
* @param lt
* @param prime
- * @throws CadiException
+ * @throws CadiException
*/
public void prime(int prime) throws CadiException {
for (int i = 0; i < prime; ++i) {
@@ -164,16 +164,16 @@ public class Pool<T> {
* This is the essential function for Pool. Get an Object "T" inside a
* "Pooled<T>" object. If there is a spare Object, then use it. If not, then
* create and pass back.
- *
+ *
* This one uses a Null LogTarget
- *
+ *
* IMPORTANT: When the use of this object is done (and the object is still
* in a valid state), then "done()" should be called immediately to allow
* the object to be reused. That is the point of the Pool...
- *
+ *
* If the Object is in an invalid state, then "toss()" should be used so the
* Pool doesn't pass on invalid objects to others.
- *
+ *
* @param lt
* @return
* @throws CadiException
@@ -205,7 +205,7 @@ public class Pool<T> {
* state. If not, they are tossed from the Pool. This is valuable to have
* when Remote Connections go down, and there is a question on whether the
* Pooled Objects are still functional.
- *
+ *
* @return
*/
public boolean validate() {
@@ -225,11 +225,11 @@ public class Pool<T> {
/**
* This is an internal method, used only by the Internal Pooled<T> class.
- *
+ *
* The Pooled<T> class "offers" it's Object back after use. It is an
* "offer", because Pool will simply destroy and remove the object if it has
* more than enough spares.
- *
+ *
* @param lt
* @param used
* @return
@@ -253,9 +253,9 @@ public class Pool<T> {
* The Creator Interface give the Pool the ability to Create, Destroy and
* Validate the Objects it is maintaining. Thus, it is a specially written
* Implementation for each type.
- *
+ *
* @author Jonathan
- *
+ *
* @param <T>
*/
public interface Creator<T> {
@@ -270,7 +270,7 @@ public class Pool<T> {
public interface Log {
public void log(Object ... o);
-
+
public final static Log NULL = new Log() {
@Override
public void log(Object ... o) {
@@ -281,7 +281,7 @@ public class Pool<T> {
* The "Pooled<T>" class is the transient class that wraps the actual Object
* T for API use/ It gives the ability to return ("done()", or "toss()") the
* Object to the Pool when processing is finished.
- *
+ *
* For Safety, i.e. to avoid memory leaks and invalid Object States, there
* is a "finalize" method. It is strictly for when coder forgets to return
* the object, or perhaps hasn't covered the case during Exceptions or
@@ -291,9 +291,9 @@ public class Pool<T> {
* However, we don't want Coding Mistakes to put the whole program in an
* invalid state, so if something happened such that "done()" or "toss()"
* were not called, the resource is still cleaned up as well as possible.
- *
+ *
* @author Jonathan
- *
+ *
* @param <T>
*/
public static class Pooled<T> {
@@ -302,7 +302,7 @@ public class Pool<T> {
/**
* Create the Wrapping Object Pooled<T>.
- *
+ *
* @param t
* @param pool
* @param logTarget
@@ -316,7 +316,7 @@ public class Pool<T> {
/**
* This is the key API for the Pool, as calling "done()" offers this
* object back to the Pool for reuse.
- *
+ *
* Do not use the Pooled<T> object again after calling "done()".
*/
public void done() {
@@ -329,12 +329,12 @@ public class Pool<T> {
* The user of the Object may discover that the Object t is no longer in
* a valid state. Don't put Garbage back in the Refrigerator... Toss it,
* if it's no longer valid.
- *
+ *
* toss() is also used for draining the Pool, etc.
- *
+ *
* toss() will attempt to destroy the Object by using the Creator
* Interface.
- *
+ *
*/
public void toss() {
if (pool != null) {
@@ -360,7 +360,7 @@ public class Pool<T> {
/**
* Get the maximum number of spare objects allowed at any moment
- *
+ *
* @return
*/
public int getMaxRange() {
@@ -369,9 +369,9 @@ public class Pool<T> {
/**
* Set a Max Range for numbers of spare objects waiting to be used.
- *
+ *
* No negative numbers are allowed
- *
+ *
* @return
*/
public void setMaxRange(int max_range) {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java
index 4f41629d..a6e52a44 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -26,7 +26,7 @@ package org.onap.aaf.cadi.util;
*
* Note: Copied from Inno to avoid linking issues.
* Note: I read the String split and Pattern split code, and we can do this more efficiently for a single Character
- *
+ *
* 8/20/2015
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java
index a85020ff..6fe56725 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -28,12 +28,12 @@ import java.io.InputStreamReader;
// Substandard, because System.in doesn't do Passwords..
public class SubStandardConsole implements MyConsole {
private final static char[] BLANK = new char[0];
- private final BufferedReader br;
+ private final BufferedReader br;
public SubStandardConsole() {
br = new BufferedReader(new InputStreamReader(System.in));
}
-
+
@Override
public String readLine(String fmt, Object... args) {
String rv;
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java
index da99d06d..0ea1b0a3 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -35,7 +35,7 @@ public class TheConsole implements MyConsole {
public char[] readPassword(String fmt, Object... args) {
return System.console().readPassword(fmt, args);
}
-
+
public static boolean implemented() {
return System.console()!=null;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Timing.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Timing.java
index 529849de..3f9b9b4d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Timing.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Timing.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java
index d42aaf55..b9cee7fb 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -24,11 +24,11 @@ package org.onap.aaf.cadi.util;
import org.onap.aaf.cadi.UserChain;
public class UserChainManip {
- /**
+ /**
Build an element in the correct format for UserChain.
Format:<APP>:<ID>:<protocol>[:AS][,<APP>:<ID>:<protocol>]*
@see UserChain
- */
+ */
public static StringBuilder build(StringBuilder sb, String app, String id, UserChain.Protocol proto, boolean as) {
boolean mayAs;
if (!(mayAs=sb.length()==0)) {
@@ -44,7 +44,7 @@ public class UserChainManip {
}
return sb;
}
-
+
public static String idToNS(String id) {
if (id==null) {
return "";
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java
index 417351f5..bf9ebc24 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -47,11 +47,11 @@ public class Vars {
public static String convert(final StringBuilder holder, final String text, final Object ... vars) {
StringBuilder sb = null;
int idx,index=0,prev = 0;
-
+
if (text.contains("%s")) {
sb = new StringBuilder();
}
-
+
StringBuilder[] sbs = new StringBuilder[] {sb,holder};
boolean replace, clearIndex = false;
int c;
@@ -66,12 +66,12 @@ public class Vars {
if (holder!=null) {
holder.append(text,prev,idx);
}
-
+
boolean go = true;
while (go) {
if (text.length()>++idx) {
switch(c=text.charAt(idx)) {
- case '0': case '1': case '2': case '3': case '4':
+ case '0': case '1': case '2': case '3': case '4':
case '5': case '6': case '7': case '8': case '9':
index *=10;
index +=(c-'0');
@@ -106,7 +106,7 @@ public class Vars {
}
}
}
-
+
if (sb!=null) {
sb.append(text,prev,text.length());
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Action.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Action.java
index ebcfa9f7..5574eef5 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Action.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Action.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -23,11 +23,11 @@ package org.onap.aaf.cadi.wsse;
/**
* Interface to specify an action deep within a parsing tree on a local object
- *
+ *
* We use a Generic so as to be flexible on create what that object actually is. This is passed in at the
* root "parse" call of Match. Similar to a "Visitor" Pattern, this object is passed upon reaching the right
* point in a parse tree.
- *
+ *
* @author Jonathan
*
* @param <OUTPUT>
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java
index d0a7da47..e46d5a02 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -26,18 +26,18 @@ import javax.xml.stream.XMLStreamException;
import javax.xml.stream.events.XMLEvent;
/**
- * Match Class allows you to build an automatic Tree of StAX (or StAX like)
+ * Match Class allows you to build an automatic Tree of StAX (or StAX like)
* Objects for frequent use.
- *
+ *
* OBJECT is a type which you which to do some end Actions on, similar to a Visitor pattern, see Action
- *
+ *
* Note: We have implemented with XReader and XEvent, rather than StAX for performance reasons.
- *
+ *
* @see Action
* @see Match
* @see XEvent
* @see XReader
- *
+ *
* @author Jonathan
*
* @param <OUTPUT>
@@ -50,7 +50,7 @@ public class Match<OUTPUT> {
private Action<OUTPUT> action = null;
private boolean stopAfter;
private boolean exclusive;
-
+
@SafeVarargs
public Match(String ns, String name, Match<OUTPUT> ... next) {
@@ -61,7 +61,7 @@ public class Match<OUTPUT> {
if (!m.stopAfter)m.prev = this;
}
}
-
+
public Match<OUTPUT> onMatch(OUTPUT output, XReader reader) throws XMLStreamException {
while (reader.hasNext()) {
XEvent event = reader.nextEvent();
@@ -111,10 +111,10 @@ public class Match<OUTPUT> {
stopAfter = true;
return this;
}
-
+
/**
* Mark that this Object MUST be matched at this level or stop parsing and end
- *
+ *
* @param action
* @return
*/
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java
index 787f1b4b..0c3cca40 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -30,15 +30,15 @@ import org.onap.aaf.cadi.BasicCred;
/**
* WSSE Parser
- *
- * Read the User and Password from WSSE Formatted SOAP Messages
- *
+ *
+ * Read the User and Password from WSSE Formatted SOAP Messages
+ *
* This class uses StAX so that processing is stopped as soon as the Security User/Password are read into BasicCred, or the Header Ends
- *
+ *
* This class is intended to be created once (or very few times) and reused as much as possible.
- *
+ *
* It is as thread safe as StAX parsing is.
- *
+ *
* @author Jonathan
*/
public class WSSEParser {
@@ -71,7 +71,7 @@ public class WSSEParser {
).exclusive()// Envelope must match Header, and no other. FYI, Body comes after Header short circuits (see above), so it's ok
).exclusive(); // root must be Envelope
}
-
+
public XMLStreamException parse(BasicCred bc, InputStream is) {
try {
parseTree.onMatch(bc, new XReader(is));
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XEvent.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XEvent.java
index 187d5b1e..d6918292 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XEvent.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XEvent.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -26,12 +26,12 @@ import javax.xml.stream.events.XMLEvent;
/**
* XEvent
- *
+ *
* This mechanism mimics a minimal portion of StAX "XMLEvent", enough to work with minimal XReader.
- *
+ *
* We implement the same interface, as much as minimally necessary, as XMLEvent for these small usages so as to
* be interchangeable in the future, if so desired
- *
+ *
* @author Jonathan
*
*/
@@ -58,7 +58,7 @@ public abstract class XEvent {
public NamedXEvent(QName qname) {
this.qname = qname;
}
-
+
public QName getName() {
return qname;
}
@@ -79,7 +79,7 @@ public abstract class XEvent {
public EndElement(String ns, String tag) {
super(new QName(ns,tag));
}
-
+
@Override
public int getEventType() {
return XMLEvent.END_ELEMENT;
@@ -101,14 +101,14 @@ public abstract class XEvent {
return data;
}
}
-
+
public static class StartDocument extends XEvent {
@Override
public int getEventType() {
return XMLEvent.START_DOCUMENT;
}
-
+
}
public static class EndDocument extends XEvent {
@@ -117,7 +117,7 @@ public abstract class XEvent {
public int getEventType() {
return XMLEvent.END_DOCUMENT;
}
-
+
}
public static class Comment extends XEvent {
public final String value;
@@ -129,7 +129,7 @@ public abstract class XEvent {
public int getEventType() {
return XMLEvent.COMMENT;
}
-
+
}
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java
index aa46bec5..e820197b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -34,16 +34,16 @@ import javax.xml.stream.XMLStreamException;
/**
* XReader
- * This class works similarly as StAX, except StAX has more behavior than is needed. That would be ok, but
+ * This class works similarly as StAX, except StAX has more behavior than is needed. That would be ok, but
* StAX also was Buffering in their code in such as way as to read most if not all the incoming stream into memory,
* defeating the purpose of pre-reading only the Header
- *
+ *
* This Reader does no back-tracking, but is able to create events based on syntax and given state only, leaving the
* Read-ahead mode of the InputStream up to the other classes.
- *
- * At this time, we only implement the important events, though if this is good enough, it could be expanded, perhaps to
+ *
+ * At this time, we only implement the important events, though if this is good enough, it could be expanded, perhaps to
* replace the original XMLReader from StAX.
- *
+ *
* @author Jonathan
*
*/
@@ -53,18 +53,18 @@ public class XReader {
private InputStream is;
private ByteArrayOutputStream baos;
private int state, count, last;
-
+
private Stack<Map<String,String>> nsses;
-
+
public XReader(InputStream is) {
this.is = is;
curr = another = null;
baos = new ByteArrayOutputStream();
- state = BEGIN_DOC;
+ state = BEGIN_DOC;
count = 0;
nsses = new Stack<Map<String,String>>();
}
-
+
public boolean hasNext() throws XMLStreamException {
if (curr==null) {
curr = parse();
@@ -78,7 +78,7 @@ public class XReader {
return xe;
}
- //
+ //
// State Flags
//
// Note: The State of parsing XML can be complicated. There are too many to cleanly keep in "booleans". Additionally,
@@ -100,20 +100,20 @@ public class XReader {
// useful combined Comment states
private final static int IN_COMMENT=COMMENT|COMMENT_E|COMMENT_D1|COMMENT_D2;
private final static int COMPLETE_COMMENT = COMMENT|COMMENT_E|COMMENT_D1|COMMENT_D2|COMMENT_D3|COMMENT_D4;
-
-
+
+
private XEvent parse() throws XMLStreamException {
Map<String,String> nss = nsses.isEmpty()?null:nsses.peek();
XEvent rv;
- if ((rv=another)!=null) { // "another" is a tag that may have needed to be created, but not
+ if ((rv=another)!=null) { // "another" is a tag that may have needed to be created, but not
// immediately returned. Save for next parse. If necessary, this could be turned into
// a FIFO storage, but a single reference is enough for now.
another = null; // "rv" is now set for the Event, and will be returned. Set to Null.
} else {
boolean go = true;
int c=0;
-
+
try {
while (go && (c=is.read())>=0) {
++count;
@@ -134,9 +134,9 @@ public class XReader {
String ns;
switch(t.state&(START_TAG|END_TAG)) {
case START_TAG:
- nss = getNss(nss,t); // Only Start Tags might have NS Attributes
- // Get any NameSpace elements from tag. If there are, nss will become
- // a new Map with all the previous NSs plus the new. This provides
+ nss = getNss(nss,t); // Only Start Tags might have NS Attributes
+ // Get any NameSpace elements from tag. If there are, nss will become
+ // a new Map with all the previous NSs plus the new. This provides
// scoping behavior when used with the Stack
// drop through on purpose
case END_TAG:
@@ -148,8 +148,8 @@ public class XReader {
if (ns==null)
throw new XMLStreamException("Invalid Namespace Prefix at " + count);
go = false;
- switch(t.state) { // based on
- case DOC_TYPE:
+ switch(t.state) { // based on
+ case DOC_TYPE:
rv = new XEvent.StartDocument();
break;
case COMMENT:
@@ -168,14 +168,14 @@ public class XReader {
if (last=='/')another = new XEvent.EndElement(ns,t.name);
}
if (cxe!=null) { // if there is a Character Event, it actually should go first. ow.
- another = rv; // Make current Event the "another" or next event, and
+ another = rv; // Make current Event the "another" or next event, and
rv = cxe; // send Character Event now
}
break;
case ' ':
case '\t':
case '\n':
- if ((state&BEGIN_DOC)==BEGIN_DOC) { // if Whitespace before doc, just ignore
+ if ((state&BEGIN_DOC)==BEGIN_DOC) { // if Whitespace before doc, just ignore
break;
}
// fallthrough on purpose
@@ -190,17 +190,17 @@ public class XReader {
} catch (IOException e) {
throw new XMLStreamException(e); // all errors parsing will be treated as XMLStreamErrors (like StAX)
}
- if (c==-1 && (state&BEGIN_DOC)==BEGIN_DOC) { // Normally, end of stream is ok, however, we need to know if the
- throw new XMLStreamException("Premature End of File"); // document isn't an XML document, so we throw exception if it
+ if (c==-1 && (state&BEGIN_DOC)==BEGIN_DOC) { // Normally, end of stream is ok, however, we need to know if the
+ throw new XMLStreamException("Premature End of File"); // document isn't an XML document, so we throw exception if it
} // hasn't yet been determined to be an XML Doc
}
return rv;
}
-
+
/**
* parseTag
- *
- * Parsing a Tag is somewhat complicated, so it's helpful to separate this process from the
+ *
+ * Parsing a Tag is somewhat complicated, so it's helpful to separate this process from the
* higher level Parsing effort
* @return
* @throws IOException
@@ -213,7 +213,7 @@ public class XReader {
int c, quote=0; // If "quote" is 0, then we're not in a quote. We set ' (in pretag) or " in attribs accordingly to denote quoted
String prefix=null,name=null,value=null;
baos.reset();
-
+
while (go && (c=is.read())>=0) {
++count;
if (quote!=0) { // If we're in a quote, we only end if we hit another quote of the same time, not preceded by \
@@ -225,7 +225,7 @@ public class XReader {
} else if ((state&COMMENT)==COMMENT) { // similar to Quote is being in a comment
switch(c) {
case '-':
- switch(state) { // XML has a complicated Quote set... <!-- --> ... we keep track if each has been met with flags.
+ switch(state) { // XML has a complicated Quote set... <!-- --> ... we keep track if each has been met with flags.
case COMMENT|COMMENT_E:
state|=COMMENT_D1;
break;
@@ -259,7 +259,7 @@ public class XReader {
}
} else { // Normal Tag Processing loop
switch(c) {
- case '?':
+ case '?':
switch(state & (QUESTION_F|QUESTION)) { // Validate the state of Doc tag... <?xml ... ?>
case QUESTION_F:
state |= DOC_TYPE;
@@ -273,7 +273,7 @@ public class XReader {
}
break;
case '!':
- if (last=='<') {
+ if (last=='<') {
state|=COMMENT|COMMENT_E; // likely a comment, continue processing in Comment Loop
}
baos.write(c);
@@ -321,7 +321,7 @@ public class XReader {
// Fallthrough ok
default:
baos.write(c); // write any unprocessed bytes into buffer
-
+
}
}
last = c;
@@ -338,12 +338,12 @@ public class XReader {
/**
* getNSS
- *
+ *
* If the tag contains some Namespace attributes, create a new nss from the passed in one, copy all into it, then add
* This provides Scoping behavior
- *
+ *
* if Nss is null in the first place, create an new nss, so we don't have to deal with null Maps.
- *
+ *
* @param nss
* @param t
* @return
@@ -374,10 +374,10 @@ public class XReader {
/**
* The result of the parseTag method
- *
+ *
* Data is split up into prefix, name and value portions. "Tags" with Values that are inside a Tag are known in XLM
- * as Attributes.
- *
+ * as Attributes.
+ *
* @author Jonathan
*
*/
@@ -390,7 +390,7 @@ public class XReader {
this.prefix = prefix;
this.name = name;
this.value = value;
- attribs = null;
+ attribs = null;
}
/**
@@ -404,7 +404,7 @@ public class XReader {
}
attribs.add(attrib);
}
-
+
public String toString() {
StringBuffer sb = new StringBuffer();
if (prefix!=null) {