summaryrefslogtreecommitdiffstats
path: root/cadi/core/src
diff options
context:
space:
mode:
authorInstrumental <jonathan.gathman@att.com>2018-07-19 13:29:32 -0500
committerInstrumental <jonathan.gathman@att.com>2018-07-19 13:29:44 -0500
commit32cdd553a8668e6d03a9cf5b11b360d35a63c87f (patch)
tree48c02e4be820d87efb777d7be20bad57d517b61c /cadi/core/src
parent9c8a8b0926b13b07fb1e5394903401e7a3f1ff79 (diff)
Configuration and Auto-Certificates
Issue-ID: AAF-378 Change-Id: Ic820a4e43684a6130f00b28b415a974876099fc3 Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'cadi/core/src')
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java2
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java3
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java23
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java4
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_EpiLur.java4
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AbsUserCache.java2
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiWrap.java4
10 files changed, 41 insertions, 21 deletions
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
index 1d01a3e8..39631894 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
@@ -246,7 +246,7 @@ public abstract class AbsUserCache<PERM extends Permission> {
/**
* The default behavior of a LUR is to not handle something exclusively.
*/
- public boolean handlesExclusively(Permission pond) {
+ public boolean handlesExclusively(Permission ... pond) {
return false;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
index fd73d00b..0beb4856 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
@@ -52,7 +52,7 @@ public interface Lur {
* @param principalName
* @return
*/
- public boolean fish(Principal bait, Permission pond);
+ public boolean fish(Principal bait, Permission ... pond);
/**
* Fish all the Principals out a Pond
@@ -77,7 +77,7 @@ public interface Lur {
* @param pond
* @return
*/
- public boolean handlesExclusively(Permission pond);
+ public boolean handlesExclusively(Permission ... pond);
/**
* Does the LUR support a particular kind of Principal
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
index 4067f160..04743b85 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
@@ -662,6 +662,9 @@ public class Symm {
* @throws IOException
*/
public void enpass(final String password, final OutputStream os) throws IOException {
+ if(password==null) {
+ throw new IOException("Invalid password passed");
+ }
final ByteArrayOutputStream baos = new ByteArrayOutputStream();
DataOutputStream dos = new DataOutputStream(baos);
byte[] bytes = password.getBytes();
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index 42c38896..efe5503b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -134,12 +134,21 @@ public class Config {
public static final String OAUTH_CLIENT_SECRET="client_secret";
public static final String AAF_ENV = "aaf_env";
- public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
public static final String AAF_ROOT_NS = "aaf_root_ns";
public static final String AAF_ROOT_NS_DEF = "org.osaaf.aaf";
public static final String AAF_ROOT_COMPANY = "aaf_root_company";
public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator
private static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables.
+ public static final String AAF_DEFAULT_VERSION = "2.1";
+ public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
+ public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.service:" + AAF_DEFAULT_VERSION;
+ public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.gui:" + AAF_DEFAULT_VERSION;
+ public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:" + AAF_DEFAULT_VERSION;
+ public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.fs:" + AAF_DEFAULT_VERSION;
+ public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.hello:" + AAF_DEFAULT_VERSION;
+ public static final String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/AAF_NS.token:" + AAF_DEFAULT_VERSION;
+ public static final String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/AAF_NS.introspect:" + AAF_DEFAULT_VERSION;
+
public static final String AAF_REGISTER_AS = "aaf_register_as";
public static final String AAF_APPID = "aaf_id";
public static final String AAF_APPPASS = "aaf_password";
@@ -174,7 +183,6 @@ public class Config {
public static final String AAF_COMPONENT = "aaf_component";
public static final String AAF_CERT_IDS = "aaf_cert_ids";
public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited
- public static final String AAF_DEFAULT_VERSION = "2.0";
public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only.
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
index 2813dca8..b442c7d9 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
@@ -60,7 +60,7 @@ public final class EpiLur implements Lur {
if(lurs.length==0) throw new CadiException("Need at least one Lur implementation in constructor");
}
- public boolean fish(Principal bait, Permission pond) {
+ public boolean fish(Principal bait, Permission ... pond) {
if(pond==null) {
return false;
}
@@ -99,7 +99,7 @@ public final class EpiLur implements Lur {
}
// Never needed... Only EpiLur uses...
- public boolean handlesExclusively(Permission pond) {
+ public boolean handlesExclusively(Permission ... pond) {
return false;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
index 0f9adb94..e177a22f 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
@@ -94,14 +94,16 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur
}
// @Override
- public boolean fish(Principal bait, Permission pond) {
+ public boolean fish(Principal bait, Permission ... pond) {
if (pond == null) {
return false;
}
- if (handles(bait) && pond instanceof LocalPermission) { // local Users only have LocalPermissions
- User<LocalPermission> user = getUser(bait);
- if (user != null) {
- return user.contains((LocalPermission)pond);
+ for(Permission p : pond) {
+ if (handles(bait) && p instanceof LocalPermission) { // local Users only have LocalPermissions
+ User<LocalPermission> user = getUser(bait);
+ if (user != null) {
+ return user.contains((LocalPermission)p);
+ }
}
}
return false;
@@ -128,8 +130,15 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur
return principal.getName().endsWith(supportedRealm);
}
- public boolean handlesExclusively(Permission pond) {
- return supportingGroups.contains(pond.getKey());
+ @Override
+ public boolean handlesExclusively(Permission ... pond) {
+ boolean rv = false;
+ for (Permission p : pond) {
+ if(rv=supportingGroups.contains(p.getKey())) {
+ break;
+ }
+ }
+ return rv;
}
/* (non-Javadoc)
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
index 1e44726a..b314f20e 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
@@ -44,7 +44,7 @@ public class NullLur implements Lur {
return false;
}};
- public boolean fish(Principal bait, Permission pond) {
+ public boolean fish(Principal bait, Permission ... pond) {
// Well, for Jenkins, this is ok... It finds out it can't do J2EE Security, and then looks at it's own
// System.err.println("CADI's LUR has not been configured, but is still being called. Access is being denied");
return false;
@@ -56,7 +56,7 @@ public class NullLur implements Lur {
public void destroy() {
}
- public boolean handlesExclusively(Permission pond) {
+ public boolean handlesExclusively(Permission ... pond) {
return false;
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_EpiLur.java b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_EpiLur.java
index f7c3a0a2..b99030eb 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_EpiLur.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_EpiLur.java
@@ -117,10 +117,10 @@ public class JU_EpiLur {
private class CredValStub implements Lur, CredVal {
@Override public boolean validate(String user, Type type, byte[] cred, Object state) { return false; }
@Override public Permission createPerm(String p) { return null; }
- @Override public boolean fish(Principal bait, Permission pond) { return false; }
+ @Override public boolean fish(Principal bait, Permission ... pond) { return false; }
@Override public void fishAll(Principal bait, List<Permission> permissions) { }
@Override public void destroy() { }
- @Override public boolean handlesExclusively(Permission pond) { return false; }
+ @Override public boolean handlesExclusively(Permission ... pond) { return false; }
@Override public boolean handles(Principal principal) { return false; }
@Override public void clear(Principal p, StringBuilder report) { }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AbsUserCache.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AbsUserCache.java
index 1737710a..b34e90ab 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AbsUserCache.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AbsUserCache.java
@@ -350,7 +350,7 @@ public class JU_AbsUserCache {
class AbsUserCacheCLStub<PERM extends Permission> extends AbsUserCache<PERM> implements CachingLur<PERM> {
public AbsUserCacheCLStub(AbsUserCache<PERM> cache) { super(cache); }
@Override public Permission createPerm(String p) { return null; }
- @Override public boolean fish(Principal bait, Permission pond) { return false; }
+ @Override public boolean fish(Principal bait, Permission ... pond) { return false; }
@Override public void fishAll(Principal bait, List<Permission> permissions) { }
@Override public boolean handles(Principal principal) { return false; }
@Override public Resp reload(User<PERM> user) { return null; }
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiWrap.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiWrap.java
index d9a4437c..850dd22c 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiWrap.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiWrap.java
@@ -122,10 +122,10 @@ public class JU_CadiWrap {
// Anonymous object for testing purposes
CachingLur<Permission> lur1 = new CachingLur<Permission>() {
@Override public Permission createPerm(String p) { return null; }
- @Override public boolean fish(Principal bait, Permission pond) { return true; }
+ @Override public boolean fish(Principal bait, Permission ... pond) { return true; }
@Override public void fishAll(Principal bait, List<Permission> permissions) { }
@Override public void destroy() { }
- @Override public boolean handlesExclusively(Permission pond) { return false; }
+ @Override public boolean handlesExclusively(Permission ... pond) { return false; }
@Override public boolean handles(Principal principal) { return false; }
@Override public void remove(String user) { }
@Override public Resp reload(User<Permission> user) { return null; }