diff options
author | Instrumental <jonathan.gathman@att.com> | 2019-02-20 11:14:41 -0600 |
---|---|---|
committer | Instrumental <jonathan.gathman@att.com> | 2019-02-20 11:15:17 -0600 |
commit | 2b46f76d9a688acf326424659ec9672a2614fdcf (patch) | |
tree | 1ff396c03af82fe73615c61b10ec868f060da412 /cadi | |
parent | bf3d3075cac610b901c951ae135fcdbcc6ffecb8 (diff) |
fix new openssl, data, etc
Issue-ID: AAF-667
Change-Id: Ic87c5159c453c293d845abea6be0c4cfb3164fc1
Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'cadi')
6 files changed, 106 insertions, 58 deletions
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java index 77489633..4fe05f71 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java @@ -22,6 +22,7 @@ package org.onap.aaf.cadi.aaf.v2_0; import java.net.URI; +import java.net.UnknownHostException; import java.util.Map; import java.util.concurrent.ConcurrentHashMap; @@ -35,12 +36,14 @@ import org.onap.aaf.cadi.LocatorException; import org.onap.aaf.cadi.Lur; import org.onap.aaf.cadi.PropAccess; import org.onap.aaf.cadi.SecuritySetter; +import org.onap.aaf.cadi.Access.Level; import org.onap.aaf.cadi.aaf.AAFPermission; import org.onap.aaf.cadi.aaf.marshal.CertsMarshal; import org.onap.aaf.cadi.client.Future; import org.onap.aaf.cadi.client.Rcli; import org.onap.aaf.cadi.client.Retryable; import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.config.RegistrationPropHolder; import org.onap.aaf.cadi.config.SecurityInfoC; import org.onap.aaf.cadi.lur.EpiLur; import org.onap.aaf.cadi.principal.BasicPrincipal; @@ -106,6 +109,13 @@ public abstract class AAFCon<CLIENT> implements Connector { throw new CadiException("A URL or " + tag + " property is required."); } } + try { + RegistrationPropHolder rph = new RegistrationPropHolder(access, 0); + str = rph.replacements(str, null,null); + } catch (UnknownHostException e) { + throw new CadiException(e); + } + access.printf(Level.INFO, "AAFCon has URL of %s",str); setInitURI(str); } try { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java index 9b630a76..14878d38 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java @@ -23,6 +23,7 @@ package org.onap.aaf.cadi.aaf.v2_0; import java.net.URI; import java.net.URISyntaxException; +import java.net.UnknownHostException; import java.security.SecureRandom; import java.util.ArrayList; import java.util.Iterator; @@ -32,10 +33,11 @@ import java.util.NoSuchElementException; import org.onap.aaf.cadi.Access; import org.onap.aaf.cadi.Access.Level; +import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.Locator; import org.onap.aaf.cadi.LocatorException; -import org.onap.aaf.cadi.aaf.Defaults; import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.config.RegistrationPropHolder; import org.onap.aaf.cadi.routing.GreatCircle; import org.onap.aaf.misc.env.Trans; import org.onap.aaf.misc.env.util.Split; @@ -64,17 +66,23 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> public AbsAAFLocator(Access access, String name, final long refreshMin) throws LocatorException { - aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL, null); - if (aaf_locator_host==null) { - aaf_locator_uri = null; - } else { - try { - aaf_locator_uri = new URI(aaf_locator_host); - } catch (URISyntaxException e) { - throw new LocatorException(e); - } + RegistrationPropHolder rph; + try { + rph = new RegistrationPropHolder(access, 0); + } catch (UnknownHostException | CadiException e1) { + throw new LocatorException(e1); + } + try { + aaf_locator_host = rph.replacements("https://"+Config.AAF_LOCATE_URL_TAG,null,null); + aaf_locator_uri = new URI(aaf_locator_host); + access.printf(Level.INFO, "AbsAAFLocator AAF URI is %s",aaf_locator_uri); + } catch (URISyntaxException e) { + throw new LocatorException(e); } + name = rph.replacements(name, null,null); + access.printf(Level.INFO, "AbsAAFLocator name is %s",aaf_locator_uri); + epList = new LinkedList<>(); refreshWait = refreshMin; @@ -88,12 +96,6 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> longitude = Double.parseDouble(lng); } - if (name.startsWith(Defaults.AAF_NS)) { - String root_ns = access.getProperty(Config.AAF_ROOT_NS, null); - if(root_ns!=null) { - name=name.replace(Defaults.AAF_NS, root_ns); - } - } if (name.startsWith("http")) { // simple URL this.name = name; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java index dc58acc6..62623fb8 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java @@ -258,6 +258,12 @@ public class Config { public static HttpTaf configHttpTaf(Connector con, SecurityInfoC<HttpURLConnection> si, TrustChecker tc, CredVal up, Lur lur, Object ... additionalTafLurs) throws CadiException, LocatorException { Access access = si.access; + RegistrationPropHolder rph; + try { + rph = new RegistrationPropHolder(access, 0); + } catch (UnknownHostException e2) { + throw new CadiException(e2); + } ///////////////////////////////////////////////////// // Setup AAFCon for any following ///////////////////////////////////////////////////// @@ -277,7 +283,7 @@ public class Config { boolean hasDirectAAF = hasDirect("DirectAAFLur",additionalTafLurs); // IMPORTANT! Don't attempt to load AAF Connector if there is no AAF URL - String aafURL = access.getProperty(AAF_URL,null); + String aafURL = logProp(rph, AAF_URL,null); if (!hasDirectAAF && aafcon==null && aafURL!=null) { aafcon = loadAAFConnector(si, aafURL); } @@ -352,8 +358,8 @@ public class Config { Class<HttpTaf> obasicCls = (Class<HttpTaf>)loadClass(access,CADI_OBASIC_HTTP_TAF_DEF); if (obasicCls!=null) { try { - String tokenurl = logProp(access,Config.AAF_OAUTH2_TOKEN_URL, null); - String introspecturl = logProp(access,Config.AAF_OAUTH2_INTROSPECT_URL, null); + String tokenurl = logProp(rph,Config.AAF_OAUTH2_TOKEN_URL, null); + String introspecturl = logProp(rph,Config.AAF_OAUTH2_INTROSPECT_URL, null); if (tokenurl==null || introspecturl==null) { access.log(Level.INIT,"Both tokenurl and introspecturl are required. Oauth Authorization is disabled."); } @@ -431,7 +437,7 @@ public class Config { // Configure OAuth TAF ///////////////////////////////////////////////////// if (!hasOAuthDirectTAF) { - String oauthTokenUrl = logProp(access,Config.AAF_OAUTH2_TOKEN_URL,null); + String oauthTokenUrl = logProp(rph,Config.AAF_OAUTH2_TOKEN_URL,null); Class<?> oadtClss; try { oadtClss = Class.forName(OAUTH_DIRECT_TAF); @@ -448,7 +454,7 @@ public class Config { additionalTafLurs = array; access.log(Level.INIT,"OAuth2 Direct is enabled"); } else if (oauthTokenUrl!=null) { - String oauthIntrospectUrl = logProp(access,Config.AAF_OAUTH2_INTROSPECT_URL,null); + String oauthIntrospectUrl = logProp(rph,Config.AAF_OAUTH2_INTROSPECT_URL,null); @SuppressWarnings("unchecked") Class<HttpTaf> oaTCls = (Class<HttpTaf>)loadClass(access,OAUTH_HTTP_TAF); if (oaTCls!=null) { @@ -549,7 +555,7 @@ public class Config { } access.log(Level.INIT, sb); - Locator<URI> locator = loadLocator(si, logProp(access, AAF_LOCATE_URL, null)); + Locator<URI> locator = loadLocator(si, logProp(rph, AAF_LOCATE_URL, null)); taf = new HttpEpiTaf(access,locator, tc, htarray); // ok to pass locator == null String level = logProp(access, CADI_LOGLEVEL, null); @@ -561,6 +567,18 @@ public class Config { return taf; } + public static String logProp(RegistrationPropHolder rph, String tag, String def) { + String rv = rph.access().getProperty(tag, def); + if (rv == null) { + rph.access().log(Level.INIT,tag,"is not explicitly set"); + } else { + rv = rph.replacements(rv, null, null); + rph.access().log(Level.INIT,tag,"is set to",rv); + } + return rv; + + } + public static String logProp(Access access,String tag, String def) { String rv = access.getProperty(tag, def); if (rv == null) { @@ -573,6 +591,13 @@ public class Config { public static Lur configLur(SecurityInfoC<HttpURLConnection> si, Connector con, Object ... additionalTafLurs) throws CadiException { Access access = si.access; + RegistrationPropHolder rph; + try { + rph = new RegistrationPropHolder(access, 0); + } catch (UnknownHostException e2) { + throw new CadiException(e2); + } + List<Priori<Lur>> lurs = new ArrayList<>(); ///////////////////////////////////////////////////// @@ -601,8 +626,8 @@ public class Config { ///////////////////////////////////////////////////// // Configure the OAuth Lur (if any) ///////////////////////////////////////////////////// - String tokenUrl = logProp(access,AAF_OAUTH2_TOKEN_URL, null); - String introspectUrl = logProp(access,AAF_OAUTH2_INTROSPECT_URL, null); + String tokenUrl = logProp(rph,AAF_OAUTH2_TOKEN_URL, null); + String introspectUrl = logProp(rph,AAF_OAUTH2_INTROSPECT_URL, null); if (tokenUrl!=null && introspectUrl !=null) { try { Class<?> olurCls = loadClass(access, CADI_OLUR_CLASS_DEF); @@ -631,7 +656,7 @@ public class Config { ///////////////////////////////////////////////////// // Configure the AAF Lur (if any) ///////////////////////////////////////////////////// - String aafURL = logProp(access,AAF_URL,null); // Trigger Property + String aafURL = logProp(rph,AAF_URL,null); // Trigger Property String aafEnv = access.getProperty(AAF_ENV,null); if (aafEnv == null && aafURL!=null && access instanceof PropAccess) { // set AAF_ENV from AAF_URL int ec = aafURL.indexOf("envContext="); @@ -822,21 +847,11 @@ public class Config { try { rph = new RegistrationPropHolder(access, 0); url = rph.replacements(_url, null, null); + access.printf(Level.INFO, "loadLocator URL is %s",url); } catch (UnknownHostException | CadiException e1) { throw new LocatorException(e1); } - String replacement; - int idxAAFLocateUrl; - if ((idxAAFLocateUrl=url.indexOf(AAF_LOCATE_URL_TAG))>0 && ((replacement=access.getProperty(AAF_LOCATE_URL, null))!=null)) { - StringBuilder sb = new StringBuilder(replacement); - if (!replacement.endsWith("/locate")) { - sb.append("/locate"); - } - sb.append(url,idxAAFLocateUrl+AAF_LOCATE_URL_TAG.length(),url.length()); - url = sb.toString(); - } - try { Class<?> lcls = loadClass(access,AAF_LOCATOR_CLASS_DEF); if (lcls==null) { diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java index aa782313..68a018d6 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java @@ -41,6 +41,7 @@ public class RegistrationPropHolder { public final String default_name; public final String lentries; public final String lcontainer; + public final String default_container; public RegistrationPropHolder(final Access access, final int port) throws UnknownHostException, CadiException { this.access = access; @@ -50,15 +51,15 @@ public class RegistrationPropHolder { lentries=access.getProperty(Config.AAF_LOCATOR_ENTRIES,""); - str = access.getProperty(Config.AAF_LOCATOR_CONTAINER, ""); - if(!str.isEmpty()) { - lcontainer=',' + str; // "" makes a blank default Public Entry - str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_PORT+'.'+str, null); + default_container = access.getProperty(Config.AAF_LOCATOR_CONTAINER, ""); + if(!default_container.isEmpty()) { + lcontainer=',' + default_container; // "" makes a blank default Public Entry + str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_PORT+'.'+default_container, null); if(str==null) { str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_PORT, null); } } else { - lcontainer=str; + lcontainer=default_container; str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_PORT, null); } if(str!=null) { @@ -149,26 +150,42 @@ public class RegistrationPropHolder { } - public String replacements(String source, final String name, final String dot_le) { + public String replacements(String source, final String name, final String _dot_le) { if(source == null) { return ""; } else if(source.isEmpty()) { return source; } - String str; - // aaf_locate_url - if(source.indexOf(Config.AAF_LOCATE_URL_TAG)>=0) { - str = access.getProperty(Config.AAF_LOCATE_URL, null); - if(str!=null) { - if(!str.endsWith("/")) { - str+='/'; - } - if(!str.endsWith("/locate/")) { - str+="locate/"; + + String dot_le; + if(_dot_le==null) { + dot_le = default_container.isEmpty()?"":'.'+default_container; + } else { + dot_le = _dot_le; + } + + String aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL+dot_le,null); + if(aaf_locator_host==null) { + aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL,null); + } + + String str; + if(aaf_locator_host!=null) { + if("https://AAF_LOCATE_URL".equals(source)) { + source = aaf_locator_host; + } else { + str = aaf_locator_host; + if(source.indexOf(Config.AAF_LOCATE_URL_TAG)>=0) { + if(!str.endsWith("/")) { + str+='/'; + } + if(!str.endsWith("/locate/")) { + str+="locate/"; + } + source = source.replace("https://AAF_LOCATE_URL/", str); } - source = source.replace("https://AAF_LOCATE_URL/", str); } - } + } int atC = source.indexOf("%C"); if(atC>=0) { @@ -179,7 +196,7 @@ public class RegistrationPropHolder { } source = source.replace("%CNS", str); - str = access.getProperty(Config.AAF_LOCATOR_CONTAINER+dot_le, ""); + str = access.getProperty(Config.AAF_LOCATOR_CONTAINER+dot_le,default_container); if(str.isEmpty()) { source = source.replace("%C"+'.', str); } @@ -226,4 +243,8 @@ public class RegistrationPropHolder { public_port: port; } + + public Access access() { + return access; + } }
\ No newline at end of file diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java index 677f2139..fca99a31 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java @@ -134,7 +134,7 @@ public class X509Taf implements HttpTaf { // Note: If the Issuer is not in the TrustStore, it's not added to the Cert list String issuer = certarr[0].getIssuerDN().toString(); String subject = certarr[0].getSubjectDN().getName(); - access.printf(Level.DEBUG,"Client Certificate found\n Subject %s\n Issuer %s",subject,issuer); + access.printf(Level.DEBUG,"Client Certificate found\n Subject '%s'\n Issuer '%s'",subject,issuer); if (cadiIssuers.contains(issuer)) { // avoiding extra object creation, since this is validated EVERY transaction with a Cert int start = 0; diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java index 46fd741d..18e26f55 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java @@ -130,8 +130,8 @@ public class JU_RegistrationPropHolder { target = "mycontns.org.osaaf.aaf.theName"; assertEquals(target,rph.replacements(fqdn, name, ".hello")); - pa.setProperty(Config.AAF_LOCATOR_CONTAINER+".hello","hello"); - target = "hello.mycontns.org.osaaf.aaf.theName"; + pa.setProperty(Config.AAF_LOCATOR_CONTAINER+".hello","helloC"); + target = "helloC.mycontns.org.osaaf.aaf.theName"; assertEquals(target,rph.replacements(fqdn, name, ".hello")); pa.setProperty(Config.AAF_LOCATOR_CONTAINER_NS,"c_ns"); |