summaryrefslogtreecommitdiffstats
path: root/cadi
diff options
context:
space:
mode:
authorInstrumental <jonathan.gathman@att.com>2018-09-07 12:21:34 -0500
committerInstrumental <jonathan.gathman@att.com>2018-09-07 12:22:50 -0500
commit4b5a7d721d994a49057e9bfb403c7bff1b376660 (patch)
treea36d03227b63a3e60346d6c3ca87b061087dae85 /cadi
parent824dc7b5fc0e1ccdf7f460479aff344727f0f01e (diff)
Mass removal of all Tabs (Style Warnings)
Issue-ID: AAF-473 Change-Id: Iaf0ef8120882937959bb0065f2f6ba74a021940f Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'cadi')
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java282
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java18
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java210
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java464
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java226
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java116
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java698
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertMarshal.java54
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshal.java16
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java250
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java590
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java338
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java176
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java370
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java268
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java160
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java912
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java504
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java1954
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/ArtifactDir.java448
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/CertException.java30
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Factory.java862
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifact.java2
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInFiles.java34
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java196
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactOnStream.java42
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactScripts.java234
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AAFToken.java102
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java178
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/HRenewingTokenSS.java124
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTaf.java70
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTafResp.java54
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Lur.java134
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Principal.java50
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TimedToken.java168
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java844
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java246
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenMgr.java272
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenPerm.java254
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzClient.java4
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzHClient.java64
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/obasic/OBasicHttpTaf.java246
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/olur/OLur.java244
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persist.java472
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/PersistFile.java386
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persistable.java24
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persisting.java258
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrant.java4
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrar.java128
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java256
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java836
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java228
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/test/JU_ErrMessageTest.java156
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/test/JU_CertMarshal.java106
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/test/JU_CertsMarshal.java144
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_AAFPermission.java228
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_PermEval.java360
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/TestHClient.java80
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFLocator.java118
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFTrustChecker.java158
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java290
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_ArtifactDir.java214
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CertException.java24
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CmAgent.java188
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java588
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInFiles.java112
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInKeystore.java192
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactOnStream.java110
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactScripts.java100
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_AAFToken.java66
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2HttpTaf.java46
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2HttpTafResp.java38
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2Lur.java98
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2Principal.java42
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuthTest.java442
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TimedToken.java60
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenClientFactoryTest.java64
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenPerm.java286
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java116
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_Persist.java180
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_PersistFile.java130
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_Persisting.java112
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/sso/test/JU_AAFSSO.java150
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/client/sample/Sample.java260
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/content/JU_Content.java76
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsAuthentication.java156
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java62
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/client/EClient.java32
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/client/Future.java12
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/client/Holder.java30
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java1448
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/client/Result.java62
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/client/Retryable.java60
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/http/HAuthorizationHeader.java36
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java60
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java724
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java378
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/http/HNoAuthSS.java18
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java148
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/http/HSecurityInfoInit.java28
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/http/HTokenSS.java6
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java50
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java202
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java356
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/locator/HClientHotPeerLocator.java54
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/locator/HotPeerLocator.java462
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/locator/PropertyLocator.java488
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java106
-rw-r--r--cadi/client/src/main/java/org/onap/aaf/cadi/routing/GreatCircle.java252
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_AbsAuthentication.java118
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_AbsTransferSS.java66
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Future.java24
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Holder.java24
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Rcli.java448
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Result.java36
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Retryable.java40
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HAuthorizationHeader.java70
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HBasicAuthSS.java92
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HClient.java530
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HMangr.java424
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HNoAuthSS.java44
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HRcli.java134
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HTokenSS.java26
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HTransferSS.java82
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HX509SS.java126
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java172
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_HClientHotPeerLocator.java216
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_PropertyLocator.java114
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/cadi/routing/test/JU_GreatCircle.java78
-rw-r--r--cadi/client/src/test/java/org/onap/aaf/client/test/JU_ResultTest.java140
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/AES.java146
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java798
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Access.java280
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/BasicCred.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java298
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CachedPrincipal.java28
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CachingLur.java8
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CadiException.java32
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java292
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java398
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java608
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Connector.java2
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CredVal.java16
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/CredValDomain.java2
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/GetCred.java2
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java420
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Locator.java20
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/LocatorException.java32
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java94
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Permission.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java682
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Revalidator.java14
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/SecuritySetter.java20
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java62
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java1222
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Taf.java36
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/Transmutate.java14
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/TrustChecker.java30
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/User.java274
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/UserChain.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java1456
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java128
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java58
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java406
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java108
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoInit.java2
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java236
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZ.java2
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java102
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/AccessGetter.java14
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java526
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java296
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java76
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java44
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/NullPermConverter.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/PathFilter.java256
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/PermConverter.java2
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/RolesAllowed.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/filter/ServletImpl.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java68
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java222
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java344
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalPermission.java40
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java94
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java180
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/BearerPrincipal.java16
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java48
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java52
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java68
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/StringTagLookup.java16
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java60
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java78
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/UnAuthPrincipal.java18
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java140
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java176
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java84
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java328
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpTaf.java38
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/LoginPageTafResp.java116
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTaf.java42
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java94
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java90
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/Redirectable.java12
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/TafResp.java140
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java110
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java112
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java262
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTafResp.java54
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/CertIdentity.java28
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509HttpTafResp.java40
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java418
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java616
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTafResp.java48
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/Chmod.java64
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java48
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java112
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/MaskFormatException.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/MyConsole.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java128
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java582
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java144
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java72
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java40
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/Timing.java6
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java100
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java182
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Action.java2
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java160
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java74
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XEvent.java174
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java732
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_Get.java120
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_GetAccess.java74
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_MultiGet.java42
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_SecurityInfo.java174
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_SecurityInfoC.java118
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_UsersDump.java196
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java118
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AccessGetter.java32
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_MapPermConverter.java22
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_NullPermConverter.java10
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_PathFilter.java96
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_ConfigPrincipal.java76
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_EpiLur.java118
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalLur.java240
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalPermission.java52
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_NullLur.java60
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java160
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_CachedBasicPrincipal.java154
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_Kind.java48
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_OAuth2FormPrincipal.java44
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_StringTagLookup.java12
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_TaggedPrincipal.java52
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_TrustPrincipal.java94
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_UnAuthPrincipal.java12
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_X509Principal.java196
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/basic/test/JU_BasicHttpTaf.java234
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/basic/test/JU_BasicHttpTafResp.java34
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/cert/test/JU_X509HttpTafResp.java40
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTaf.java638
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTafResp.java32
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_AbsTafResp.java86
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_EpiTaf.java116
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_HttpEpiTaf.java174
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_LoginPageTafResp.java68
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_NullTaf.java48
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_PuntTafResp.java32
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_TrustNotTafResp.java50
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_TrustTafResp.java66
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AES.java288
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AbsUserCache.java610
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Access.java56
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Base64.java96
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedCadiWrap.java24
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedServletInputStream.java382
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiException.java172
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiWrap.java200
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Capacitor.java160
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java442
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java214
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_LocatorException.java50
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_PropAccess.java220
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_ServletContextAccess.java94
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Symm.java344
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_TrustChecker.java10
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_User.java274
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Chmod.java58
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_FQI.java18
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_JsonOutputStream.java106
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_MaskFormatException.java20
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_NetMask.java68
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Pool.java244
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Split.java146
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_SubStandardConsole.java168
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_TheConsole.java8
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_UserChainManip.java60
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Vars.java210
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_WSSEParser.java244
-rw-r--r--cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_XReader.java218
-rw-r--r--cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/ClientFactory.java36
-rw-r--r--cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/RESTException.java70
-rw-r--r--cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/SimpleRESTClient.java494
-rw-r--r--cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java354
-rw-r--r--cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OnapClientExample.java302
-rw-r--r--cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/SimpleRestClientExample.java362
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java174
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java20
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java96
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java24
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java96
-rw-r--r--cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java62
311 files changed, 28189 insertions, 28189 deletions
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java
index c4ca8082..c4876f29 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java
@@ -35,154 +35,154 @@ import org.onap.aaf.misc.env.util.Split;
*
*/
public class AAFPermission implements Permission {
- private static final List<String> NO_ROLES;
- protected String ns,type,instance,action,key;
- private List<String> roles;
-
- static {
- NO_ROLES = new ArrayList<>();
- }
+ private static final List<String> NO_ROLES;
+ protected String ns,type,instance,action,key;
+ private List<String> roles;
+
+ static {
+ NO_ROLES = new ArrayList<>();
+ }
- protected AAFPermission() {roles=NO_ROLES;}
+ protected AAFPermission() {roles=NO_ROLES;}
- public AAFPermission(String ns, String name, String instance, String action) {
- this.ns = ns;
- type = name;
- this.instance = instance;
- this.action = action;
- if(ns==null) {
- key = type + '|' + instance + '|' + action;
- } else {
- key = ns + '|' + type + '|' + instance + '|' + action;
- }
- this.roles = NO_ROLES;
+ public AAFPermission(String ns, String name, String instance, String action) {
+ this.ns = ns;
+ type = name;
+ this.instance = instance;
+ this.action = action;
+ if(ns==null) {
+ key = type + '|' + instance + '|' + action;
+ } else {
+ key = ns + '|' + type + '|' + instance + '|' + action;
+ }
+ this.roles = NO_ROLES;
- }
+ }
- public AAFPermission(String ns, String name, String instance, String action, List<String> roles) {
- this.ns = ns;
- type = name;
- this.instance = instance;
- this.action = action;
- if(ns==null) {
- key = type + '|' + instance + '|' + action;
- } else {
- key = ns + '|' + type + '|' + instance + '|' + action;
- }
- this.roles = roles==null?NO_ROLES:roles;
- }
-
- /**
- * Match a Permission
- * if Permission is Fielded type "Permission", we use the fields
- * otherwise, we split the Permission with '|'
- *
- * when the type or action starts with REGEX indicator character ( ! ),
- * then it is evaluated as a regular expression.
- *
- * If you want a simple field comparison, it is faster without REGEX
- */
- public boolean match(Permission p) {
- String aafNS;
- String aafType;
- String aafInstance;
- String aafAction;
- if(p instanceof AAFPermission) {
- AAFPermission ap = (AAFPermission)p;
- // Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy
- // Current solution is only allow direct match on Type.
- // 8/28/2014 Jonathan - added REGEX ability
- aafNS = ap.getNS();
- aafType = ap.getType();
- aafInstance = ap.getInstance();
- aafAction = ap.getAction();
- } else {
- // Permission is concatenated together: separated by
- String[] aaf = Split.splitTrim('|', p.getKey());
- switch(aaf.length) {
- case 1:
- aafNS = aaf[0];
- aafType="";
- aafInstance = aafAction = "*";
- break;
- case 2:
- aafNS = aaf[0];
- aafType = aaf[1];
- aafInstance = aafAction = "*";
- break;
- case 3:
- aafNS = aaf[0];
- aafType = aaf[1];
- aafInstance = aaf[2];
- aafAction = "*";
- break;
- default:
- aafNS = aaf[0];
- aafType = aaf[1];
- aafInstance = aaf[2];
- aafAction = aaf[3];
- break;
- }
- }
- boolean typeMatches;
- if(aafNS==null) {
- if(ns==null) {
- typeMatches = aafType.equals(type);
- } else {
- typeMatches = aafType.equals(ns+'.'+type);
- }
- } else if(ns==null) {
- typeMatches = type.equals(aafNS+'.'+aafType);
- } else if(aafNS.length() == ns.length()) {
- typeMatches = aafNS.equals(ns) && aafType.equals(type);
- } else { // Allow for restructuring of NS/Perm structure
- typeMatches = (aafNS+'.'+aafType).equals(ns+'.'+type);
- }
- return (typeMatches &&
- PermEval.evalInstance(instance, aafInstance) &&
- PermEval.evalAction(action, aafAction));
- }
+ public AAFPermission(String ns, String name, String instance, String action, List<String> roles) {
+ this.ns = ns;
+ type = name;
+ this.instance = instance;
+ this.action = action;
+ if(ns==null) {
+ key = type + '|' + instance + '|' + action;
+ } else {
+ key = ns + '|' + type + '|' + instance + '|' + action;
+ }
+ this.roles = roles==null?NO_ROLES:roles;
+ }
+
+ /**
+ * Match a Permission
+ * if Permission is Fielded type "Permission", we use the fields
+ * otherwise, we split the Permission with '|'
+ *
+ * when the type or action starts with REGEX indicator character ( ! ),
+ * then it is evaluated as a regular expression.
+ *
+ * If you want a simple field comparison, it is faster without REGEX
+ */
+ public boolean match(Permission p) {
+ String aafNS;
+ String aafType;
+ String aafInstance;
+ String aafAction;
+ if(p instanceof AAFPermission) {
+ AAFPermission ap = (AAFPermission)p;
+ // Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy
+ // Current solution is only allow direct match on Type.
+ // 8/28/2014 Jonathan - added REGEX ability
+ aafNS = ap.getNS();
+ aafType = ap.getType();
+ aafInstance = ap.getInstance();
+ aafAction = ap.getAction();
+ } else {
+ // Permission is concatenated together: separated by
+ String[] aaf = Split.splitTrim('|', p.getKey());
+ switch(aaf.length) {
+ case 1:
+ aafNS = aaf[0];
+ aafType="";
+ aafInstance = aafAction = "*";
+ break;
+ case 2:
+ aafNS = aaf[0];
+ aafType = aaf[1];
+ aafInstance = aafAction = "*";
+ break;
+ case 3:
+ aafNS = aaf[0];
+ aafType = aaf[1];
+ aafInstance = aaf[2];
+ aafAction = "*";
+ break;
+ default:
+ aafNS = aaf[0];
+ aafType = aaf[1];
+ aafInstance = aaf[2];
+ aafAction = aaf[3];
+ break;
+ }
+ }
+ boolean typeMatches;
+ if(aafNS==null) {
+ if(ns==null) {
+ typeMatches = aafType.equals(type);
+ } else {
+ typeMatches = aafType.equals(ns+'.'+type);
+ }
+ } else if(ns==null) {
+ typeMatches = type.equals(aafNS+'.'+aafType);
+ } else if(aafNS.length() == ns.length()) {
+ typeMatches = aafNS.equals(ns) && aafType.equals(type);
+ } else { // Allow for restructuring of NS/Perm structure
+ typeMatches = (aafNS+'.'+aafType).equals(ns+'.'+type);
+ }
+ return (typeMatches &&
+ PermEval.evalInstance(instance, aafInstance) &&
+ PermEval.evalAction(action, aafAction));
+ }
- public String getNS() {
- return ns;
- }
+ public String getNS() {
+ return ns;
+ }
- public String getType() {
- return type;
- }
+ public String getType() {
+ return type;
+ }
- public String getFullType() {
- return ns + '.' + type;
- }
-
- public String getInstance() {
- return instance;
- }
-
- public String getAction() {
- return action;
- }
-
- public String getKey() {
- return key;
- }
+ public String getFullType() {
+ return ns + '.' + type;
+ }
+
+ public String getInstance() {
+ return instance;
+ }
+
+ public String getAction() {
+ return action;
+ }
+
+ public String getKey() {
+ return key;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Permission#permType()
- */
- public String permType() {
- return "AAF";
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Permission#permType()
+ */
+ public String permType() {
+ return "AAF";
+ }
- public List<String> roles() {
- return roles;
- }
- public String toString() {
- return "AAFPermission:" +
- "\n\tNS: " + ns +
- "\n\tType: " + type +
- "\n\tInstance: " + instance +
- "\n\tAction: " + action +
- "\n\tKey: " + key;
- }
+ public List<String> roles() {
+ return roles;
+ }
+ public String toString() {
+ return "AAFPermission:" +
+ "\n\tNS: " + ns +
+ "\n\tType: " + type +
+ "\n\tInstance: " + instance +
+ "\n\tAction: " + action +
+ "\n\tKey: " + key;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java
index 5aa4dbc5..a38904d4 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java
@@ -21,13 +21,13 @@
package org.onap.aaf.cadi.aaf;
public interface Defaults {
- public static String AAF_VERSION = "2.1";
- public static String AAF_NS = "AAF_NS";
- public static String AAF_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".service:" + AAF_VERSION;
- public static String GUI_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".gui:" + AAF_VERSION;
- public static String CM_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".cm:" + AAF_VERSION;
- public static String FS_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".fs:" + AAF_VERSION;
- public static String HELLO_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".hello:" + AAF_VERSION;
- public static String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".token:" + AAF_VERSION;
- public static String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".introspect:" + AAF_VERSION;
+ public static String AAF_VERSION = "2.1";
+ public static String AAF_NS = "AAF_NS";
+ public static String AAF_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".service:" + AAF_VERSION;
+ public static String GUI_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".gui:" + AAF_VERSION;
+ public static String CM_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".cm:" + AAF_VERSION;
+ public static String FS_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".fs:" + AAF_VERSION;
+ public static String HELLO_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".hello:" + AAF_VERSION;
+ public static String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".token:" + AAF_VERSION;
+ public static String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".introspect:" + AAF_VERSION;
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java
index 75df4eab..f64eb276 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java
@@ -25,116 +25,116 @@ import org.onap.aaf.misc.env.util.Split;
public class PermEval {
- public static final char START_REGEX_CHAR = '!';
- public static final char START_INST_KEY_CHAR=':';
- public static final char ALT_START_INST_KEY_CHAR='/';
+ public static final char START_REGEX_CHAR = '!';
+ public static final char START_INST_KEY_CHAR=':';
+ public static final char ALT_START_INST_KEY_CHAR='/';
- public static final char LIST_SEP = ',';
- public static final String INST_KEY_REGEX = new StringBuilder().append(START_INST_KEY_CHAR).toString();
- public static final String ASTERIX = "*";
+ public static final char LIST_SEP = ',';
+ public static final String INST_KEY_REGEX = new StringBuilder().append(START_INST_KEY_CHAR).toString();
+ public static final String ASTERIX = "*";
- /**
- * Evaluate Instance
- *
- * Instance can be more complex. It can be a string, a Regular Expression, or a ":" separated Key
- * who's parts can also be a String, Regular Expression.
- *
- * sInst = Server's Instance
- * In order to prevent false matches, keys must be the same length to count as equal
- * Changing this will break existing users, like Cassandra. Jonathan 9-4-2015
- */
- public static boolean evalInstance(String sInst, String pInst) {
- if(sInst == null || pInst == null) {
- return false;
- }
- if (sInst == "" || pInst == "") {
- return false;
- }
- if(ASTERIX.equals(sInst)) {
- return true; // If Server's String is "*", then it accepts every Instance
- }
- char firstChar = pInst.charAt(0);
- char startChar = firstChar==ALT_START_INST_KEY_CHAR?ALT_START_INST_KEY_CHAR:START_INST_KEY_CHAR;
- switch(pInst.charAt(0)) { // First char
- case START_REGEX_CHAR: // Evaluate as Regular Expression
- String pItem = pInst.substring(1);
- String first = Split.split(LIST_SEP,sInst)[0]; // allow for "," definition in Action
- return first.matches(pItem);
+ /**
+ * Evaluate Instance
+ *
+ * Instance can be more complex. It can be a string, a Regular Expression, or a ":" separated Key
+ * who's parts can also be a String, Regular Expression.
+ *
+ * sInst = Server's Instance
+ * In order to prevent false matches, keys must be the same length to count as equal
+ * Changing this will break existing users, like Cassandra. Jonathan 9-4-2015
+ */
+ public static boolean evalInstance(String sInst, String pInst) {
+ if(sInst == null || pInst == null) {
+ return false;
+ }
+ if (sInst == "" || pInst == "") {
+ return false;
+ }
+ if(ASTERIX.equals(sInst)) {
+ return true; // If Server's String is "*", then it accepts every Instance
+ }
+ char firstChar = pInst.charAt(0);
+ char startChar = firstChar==ALT_START_INST_KEY_CHAR?ALT_START_INST_KEY_CHAR:START_INST_KEY_CHAR;
+ switch(pInst.charAt(0)) { // First char
+ case START_REGEX_CHAR: // Evaluate as Regular Expression
+ String pItem = pInst.substring(1);
+ String first = Split.split(LIST_SEP,sInst)[0]; // allow for "," definition in Action
+ return first.matches(pItem);
- case START_INST_KEY_CHAR: // Evaluate a special Key field, i.e.:xyz:*:!df.*
- case ALT_START_INST_KEY_CHAR: // Also allow '/' as special Key Field, i.e. /xyz/*/!.*
- if(sInst.charAt(0)==startChar) { // To compare key-to-key, both strings must be keys
- String[] skeys=Split.split(startChar,sInst);
- String[] pkeys=Split.split(startChar,pInst);
- if(skeys.length!=pkeys.length) return false;
+ case START_INST_KEY_CHAR: // Evaluate a special Key field, i.e.:xyz:*:!df.*
+ case ALT_START_INST_KEY_CHAR: // Also allow '/' as special Key Field, i.e. /xyz/*/!.*
+ if(sInst.charAt(0)==startChar) { // To compare key-to-key, both strings must be keys
+ String[] skeys=Split.split(startChar,sInst);
+ String[] pkeys=Split.split(startChar,pInst);
+ if(skeys.length!=pkeys.length) return false;
- boolean pass = true;
- for(int i=1;pass && i<skeys.length;++i) { // We start at 1, because the first one, being ":" is always ""
- if(ASTERIX.equals(skeys[i]))continue; // Server data accepts all for this key spot
- pass = false;
- for(String sItem : Split.split(LIST_SEP,skeys[i])) { // allow for "," definition in Action
- if(pkeys[i].length()==0) {
- if(pass=sItem.length()==0) {
- break; // Both Empty, keep checking
- }
- } else if(sItem.charAt(0)==START_REGEX_CHAR) { // Check Server side when wildcarding like *
- if(pass=pkeys[i].matches(sItem.substring(1))) {
- break; // Matches, keep checking
- }
- } else if(skeys[i].endsWith(ASTERIX)) {
- if(pass=endAsterixCompare(skeys[i],pkeys[i])) {
- break;
- }
- } else if(pass=sItem.equals(pkeys[i])) {
- break; // Equal, keep checking
- }
- }
- }
- return pass; // return whether passed all key checks
- }
- return false; // if first chars aren't the same, further String compare not necessary
- default: // Evaluate as String Compare
- for(String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," separator //TODO is this only for actions?
- if((sItem.endsWith(ASTERIX)) && (endAsterixCompare(sInst, pInst))) {
- return true;
- } else if(sItem.equals(pInst)) {
- return true;
- }
- }
- return false;
- }
- }
+ boolean pass = true;
+ for(int i=1;pass && i<skeys.length;++i) { // We start at 1, because the first one, being ":" is always ""
+ if(ASTERIX.equals(skeys[i]))continue; // Server data accepts all for this key spot
+ pass = false;
+ for(String sItem : Split.split(LIST_SEP,skeys[i])) { // allow for "," definition in Action
+ if(pkeys[i].length()==0) {
+ if(pass=sItem.length()==0) {
+ break; // Both Empty, keep checking
+ }
+ } else if(sItem.charAt(0)==START_REGEX_CHAR) { // Check Server side when wildcarding like *
+ if(pass=pkeys[i].matches(sItem.substring(1))) {
+ break; // Matches, keep checking
+ }
+ } else if(skeys[i].endsWith(ASTERIX)) {
+ if(pass=endAsterixCompare(skeys[i],pkeys[i])) {
+ break;
+ }
+ } else if(pass=sItem.equals(pkeys[i])) {
+ break; // Equal, keep checking
+ }
+ }
+ }
+ return pass; // return whether passed all key checks
+ }
+ return false; // if first chars aren't the same, further String compare not necessary
+ default: // Evaluate as String Compare
+ for(String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," separator //TODO is this only for actions?
+ if((sItem.endsWith(ASTERIX)) && (endAsterixCompare(sInst, pInst))) {
+ return true;
+ } else if(sItem.equals(pInst)) {
+ return true;
+ }
+ }
+ return false;
+ }
+ }
- private static boolean endAsterixCompare(String sInst, String pInst) {
- final int len = sInst.length()-1;
- if(pInst.length()<len) {
- return false;
- }
- for(int j=0;j<len;++j) {
- if(pInst.charAt(j)!=sInst.charAt(j)) {
- return false;
- }
- }
- return true;
- }
+ private static boolean endAsterixCompare(String sInst, String pInst) {
+ final int len = sInst.length()-1;
+ if(pInst.length()<len) {
+ return false;
+ }
+ for(int j=0;j<len;++j) {
+ if(pInst.charAt(j)!=sInst.charAt(j)) {
+ return false;
+ }
+ }
+ return true;
+ }
- /**
- * Evaluate Action
- *
- * sAction = Stored Action...
- * pAction = Present Action... the Permission to validate against.
- * Action is not quite as complex. But we write it in this function so it can be consistent
- */
- public static boolean evalAction(String sAction,String pAction) {
- if(ASTERIX.equals(sAction))return true; // If Server's String is "*", then it accepts every Action
- if(pAction == "") return false;
- for(String sItem : Split.split(LIST_SEP,sAction)) { // allow for "," definition in Action
- if (pAction.charAt(0)==START_REGEX_CHAR? // First char
- sItem.matches(pAction.substring(1)): // Evaluate as Regular Expression
- sItem.equals(pAction)) // Evaluate as String Compare
- return true;
- }
- return false;
- }
+ /**
+ * Evaluate Action
+ *
+ * sAction = Stored Action...
+ * pAction = Present Action... the Permission to validate against.
+ * Action is not quite as complex. But we write it in this function so it can be consistent
+ */
+ public static boolean evalAction(String sAction,String pAction) {
+ if(ASTERIX.equals(sAction))return true; // If Server's String is "*", then it accepts every Action
+ if(pAction == "") return false;
+ for(String sItem : Split.split(LIST_SEP,sAction)) { // allow for "," definition in Action
+ if (pAction.charAt(0)==START_REGEX_CHAR? // First char
+ sItem.matches(pAction.substring(1)): // Evaluate as Regular Expression
+ sItem.equals(pAction)) // Evaluate as String Compare
+ return true;
+ }
+ return false;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java
index 3f5bc970..e9c90288 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java
@@ -49,251 +49,251 @@ import org.onap.aaf.cadi.oauth.HRenewingTokenSS;
import org.onap.aaf.misc.env.APIException;
public class TestConnectivity {
-
- public static void main(String[] args) {
- if(args.length<1) {
- System.out.println("Usage: ConnectivityTester <cadi_prop_files> [<AAF FQDN (i.e. aaf.dev.att.com)>]");
- } else {
- print(true,"START OF CONNECTIVITY TESTS",new Date().toString(),System.getProperty("user.name"),
- "Note: All API Calls are /authz/perms/user/<AppID/Alias of the caller>");
+
+ public static void main(String[] args) {
+ if(args.length<1) {
+ System.out.println("Usage: ConnectivityTester <cadi_prop_files> [<AAF FQDN (i.e. aaf.dev.att.com)>]");
+ } else {
+ print(true,"START OF CONNECTIVITY TESTS",new Date().toString(),System.getProperty("user.name"),
+ "Note: All API Calls are /authz/perms/user/<AppID/Alias of the caller>");
- if(!args[0].contains(Config.CADI_PROP_FILES+'=')) {
- args[0]=Config.CADI_PROP_FILES+'='+args[0];
- }
+ if(!args[0].contains(Config.CADI_PROP_FILES+'=')) {
+ args[0]=Config.CADI_PROP_FILES+'='+args[0];
+ }
- PropAccess access = new PropAccess(args);
- String aaflocate;
- if(args.length>1) {
- aaflocate = "https://" + args[1];
- access.setProperty(Config.AAF_LOCATE_URL, "https://" + args[1]);
- } else {
- aaflocate = access.getProperty(Config.AAF_LOCATE_URL);
- if(aaflocate==null) {
- print(true,"Properties must contain ",Config.AAF_LOCATE_URL);
- }
- }
-
- try {
- SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(access, HttpURLConnection.class);
-
- List<SecuritySetter<HttpURLConnection>> lss = loadSetters(access,si);
- /////////
- print(true,"Test Connections driven by AAFLocator");
- URI serviceURI = new URI(Defaults.AAF_URL);
+ PropAccess access = new PropAccess(args);
+ String aaflocate;
+ if(args.length>1) {
+ aaflocate = "https://" + args[1];
+ access.setProperty(Config.AAF_LOCATE_URL, "https://" + args[1]);
+ } else {
+ aaflocate = access.getProperty(Config.AAF_LOCATE_URL);
+ if(aaflocate==null) {
+ print(true,"Properties must contain ",Config.AAF_LOCATE_URL);
+ }
+ }
+
+ try {
+ SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(access, HttpURLConnection.class);
+
+ List<SecuritySetter<HttpURLConnection>> lss = loadSetters(access,si);
+ /////////
+ print(true,"Test Connections driven by AAFLocator");
+ URI serviceURI = new URI(Defaults.AAF_URL);
- for(URI uri : new URI[] {
- serviceURI,
- new URI(Defaults.OAUTH2_TOKEN_URL),
- new URI(Defaults.OAUTH2_INTROSPECT_URL),
- new URI(Defaults.CM_URL),
- new URI(Defaults.GUI_URL),
- new URI(Defaults.FS_URL),
- new URI(Defaults.HELLO_URL)
- }) {
- Locator<URI> locator = new AAFLocator(si, uri);
- try {
- connectTest(locator, uri);
- } catch (Exception e) {
- e.printStackTrace();
- System.err.flush();
- }
- }
+ for(URI uri : new URI[] {
+ serviceURI,
+ new URI(Defaults.OAUTH2_TOKEN_URL),
+ new URI(Defaults.OAUTH2_INTROSPECT_URL),
+ new URI(Defaults.CM_URL),
+ new URI(Defaults.GUI_URL),
+ new URI(Defaults.FS_URL),
+ new URI(Defaults.HELLO_URL)
+ }) {
+ Locator<URI> locator = new AAFLocator(si, uri);
+ try {
+ connectTest(locator, uri);
+ } catch (Exception e) {
+ e.printStackTrace();
+ System.err.flush();
+ }
+ }
- /////////
- print(true,"Test Service for Perms driven by AAFLocator");
- Locator<URI> locator = new AAFLocator(si,serviceURI);
- for(SecuritySetter<HttpURLConnection> ss : lss) {
- permTest(locator,ss);
- }
+ /////////
+ print(true,"Test Service for Perms driven by AAFLocator");
+ Locator<URI> locator = new AAFLocator(si,serviceURI);
+ for(SecuritySetter<HttpURLConnection> ss : lss) {
+ permTest(locator,ss);
+ }
- //////////
- print(true,"Test essential BasicAuth Service call, driven by AAFLocator");
- for(SecuritySetter<HttpURLConnection> ss : lss) {
- if(ss instanceof HBasicAuthSS) {
- basicAuthTest(new AAFLocator(si, serviceURI),ss);
- }
- }
-
- } catch(Exception e) {
- e.printStackTrace(System.err);
- } finally {
- print(true,"END OF TESTS");
- }
- }
- }
-
- private static List<SecuritySetter<HttpURLConnection>> loadSetters(PropAccess access, SecurityInfoC<HttpURLConnection> si) {
- print(true,"Load Security Setters from Configuration Information");
- String user = access.getProperty(Config.AAF_APPID);
+ //////////
+ print(true,"Test essential BasicAuth Service call, driven by AAFLocator");
+ for(SecuritySetter<HttpURLConnection> ss : lss) {
+ if(ss instanceof HBasicAuthSS) {
+ basicAuthTest(new AAFLocator(si, serviceURI),ss);
+ }
+ }
+
+ } catch(Exception e) {
+ e.printStackTrace(System.err);
+ } finally {
+ print(true,"END OF TESTS");
+ }
+ }
+ }
+
+ private static List<SecuritySetter<HttpURLConnection>> loadSetters(PropAccess access, SecurityInfoC<HttpURLConnection> si) {
+ print(true,"Load Security Setters from Configuration Information");
+ String user = access.getProperty(Config.AAF_APPID);
- ArrayList<SecuritySetter<HttpURLConnection>> lss = new ArrayList<>();
-
+ ArrayList<SecuritySetter<HttpURLConnection>> lss = new ArrayList<>();
+
- try {
- HBasicAuthSS hbass = new HBasicAuthSS(si,true);
- if(hbass==null || hbass.getID()==null) {
- access.log(Level.INFO, "BasicAuth Information is not available in configuration, BasicAuth tests will not be conducted... Continuing");
- } else {
- access.log(Level.INFO, "BasicAuth Information found with ID",hbass.getID(),". BasicAuth tests will be performed.");
- lss.add(hbass);
- }
- } catch (Exception e) {
- access.log(Level.INFO, "BasicAuth Security Setter constructor threw exception: \"",e.getMessage(),"\". BasicAuth tests will not be performed");
- }
+ try {
+ HBasicAuthSS hbass = new HBasicAuthSS(si,true);
+ if(hbass==null || hbass.getID()==null) {
+ access.log(Level.INFO, "BasicAuth Information is not available in configuration, BasicAuth tests will not be conducted... Continuing");
+ } else {
+ access.log(Level.INFO, "BasicAuth Information found with ID",hbass.getID(),". BasicAuth tests will be performed.");
+ lss.add(hbass);
+ }
+ } catch (Exception e) {
+ access.log(Level.INFO, "BasicAuth Security Setter constructor threw exception: \"",e.getMessage(),"\". BasicAuth tests will not be performed");
+ }
- try {
- HX509SS hxss = new HX509SS(user,si);
- if(hxss==null || hxss.getID()==null) {
- access.log(Level.INFO, "X509 (Client certificate) Information is not available in configuration, X509 tests will not be conducted... Continuing");
- } else {
- access.log(Level.INFO, "X509 (Client certificate) Information found with ID",hxss.getID(),". X509 tests will be performed.");
- lss.add(hxss);
- }
- } catch (Exception e) {
- access.log(Level.INFO, "X509 (Client certificate) Security Setter constructor threw exception: \"",e.getMessage(),"\". X509 tests will not be performed");
- }
+ try {
+ HX509SS hxss = new HX509SS(user,si);
+ if(hxss==null || hxss.getID()==null) {
+ access.log(Level.INFO, "X509 (Client certificate) Information is not available in configuration, X509 tests will not be conducted... Continuing");
+ } else {
+ access.log(Level.INFO, "X509 (Client certificate) Information found with ID",hxss.getID(),". X509 tests will be performed.");
+ lss.add(hxss);
+ }
+ } catch (Exception e) {
+ access.log(Level.INFO, "X509 (Client certificate) Security Setter constructor threw exception: \"",e.getMessage(),"\". X509 tests will not be performed");
+ }
- String tokenURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL);
- String locateURL=access.getProperty(Config.AAF_LOCATE_URL);
- if(tokenURL==null || (tokenURL.contains("/locate/") && locateURL!=null)) {
- tokenURL=Defaults.OAUTH2_TOKEN_URL+"/token";
- }
+ String tokenURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL);
+ String locateURL=access.getProperty(Config.AAF_LOCATE_URL);
+ if(tokenURL==null || (tokenURL.contains("/locate/") && locateURL!=null)) {
+ tokenURL=Defaults.OAUTH2_TOKEN_URL+"/token";
+ }
- try {
- HRenewingTokenSS hrtss = new HRenewingTokenSS(access, tokenURL);
- access.log(Level.INFO, "AAF OAUTH2 Information found with ID",hrtss.getID(),". AAF OAUTH2 tests will be performed.");
- lss.add(hrtss);
- } catch (Exception e) {
- access.log(Level.INFO, "AAF OAUTH2 Security Setter constructor threw exception: \"",e.getMessage(),"\". AAF OAUTH2 tests will not be conducted... Continuing");
- }
-
- tokenURL = access.getProperty(Config.AAF_ALT_OAUTH2_TOKEN_URL);
- if(tokenURL==null) {
- access.log(Level.INFO, "AAF Alternative OAUTH2 requires",Config.AAF_ALT_OAUTH2_TOKEN_URL, "OAuth2 tests to", tokenURL, "will not be conducted... Continuing");
- } else {
- try {
- HRenewingTokenSS hrtss = new HRenewingTokenSS(access, tokenURL);
- access.log(Level.INFO, "ALT OAUTH2 Information found with ID",hrtss.getID(),". ALT OAUTH2 tests will be performed.");
- lss.add(hrtss);
- } catch (Exception e) {
- access.log(Level.INFO, "ALT OAUTH2 Security Setter constructor threw exception: \"",e.getMessage(),"\". ALT OAuth2 tests to", tokenURL, " will not be conducted... Continuing");
- }
- }
-
- return lss;
- }
+ try {
+ HRenewingTokenSS hrtss = new HRenewingTokenSS(access, tokenURL);
+ access.log(Level.INFO, "AAF OAUTH2 Information found with ID",hrtss.getID(),". AAF OAUTH2 tests will be performed.");
+ lss.add(hrtss);
+ } catch (Exception e) {
+ access.log(Level.INFO, "AAF OAUTH2 Security Setter constructor threw exception: \"",e.getMessage(),"\". AAF OAUTH2 tests will not be conducted... Continuing");
+ }
+
+ tokenURL = access.getProperty(Config.AAF_ALT_OAUTH2_TOKEN_URL);
+ if(tokenURL==null) {
+ access.log(Level.INFO, "AAF Alternative OAUTH2 requires",Config.AAF_ALT_OAUTH2_TOKEN_URL, "OAuth2 tests to", tokenURL, "will not be conducted... Continuing");
+ } else {
+ try {
+ HRenewingTokenSS hrtss = new HRenewingTokenSS(access, tokenURL);
+ access.log(Level.INFO, "ALT OAUTH2 Information found with ID",hrtss.getID(),". ALT OAUTH2 tests will be performed.");
+ lss.add(hrtss);
+ } catch (Exception e) {
+ access.log(Level.INFO, "ALT OAUTH2 Security Setter constructor threw exception: \"",e.getMessage(),"\". ALT OAuth2 tests to", tokenURL, " will not be conducted... Continuing");
+ }
+ }
+
+ return lss;
+ }
- private static void print(Boolean strong, String ... args) {
- PrintStream out = System.out;
- out.println();
- if(strong) {
- for(int i=0;i<70;++i) {
- out.print('=');
- }
- out.println();
- }
- for(String s : args) {
- out.print(strong?"== ":"------ ");
- out.print(s);
- if(!strong) {
- out.print(" ------");
- }
- out.println();
- }
- if(strong) {
- for(int i=0;i<70;++i) {
- out.print('=');
- }
- }
- out.println();
- }
+ private static void print(Boolean strong, String ... args) {
+ PrintStream out = System.out;
+ out.println();
+ if(strong) {
+ for(int i=0;i<70;++i) {
+ out.print('=');
+ }
+ out.println();
+ }
+ for(String s : args) {
+ out.print(strong?"== ":"------ ");
+ out.print(s);
+ if(!strong) {
+ out.print(" ------");
+ }
+ out.println();
+ }
+ if(strong) {
+ for(int i=0;i<70;++i) {
+ out.print('=');
+ }
+ }
+ out.println();
+ }
- private static void connectTest(Locator<URI> dl, URI locatorURI) throws LocatorException {
- URI uri;
- Socket socket;
- print(false,"TCP/IP Connect test to all Located Services for " + locatorURI.toString() );
- for(Item li = dl.first();li!=null;li=dl.next(li)) {
- if((uri = dl.get(li)) == null) {
- System.out.println("Locator Item empty");
- } else {
- socket = new Socket();
- try {
- try {
- socket.connect(new InetSocketAddress(uri.getHost(), uri.getPort()),3000);
- System.out.printf("Can Connect a Socket to %s %d\n",uri.getHost(),uri.getPort());
- } catch (IOException e) {
- System.out.printf("Cannot Connect a Socket to %s %d: %s\n",uri.getHost(),uri.getPort(),e.getMessage());
- }
- } finally {
- try {
- socket.close();
- } catch (IOException e1) {
- System.out.printf("Could not close Socket Connection: %s\n",e1.getMessage());
- }
- }
- }
- }
- }
+ private static void connectTest(Locator<URI> dl, URI locatorURI) throws LocatorException {
+ URI uri;
+ Socket socket;
+ print(false,"TCP/IP Connect test to all Located Services for " + locatorURI.toString() );
+ for(Item li = dl.first();li!=null;li=dl.next(li)) {
+ if((uri = dl.get(li)) == null) {
+ System.out.println("Locator Item empty");
+ } else {
+ socket = new Socket();
+ try {
+ try {
+ socket.connect(new InetSocketAddress(uri.getHost(), uri.getPort()),3000);
+ System.out.printf("Can Connect a Socket to %s %d\n",uri.getHost(),uri.getPort());
+ } catch (IOException e) {
+ System.out.printf("Cannot Connect a Socket to %s %d: %s\n",uri.getHost(),uri.getPort(),e.getMessage());
+ }
+ } finally {
+ try {
+ socket.close();
+ } catch (IOException e1) {
+ System.out.printf("Could not close Socket Connection: %s\n",e1.getMessage());
+ }
+ }
+ }
+ }
+ }
- private static void permTest(Locator<URI> dl, SecuritySetter<HttpURLConnection> ss) {
- try {
- URI uri = dl.get(dl.best());
- if(uri==null) {
- System.out.print("No URI available using " + ss.getClass().getSimpleName());
- System.out.println();
- return;
- } else {
- System.out.print("Resolved to: " + uri + " using " + ss.getClass().getSimpleName());
- }
- if(ss instanceof HRenewingTokenSS) {
- System.out.println(" " + ((HRenewingTokenSS)ss).tokenURL());
- } else {
- System.out.println();
- }
- HClient client = new HClient(ss, uri, 3000);
- client.setMethod("GET");
- String user = ss.getID();
- if(user.indexOf('@')<0) {
- user+="@isam.att.com";
- }
- client.setPathInfo("/authz/perms/user/"+user);
- client.send();
- Future<String> future = client.futureReadString();
- if(future.get(7000)) {
- System.out.println(future.body());
- } else {
- if(future.code()==401 && ss instanceof HX509SS) {
- System.out.println(" Authentication denied with 401 for Certificate.\n\t"
- + "This means Certificate isn't valid for this environment, and has attempted another method of Authentication");
- } else {
- System.out.println(future.code() + ":" + future.body());
- }
- }
- } catch (CadiException | LocatorException | APIException e) {
- e.printStackTrace();
- }
- }
+ private static void permTest(Locator<URI> dl, SecuritySetter<HttpURLConnection> ss) {
+ try {
+ URI uri = dl.get(dl.best());
+ if(uri==null) {
+ System.out.print("No URI available using " + ss.getClass().getSimpleName());
+ System.out.println();
+ return;
+ } else {
+ System.out.print("Resolved to: " + uri + " using " + ss.getClass().getSimpleName());
+ }
+ if(ss instanceof HRenewingTokenSS) {
+ System.out.println(" " + ((HRenewingTokenSS)ss).tokenURL());
+ } else {
+ System.out.println();
+ }
+ HClient client = new HClient(ss, uri, 3000);
+ client.setMethod("GET");
+ String user = ss.getID();
+ if(user.indexOf('@')<0) {
+ user+="@isam.att.com";
+ }
+ client.setPathInfo("/authz/perms/user/"+user);
+ client.send();
+ Future<String> future = client.futureReadString();
+ if(future.get(7000)) {
+ System.out.println(future.body());
+ } else {
+ if(future.code()==401 && ss instanceof HX509SS) {
+ System.out.println(" Authentication denied with 401 for Certificate.\n\t"
+ + "This means Certificate isn't valid for this environment, and has attempted another method of Authentication");
+ } else {
+ System.out.println(future.code() + ":" + future.body());
+ }
+ }
+ } catch (CadiException | LocatorException | APIException e) {
+ e.printStackTrace();
+ }
+ }
- private static void basicAuthTest(Locator<URI> dl, SecuritySetter<HttpURLConnection> ss) {
- try {
- URI uri = dl.get(dl.best());
- System.out.println("Resolved to: " + uri);
- HClient client = new HClient(ss, uri, 3000);
- client.setMethod("GET");
- client.setPathInfo("/authn/basicAuth");
- client.addHeader("Accept", "text/plain");
- client.send();
-
-
- Future<String> future = client.futureReadString();
- if(future.get(7000)) {
- System.out.println("BasicAuth Validated");
- } else {
- System.out.println("Failure " + future.code() + ":" + future.body());
- }
- } catch (CadiException | LocatorException | APIException e) {
- e.printStackTrace();
- }
- }
+ private static void basicAuthTest(Locator<URI> dl, SecuritySetter<HttpURLConnection> ss) {
+ try {
+ URI uri = dl.get(dl.best());
+ System.out.println("Resolved to: " + uri);
+ HClient client = new HClient(ss, uri, 3000);
+ client.setMethod("GET");
+ client.setPathInfo("/authn/basicAuth");
+ client.addHeader("Accept", "text/plain");
+ client.send();
+
+
+ Future<String> future = client.futureReadString();
+ if(future.get(7000)) {
+ System.out.println("BasicAuth Validated");
+ } else {
+ System.out.println("Failure " + future.code() + ":" + future.body());
+ }
+ } catch (CadiException | LocatorException | APIException e) {
+ e.printStackTrace();
+ }
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java
index abd1c40f..dd8b1262 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java
@@ -55,122 +55,122 @@ import aaf.v2_0.Users;
import aaf.v2_0.Users.User;
public class AAFListedCertIdentity implements CertIdentity {
- //TODO should 8 hours be configurable?
- private static final long EIGHT_HOURS = 1000*60*60*8L;
-
- private static Map<ByteArrayHolder,String> certs = null;
-
- // Did this to add other Trust Mechanisms
- // Trust mechanism set by Property:
- private static final String[] authMechanisms = new String[] {"tguard","basicAuth","csp"};
- private static String[] certIDs;
-
- private static Map<String,Set<String>> trusted =null;
+ //TODO should 8 hours be configurable?
+ private static final long EIGHT_HOURS = 1000*60*60*8L;
+
+ private static Map<ByteArrayHolder,String> certs = null;
+
+ // Did this to add other Trust Mechanisms
+ // Trust mechanism set by Property:
+ private static final String[] authMechanisms = new String[] {"tguard","basicAuth","csp"};
+ private static String[] certIDs;
+
+ private static Map<String,Set<String>> trusted =null;
- public AAFListedCertIdentity(Access access, AAFCon<?> aafcon) throws APIException {
- synchronized(AAFListedCertIdentity.class) {
- if(certIDs==null) {
- String cip = access.getProperty(Config.AAF_CERT_IDS, null);
- if(cip!=null) {
- certIDs = Split.split(',',cip);
- }
- }
- if(certIDs!=null && certs==null) {
- TimerTask cu = new CertUpdate(aafcon);
- cu.run(); // want this to run in this thread first...
- new Timer("AAF Identity Refresh Timer",true).scheduleAtFixedRate(cu, EIGHT_HOURS,EIGHT_HOURS);
- }
- }
- }
+ public AAFListedCertIdentity(Access access, AAFCon<?> aafcon) throws APIException {
+ synchronized(AAFListedCertIdentity.class) {
+ if(certIDs==null) {
+ String cip = access.getProperty(Config.AAF_CERT_IDS, null);
+ if(cip!=null) {
+ certIDs = Split.split(',',cip);
+ }
+ }
+ if(certIDs!=null && certs==null) {
+ TimerTask cu = new CertUpdate(aafcon);
+ cu.run(); // want this to run in this thread first...
+ new Timer("AAF Identity Refresh Timer",true).scheduleAtFixedRate(cu, EIGHT_HOURS,EIGHT_HOURS);
+ }
+ }
+ }
- public static Set<String> trusted(String authMech) {
- return trusted.get(authMech);
- }
-
- public TaggedPrincipal identity(HttpServletRequest req, X509Certificate cert, byte[] certBytes) throws CertificateException {
- if(cert==null && certBytes==null)return null;
- if(certBytes==null)certBytes = cert.getEncoded();
- byte[] fingerprint = X509Taf.getFingerPrint(certBytes);
- String id = certs.get(new ByteArrayHolder(fingerprint));
- if(id!=null) { // Caller is Validated
- return new X509Principal(id,cert,certBytes,null);
- }
- return null;
- }
+ public static Set<String> trusted(String authMech) {
+ return trusted.get(authMech);
+ }
+
+ public TaggedPrincipal identity(HttpServletRequest req, X509Certificate cert, byte[] certBytes) throws CertificateException {
+ if(cert==null && certBytes==null)return null;
+ if(certBytes==null)certBytes = cert.getEncoded();
+ byte[] fingerprint = X509Taf.getFingerPrint(certBytes);
+ String id = certs.get(new ByteArrayHolder(fingerprint));
+ if(id!=null) { // Caller is Validated
+ return new X509Principal(id,cert,certBytes,null);
+ }
+ return null;
+ }
- private static class ByteArrayHolder implements Comparable<ByteArrayHolder> {
- private byte[] ba;
- public ByteArrayHolder(byte[] ba) {
- this.ba = ba;
- }
- public int compareTo(ByteArrayHolder b) {
- return Hash.compareTo(ba, b.ba);
- }
- }
-
- private class CertUpdate extends TimerTask {
+ private static class ByteArrayHolder implements Comparable<ByteArrayHolder> {
+ private byte[] ba;
+ public ByteArrayHolder(byte[] ba) {
+ this.ba = ba;
+ }
+ public int compareTo(ByteArrayHolder b) {
+ return Hash.compareTo(ba, b.ba);
+ }
+ }
+
+ private class CertUpdate extends TimerTask {
- private AAFCon<?> aafcon;
- public CertUpdate(AAFCon<?> con) {
- aafcon = con;
- }
-
- @Override
- public void run() {
- try {
- TreeMap<ByteArrayHolder, String> newCertsMap = new TreeMap<>();
- Map<String,Set<String>> newTrustMap = new TreeMap<>();
- Set<String> userLookup = new HashSet<>();
- for(String s : certIDs) {
- userLookup.add(s);
- }
- for(String authMech : authMechanisms) {
- Future<Users> fusr = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authz/users/perm/com.att.aaf.trust/"+authMech+"/authenticate", Users.class, aafcon.usersDF);
- if(fusr.get(5000)) {
- List<User> users = fusr.value.getUser();
- if(users.isEmpty()) {
- aafcon.access.log(Level.WARN, "AAF Lookup-No IDs in Role com.att.aaf.trustForID <> "+authMech);
- } else {
- aafcon.access.log(Level.INFO,"Loading Trust Authentication Info for",authMech);
- Set<String> hsUser = new HashSet<>();
- for(User u : users) {
- userLookup.add(u.getId());
- hsUser.add(u.getId());
- }
- newTrustMap.put(authMech,hsUser);
- }
- } else {
- aafcon.access.log(Level.WARN, "Could not get Users in Perm com.att.trust|tguard|authenticate",fusr.code(),fusr.body());
- }
-
- }
-
- for(String u : userLookup) {
- Future<Certs> fc = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authn/cert/id/"+u, Certs.class, aafcon.certsDF);
- XMLGregorianCalendar now = Chrono.timeStamp();
- if(fc.get(5000)) {
- List<Cert> certs = fc.value.getCert();
- if(certs.isEmpty()) {
- aafcon.access.log(Level.WARN, "No Cert Associations for",u);
- } else {
- for(Cert c : fc.value.getCert()) {
- XMLGregorianCalendar then =c.getExpires();
- if(then !=null && then.compare(now)>0) {
- newCertsMap.put(new ByteArrayHolder(c.getFingerprint()), c.getId());
- aafcon.access.log(Level.INIT,"Associating "+ c.getId() + " expiring " + Chrono.dateOnlyStamp(c.getExpires()) + " with " + c.getX500());
- }
- }
- }
- } else {
- aafcon.access.log(Level.WARN, "Could not get Certificates for",u);
- }
- }
+ private AAFCon<?> aafcon;
+ public CertUpdate(AAFCon<?> con) {
+ aafcon = con;
+ }
+
+ @Override
+ public void run() {
+ try {
+ TreeMap<ByteArrayHolder, String> newCertsMap = new TreeMap<>();
+ Map<String,Set<String>> newTrustMap = new TreeMap<>();
+ Set<String> userLookup = new HashSet<>();
+ for(String s : certIDs) {
+ userLookup.add(s);
+ }
+ for(String authMech : authMechanisms) {
+ Future<Users> fusr = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authz/users/perm/com.att.aaf.trust/"+authMech+"/authenticate", Users.class, aafcon.usersDF);
+ if(fusr.get(5000)) {
+ List<User> users = fusr.value.getUser();
+ if(users.isEmpty()) {
+ aafcon.access.log(Level.WARN, "AAF Lookup-No IDs in Role com.att.aaf.trustForID <> "+authMech);
+ } else {
+ aafcon.access.log(Level.INFO,"Loading Trust Authentication Info for",authMech);
+ Set<String> hsUser = new HashSet<>();
+ for(User u : users) {
+ userLookup.add(u.getId());
+ hsUser.add(u.getId());
+ }
+ newTrustMap.put(authMech,hsUser);
+ }
+ } else {
+ aafcon.access.log(Level.WARN, "Could not get Users in Perm com.att.trust|tguard|authenticate",fusr.code(),fusr.body());
+ }
+
+ }
+
+ for(String u : userLookup) {
+ Future<Certs> fc = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authn/cert/id/"+u, Certs.class, aafcon.certsDF);
+ XMLGregorianCalendar now = Chrono.timeStamp();
+ if(fc.get(5000)) {
+ List<Cert> certs = fc.value.getCert();
+ if(certs.isEmpty()) {
+ aafcon.access.log(Level.WARN, "No Cert Associations for",u);
+ } else {
+ for(Cert c : fc.value.getCert()) {
+ XMLGregorianCalendar then =c.getExpires();
+ if(then !=null && then.compare(now)>0) {
+ newCertsMap.put(new ByteArrayHolder(c.getFingerprint()), c.getId());
+ aafcon.access.log(Level.INIT,"Associating "+ c.getId() + " expiring " + Chrono.dateOnlyStamp(c.getExpires()) + " with " + c.getX500());
+ }
+ }
+ }
+ } else {
+ aafcon.access.log(Level.WARN, "Could not get Certificates for",u);
+ }
+ }
- certs = newCertsMap;
- trusted = newTrustMap;
- } catch(Exception e) {
- aafcon.access.log(e, "Failure to update Certificate Identities from AAF");
- }
- }
- }
+ certs = newCertsMap;
+ trusted = newTrustMap;
+ } catch(Exception e) {
+ aafcon.access.log(e, "Failure to update Certificate Identities from AAF");
+ }
+ }
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java
index 0fb4d60d..e878d740 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java
@@ -33,64 +33,64 @@ import org.onap.aaf.misc.rosetta.env.RosettaEnv;
import aaf.v2_0.Error;
public class ErrMessage {
- private RosettaDF<Error> errDF;
-
- public ErrMessage(RosettaEnv env) throws APIException {
- errDF = env.newDataFactory(Error.class);
- }
+ private RosettaDF<Error> errDF;
+
+ public ErrMessage(RosettaEnv env) throws APIException {
+ errDF = env.newDataFactory(Error.class);
+ }
- /**
- * AT&T Requires a specific Error Format for RESTful Services, which AAF complies with.
- *
- * This code will create a meaningful string from this format.
- *
- * @param ps
- * @param df
- * @param r
- * @throws APIException
- */
- public void printErr(PrintStream ps, String attErrJson) throws APIException {
- StringBuilder sb = new StringBuilder();
- Error err = errDF.newData().in(TYPE.JSON).load(attErrJson).asObject();
- ps.println(toMsg(sb,err));
- }
-
- /**
- * AT&T Requires a specific Error Format for RESTful Services, which AAF complies with.
- *
- * This code will create a meaningful string from this format.
- *
- * @param sb
- * @param df
- * @param r
- * @throws APIException
- */
- public StringBuilder toMsg(StringBuilder sb, String attErrJson) throws APIException {
- return toMsg(sb,errDF.newData().in(TYPE.JSON).load(attErrJson).asObject());
- }
-
- public StringBuilder toMsg(Future<?> future) {
- return toMsg(new StringBuilder(),future);
- }
-
- public StringBuilder toMsg(StringBuilder sb, Future<?> future) {
- try {
- toMsg(sb,errDF.newData().in(TYPE.JSON).load(future.body()).asObject());
- } catch(Exception e) {
- //just print what we can
- sb.append(future.code());
- sb.append(": ");
- sb.append(future.body());
- }
- return sb;
- }
+ /**
+ * AT&T Requires a specific Error Format for RESTful Services, which AAF complies with.
+ *
+ * This code will create a meaningful string from this format.
+ *
+ * @param ps
+ * @param df
+ * @param r
+ * @throws APIException
+ */
+ public void printErr(PrintStream ps, String attErrJson) throws APIException {
+ StringBuilder sb = new StringBuilder();
+ Error err = errDF.newData().in(TYPE.JSON).load(attErrJson).asObject();
+ ps.println(toMsg(sb,err));
+ }
+
+ /**
+ * AT&T Requires a specific Error Format for RESTful Services, which AAF complies with.
+ *
+ * This code will create a meaningful string from this format.
+ *
+ * @param sb
+ * @param df
+ * @param r
+ * @throws APIException
+ */
+ public StringBuilder toMsg(StringBuilder sb, String attErrJson) throws APIException {
+ return toMsg(sb,errDF.newData().in(TYPE.JSON).load(attErrJson).asObject());
+ }
+
+ public StringBuilder toMsg(Future<?> future) {
+ return toMsg(new StringBuilder(),future);
+ }
+
+ public StringBuilder toMsg(StringBuilder sb, Future<?> future) {
+ try {
+ toMsg(sb,errDF.newData().in(TYPE.JSON).load(future.body()).asObject());
+ } catch(Exception e) {
+ //just print what we can
+ sb.append(future.code());
+ sb.append(": ");
+ sb.append(future.body());
+ }
+ return sb;
+ }
- public StringBuilder toMsg(StringBuilder sb, Error err) {
- sb.append(err.getMessageId());
- sb.append(' ');
- String[] vars = new String[err.getVariables().size()];
- err.getVariables().toArray(vars);
- Vars.convert(sb, err.getText(),vars);
- return sb;
- }
+ public StringBuilder toMsg(StringBuilder sb, Error err) {
+ sb.append(err.getMessageId());
+ sb.append(' ');
+ String[] vars = new String[err.getVariables().size()];
+ err.getVariables().toArray(vars);
+ Vars.convert(sb, err.getText(),vars);
+ return sb;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java
index c55d3b37..0cf48de6 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java
@@ -58,397 +58,397 @@ import aaf.v2_0.Users;
import aaf.v2_0.Users.User;
public class Examples {
- public static <C> String print(RosettaEnv env, String nameOrContentType, boolean optional) throws APIException, SecurityException, NoSuchMethodException, IllegalArgumentException, IllegalAccessException, InvocationTargetException {
- // Discover ClassName
- String className = null;
- String version = null;
- TYPE type = TYPE.JSON; // default
- if(nameOrContentType.startsWith("application/")) {
- for(String ct : nameOrContentType.split("\\s*,\\s*")) {
- for(String elem : ct.split("\\s*;\\s*")) {
- if(elem.endsWith("+json")) {
- type = TYPE.JSON;
- className = elem.substring(elem.indexOf('/')+1, elem.length()-5);
- } else if(elem.endsWith("+xml")) {
- type = TYPE.XML;
- className = elem.substring(elem.indexOf('/')+1, elem.length()-4);
- } else if(elem.startsWith("version=")) {
- version = elem.substring(8);
- }
- }
- if(className!=null && version!=null)
- break;
- }
- if(className==null) {
- throw new APIException(nameOrContentType + " does not contain Class Information");
- }
- } else {
- className = nameOrContentType;
- }
-
- // No Void.class in aaf.v2_0 package causing errors when trying to use a newVoidv2_0
- // method similar to others in this class. This makes it work, but is it right?
- if ("Void".equals(className))
- return "";
-
- if("1.1".equals(version)) {
- version = "v1_0";
- } else if(version!=null) {
- version = "v" + version.replace('.', '_');
- } else {
- version = "v2_0";
- }
-
- Class<?> cls;
- try {
- cls = Examples.class.getClassLoader().loadClass("aaf."+version+'.'+className);
- } catch (ClassNotFoundException e) {
- throw new APIException(e);
- }
-
- Method meth;
- try {
- meth = Examples.class.getDeclaredMethod("new"+cls.getSimpleName()+version,boolean.class);
- } catch (Exception e) {
- throw new APIException("ERROR: " + cls.getName() + " does not have an Example in Code. Request from AAF Developers");
- }
-
- RosettaDF<C> df = env.newDataFactory(cls);
- df.option(Data.PRETTY);
-
- Object data = meth.invoke(null,optional);
-
- @SuppressWarnings("unchecked")
- String rv = df.newData().load((C)data).out(type).asString();
-// Object obj = df.newData().in(type).load(rv).asObject();
- return rv;
- }
-
- /*
- * Set Base Class Request (easier than coding over and over)
- */
- private static void setOptional(Request req) {
- GregorianCalendar gc = new GregorianCalendar();
- req.setStart(Chrono.timeStamp(gc));
- gc.add(GregorianCalendar.MONTH, 6);
- req.setEnd(Chrono.timeStamp(gc));
-// req.setForce("false");
-
- }
-
- @SuppressWarnings("unused")
- private static Request newRequestv2_0(boolean optional) {
- Request r = new Request();
- setOptional(r);
- return r;
- }
- @SuppressWarnings("unused")
- private static RolePermRequest newRolePermRequestv2_0(boolean optional) {
- RolePermRequest rpr = new RolePermRequest();
- Pkey pkey = new Pkey();
- pkey.setType("org.osaaf.myns.mytype");
- pkey.setInstance("myInstance");
- pkey.setAction("myAction");
- rpr.setPerm(pkey);
- rpr.setRole("org.osaaf.myns.myrole");
- if(optional)setOptional(rpr);
- return rpr;
- }
-
- @SuppressWarnings("unused")
- private static Roles newRolesv2_0(boolean optional) {
- Role r;
- Pkey p;
- Roles rs = new Roles();
+ public static <C> String print(RosettaEnv env, String nameOrContentType, boolean optional) throws APIException, SecurityException, NoSuchMethodException, IllegalArgumentException, IllegalAccessException, InvocationTargetException {
+ // Discover ClassName
+ String className = null;
+ String version = null;
+ TYPE type = TYPE.JSON; // default
+ if(nameOrContentType.startsWith("application/")) {
+ for(String ct : nameOrContentType.split("\\s*,\\s*")) {
+ for(String elem : ct.split("\\s*;\\s*")) {
+ if(elem.endsWith("+json")) {
+ type = TYPE.JSON;
+ className = elem.substring(elem.indexOf('/')+1, elem.length()-5);
+ } else if(elem.endsWith("+xml")) {
+ type = TYPE.XML;
+ className = elem.substring(elem.indexOf('/')+1, elem.length()-4);
+ } else if(elem.startsWith("version=")) {
+ version = elem.substring(8);
+ }
+ }
+ if(className!=null && version!=null)
+ break;
+ }
+ if(className==null) {
+ throw new APIException(nameOrContentType + " does not contain Class Information");
+ }
+ } else {
+ className = nameOrContentType;
+ }
+
+ // No Void.class in aaf.v2_0 package causing errors when trying to use a newVoidv2_0
+ // method similar to others in this class. This makes it work, but is it right?
+ if ("Void".equals(className))
+ return "";
+
+ if("1.1".equals(version)) {
+ version = "v1_0";
+ } else if(version!=null) {
+ version = "v" + version.replace('.', '_');
+ } else {
+ version = "v2_0";
+ }
+
+ Class<?> cls;
+ try {
+ cls = Examples.class.getClassLoader().loadClass("aaf."+version+'.'+className);
+ } catch (ClassNotFoundException e) {
+ throw new APIException(e);
+ }
+
+ Method meth;
+ try {
+ meth = Examples.class.getDeclaredMethod("new"+cls.getSimpleName()+version,boolean.class);
+ } catch (Exception e) {
+ throw new APIException("ERROR: " + cls.getName() + " does not have an Example in Code. Request from AAF Developers");
+ }
+
+ RosettaDF<C> df = env.newDataFactory(cls);
+ df.option(Data.PRETTY);
+
+ Object data = meth.invoke(null,optional);
+
+ @SuppressWarnings("unchecked")
+ String rv = df.newData().load((C)data).out(type).asString();
+// Object obj = df.newData().in(type).load(rv).asObject();
+ return rv;
+ }
+
+ /*
+ * Set Base Class Request (easier than coding over and over)
+ */
+ private static void setOptional(Request req) {
+ GregorianCalendar gc = new GregorianCalendar();
+ req.setStart(Chrono.timeStamp(gc));
+ gc.add(GregorianCalendar.MONTH, 6);
+ req.setEnd(Chrono.timeStamp(gc));
+// req.setForce("false");
+
+ }
+
+ @SuppressWarnings("unused")
+ private static Request newRequestv2_0(boolean optional) {
+ Request r = new Request();
+ setOptional(r);
+ return r;
+ }
+ @SuppressWarnings("unused")
+ private static RolePermRequest newRolePermRequestv2_0(boolean optional) {
+ RolePermRequest rpr = new RolePermRequest();
+ Pkey pkey = new Pkey();
+ pkey.setType("org.osaaf.myns.mytype");
+ pkey.setInstance("myInstance");
+ pkey.setAction("myAction");
+ rpr.setPerm(pkey);
+ rpr.setRole("org.osaaf.myns.myrole");
+ if(optional)setOptional(rpr);
+ return rpr;
+ }
+
+ @SuppressWarnings("unused")
+ private static Roles newRolesv2_0(boolean optional) {
+ Role r;
+ Pkey p;
+ Roles rs = new Roles();
r = new Role();
- rs.getRole().add(r);
- r.setName("org.osaaf.myns.myRole");
+ rs.getRole().add(r);
+ r.setName("org.osaaf.myns.myRole");
p = new Pkey();
- r.getPerms().add(p);
- p.setType("org.osaaf.myns.myType");
- p.setInstance("myInstance");
- p.setAction("myAction");
+ r.getPerms().add(p);
+ p.setType("org.osaaf.myns.myType");
+ p.setInstance("myInstance");
+ p.setAction("myAction");
p = new Pkey();
- r.getPerms().add(p);
- p.setType("org.osaaf.myns.myType");
- p.setInstance("myInstance");
- p.setAction("myOtherAction");
+ r.getPerms().add(p);
+ p.setType("org.osaaf.myns.myType");
+ p.setInstance("myInstance");
+ p.setAction("myOtherAction");
r = new Role();
- rs.getRole().add(r);
- r.setName("org.osaaf.myns.myOtherRole");
+ rs.getRole().add(r);
+ r.setName("org.osaaf.myns.myOtherRole");
p = new Pkey();
- r.getPerms().add(p);
- p.setType("org.osaaf.myns.myOtherType");
- p.setInstance("myInstance");
- p.setAction("myAction");
+ r.getPerms().add(p);
+ p.setType("org.osaaf.myns.myOtherType");
+ p.setInstance("myInstance");
+ p.setAction("myAction");
p = new Pkey();
- r.getPerms().add(p);
- p.setType("org.osaaf.myns.myOthertype");
- p.setInstance("myInstance");
- p.setAction("myOtherAction");
+ r.getPerms().add(p);
+ p.setType("org.osaaf.myns.myOthertype");
+ p.setInstance("myInstance");
+ p.setAction("myOtherAction");
- return rs;
- }
-
-
- @SuppressWarnings("unused")
- private static PermRequest newPermRequestv2_0(boolean optional) {
- PermRequest pr = new PermRequest();
- pr.setType("org.osaaf.myns.myType");
- pr.setInstance("myInstance");
- pr.setAction("myAction");
- if(optional) {
- pr.setDescription("Short and meaningful verbiage about the Permission");
-
- setOptional(pr);
- }
- return pr;
- }
-
- @SuppressWarnings("unused")
- private static Perm newPermv2_0(boolean optional) {
- Perm pr = new Perm();
- pr.setType("org.osaaf.myns.myType");
- pr.setInstance("myInstance");
- pr.setAction("myAction");
- pr.getRoles().add("org.osaaf.aaf.myRole");
- pr.getRoles().add("org.osaaf.aaf.myRole2");
- pr.setDescription("This is my description, and I'm sticking with it");
- if(optional) {
- pr.setDescription("Short and meaningful verbiage about the Permission");
- }
- return pr;
- }
+ return rs;
+ }
+
+
+ @SuppressWarnings("unused")
+ private static PermRequest newPermRequestv2_0(boolean optional) {
+ PermRequest pr = new PermRequest();
+ pr.setType("org.osaaf.myns.myType");
+ pr.setInstance("myInstance");
+ pr.setAction("myAction");
+ if(optional) {
+ pr.setDescription("Short and meaningful verbiage about the Permission");
+
+ setOptional(pr);
+ }
+ return pr;
+ }
+
+ @SuppressWarnings("unused")
+ private static Perm newPermv2_0(boolean optional) {
+ Perm pr = new Perm();
+ pr.setType("org.osaaf.myns.myType");
+ pr.setInstance("myInstance");
+ pr.setAction("myAction");
+ pr.getRoles().add("org.osaaf.aaf.myRole");
+ pr.getRoles().add("org.osaaf.aaf.myRole2");
+ pr.setDescription("This is my description, and I'm sticking with it");
+ if(optional) {
+ pr.setDescription("Short and meaningful verbiage about the Permission");
+ }
+ return pr;
+ }
- @SuppressWarnings("unused")
- private static PermKey newPermKeyv2_0(boolean optional) {
- PermKey pr = new PermKey();
- pr.setType("org.osaaf.myns.myType");
- pr.setInstance("myInstance");
- pr.setAction("myAction");
- return pr;
- }
-
- @SuppressWarnings("unused")
- private static Perms newPermsv2_0(boolean optional) {
- Perms perms = new Perms();
- Perm p=new Perm();
- perms.getPerm().add(p);
- p.setType("org.osaaf.myns.myType");
- p.setInstance("myInstance");
- p.setAction("myAction");
- p.getRoles().add("org.osaaf.myns.myRole");
- p.getRoles().add("org.osaaf.myns.myRole2");
+ @SuppressWarnings("unused")
+ private static PermKey newPermKeyv2_0(boolean optional) {
+ PermKey pr = new PermKey();
+ pr.setType("org.osaaf.myns.myType");
+ pr.setInstance("myInstance");
+ pr.setAction("myAction");
+ return pr;
+ }
+
+ @SuppressWarnings("unused")
+ private static Perms newPermsv2_0(boolean optional) {
+ Perms perms = new Perms();
+ Perm p=new Perm();
+ perms.getPerm().add(p);
+ p.setType("org.osaaf.myns.myType");
+ p.setInstance("myInstance");
+ p.setAction("myAction");
+ p.getRoles().add("org.osaaf.myns.myRole");
+ p.getRoles().add("org.osaaf.myns.myRole2");
p=new Perm();
- perms.getPerm().add(p);
- p.setType("org.osaaf.myns.myOtherType");
- p.setInstance("myInstance");
- p.setAction("myOtherAction");
- p.getRoles().add("org.osaaf.myns.myRole");
- p.getRoles().add("org.osaaf.myns.myRole2");
+ perms.getPerm().add(p);
+ p.setType("org.osaaf.myns.myOtherType");
+ p.setInstance("myInstance");
+ p.setAction("myOtherAction");
+ p.getRoles().add("org.osaaf.myns.myRole");
+ p.getRoles().add("org.osaaf.myns.myRole2");
- return perms;
-
- }
-
- @SuppressWarnings("unused")
- private static UserRoleRequest newUserRoleRequestv2_0(boolean optional) {
- UserRoleRequest urr = new UserRoleRequest();
- urr.setRole("org.osaaf.myns.myRole");
- urr.setUser("ab1234@people.osaaf.org");
- if(optional) setOptional(urr);
- return urr;
- }
-
- @SuppressWarnings("unused")
- private static NsRequest newNsRequestv2_0(boolean optional) {
- NsRequest nr = new NsRequest();
- nr.setName("org.osaaf.myns");
- nr.getResponsible().add("ab1234@people.osaaf.org");
- nr.getResponsible().add("cd5678@people.osaaf.org");
- nr.getAdmin().add("zy9876@people.osaaf.org");
- nr.getAdmin().add("xw5432@people.osaaf.org");
- if(optional) {
- nr.setDescription("This is my Namespace to set up");
- nr.setType("APP");
- setOptional(nr);
- }
- return nr;
- }
-
-
- @SuppressWarnings("unused")
- private static Nss newNssv2_0(boolean optional) {
- Ns ns;
-
- Nss nss = new Nss();
- nss.getNs().add(ns = new Nss.Ns());
- ns.setName("org.osaaf.myns");
- ns.getResponsible().add("ab1234@people.osaaf.org");
- ns.getResponsible().add("cd5678@people.osaaf.org");
- ns.getAdmin().add("zy9876@people.osaaf.org");
- ns.getAdmin().add("xw5432@people.osaaf.org");
- ns.setDescription("This is my Namespace to set up");
-
- nss.getNs().add(ns = new Nss.Ns());
- ns.setName("org.osaaf.myOtherNs");
- ns.getResponsible().add("ab1234@people.osaaf.org");
- ns.getResponsible().add("cd5678@people.osaaf.org");
- ns.getAdmin().add("zy9876@people.osaaf.org");
- ns.getAdmin().add("xw5432@people.osaaf.org");
-
- return nss;
- }
- @SuppressWarnings("unused")
- private static RoleRequest newRoleRequestv2_0(boolean optional) {
- RoleRequest rr = new RoleRequest();
- rr.setName("org.osaaf.myns.myRole");
- if(optional) {
- rr.setDescription("This is my Role");
- setOptional(rr);
- }
- return rr;
- }
+ return perms;
+
+ }
+
+ @SuppressWarnings("unused")
+ private static UserRoleRequest newUserRoleRequestv2_0(boolean optional) {
+ UserRoleRequest urr = new UserRoleRequest();
+ urr.setRole("org.osaaf.myns.myRole");
+ urr.setUser("ab1234@people.osaaf.org");
+ if(optional) setOptional(urr);
+ return urr;
+ }
+
+ @SuppressWarnings("unused")
+ private static NsRequest newNsRequestv2_0(boolean optional) {
+ NsRequest nr = new NsRequest();
+ nr.setName("org.osaaf.myns");
+ nr.getResponsible().add("ab1234@people.osaaf.org");
+ nr.getResponsible().add("cd5678@people.osaaf.org");
+ nr.getAdmin().add("zy9876@people.osaaf.org");
+ nr.getAdmin().add("xw5432@people.osaaf.org");
+ if(optional) {
+ nr.setDescription("This is my Namespace to set up");
+ nr.setType("APP");
+ setOptional(nr);
+ }
+ return nr;
+ }
+
+
+ @SuppressWarnings("unused")
+ private static Nss newNssv2_0(boolean optional) {
+ Ns ns;
+
+ Nss nss = new Nss();
+ nss.getNs().add(ns = new Nss.Ns());
+ ns.setName("org.osaaf.myns");
+ ns.getResponsible().add("ab1234@people.osaaf.org");
+ ns.getResponsible().add("cd5678@people.osaaf.org");
+ ns.getAdmin().add("zy9876@people.osaaf.org");
+ ns.getAdmin().add("xw5432@people.osaaf.org");
+ ns.setDescription("This is my Namespace to set up");
+
+ nss.getNs().add(ns = new Nss.Ns());
+ ns.setName("org.osaaf.myOtherNs");
+ ns.getResponsible().add("ab1234@people.osaaf.org");
+ ns.getResponsible().add("cd5678@people.osaaf.org");
+ ns.getAdmin().add("zy9876@people.osaaf.org");
+ ns.getAdmin().add("xw5432@people.osaaf.org");
+
+ return nss;
+ }
+ @SuppressWarnings("unused")
+ private static RoleRequest newRoleRequestv2_0(boolean optional) {
+ RoleRequest rr = new RoleRequest();
+ rr.setName("org.osaaf.myns.myRole");
+ if(optional) {
+ rr.setDescription("This is my Role");
+ setOptional(rr);
+ }
+ return rr;
+ }
- @SuppressWarnings("unused")
- private static CredRequest newCredRequestv2_0(boolean optional) {
- CredRequest cr = new CredRequest();
- cr.setId("myID@fully.qualified.domain");
- if(optional) {
- cr.setType(2);
- cr.setEntry("0x125AB256344CE");
- } else {
- cr.setPassword("This is my provisioned password");
- }
+ @SuppressWarnings("unused")
+ private static CredRequest newCredRequestv2_0(boolean optional) {
+ CredRequest cr = new CredRequest();
+ cr.setId("myID@fully.qualified.domain");
+ if(optional) {
+ cr.setType(2);
+ cr.setEntry("0x125AB256344CE");
+ } else {
+ cr.setPassword("This is my provisioned password");
+ }
- return cr;
- }
-
- @SuppressWarnings("unused")
- private static Users newUsersv2_0(boolean optional) {
- User user;
-
- Users users = new Users();
+ return cr;
+ }
+
+ @SuppressWarnings("unused")
+ private static Users newUsersv2_0(boolean optional) {
+ User user;
+
+ Users users = new Users();
user = new Users.User();
- users.getUser().add(user);
- user.setId("ab1234@people.osaaf.org");
- GregorianCalendar gc = new GregorianCalendar();
- user.setExpires(Chrono.timeStamp(gc));
+ users.getUser().add(user);
+ user.setId("ab1234@people.osaaf.org");
+ GregorianCalendar gc = new GregorianCalendar();
+ user.setExpires(Chrono.timeStamp(gc));
user = new Users.User();
- users.getUser().add(user);
- user.setId("zy9876@people.osaaf.org");
- user.setExpires(Chrono.timeStamp(gc));
-
- return users;
- }
+ users.getUser().add(user);
+ user.setId("zy9876@people.osaaf.org");
+ user.setExpires(Chrono.timeStamp(gc));
+
+ return users;
+ }
- @SuppressWarnings("unused")
- private static Role newRolev2_0(boolean optional) {
- Role r = new Role();
- Pkey p;
- r.setName("org.osaaf.myns.myRole");
- r.getPerms().add(p = new Pkey());
- p.setType("org.osaaf.myns.myType");
- p.setInstance("myInstance");
- p.setAction("myAction");
+ @SuppressWarnings("unused")
+ private static Role newRolev2_0(boolean optional) {
+ Role r = new Role();
+ Pkey p;
+ r.setName("org.osaaf.myns.myRole");
+ r.getPerms().add(p = new Pkey());
+ p.setType("org.osaaf.myns.myType");
+ p.setInstance("myInstance");
+ p.setAction("myAction");
return r;
}
- @SuppressWarnings("unused")
- private static RoleKey newRoleKeyv2_0(boolean optional) {
- RoleKey r = new RoleKey();
- Pkey p;
- r.setName("org.osaaf.myns.myRole");
+ @SuppressWarnings("unused")
+ private static RoleKey newRoleKeyv2_0(boolean optional) {
+ RoleKey r = new RoleKey();
+ Pkey p;
+ r.setName("org.osaaf.myns.myRole");
return r;
}
- @SuppressWarnings("unused")
- private static Keys newKeysv2_0(boolean optional) {
- Keys ks = new Keys();
- ks.getKey().add("Reponse 1");
- ks.getKey().add("Response 2");
+ @SuppressWarnings("unused")
+ private static Keys newKeysv2_0(boolean optional) {
+ Keys ks = new Keys();
+ ks.getKey().add("Reponse 1");
+ ks.getKey().add("Response 2");
return ks;
}
- @SuppressWarnings("unused")
- private static UserRoles newUserRolesv2_0(boolean optional) {
- UserRoles urs = new UserRoles();
- UserRole ur = new UserRole();
- ur.setUser("xy1234");
- ur.setRole("com.test.myapp.myRole");
- ur.setExpires(Chrono.timeStamp());
- urs.getUserRole().add(ur);
-
- ur = new UserRole();
- ur.setUser("yx4321");
- ur.setRole("com.test.yourapp.yourRole");
- ur.setExpires(Chrono.timeStamp());
- urs.getUserRole().add(ur);
+ @SuppressWarnings("unused")
+ private static UserRoles newUserRolesv2_0(boolean optional) {
+ UserRoles urs = new UserRoles();
+ UserRole ur = new UserRole();
+ ur.setUser("xy1234");
+ ur.setRole("com.test.myapp.myRole");
+ ur.setExpires(Chrono.timeStamp());
+ urs.getUserRole().add(ur);
+
+ ur = new UserRole();
+ ur.setUser("yx4321");
+ ur.setRole("com.test.yourapp.yourRole");
+ ur.setExpires(Chrono.timeStamp());
+ urs.getUserRole().add(ur);
return urs;
}
- @SuppressWarnings("unused")
- private static Approvals newApprovalsv2_0(boolean optional) {
- Approvals as = new Approvals();
- Approval a = new Approval();
- a.setApprover("MyApprover");
- a.setId("MyID");
- a.setMemo("My memo (and then some)");
- a.setOperation("MyOperation");
- a.setStatus("MyStatus");
- a.setTicket("MyTicket");
- a.setType("MyType");
- a.setUpdated(Chrono.timeStamp());
- a.setUser("MyUser");
- as.getApprovals().add(a);
- a = new Approval();
- a.setApprover("MyApprover2");
- a.setId("MyID2");
- a.setMemo("My memo (and then some)2");
- a.setOperation("MyOperation2");
- a.setStatus("MyStatus2");
- a.setTicket("MyTicket2");
- a.setType("MyType2");
- a.setUpdated(Chrono.timeStamp());
- a.setUser("MyUser2");
- as.getApprovals().add(a);
+ @SuppressWarnings("unused")
+ private static Approvals newApprovalsv2_0(boolean optional) {
+ Approvals as = new Approvals();
+ Approval a = new Approval();
+ a.setApprover("MyApprover");
+ a.setId("MyID");
+ a.setMemo("My memo (and then some)");
+ a.setOperation("MyOperation");
+ a.setStatus("MyStatus");
+ a.setTicket("MyTicket");
+ a.setType("MyType");
+ a.setUpdated(Chrono.timeStamp());
+ a.setUser("MyUser");
+ as.getApprovals().add(a);
+ a = new Approval();
+ a.setApprover("MyApprover2");
+ a.setId("MyID2");
+ a.setMemo("My memo (and then some)2");
+ a.setOperation("MyOperation2");
+ a.setStatus("MyStatus2");
+ a.setTicket("MyTicket2");
+ a.setType("MyType2");
+ a.setUpdated(Chrono.timeStamp());
+ a.setUser("MyUser2");
+ as.getApprovals().add(a);
return as;
}
- @SuppressWarnings("unused")
- private static Approval newApprovalv2_0(boolean optional) {
- Approval a = new Approval();
- a.setApprover("MyApprover");
- a.setId("MyID");
- a.setMemo("My memo (and then some)");
- a.setOperation("MyOperation");
- a.setStatus("MyStatus");
- a.setTicket("MyTicket");
- a.setType("MyType");
- a.setUpdated(Chrono.timeStamp());
- a.setUser("MyUser");
+ @SuppressWarnings("unused")
+ private static Approval newApprovalv2_0(boolean optional) {
+ Approval a = new Approval();
+ a.setApprover("MyApprover");
+ a.setId("MyID");
+ a.setMemo("My memo (and then some)");
+ a.setOperation("MyOperation");
+ a.setStatus("MyStatus");
+ a.setTicket("MyTicket");
+ a.setType("MyType");
+ a.setUpdated(Chrono.timeStamp());
+ a.setUser("MyUser");
return a;
}
-
+
- @SuppressWarnings("unused")
- private static aaf.v2_0.Error newErrorv2_0(boolean optional) {
- aaf.v2_0.Error err = new aaf.v2_0.Error();
- err.setMessageId("SVC1403");
- err.setText("MyText %s, %s: The last three digits are usually the HTTP Code");
- err.getVariables().add("Variable 1");
- err.getVariables().add("Variable 2");
- return err;
- }
+ @SuppressWarnings("unused")
+ private static aaf.v2_0.Error newErrorv2_0(boolean optional) {
+ aaf.v2_0.Error err = new aaf.v2_0.Error();
+ err.setMessageId("SVC1403");
+ err.setText("MyText %s, %s: The last three digits are usually the HTTP Code");
+ err.getVariables().add("Variable 1");
+ err.getVariables().add("Variable 2");
+ return err;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertMarshal.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertMarshal.java
index 5ceb082f..eb116490 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertMarshal.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertMarshal.java
@@ -31,35 +31,35 @@ import org.onap.aaf.misc.rosetta.marshal.ObjMarshal;
import aaf.v2_0.Certs.Cert;
public class CertMarshal extends ObjMarshal<Cert> {
- public CertMarshal() {
- add(new FieldHexBinary<Cert>("fingerprint") {
- @Override
- protected byte[] data(Cert t) {
- return t.getFingerprint();
- }
- });
+ public CertMarshal() {
+ add(new FieldHexBinary<Cert>("fingerprint") {
+ @Override
+ protected byte[] data(Cert t) {
+ return t.getFingerprint();
+ }
+ });
- add(new FieldString<Cert>("id") {
- @Override
- protected String data(Cert t) {
- return t.getId();
- }
- });
+ add(new FieldString<Cert>("id") {
+ @Override
+ protected String data(Cert t) {
+ return t.getId();
+ }
+ });
- add(new FieldString<Cert>("x500") {
- @Override
- protected String data(Cert t) {
- return t.getX500();
- }
- });
-
- add(new FieldDateTime<Cert>("expires") {
- @Override
- protected XMLGregorianCalendar data(Cert t) {
- return t.getExpires();
- }
- });
+ add(new FieldString<Cert>("x500") {
+ @Override
+ protected String data(Cert t) {
+ return t.getX500();
+ }
+ });
+
+ add(new FieldDateTime<Cert>("expires") {
+ @Override
+ protected XMLGregorianCalendar data(Cert t) {
+ return t.getExpires();
+ }
+ });
- }
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshal.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshal.java
index c6e28408..93530793 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshal.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/marshal/CertsMarshal.java
@@ -31,14 +31,14 @@ import aaf.v2_0.Certs.Cert;
public class CertsMarshal extends ObjMarshal<Certs> {
- public CertsMarshal() {
- add(new ObjArray<Certs,Cert>("cert",new CertMarshal()) {
- @Override
- protected List<Cert> data(Certs t) {
- return t.getCert();
- }
- });
- }
+ public CertsMarshal() {
+ add(new ObjArray<Certs,Cert>("cert",new CertMarshal()) {
+ @Override
+ protected List<Cert> data(Certs t) {
+ return t.getCert();
+ }
+ });
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java
index b350e2a7..edacdfdd 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java
@@ -34,137 +34,137 @@ import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.cadi.lur.ConfigPrincipal;
public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> {
- private AAFCon<CLIENT> con;
- private String realm;
-
- /**
- * Configure with Standard AAF properties, Stand alone
- * @param con
- * @throws Exception ..
- */
- // Package on purpose
- AAFAuthn(AAFCon<CLIENT> con) {
- super(con.access,con.cleanInterval,con.highCount,con.usageRefreshTriggerCount);
- this.con = con;
- }
+ private AAFCon<CLIENT> con;
+ private String realm;
+
+ /**
+ * Configure with Standard AAF properties, Stand alone
+ * @param con
+ * @throws Exception ..
+ */
+ // Package on purpose
+ AAFAuthn(AAFCon<CLIENT> con) {
+ super(con.access,con.cleanInterval,con.highCount,con.usageRefreshTriggerCount);
+ this.con = con;
+ }
- /**
- * Configure with Standard AAF properties, but share the Cache (with AAF Lur)
- * @param con
- * @throws Exception
- */
- // Package on purpose
- AAFAuthn(AAFCon<CLIENT> con, AbsUserCache<AAFPermission> cache) {
- super(cache);
- this.con = con;
- }
-
- /**
- * Return Native Realm of AAF Instance.
- *
- * @return
- */
- public String getRealm() {
- return realm;
- }
+ /**
+ * Configure with Standard AAF properties, but share the Cache (with AAF Lur)
+ * @param con
+ * @throws Exception
+ */
+ // Package on purpose
+ AAFAuthn(AAFCon<CLIENT> con, AbsUserCache<AAFPermission> cache) {
+ super(cache);
+ this.con = con;
+ }
+
+ /**
+ * Return Native Realm of AAF Instance.
+ *
+ * @return
+ */
+ public String getRealm() {
+ return realm;
+ }
- /**
- * Returns null if ok, or an Error String;
- *
- * Convenience function. Passes "null" for State object
- */
- public String validate(String user, String password) throws IOException {
- return validate(user,password,null);
- }
-
- /**
- * Returns null if ok, or an Error String;
- *
- * For State Object, you may put in HTTPServletRequest or AuthzTrans, if available. Otherwise,
- * leave null
- *
- * @param user
- * @param password
- * @return
- * @throws IOException
- * @throws CadiException
- * @throws Exception
- */
- public String validate(String user, String password, Object state) throws IOException {
- password = access.decrypt(password, false);
- byte[] bytes = password.getBytes();
- User<AAFPermission> usr = getUser(user,bytes);
+ /**
+ * Returns null if ok, or an Error String;
+ *
+ * Convenience function. Passes "null" for State object
+ */
+ public String validate(String user, String password) throws IOException {
+ return validate(user,password,null);
+ }
+
+ /**
+ * Returns null if ok, or an Error String;
+ *
+ * For State Object, you may put in HTTPServletRequest or AuthzTrans, if available. Otherwise,
+ * leave null
+ *
+ * @param user
+ * @param password
+ * @return
+ * @throws IOException
+ * @throws CadiException
+ * @throws Exception
+ */
+ public String validate(String user, String password, Object state) throws IOException {
+ password = access.decrypt(password, false);
+ byte[] bytes = password.getBytes();
+ User<AAFPermission> usr = getUser(user,bytes);
- if(usr != null && !usr.permExpired()) {
- if(usr.principal==null) {
- return "User already denied";
- } else {
- return null; // good
- }
- }
+ if(usr != null && !usr.permExpired()) {
+ if(usr.principal==null) {
+ return "User already denied";
+ } else {
+ return null; // good
+ }
+ }
- AAFCachedPrincipal cp = new AAFCachedPrincipal(user, bytes, con.cleanInterval);
- // Since I've relocated the Validation piece in the Principal, just revalidate, then do Switch
- // Statement
- switch(cp.revalidate(state)) {
- case REVALIDATED:
- if(usr!=null) {
- usr.principal = cp;
- } else {
- addUser(new User<AAFPermission>(cp,con.timeout));
- }
- return null;
- case INACCESSIBLE:
- return "AAF Inaccessible";
- case UNVALIDATED:
- addUser(new User<AAFPermission>(user,bytes,con.timeout));
- return "User/Pass combo invalid for " + user;
- case DENIED:
- return "AAF denies API for " + user;
- default:
- return "AAFAuthn doesn't handle Principal " + user;
- }
- }
-
- private class AAFCachedPrincipal extends ConfigPrincipal implements CachedPrincipal {
- private long expires;
- private long timeToLive;
+ AAFCachedPrincipal cp = new AAFCachedPrincipal(user, bytes, con.cleanInterval);
+ // Since I've relocated the Validation piece in the Principal, just revalidate, then do Switch
+ // Statement
+ switch(cp.revalidate(state)) {
+ case REVALIDATED:
+ if(usr!=null) {
+ usr.principal = cp;
+ } else {
+ addUser(new User<AAFPermission>(cp,con.timeout));
+ }
+ return null;
+ case INACCESSIBLE:
+ return "AAF Inaccessible";
+ case UNVALIDATED:
+ addUser(new User<AAFPermission>(user,bytes,con.timeout));
+ return "User/Pass combo invalid for " + user;
+ case DENIED:
+ return "AAF denies API for " + user;
+ default:
+ return "AAFAuthn doesn't handle Principal " + user;
+ }
+ }
+
+ private class AAFCachedPrincipal extends ConfigPrincipal implements CachedPrincipal {
+ private long expires;
+ private long timeToLive;
- private AAFCachedPrincipal(String name, byte[] pass, int timeToLive) {
- super(name,pass);
- this.timeToLive = timeToLive;
- expires = timeToLive + System.currentTimeMillis();
- }
+ private AAFCachedPrincipal(String name, byte[] pass, int timeToLive) {
+ super(name,pass);
+ this.timeToLive = timeToLive;
+ expires = timeToLive + System.currentTimeMillis();
+ }
- public Resp revalidate(Object state) {
- try {
- Miss missed = missed(getName(),getCred());
- if(missed==null || missed.mayContinue()) {
- Rcli<CLIENT> client = con.client(Config.AAF_DEFAULT_VERSION).forUser(con.basicAuth(getName(), new String(getCred())));
- Future<String> fp = client.read(
- "/authn/basicAuth",
- "text/plain"
- );
- if(fp.get(con.timeout)) {
- expires = System.currentTimeMillis() + timeToLive;
- addUser(new User<AAFPermission>(this, expires));
- return Resp.REVALIDATED;
- } else {
- addMiss(getName(), getCred());
- return Resp.UNVALIDATED;
- }
- } else {
- return Resp.UNVALIDATED;
- }
- } catch (Exception e) {
- con.access.log(e);
- return Resp.INACCESSIBLE;
- }
- }
+ public Resp revalidate(Object state) {
+ try {
+ Miss missed = missed(getName(),getCred());
+ if(missed==null || missed.mayContinue()) {
+ Rcli<CLIENT> client = con.client(Config.AAF_DEFAULT_VERSION).forUser(con.basicAuth(getName(), new String(getCred())));
+ Future<String> fp = client.read(
+ "/authn/basicAuth",
+ "text/plain"
+ );
+ if(fp.get(con.timeout)) {
+ expires = System.currentTimeMillis() + timeToLive;
+ addUser(new User<AAFPermission>(this, expires));
+ return Resp.REVALIDATED;
+ } else {
+ addMiss(getName(), getCred());
+ return Resp.UNVALIDATED;
+ }
+ } else {
+ return Resp.UNVALIDATED;
+ }
+ } catch (Exception e) {
+ con.access.log(e);
+ return Resp.INACCESSIBLE;
+ }
+ }
- public long expires() {
- return expires;
- }
- }
+ public long expires() {
+ return expires;
+ }
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java
index 32107131..cda6dfb9 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java
@@ -58,316 +58,316 @@ import aaf.v2_0.Perms;
import aaf.v2_0.Users;
public abstract class AAFCon<CLIENT> implements Connector {
- final public Access access;
- // Package access
- final public int timeout, cleanInterval, connTimeout;
- final public int highCount, userExpires, usageRefreshTriggerCount;
- private Map<String,Rcli<CLIENT>> clients = new ConcurrentHashMap<>();
- final public RosettaDF<Perms> permsDF;
- final public RosettaDF<Certs> certsDF;
- final public RosettaDF<Users> usersDF;
- final public RosettaDF<Error> errDF;
- private String realm;
- public final String app;
- protected SecurityInfoC<CLIENT> si;
+ final public Access access;
+ // Package access
+ final public int timeout, cleanInterval, connTimeout;
+ final public int highCount, userExpires, usageRefreshTriggerCount;
+ private Map<String,Rcli<CLIENT>> clients = new ConcurrentHashMap<>();
+ final public RosettaDF<Perms> permsDF;
+ final public RosettaDF<Certs> certsDF;
+ final public RosettaDF<Users> usersDF;
+ final public RosettaDF<Error> errDF;
+ private String realm;
+ public final String app;
+ protected SecurityInfoC<CLIENT> si;
- private AAFLurPerm lur;
+ private AAFLurPerm lur;
- final public RosettaEnv env;
- protected abstract URI initURI();
- protected abstract void setInitURI(String uriString) throws CadiException;
- /*
- protected abstract SecuritySetter<CLIENT> bestSS(SecurityInfoC<CLIENT> si) throws CadiException;
- */
-
- /**
- * Use this call to get the appropriate client based on configuration (HTTP, future)
- *
- * @param apiVersion
- * @return
- * @throws CadiException
- */
- public Rcli<CLIENT> client(String apiVersion) throws CadiException {
- Rcli<CLIENT> client = clients.get(apiVersion);
- if(client==null) {
- client = rclient(initURI(),si.defSS);
- client.apiVersion(apiVersion)
- .readTimeout(connTimeout);
- clients.put(apiVersion, client);
- }
- return client;
- }
+ final public RosettaEnv env;
+ protected abstract URI initURI();
+ protected abstract void setInitURI(String uriString) throws CadiException;
+ /*
+ protected abstract SecuritySetter<CLIENT> bestSS(SecurityInfoC<CLIENT> si) throws CadiException;
+ */
+
+ /**
+ * Use this call to get the appropriate client based on configuration (HTTP, future)
+ *
+ * @param apiVersion
+ * @return
+ * @throws CadiException
+ */
+ public Rcli<CLIENT> client(String apiVersion) throws CadiException {
+ Rcli<CLIENT> client = clients.get(apiVersion);
+ if(client==null) {
+ client = rclient(initURI(),si.defSS);
+ client.apiVersion(apiVersion)
+ .readTimeout(connTimeout);
+ clients.put(apiVersion, client);
+ }
+ return client;
+ }
- public Rcli<CLIENT> client(URI uri) throws CadiException {
- return rclient(uri,si.defSS).readTimeout(connTimeout);
- }
-
- /**
- * Use this API when you have permission to have your call act as the end client's ID.
- *
- * Your calls will get 403 errors if you do not have this permission. it is a special setup, rarely given.
- *
- * @param apiVersion
- * @param req
- * @return
- * @throws CadiException
- */
- public Rcli<CLIENT> clientAs(String apiVersion, TaggedPrincipal p) throws CadiException {
- Rcli<CLIENT> cl = client(apiVersion);
- return cl.forUser(transferSS(p));
- }
-
- protected AAFCon(AAFCon<CLIENT> copy) {
- access = copy.access;
- timeout = copy.timeout;
- cleanInterval = copy.cleanInterval;
- connTimeout = copy.connTimeout;
- highCount = copy.highCount;
- userExpires = copy.userExpires;
- usageRefreshTriggerCount = copy.usageRefreshTriggerCount;
- permsDF = copy.permsDF;
- certsDF = copy.certsDF;
- usersDF = copy.usersDF;
- errDF = copy.errDF;
- app = copy.app;
- si = copy.si;
- env = copy.env;
- realm = copy.realm;
- }
-
- protected AAFCon(Access access, String tag, SecurityInfoC<CLIENT> si) throws CadiException{
- if(tag==null) {
- throw new CadiException("AAFCon cannot be constructed without a property tag or URL");
- } else {
- String str = access.getProperty(tag,null);
- if(str==null) {
- if(tag.contains("://")) { // assume a URL
- str = tag;
- } else {
- throw new CadiException("A URL or " + tag + " property is required.");
- }
- }
- setInitURI(str);
- }
- try {
- this.access = access;
- this.si = si;
- if(si.defSS.getID().equals(SecurityInfoC.DEF_ID)) { // it's the Preliminary SS, try to get a better one
- String mechid = access.getProperty(Config.AAF_APPID, null);
- if(mechid==null) {
- mechid=access.getProperty(Config.OAUTH_CLIENT_ID,null);
- }
- String encpass = access.getProperty(Config.AAF_APPPASS, null);
- if(encpass==null) {
- encpass = access.getProperty(Config.OAUTH_CLIENT_SECRET,null);
- }
- if(encpass==null) {
- String alias = access.getProperty(Config.CADI_ALIAS, mechid);
- if(alias==null) {
- access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID);
- set(si.defSS);
- } else {
- si.defSS=x509Alias(alias);
- set(si.defSS);
- }
- } else {
- if(mechid!=null) {
- si.defSS=basicAuth(mechid, encpass);
- set(si.defSS);
- } else {
- si.defSS=new SecuritySetter<CLIENT>() {
+ public Rcli<CLIENT> client(URI uri) throws CadiException {
+ return rclient(uri,si.defSS).readTimeout(connTimeout);
+ }
+
+ /**
+ * Use this API when you have permission to have your call act as the end client's ID.
+ *
+ * Your calls will get 403 errors if you do not have this permission. it is a special setup, rarely given.
+ *
+ * @param apiVersion
+ * @param req
+ * @return
+ * @throws CadiException
+ */
+ public Rcli<CLIENT> clientAs(String apiVersion, TaggedPrincipal p) throws CadiException {
+ Rcli<CLIENT> cl = client(apiVersion);
+ return cl.forUser(transferSS(p));
+ }
+
+ protected AAFCon(AAFCon<CLIENT> copy) {
+ access = copy.access;
+ timeout = copy.timeout;
+ cleanInterval = copy.cleanInterval;
+ connTimeout = copy.connTimeout;
+ highCount = copy.highCount;
+ userExpires = copy.userExpires;
+ usageRefreshTriggerCount = copy.usageRefreshTriggerCount;
+ permsDF = copy.permsDF;
+ certsDF = copy.certsDF;
+ usersDF = copy.usersDF;
+ errDF = copy.errDF;
+ app = copy.app;
+ si = copy.si;
+ env = copy.env;
+ realm = copy.realm;
+ }
+
+ protected AAFCon(Access access, String tag, SecurityInfoC<CLIENT> si) throws CadiException{
+ if(tag==null) {
+ throw new CadiException("AAFCon cannot be constructed without a property tag or URL");
+ } else {
+ String str = access.getProperty(tag,null);
+ if(str==null) {
+ if(tag.contains("://")) { // assume a URL
+ str = tag;
+ } else {
+ throw new CadiException("A URL or " + tag + " property is required.");
+ }
+ }
+ setInitURI(str);
+ }
+ try {
+ this.access = access;
+ this.si = si;
+ if(si.defSS.getID().equals(SecurityInfoC.DEF_ID)) { // it's the Preliminary SS, try to get a better one
+ String mechid = access.getProperty(Config.AAF_APPID, null);
+ if(mechid==null) {
+ mechid=access.getProperty(Config.OAUTH_CLIENT_ID,null);
+ }
+ String encpass = access.getProperty(Config.AAF_APPPASS, null);
+ if(encpass==null) {
+ encpass = access.getProperty(Config.OAUTH_CLIENT_SECRET,null);
+ }
+ if(encpass==null) {
+ String alias = access.getProperty(Config.CADI_ALIAS, mechid);
+ if(alias==null) {
+ access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID);
+ set(si.defSS);
+ } else {
+ si.defSS=x509Alias(alias);
+ set(si.defSS);
+ }
+ } else {
+ if(mechid!=null) {
+ si.defSS=basicAuth(mechid, encpass);
+ set(si.defSS);
+ } else {
+ si.defSS=new SecuritySetter<CLIENT>() {
- @Override
- public String getID() {
- return "";
- }
+ @Override
+ public String getID() {
+ return "";
+ }
- @Override
- public void setSecurity(CLIENT client) throws CadiException {
- throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)");
- }
+ @Override
+ public void setSecurity(CLIENT client) throws CadiException {
+ throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)");
+ }
- @Override
- public int setLastResponse(int respCode) {
- return 0;
- }
- };
- set(si.defSS);
- }
- }
- }
-
- timeout = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT, Config.AAF_CALL_TIMEOUT_DEF));
- cleanInterval = Integer.parseInt(access.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF));
- highCount = Integer.parseInt(access.getProperty(Config.AAF_HIGH_COUNT, Config.AAF_HIGH_COUNT_DEF).trim());
- connTimeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF).trim());
- userExpires = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim());
- usageRefreshTriggerCount = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim())-1; // zero based
-
- app=FQI.reverseDomain(si.defSS.getID());
- //TODO Get Realm from AAF
- realm="people.osaaf.org";
-
- env = new RosettaEnv();
- permsDF = env.newDataFactory(Perms.class);
- usersDF = env.newDataFactory(Users.class);
- certsDF = env.newDataFactory(Certs.class);
- certsDF.rootMarshal(new CertsMarshal()); // Speedier Marshaling
- errDF = env.newDataFactory(Error.class);
- } catch (APIException e) {
- throw new CadiException("AAFCon cannot be configured",e);
- }
- }
-
- public RosettaEnv env() {
- return env;
- }
-
- /**
- * Return the backing AAFCon, if there is a Lur Setup that is AAF.
- *
- * If there is no AAFLur setup, it will return "null"
- * @param servletRequest
- * @return
- */
- public static final AAFCon<?> obtain(Object servletRequest) {
- if(servletRequest instanceof CadiWrap) {
- Lur lur = ((CadiWrap)servletRequest).getLur();
- if(lur != null) {
- if(lur instanceof EpiLur) {
- AbsAAFLur<?> aal = (AbsAAFLur<?>) ((EpiLur)lur).subLur(AbsAAFLur.class);
- if(aal!=null) {
- return aal.aaf;
- }
- } else {
- if(lur instanceof AbsAAFLur) {
- return ((AbsAAFLur<?>)lur).aaf;
- }
- }
- }
- }
- return null;
- }
-
- public abstract AAFCon<CLIENT> clone(String url) throws CadiException, LocatorException;
-
- public AAFAuthn<CLIENT> newAuthn() throws APIException {
- try {
- return new AAFAuthn<>(this);
- } catch (Exception e) {
- throw new APIException(e);
- }
- }
+ @Override
+ public int setLastResponse(int respCode) {
+ return 0;
+ }
+ };
+ set(si.defSS);
+ }
+ }
+ }
+
+ timeout = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT, Config.AAF_CALL_TIMEOUT_DEF));
+ cleanInterval = Integer.parseInt(access.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF));
+ highCount = Integer.parseInt(access.getProperty(Config.AAF_HIGH_COUNT, Config.AAF_HIGH_COUNT_DEF).trim());
+ connTimeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF).trim());
+ userExpires = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim());
+ usageRefreshTriggerCount = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim())-1; // zero based
+
+ app=FQI.reverseDomain(si.defSS.getID());
+ //TODO Get Realm from AAF
+ realm="people.osaaf.org";
+
+ env = new RosettaEnv();
+ permsDF = env.newDataFactory(Perms.class);
+ usersDF = env.newDataFactory(Users.class);
+ certsDF = env.newDataFactory(Certs.class);
+ certsDF.rootMarshal(new CertsMarshal()); // Speedier Marshaling
+ errDF = env.newDataFactory(Error.class);
+ } catch (APIException e) {
+ throw new CadiException("AAFCon cannot be configured",e);
+ }
+ }
+
+ public RosettaEnv env() {
+ return env;
+ }
+
+ /**
+ * Return the backing AAFCon, if there is a Lur Setup that is AAF.
+ *
+ * If there is no AAFLur setup, it will return "null"
+ * @param servletRequest
+ * @return
+ */
+ public static final AAFCon<?> obtain(Object servletRequest) {
+ if(servletRequest instanceof CadiWrap) {
+ Lur lur = ((CadiWrap)servletRequest).getLur();
+ if(lur != null) {
+ if(lur instanceof EpiLur) {
+ AbsAAFLur<?> aal = (AbsAAFLur<?>) ((EpiLur)lur).subLur(AbsAAFLur.class);
+ if(aal!=null) {
+ return aal.aaf;
+ }
+ } else {
+ if(lur instanceof AbsAAFLur) {
+ return ((AbsAAFLur<?>)lur).aaf;
+ }
+ }
+ }
+ }
+ return null;
+ }
+
+ public abstract AAFCon<CLIENT> clone(String url) throws CadiException, LocatorException;
+
+ public AAFAuthn<CLIENT> newAuthn() throws APIException {
+ try {
+ return new AAFAuthn<>(this);
+ } catch (Exception e) {
+ throw new APIException(e);
+ }
+ }
- public AAFAuthn<CLIENT> newAuthn(AbsUserCache<AAFPermission> c) {
- return new AAFAuthn<>(this, c);
- }
+ public AAFAuthn<CLIENT> newAuthn(AbsUserCache<AAFPermission> c) {
+ return new AAFAuthn<>(this, c);
+ }
- public AAFLurPerm newLur() throws CadiException {
- try {
- if(lur==null) {
- lur = new AAFLurPerm(this);
- return lur;
- } else {
- return new AAFLurPerm(this,lur);
- }
- } catch (CadiException e) {
- throw e;
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
-
- public AAFLurPerm newLur(AbsUserCache<AAFPermission> c) throws APIException {
- try {
- return new AAFLurPerm(this,c);
- } catch (APIException e) {
- throw e;
- } catch (Exception e) {
- throw new APIException(e);
- }
- }
+ public AAFLurPerm newLur() throws CadiException {
+ try {
+ if(lur==null) {
+ lur = new AAFLurPerm(this);
+ return lur;
+ } else {
+ return new AAFLurPerm(this,lur);
+ }
+ } catch (CadiException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ }
+
+ public AAFLurPerm newLur(AbsUserCache<AAFPermission> c) throws APIException {
+ try {
+ return new AAFLurPerm(this,c);
+ } catch (APIException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new APIException(e);
+ }
+ }
- protected abstract Rcli<CLIENT> rclient(URI uri, SecuritySetter<CLIENT> ss) throws CadiException;
-
- public abstract Rcli<CLIENT> rclient(Locator<URI> loc, SecuritySetter<CLIENT> ss) throws CadiException;
+ protected abstract Rcli<CLIENT> rclient(URI uri, SecuritySetter<CLIENT> ss) throws CadiException;
+
+ public abstract Rcli<CLIENT> rclient(Locator<URI> loc, SecuritySetter<CLIENT> ss) throws CadiException;
- public Rcli<CLIENT> client(Locator<URI> locator) throws CadiException {
- return rclient(locator,si.defSS);
- }
-
- public abstract<RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException;
+ public Rcli<CLIENT> client(Locator<URI> locator) throws CadiException {
+ return rclient(locator,si.defSS);
+ }
+
+ public abstract<RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException;
- public abstract<RET> RET bestForUser(GetSetter get, Retryable<RET> retryable) throws LocatorException, CadiException, APIException;
+ public abstract<RET> RET bestForUser(GetSetter get, Retryable<RET> retryable) throws LocatorException, CadiException, APIException;
- public abstract SecuritySetter<CLIENT> basicAuth(String user, String password) throws CadiException;
-
- public abstract SecuritySetter<CLIENT> transferSS(TaggedPrincipal principal) throws CadiException;
-
- public abstract SecuritySetter<CLIENT> basicAuthSS(BasicPrincipal principal) throws CadiException;
-
- public abstract SecuritySetter<CLIENT> tokenSS(final String client_id, final String accessToken) throws CadiException;
-
- public abstract SecuritySetter<CLIENT> x509Alias(String alias) throws APIException, CadiException;
-
+ public abstract SecuritySetter<CLIENT> basicAuth(String user, String password) throws CadiException;
+
+ public abstract SecuritySetter<CLIENT> transferSS(TaggedPrincipal principal) throws CadiException;
+
+ public abstract SecuritySetter<CLIENT> basicAuthSS(BasicPrincipal principal) throws CadiException;
+
+ public abstract SecuritySetter<CLIENT> tokenSS(final String client_id, final String accessToken) throws CadiException;
+
+ public abstract SecuritySetter<CLIENT> x509Alias(String alias) throws APIException, CadiException;
+
- public String getRealm() {
- return realm;
+ public String getRealm() {
+ return realm;
- }
-
- /**
- * This interface allows the AAFCon, even though generic, to pass in correctly typed values based on the above SS commands.
- * @author Jonathan
- *
- */
- public interface GetSetter {
- public<CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException;
- }
+ }
+
+ /**
+ * This interface allows the AAFCon, even though generic, to pass in correctly typed values based on the above SS commands.
+ * @author Jonathan
+ *
+ */
+ public interface GetSetter {
+ public<CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException;
+ }
- public SecuritySetter<CLIENT> set(final SecuritySetter<CLIENT> ss) {
- si.set(ss);
- for(Rcli<CLIENT> client : clients.values()) {
- client.setSecuritySetter(ss);
- }
- return ss;
- }
-
- public SecurityInfoC<CLIENT> securityInfo() {
- return si;
- }
+ public SecuritySetter<CLIENT> set(final SecuritySetter<CLIENT> ss) {
+ si.set(ss);
+ for(Rcli<CLIENT> client : clients.values()) {
+ client.setSecuritySetter(ss);
+ }
+ return ss;
+ }
+
+ public SecurityInfoC<CLIENT> securityInfo() {
+ return si;
+ }
- public String defID() {
- if(si!=null) {
- return si.defSS.getID();
- }
- return "unknown";
- }
-
- public void invalidate() throws CadiException {
- for(Rcli<CLIENT> client : clients.values()) {
- client.invalidate();
- }
- clients.clear();
- }
+ public String defID() {
+ if(si!=null) {
+ return si.defSS.getID();
+ }
+ return "unknown";
+ }
+
+ public void invalidate() throws CadiException {
+ for(Rcli<CLIENT> client : clients.values()) {
+ client.invalidate();
+ }
+ clients.clear();
+ }
- public String readableErrMsg(Future<?> f) {
- String text = f.body();
- if(text==null || text.length()==0) {
- text = f.code() + ": **No Message**";
- } else if(text.contains("%")) {
- try {
- Error err = errDF.newData().in(TYPE.JSON).load(f.body()).asObject();
- return Vars.convert(err.getText(),err.getVariables());
- } catch (APIException e){
- access.log(e);
- }
- }
- return text;
- }
-
- public static AAFCon<?> newInstance(PropAccess pa) throws CadiException, LocatorException {
- // Potentially add plugin for other kinds of Access
- return new AAFConHttp(pa);
- }
+ public String readableErrMsg(Future<?> f) {
+ String text = f.body();
+ if(text==null || text.length()==0) {
+ text = f.code() + ": **No Message**";
+ } else if(text.contains("%")) {
+ try {
+ Error err = errDF.newData().in(TYPE.JSON).load(f.body()).asObject();
+ return Vars.convert(err.getText(),err.getVariables());
+ } catch (APIException e){
+ access.log(e);
+ }
+ }
+ return text;
+ }
+
+ public static AAFCon<?> newInstance(PropAccess pa) throws CadiException, LocatorException {
+ // Potentially add plugin for other kinds of Access
+ return new AAFConHttp(pa);
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java
index a06b7aff..cc70ae3c 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java
@@ -47,174 +47,174 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
import org.onap.aaf.misc.env.APIException;
public class AAFConHttp extends AAFCon<HttpURLConnection> {
- private final HMangr hman;
-
- public AAFConHttp(Access access) throws CadiException, LocatorException {
- super(access,Config.AAF_URL,SecurityInfoC.instance(access, HttpURLConnection.class));
- hman = new HMangr(access,Config.loadLocator(si, access.getProperty(Config.AAF_URL,null)));
- }
-
- protected SecuritySetter<HttpURLConnection> bestSS(SecurityInfoC<HttpURLConnection> si) throws CadiException {
- return si.defSS;
- }
-
- public AAFConHttp(Access access, String tag) throws CadiException, LocatorException {
- super(access,tag,SecurityInfoC.instance(access, HttpURLConnection.class));
- bestSS(si);
- hman = new HMangr(access,Config.loadLocator(si, access.getProperty(tag,tag/*try the content itself*/)));
- }
-
- public AAFConHttp(Access access, String urlTag, SecurityInfoC<HttpURLConnection> si) throws CadiException, LocatorException {
- super(access,urlTag,si);
- bestSS(si);
- hman = new HMangr(access,Config.loadLocator(si, access.getProperty(urlTag,null)));
- }
-
- public AAFConHttp(Access access, Locator<URI> locator) throws CadiException, LocatorException {
- super(access,Config.AAF_URL,SecurityInfoC.instance(access, HttpURLConnection.class));
- bestSS(si);
- hman = new HMangr(access,locator);
- }
-
- public AAFConHttp(Access access, Locator<URI> locator, SecurityInfoC<HttpURLConnection> si) throws CadiException, LocatorException, APIException {
- super(access,Config.AAF_URL,si);
- bestSS(si);
- hman = new HMangr(access,locator);
- }
-
- public AAFConHttp(Access access, Locator<URI> locator, SecurityInfoC<HttpURLConnection> si, String tag) throws CadiException, LocatorException, APIException {
- super(access,tag,si);
- bestSS(si);
- hman = new HMangr(access, locator);
- }
-
- private AAFConHttp(AAFCon<HttpURLConnection> aafcon, String url) throws LocatorException {
- super(aafcon);
- si=aafcon.si;
- hman = new HMangr(aafcon.access,Config.loadLocator(si, url));
- }
-
- @Override
- public AAFCon<HttpURLConnection> clone(String url) throws LocatorException {
- return new AAFConHttp(this,url);
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#basicAuth(java.lang.String, java.lang.String)
- */
- @Override
- public SecuritySetter<HttpURLConnection> basicAuth(String user, String password) throws CadiException {
- if(password.startsWith("enc:")) {
- try {
- password = access.decrypt(password, true);
- } catch (IOException e) {
- throw new CadiException("Error decrypting password",e);
- }
- }
- try {
- return new HBasicAuthSS(si,user,password);
- } catch (IOException e) {
- throw new CadiException("Error creating HBasicAuthSS",e);
- }
- }
-
- public SecuritySetter<HttpURLConnection> x509Alias(String alias) throws CadiException {
- try {
- return set(new HX509SS(alias,si));
- } catch (Exception e) {
- throw new CadiException("Error creating X509SS",e);
- }
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#rclient(java.net.URI, org.onap.aaf.cadi.SecuritySetter)
- */
- @Override
- protected Rcli<HttpURLConnection> rclient(URI ignoredURI, SecuritySetter<HttpURLConnection> ss) throws CadiException {
- if(hman.loc==null) {
- throw new CadiException("No Locator set in AAFConHttp");
- }
- try {
- return new HRcli(hman, hman.loc.best() ,ss);
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
-
- @Override
- public Rcli<HttpURLConnection> rclient(Locator<URI> loc, SecuritySetter<HttpURLConnection> ss) throws CadiException {
- try {
- HMangr newHMan = new HMangr(access, loc);
- return new HRcli(newHMan,newHMan.loc.best(),ss);
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
- @Override
- public AbsTransferSS<HttpURLConnection> transferSS(TaggedPrincipal principal) {
- return new HTransferSS(principal, app,si);
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#basicAuthSS(java.security.Principal)
- */
- @Override
- public SecuritySetter<HttpURLConnection> basicAuthSS(BasicPrincipal principal) throws CadiException {
- try {
- return new HBasicAuthSS(principal,si);
- } catch (IOException e) {
- throw new CadiException("Error creating HBasicAuthSS",e);
- }
- }
-
- @Override
- public SecuritySetter<HttpURLConnection> tokenSS(final String client_id, final String accessToken) throws CadiException {
- try {
- return new HTokenSS(si, client_id, accessToken);
- } catch (IOException e) {
- throw new CadiException(e);
- }
- }
-
- public HMangr hman() {
- return hman;
- }
-
- @Override
- public <RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
- return hman.best(si.defSS, retryable);
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#bestForUser(org.onap.aaf.cadi.SecuritySetter, org.onap.aaf.cadi.client.Retryable)
- */
- @Override
- public <RET> RET bestForUser(GetSetter getSetter, Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
- return hman.best(getSetter.get(this), retryable);
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#initURI()
- */
- @Override
- protected URI initURI() {
- try {
- Item item = hman.loc.best();
- if(item!=null) {
- return hman.loc.get(item);
- }
- } catch (LocatorException e) {
- access.log(e, "Error in AAFConHttp obtaining initial URI");
- }
- return null;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#setInitURI(java.lang.String)
- */
- @Override
- protected void setInitURI(String uriString) {
- // Using Locator, not URLString, which is mostly for DME2
- }
+ private final HMangr hman;
+
+ public AAFConHttp(Access access) throws CadiException, LocatorException {
+ super(access,Config.AAF_URL,SecurityInfoC.instance(access, HttpURLConnection.class));
+ hman = new HMangr(access,Config.loadLocator(si, access.getProperty(Config.AAF_URL,null)));
+ }
+
+ protected SecuritySetter<HttpURLConnection> bestSS(SecurityInfoC<HttpURLConnection> si) throws CadiException {
+ return si.defSS;
+ }
+
+ public AAFConHttp(Access access, String tag) throws CadiException, LocatorException {
+ super(access,tag,SecurityInfoC.instance(access, HttpURLConnection.class));
+ bestSS(si);
+ hman = new HMangr(access,Config.loadLocator(si, access.getProperty(tag,tag/*try the content itself*/)));
+ }
+
+ public AAFConHttp(Access access, String urlTag, SecurityInfoC<HttpURLConnection> si) throws CadiException, LocatorException {
+ super(access,urlTag,si);
+ bestSS(si);
+ hman = new HMangr(access,Config.loadLocator(si, access.getProperty(urlTag,null)));
+ }
+
+ public AAFConHttp(Access access, Locator<URI> locator) throws CadiException, LocatorException {
+ super(access,Config.AAF_URL,SecurityInfoC.instance(access, HttpURLConnection.class));
+ bestSS(si);
+ hman = new HMangr(access,locator);
+ }
+
+ public AAFConHttp(Access access, Locator<URI> locator, SecurityInfoC<HttpURLConnection> si) throws CadiException, LocatorException, APIException {
+ super(access,Config.AAF_URL,si);
+ bestSS(si);
+ hman = new HMangr(access,locator);
+ }
+
+ public AAFConHttp(Access access, Locator<URI> locator, SecurityInfoC<HttpURLConnection> si, String tag) throws CadiException, LocatorException, APIException {
+ super(access,tag,si);
+ bestSS(si);
+ hman = new HMangr(access, locator);
+ }
+
+ private AAFConHttp(AAFCon<HttpURLConnection> aafcon, String url) throws LocatorException {
+ super(aafcon);
+ si=aafcon.si;
+ hman = new HMangr(aafcon.access,Config.loadLocator(si, url));
+ }
+
+ @Override
+ public AAFCon<HttpURLConnection> clone(String url) throws LocatorException {
+ return new AAFConHttp(this,url);
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#basicAuth(java.lang.String, java.lang.String)
+ */
+ @Override
+ public SecuritySetter<HttpURLConnection> basicAuth(String user, String password) throws CadiException {
+ if(password.startsWith("enc:")) {
+ try {
+ password = access.decrypt(password, true);
+ } catch (IOException e) {
+ throw new CadiException("Error decrypting password",e);
+ }
+ }
+ try {
+ return new HBasicAuthSS(si,user,password);
+ } catch (IOException e) {
+ throw new CadiException("Error creating HBasicAuthSS",e);
+ }
+ }
+
+ public SecuritySetter<HttpURLConnection> x509Alias(String alias) throws CadiException {
+ try {
+ return set(new HX509SS(alias,si));
+ } catch (Exception e) {
+ throw new CadiException("Error creating X509SS",e);
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#rclient(java.net.URI, org.onap.aaf.cadi.SecuritySetter)
+ */
+ @Override
+ protected Rcli<HttpURLConnection> rclient(URI ignoredURI, SecuritySetter<HttpURLConnection> ss) throws CadiException {
+ if(hman.loc==null) {
+ throw new CadiException("No Locator set in AAFConHttp");
+ }
+ try {
+ return new HRcli(hman, hman.loc.best() ,ss);
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ }
+
+ @Override
+ public Rcli<HttpURLConnection> rclient(Locator<URI> loc, SecuritySetter<HttpURLConnection> ss) throws CadiException {
+ try {
+ HMangr newHMan = new HMangr(access, loc);
+ return new HRcli(newHMan,newHMan.loc.best(),ss);
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ }
+ @Override
+ public AbsTransferSS<HttpURLConnection> transferSS(TaggedPrincipal principal) {
+ return new HTransferSS(principal, app,si);
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#basicAuthSS(java.security.Principal)
+ */
+ @Override
+ public SecuritySetter<HttpURLConnection> basicAuthSS(BasicPrincipal principal) throws CadiException {
+ try {
+ return new HBasicAuthSS(principal,si);
+ } catch (IOException e) {
+ throw new CadiException("Error creating HBasicAuthSS",e);
+ }
+ }
+
+ @Override
+ public SecuritySetter<HttpURLConnection> tokenSS(final String client_id, final String accessToken) throws CadiException {
+ try {
+ return new HTokenSS(si, client_id, accessToken);
+ } catch (IOException e) {
+ throw new CadiException(e);
+ }
+ }
+
+ public HMangr hman() {
+ return hman;
+ }
+
+ @Override
+ public <RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
+ return hman.best(si.defSS, retryable);
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#bestForUser(org.onap.aaf.cadi.SecuritySetter, org.onap.aaf.cadi.client.Retryable)
+ */
+ @Override
+ public <RET> RET bestForUser(GetSetter getSetter, Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
+ return hman.best(getSetter.get(this), retryable);
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#initURI()
+ */
+ @Override
+ protected URI initURI() {
+ try {
+ Item item = hman.loc.best();
+ if(item!=null) {
+ return hman.loc.get(item);
+ }
+ } catch (LocatorException e) {
+ access.log(e, "Error in AAFConHttp obtaining initial URI");
+ }
+ return null;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#setInitURI(java.lang.String)
+ */
+ @Override
+ protected void setInitURI(String uriString) {
+ // Using Locator, not URLString, which is mostly for DME2
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java
index 00a40568..468bb915 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java
@@ -46,95 +46,95 @@ import locate.v1_0.Endpoint;
import locate.v1_0.Endpoints;
public class AAFLocator extends AbsAAFLocator<BasicTrans> {
- private static RosettaEnv env;
- HClient client;
- private RosettaDF<Endpoints> epsDF;
+ private static RosettaEnv env;
+ HClient client;
+ private RosettaDF<Endpoints> epsDF;
- public AAFLocator(SecurityInfoC<HttpURLConnection> si, URI locatorURI) throws LocatorException {
- super(si.access, nameFromLocatorURI(locatorURI), 10000L /* Wait at least 10 seconds between refreshes */);
- synchronized(sr) {
- if(env==null) {
- env = new RosettaEnv(access.getProperties());
- }
- }
-
- int connectTimeout = Integer.parseInt(si.access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
- try {
- String[] path = Split.split('/',locatorURI.getPath());
- String host = locatorURI.getHost();
- if(host==null) {
- host = locatorURI.getAuthority(); // this happens when no port
- }
- if("AAF_LOCATE_URL".equals(host)) {
- URI uri = new URI(
- locatorURI.getScheme(),
- locatorURI.getUserInfo(),
- aaf_locator_uri.getHost(),
- aaf_locator_uri.getPort(),
- "/locate"+locatorURI.getPath(),
- null,
- null
- );
- client = createClient(si.defSS, uri, connectTimeout);
- } else if(path.length>1 && "locate".equals(path[1])) {
- StringBuilder sb = new StringBuilder();
- for(int i=3;i<path.length;++i) {
- sb.append('/');
- sb.append(path[i]);
- }
- setPathInfo(sb.toString());
- URI uri = new URI(
- locatorURI.getScheme(),
- locatorURI.getUserInfo(),
- locatorURI.getHost(),
- locatorURI.getPort(),
- "/locate/"+name + ':' + version,
- null,
- null
- );
- client = createClient(si.defSS, uri, connectTimeout);
- } else {
- client = new HClient(si.defSS, locatorURI, connectTimeout);
- }
- epsDF = env.newDataFactory(Endpoints.class);
- } catch (APIException | URISyntaxException e) {
- throw new LocatorException(e);
- }
- }
+ public AAFLocator(SecurityInfoC<HttpURLConnection> si, URI locatorURI) throws LocatorException {
+ super(si.access, nameFromLocatorURI(locatorURI), 10000L /* Wait at least 10 seconds between refreshes */);
+ synchronized(sr) {
+ if(env==null) {
+ env = new RosettaEnv(access.getProperties());
+ }
+ }
+
+ int connectTimeout = Integer.parseInt(si.access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
+ try {
+ String[] path = Split.split('/',locatorURI.getPath());
+ String host = locatorURI.getHost();
+ if(host==null) {
+ host = locatorURI.getAuthority(); // this happens when no port
+ }
+ if("AAF_LOCATE_URL".equals(host)) {
+ URI uri = new URI(
+ locatorURI.getScheme(),
+ locatorURI.getUserInfo(),
+ aaf_locator_uri.getHost(),
+ aaf_locator_uri.getPort(),
+ "/locate"+locatorURI.getPath(),
+ null,
+ null
+ );
+ client = createClient(si.defSS, uri, connectTimeout);
+ } else if(path.length>1 && "locate".equals(path[1])) {
+ StringBuilder sb = new StringBuilder();
+ for(int i=3;i<path.length;++i) {
+ sb.append('/');
+ sb.append(path[i]);
+ }
+ setPathInfo(sb.toString());
+ URI uri = new URI(
+ locatorURI.getScheme(),
+ locatorURI.getUserInfo(),
+ locatorURI.getHost(),
+ locatorURI.getPort(),
+ "/locate/"+name + ':' + version,
+ null,
+ null
+ );
+ client = createClient(si.defSS, uri, connectTimeout);
+ } else {
+ client = new HClient(si.defSS, locatorURI, connectTimeout);
+ }
+ epsDF = env.newDataFactory(Endpoints.class);
+ } catch (APIException | URISyntaxException e) {
+ throw new LocatorException(e);
+ }
+ }
- @Override
- public boolean refresh() {
- try {
- client.setMethod("GET");
- client.send();
- Future<Endpoints> fr = client.futureRead(epsDF, TYPE.JSON);
- if(fr.get(client.timeout())) {
- List<EP> epl = new LinkedList<>();
- for(Endpoint endpoint : fr.value.getEndpoint()) {
- epl.add(new EP(endpoint,latitude,longitude));
- }
-
- Collections.sort(epl);
- replace(epl);
- return true;
- } else {
- env.error().printf("Error reading location information from %s: %d %s\n",client.getURI().toString(),fr.code(),fr.body());
- }
- } catch (CadiException | URISyntaxException | APIException e) {
- env.error().log(e,"Error connecting " + client.getURI() + " for location.");
- }
- return false;
- }
+ @Override
+ public boolean refresh() {
+ try {
+ client.setMethod("GET");
+ client.send();
+ Future<Endpoints> fr = client.futureRead(epsDF, TYPE.JSON);
+ if(fr.get(client.timeout())) {
+ List<EP> epl = new LinkedList<>();
+ for(Endpoint endpoint : fr.value.getEndpoint()) {
+ epl.add(new EP(endpoint,latitude,longitude));
+ }
+
+ Collections.sort(epl);
+ replace(epl);
+ return true;
+ } else {
+ env.error().printf("Error reading location information from %s: %d %s\n",client.getURI().toString(),fr.code(),fr.body());
+ }
+ } catch (CadiException | URISyntaxException | APIException e) {
+ env.error().log(e,"Error connecting " + client.getURI() + " for location.");
+ }
+ return false;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator#getURI()
- */
- @Override
- protected URI getURI() {
- return client.getURI();
- }
-
- protected HClient createClient(SecuritySetter<HttpURLConnection> ss, URI uri, int connectTimeout) throws LocatorException {
- return new HClient(ss, uri, connectTimeout);
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator#getURI()
+ */
+ @Override
+ protected URI getURI() {
+ return client.getURI();
+ }
+
+ protected HClient createClient(SecuritySetter<HttpURLConnection> ss, URI uri, int connectTimeout) throws LocatorException {
+ return new HClient(ss, uri, connectTimeout);
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
index 682540ea..b1c600a0 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
@@ -61,197 +61,197 @@ import aaf.v2_0.Perms;
*
*/
public class AAFLurPerm extends AbsAAFLur<AAFPermission> {
- private static final String ORG_OSAAF_CADI_OAUTH_O_AUTH2_LUR = "org.osaaf.cadi.oauth.OAuth2Lur";
+ private static final String ORG_OSAAF_CADI_OAUTH_O_AUTH2_LUR = "org.osaaf.cadi.oauth.OAuth2Lur";
- /**
- * Need to be able to transmutate a Principal into either Person or AppID, which are the only ones accepted at this
- * point by AAF. There is no "domain", aka, no "@att.com" in "ab1234@att.com".
- *
- * The only thing that matters here for AAF is that we don't waste calls with IDs that obviously aren't valid.
- * Thus, we validate that the ID portion follows the rules before we waste time accessing AAF remotely
- * @throws APIException
- * @throws URISyntaxException
- * @throws DME2Exception
- */
- // Package on purpose
- AAFLurPerm(AAFCon<?> con) throws CadiException, APIException {
- super(con);
- attachOAuth2(con);
- }
+ /**
+ * Need to be able to transmutate a Principal into either Person or AppID, which are the only ones accepted at this
+ * point by AAF. There is no "domain", aka, no "@att.com" in "ab1234@att.com".
+ *
+ * The only thing that matters here for AAF is that we don't waste calls with IDs that obviously aren't valid.
+ * Thus, we validate that the ID portion follows the rules before we waste time accessing AAF remotely
+ * @throws APIException
+ * @throws URISyntaxException
+ * @throws DME2Exception
+ */
+ // Package on purpose
+ AAFLurPerm(AAFCon<?> con) throws CadiException, APIException {
+ super(con);
+ attachOAuth2(con);
+ }
- // Package on purpose
- AAFLurPerm(AAFCon<?> con, AbsUserCache<AAFPermission> auc) throws APIException {
- super(con,auc);
- attachOAuth2(con);
- }
-
- private void attachOAuth2(AAFCon<?> con) throws APIException {
- String oauth2_url;
- Class<?> tmcls = Config.loadClass(access,"org.osaaf.cadi.oauth.TokenMgr");
- if(tmcls!=null) {
- if((oauth2_url = con.access.getProperty(Config.CADI_OAUTH2_URL,null))!=null) {
- try {
- Constructor<?> tmconst = tmcls.getConstructor(AAFCon.class,String.class);
- Object tokMangr = tmconst.newInstance(con,oauth2_url);
- @SuppressWarnings("unchecked")
- Class<Lur> oa2cls = (Class<Lur>)Config.loadClass(access,ORG_OSAAF_CADI_OAUTH_O_AUTH2_LUR);
- Constructor<Lur> oa2const = oa2cls.getConstructor(tmcls);
- Lur oa2 = oa2const.newInstance(tokMangr);
- setPreemptiveLur(oa2);
- } catch (NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
- throw new APIException(e);
- }
- } else {
- access.log(Level.INIT, "Both cadi-oauth jar and Property",Config.CADI_OAUTH2_URL,"is required to initialize OAuth2");
- }
- }
- }
+ // Package on purpose
+ AAFLurPerm(AAFCon<?> con, AbsUserCache<AAFPermission> auc) throws APIException {
+ super(con,auc);
+ attachOAuth2(con);
+ }
+
+ private void attachOAuth2(AAFCon<?> con) throws APIException {
+ String oauth2_url;
+ Class<?> tmcls = Config.loadClass(access,"org.osaaf.cadi.oauth.TokenMgr");
+ if(tmcls!=null) {
+ if((oauth2_url = con.access.getProperty(Config.CADI_OAUTH2_URL,null))!=null) {
+ try {
+ Constructor<?> tmconst = tmcls.getConstructor(AAFCon.class,String.class);
+ Object tokMangr = tmconst.newInstance(con,oauth2_url);
+ @SuppressWarnings("unchecked")
+ Class<Lur> oa2cls = (Class<Lur>)Config.loadClass(access,ORG_OSAAF_CADI_OAUTH_O_AUTH2_LUR);
+ Constructor<Lur> oa2const = oa2cls.getConstructor(tmcls);
+ Lur oa2 = oa2const.newInstance(tokMangr);
+ setPreemptiveLur(oa2);
+ } catch (NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
+ throw new APIException(e);
+ }
+ } else {
+ access.log(Level.INIT, "Both cadi-oauth jar and Property",Config.CADI_OAUTH2_URL,"is required to initialize OAuth2");
+ }
+ }
+ }
- protected User<AAFPermission> loadUser(final Principal principal) {
- final String name = principal.getName();
- final long start = System.nanoTime();
- final Holder<Float> remote = new Holder<Float>(0f);
+ protected User<AAFPermission> loadUser(final Principal principal) {
+ final String name = principal.getName();
+ final long start = System.nanoTime();
+ final Holder<Float> remote = new Holder<Float>(0f);
- final boolean[] success = new boolean[]{false};
-
- try {
- return aaf.best(new Retryable<User<AAFPermission>>() {
- @Override
- public User<AAFPermission> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- final long remoteStart = System.nanoTime();
- Future<Perms> fp = client.read("/authz/perms/user/"+name,aaf.permsDF);
-
- // In the meantime, lookup User, create if necessary
- User<AAFPermission> user = getUser(principal);
- Principal p;
- if(user!=null && user.principal == null) {
- p = new Principal() {// Create a holder for lookups
- private String n = name;
- public String getName() {
- return n;
- }
- };
- } else {
- p = principal;
- }
-
- if(user==null) {
- addUser(user = new User<AAFPermission>(p,aaf.userExpires)); // no password
- }
-
- // OK, done all we can, now get content
- boolean ok = fp.get(aaf.timeout);
- remote.set(Timing.millis(remoteStart));
- if(ok) {
- success[0]=true;
- Map<String, Permission> newMap = user.newMap();
- boolean willLog = aaf.access.willLog(Level.DEBUG);
- for(Perm perm : fp.value.getPerm()) {
- user.add(newMap,new AAFPermission(perm.getNs(),perm.getType(),perm.getInstance(),perm.getAction(),perm.getRoles()));
- if(willLog) {
- aaf.access.log(Level.DEBUG, name,"has '",perm.getType(),'|',perm.getInstance(),'|',perm.getAction(),'\'');
- }
- }
- user.setMap(newMap);
- } else {
- int code;
- switch(code=fp.code()) {
- case 401:
- aaf.access.log(Access.Level.ERROR, code, "Unauthorized to make AAF calls");
- break;
- case 404:
- user.setNoPerms();
- break;
- default:
- aaf.access.log(Access.Level.ERROR, code, fp.body());
- }
- }
+ final boolean[] success = new boolean[]{false};
+
+ try {
+ return aaf.best(new Retryable<User<AAFPermission>>() {
+ @Override
+ public User<AAFPermission> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ final long remoteStart = System.nanoTime();
+ Future<Perms> fp = client.read("/authz/perms/user/"+name,aaf.permsDF);
+
+ // In the meantime, lookup User, create if necessary
+ User<AAFPermission> user = getUser(principal);
+ Principal p;
+ if(user!=null && user.principal == null) {
+ p = new Principal() {// Create a holder for lookups
+ private String n = name;
+ public String getName() {
+ return n;
+ }
+ };
+ } else {
+ p = principal;
+ }
+
+ if(user==null) {
+ addUser(user = new User<AAFPermission>(p,aaf.userExpires)); // no password
+ }
+
+ // OK, done all we can, now get content
+ boolean ok = fp.get(aaf.timeout);
+ remote.set(Timing.millis(remoteStart));
+ if(ok) {
+ success[0]=true;
+ Map<String, Permission> newMap = user.newMap();
+ boolean willLog = aaf.access.willLog(Level.DEBUG);
+ for(Perm perm : fp.value.getPerm()) {
+ user.add(newMap,new AAFPermission(perm.getNs(),perm.getType(),perm.getInstance(),perm.getAction(),perm.getRoles()));
+ if(willLog) {
+ aaf.access.log(Level.DEBUG, name,"has '",perm.getType(),'|',perm.getInstance(),'|',perm.getAction(),'\'');
+ }
+ }
+ user.setMap(newMap);
+ } else {
+ int code;
+ switch(code=fp.code()) {
+ case 401:
+ aaf.access.log(Access.Level.ERROR, code, "Unauthorized to make AAF calls");
+ break;
+ case 404:
+ user.setNoPerms();
+ break;
+ default:
+ aaf.access.log(Access.Level.ERROR, code, fp.body());
+ }
+ }
- return user;
- }
- });
- } catch (Exception e) {
- aaf.access.log(e,"Calling","/authz/perms/user/"+name);
- success[0]=false;
- return null;
- } finally {
- aaf.access.printf(Level.INFO, "AAFLurPerm: %s %s perms from AAF in %f ms, remote=%f",
- (success[0]?"Loaded":"Load Failure"),name,Timing.millis(start),remote.get());
- }
- }
+ return user;
+ }
+ });
+ } catch (Exception e) {
+ aaf.access.log(e,"Calling","/authz/perms/user/"+name);
+ success[0]=false;
+ return null;
+ } finally {
+ aaf.access.printf(Level.INFO, "AAFLurPerm: %s %s perms from AAF in %f ms, remote=%f",
+ (success[0]?"Loaded":"Load Failure"),name,Timing.millis(start),remote.get());
+ }
+ }
- public Resp reload(final User<AAFPermission> user) {
- final String name = user.name;
- long start = System.nanoTime();
- final Holder<Float> remote = new Holder<Float>(0f);
- final Holder<Boolean> success = new Holder<Boolean>(false);
- try {
- Resp rv = aaf.best(new Retryable<Resp>() {
- @Override
- public Resp code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- final long remoteStart = System.nanoTime();
- Future<Perms> fp = aaf.client(Config.AAF_DEFAULT_VERSION).read(
- "/authz/perms/user/"+name,
- aaf.permsDF
- );
-
- // OK, done all we can, now get content
- boolean ok = fp.get(aaf.timeout);
- remote.set(Timing.millis(remoteStart));
- if(ok) {
- success.set(true);
- Map<String,Permission> newMap = user.newMap();
- boolean willLog = aaf.access.willLog(Level.DEBUG);
- for(Perm perm : fp.value.getPerm()) {
- user.add(newMap, new AAFPermission(perm.getNs(),perm.getType(),perm.getInstance(),perm.getAction(),perm.getRoles()));
- if(willLog) {
- aaf.access.log(Level.DEBUG, name,"has",perm.getType(),perm.getInstance(),perm.getAction());
- }
- }
- user.renewPerm();
- return Resp.REVALIDATED;
- } else {
- int code;
- switch(code=fp.code()) {
- case 401:
- aaf.access.log(Access.Level.ERROR, code, "Unauthorized to make AAF calls");
- break;
- default:
- aaf.access.log(Access.Level.ERROR, code, fp.body());
- }
- return Resp.UNVALIDATED;
- }
- }
- });
- return rv;
- } catch (Exception e) {
- aaf.access.log(e,"Calling","/authz/perms/user/"+name);
- return Resp.INACCESSIBLE;
- } finally {
- aaf.access.printf(Level.INFO, "AAFLurPerm: %s %s perms from AAF in %f ms (remote=%f)",
- (success.get()?"Reloaded":"Reload Failure"),name,Timing.millis(start),remote.get());
- }
- }
+ public Resp reload(final User<AAFPermission> user) {
+ final String name = user.name;
+ long start = System.nanoTime();
+ final Holder<Float> remote = new Holder<Float>(0f);
+ final Holder<Boolean> success = new Holder<Boolean>(false);
+ try {
+ Resp rv = aaf.best(new Retryable<Resp>() {
+ @Override
+ public Resp code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ final long remoteStart = System.nanoTime();
+ Future<Perms> fp = aaf.client(Config.AAF_DEFAULT_VERSION).read(
+ "/authz/perms/user/"+name,
+ aaf.permsDF
+ );
+
+ // OK, done all we can, now get content
+ boolean ok = fp.get(aaf.timeout);
+ remote.set(Timing.millis(remoteStart));
+ if(ok) {
+ success.set(true);
+ Map<String,Permission> newMap = user.newMap();
+ boolean willLog = aaf.access.willLog(Level.DEBUG);
+ for(Perm perm : fp.value.getPerm()) {
+ user.add(newMap, new AAFPermission(perm.getNs(),perm.getType(),perm.getInstance(),perm.getAction(),perm.getRoles()));
+ if(willLog) {
+ aaf.access.log(Level.DEBUG, name,"has",perm.getType(),perm.getInstance(),perm.getAction());
+ }
+ }
+ user.renewPerm();
+ return Resp.REVALIDATED;
+ } else {
+ int code;
+ switch(code=fp.code()) {
+ case 401:
+ aaf.access.log(Access.Level.ERROR, code, "Unauthorized to make AAF calls");
+ break;
+ default:
+ aaf.access.log(Access.Level.ERROR, code, fp.body());
+ }
+ return Resp.UNVALIDATED;
+ }
+ }
+ });
+ return rv;
+ } catch (Exception e) {
+ aaf.access.log(e,"Calling","/authz/perms/user/"+name);
+ return Resp.INACCESSIBLE;
+ } finally {
+ aaf.access.printf(Level.INFO, "AAFLurPerm: %s %s perms from AAF in %f ms (remote=%f)",
+ (success.get()?"Reloaded":"Reload Failure"),name,Timing.millis(start),remote.get());
+ }
+ }
- @Override
- protected boolean isCorrectPermType(Permission pond) {
- return pond instanceof AAFPermission;
- }
+ @Override
+ protected boolean isCorrectPermType(Permission pond) {
+ return pond instanceof AAFPermission;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#createPerm(java.lang.String)
- */
- @Override
- public Permission createPerm(String p) {
- String[] params = Split.split('|', p);
- switch(params.length) {
- case 3:
- return new AAFPermission(null,params[0],params[1],params[2]);
- case 4:
- return new AAFPermission(params[0],params[1],params[2],params[3]);
- default:
- return new LocalPermission(p);
- }
- }
-
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#createPerm(java.lang.String)
+ */
+ @Override
+ public Permission createPerm(String p) {
+ String[] params = Split.split('|', p);
+ switch(params.length) {
+ case 3:
+ return new AAFPermission(null,params[0],params[1],params[2]);
+ case 4:
+ return new AAFPermission(params[0],params[1],params[2],params[3]);
+ default:
+ return new LocalPermission(p);
+ }
+ }
+
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java
index 6159726b..2cfe1227 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java
@@ -51,148 +51,148 @@ import org.onap.aaf.cadi.taf.basic.BasicHttpTafResp;
import org.onap.aaf.misc.env.APIException;
public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpTaf {
- private AAFCon<CLIENT> aaf;
- private boolean warn;
+ private AAFCon<CLIENT> aaf;
+ private boolean warn;
- public AAFTaf(AAFCon<CLIENT> con, boolean turnOnWarning) {
- super(con.access,con.cleanInterval,con.highCount, con.usageRefreshTriggerCount);
- aaf = con;
- warn = turnOnWarning;
- }
+ public AAFTaf(AAFCon<CLIENT> con, boolean turnOnWarning) {
+ super(con.access,con.cleanInterval,con.highCount, con.usageRefreshTriggerCount);
+ aaf = con;
+ warn = turnOnWarning;
+ }
- public AAFTaf(AAFCon<CLIENT> con, boolean turnOnWarning, AbsUserCache<AAFPermission> other) {
- super(other);
- aaf = con;
- warn = turnOnWarning;
- }
-
- // Note: Needed for Creation of this Object with Generics
- @SuppressWarnings("unchecked")
- public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning, AbsUserCache<AAFPermission> other) {
- this((AAFCon<CLIENT>)mustBeAAFCon,turnOnWarning,other);
- }
+ public AAFTaf(AAFCon<CLIENT> con, boolean turnOnWarning, AbsUserCache<AAFPermission> other) {
+ super(other);
+ aaf = con;
+ warn = turnOnWarning;
+ }
+
+ // Note: Needed for Creation of this Object with Generics
+ @SuppressWarnings("unchecked")
+ public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning, AbsUserCache<AAFPermission> other) {
+ this((AAFCon<CLIENT>)mustBeAAFCon,turnOnWarning,other);
+ }
- // Note: Needed for Creation of this Object with Generics
- @SuppressWarnings("unchecked")
- public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning) {
- this((AAFCon<CLIENT>)mustBeAAFCon,turnOnWarning);
- }
+ // Note: Needed for Creation of this Object with Generics
+ @SuppressWarnings("unchecked")
+ public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning) {
+ this((AAFCon<CLIENT>)mustBeAAFCon,turnOnWarning);
+ }
- public TafResp validate(final LifeForm reading, final HttpServletRequest req, final HttpServletResponse resp) {
- //TODO Do we allow just anybody to validate?
+ public TafResp validate(final LifeForm reading, final HttpServletRequest req, final HttpServletResponse resp) {
+ //TODO Do we allow just anybody to validate?
- // Note: Either Carbon or Silicon based LifeForms ok
- String authz = req.getHeader("Authorization");
- if(authz != null && authz.startsWith("Basic ")) {
- if(warn&&!req.isSecure()) {
- aaf.access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
- }
- try {
- final CachedBasicPrincipal bp;
- if(req.getUserPrincipal() instanceof CachedBasicPrincipal) {
- bp = (CachedBasicPrincipal)req.getUserPrincipal();
- } else {
- bp = new CachedBasicPrincipal(this,authz,aaf.getRealm(),aaf.userExpires);
- }
- // First try Cache
- final User<AAFPermission> usr = getUser(bp);
- if(usr != null
- && usr.principal instanceof GetCred
- && Hash.isEqual(bp.getCred(),((GetCred)usr.principal).getCred())) {
- return new BasicHttpTafResp(aaf.access,bp,bp.getName()+" authenticated by cached AAF password",RESP.IS_AUTHENTICATED,resp,aaf.getRealm(),false);
- }
+ // Note: Either Carbon or Silicon based LifeForms ok
+ String authz = req.getHeader("Authorization");
+ if(authz != null && authz.startsWith("Basic ")) {
+ if(warn&&!req.isSecure()) {
+ aaf.access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
+ }
+ try {
+ final CachedBasicPrincipal bp;
+ if(req.getUserPrincipal() instanceof CachedBasicPrincipal) {
+ bp = (CachedBasicPrincipal)req.getUserPrincipal();
+ } else {
+ bp = new CachedBasicPrincipal(this,authz,aaf.getRealm(),aaf.userExpires);
+ }
+ // First try Cache
+ final User<AAFPermission> usr = getUser(bp);
+ if(usr != null
+ && usr.principal instanceof GetCred
+ && Hash.isEqual(bp.getCred(),((GetCred)usr.principal).getCred())) {
+ return new BasicHttpTafResp(aaf.access,bp,bp.getName()+" authenticated by cached AAF password",RESP.IS_AUTHENTICATED,resp,aaf.getRealm(),false);
+ }
- Miss miss = missed(bp.getName(), bp.getCred());
- if(miss!=null && !miss.mayContinue()) {
- return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
- "User/Pass Retry limit exceeded"),
- RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),true);
- }
-
- return aaf.bestForUser(
- new GetSetter() {
- @Override
- public <CL> SecuritySetter<CL> get(AAFCon<CL> con) throws CadiException {
- return con.basicAuthSS(bp);
- }
- },new Retryable<BasicHttpTafResp>() {
- @Override
- public BasicHttpTafResp code(Rcli<?> client) throws CadiException, APIException {
- Future<String> fp = client.read("/authn/basicAuth", "text/plain");
- if(fp.get(aaf.timeout)) {
- if(usr!=null) {
- usr.principal = bp;
- } else {
- addUser(new User<AAFPermission>(bp,aaf.userExpires));
- }
- return new BasicHttpTafResp(aaf.access,bp,bp.getName()+" authenticated by AAF password",RESP.IS_AUTHENTICATED,resp,aaf.getRealm(),false);
- } else {
- // Note: AddMiss checks for miss==null, and is part of logic
- boolean rv= addMiss(bp.getName(),bp.getCred());
- if(rv) {
- return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
- "user/pass combo invalid via AAF from " + req.getRemoteAddr()),
- RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),true);
- } else {
- return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
- "user/pass combo invalid via AAF from " + req.getRemoteAddr() + " - Retry limit exceeded"),
- RESP.FAIL,resp,aaf.getRealm(),true);
- }
- }
- }
- }
- );
- } catch (IOException e) {
- String msg = buildMsg(null,req,"Invalid Auth Token");
- aaf.access.log(Level.WARN,msg,'(', e.getMessage(), ')');
- return new BasicHttpTafResp(aaf.access,null,msg, RESP.TRY_AUTHENTICATING, resp, aaf.getRealm(),true);
- } catch (Exception e) {
- String msg = buildMsg(null,req,"Authenticating Service unavailable");
- try {
- aaf.invalidate();
- } catch (CadiException e1) {
- aaf.access.log(e1, "Error Invalidating Client");
- }
- aaf.access.log(Level.WARN,msg,'(', e.getMessage(), ')');
- return new BasicHttpTafResp(aaf.access,null,msg, RESP.FAIL, resp, aaf.getRealm(),false);
- }
- }
- return new BasicHttpTafResp(aaf.access,null,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),false);
- }
-
- private String buildMsg(Principal pr, HttpServletRequest req, Object... msg) {
- StringBuilder sb = new StringBuilder();
- for(Object s : msg) {
- sb.append(s.toString());
- }
- if(pr!=null) {
- sb.append(" for ");
- sb.append(pr.getName());
- }
- sb.append(" from ");
- sb.append(req.getRemoteAddr());
- sb.append(':');
- sb.append(req.getRemotePort());
- return sb.toString();
- }
+ Miss miss = missed(bp.getName(), bp.getCred());
+ if(miss!=null && !miss.mayContinue()) {
+ return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
+ "User/Pass Retry limit exceeded"),
+ RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),true);
+ }
+
+ return aaf.bestForUser(
+ new GetSetter() {
+ @Override
+ public <CL> SecuritySetter<CL> get(AAFCon<CL> con) throws CadiException {
+ return con.basicAuthSS(bp);
+ }
+ },new Retryable<BasicHttpTafResp>() {
+ @Override
+ public BasicHttpTafResp code(Rcli<?> client) throws CadiException, APIException {
+ Future<String> fp = client.read("/authn/basicAuth", "text/plain");
+ if(fp.get(aaf.timeout)) {
+ if(usr!=null) {
+ usr.principal = bp;
+ } else {
+ addUser(new User<AAFPermission>(bp,aaf.userExpires));
+ }
+ return new BasicHttpTafResp(aaf.access,bp,bp.getName()+" authenticated by AAF password",RESP.IS_AUTHENTICATED,resp,aaf.getRealm(),false);
+ } else {
+ // Note: AddMiss checks for miss==null, and is part of logic
+ boolean rv= addMiss(bp.getName(),bp.getCred());
+ if(rv) {
+ return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
+ "user/pass combo invalid via AAF from " + req.getRemoteAddr()),
+ RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),true);
+ } else {
+ return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req,
+ "user/pass combo invalid via AAF from " + req.getRemoteAddr() + " - Retry limit exceeded"),
+ RESP.FAIL,resp,aaf.getRealm(),true);
+ }
+ }
+ }
+ }
+ );
+ } catch (IOException e) {
+ String msg = buildMsg(null,req,"Invalid Auth Token");
+ aaf.access.log(Level.WARN,msg,'(', e.getMessage(), ')');
+ return new BasicHttpTafResp(aaf.access,null,msg, RESP.TRY_AUTHENTICATING, resp, aaf.getRealm(),true);
+ } catch (Exception e) {
+ String msg = buildMsg(null,req,"Authenticating Service unavailable");
+ try {
+ aaf.invalidate();
+ } catch (CadiException e1) {
+ aaf.access.log(e1, "Error Invalidating Client");
+ }
+ aaf.access.log(Level.WARN,msg,'(', e.getMessage(), ')');
+ return new BasicHttpTafResp(aaf.access,null,msg, RESP.FAIL, resp, aaf.getRealm(),false);
+ }
+ }
+ return new BasicHttpTafResp(aaf.access,null,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),false);
+ }
+
+ private String buildMsg(Principal pr, HttpServletRequest req, Object... msg) {
+ StringBuilder sb = new StringBuilder();
+ for(Object s : msg) {
+ sb.append(s.toString());
+ }
+ if(pr!=null) {
+ sb.append(" for ");
+ sb.append(pr.getName());
+ }
+ sb.append(" from ");
+ sb.append(req.getRemoteAddr());
+ sb.append(':');
+ sb.append(req.getRemotePort());
+ return sb.toString();
+ }
-
- public Resp revalidate(CachedPrincipal prin, Object state) {
- // !!!! TEST THIS.. Things may not be revalidated, if not BasicPrincipal
- if(prin instanceof BasicPrincipal) {
- Future<String> fp;
- try {
- Rcli<CLIENT> userAAF = aaf.client(Config.AAF_DEFAULT_VERSION).forUser(aaf.transferSS((BasicPrincipal)prin));
- fp = userAAF.read("/authn/basicAuth", "text/plain");
- return fp.get(aaf.timeout)?Resp.REVALIDATED:Resp.UNVALIDATED;
- } catch (Exception e) {
- aaf.access.log(e, "Cannot Revalidate",prin.getName());
- return Resp.INACCESSIBLE;
- }
- }
- return Resp.NOT_MINE;
- }
+
+ public Resp revalidate(CachedPrincipal prin, Object state) {
+ // !!!! TEST THIS.. Things may not be revalidated, if not BasicPrincipal
+ if(prin instanceof BasicPrincipal) {
+ Future<String> fp;
+ try {
+ Rcli<CLIENT> userAAF = aaf.client(Config.AAF_DEFAULT_VERSION).forUser(aaf.transferSS((BasicPrincipal)prin));
+ fp = userAAF.read("/authn/basicAuth", "text/plain");
+ return fp.get(aaf.timeout)?Resp.REVALIDATED:Resp.UNVALIDATED;
+ } catch (Exception e) {
+ aaf.access.log(e, "Cannot Revalidate",prin.getName());
+ return Resp.INACCESSIBLE;
+ }
+ }
+ return Resp.NOT_MINE;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java
index bf85beef..db6ae963 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java
@@ -36,91 +36,91 @@ import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.util.Split;
public class AAFTrustChecker implements TrustChecker {
- private final String tag, id;
- private final AAFPermission perm;
- private Lur lur;
+ private final String tag, id;
+ private final AAFPermission perm;
+ private Lur lur;
- /**
- *
- * Instance will be replaced by Identity
- * @param lur
- *
- * @param tag
- * @param perm
- */
- public AAFTrustChecker(final Env env) {
- tag = env.getProperty(Config.CADI_USER_CHAIN_TAG, Config.CADI_USER_CHAIN);
- id = env.getProperty(Config.CADI_ALIAS,env.getProperty(Config.AAF_APPID)); // share between components
- String str = env.getProperty(Config.CADI_TRUST_PERM);
- AAFPermission temp=null;
- if(str!=null) {
- String[] sp = Split.splitTrim('|', str);
- switch(sp.length) {
- case 3:
- temp = new AAFPermission(null,sp[0],sp[1],sp[2]);
- break;
- case 4:
- temp = new AAFPermission(sp[0],sp[1],sp[2],sp[3]);
- break;
- }
- }
- perm=temp;
- }
+ /**
+ *
+ * Instance will be replaced by Identity
+ * @param lur
+ *
+ * @param tag
+ * @param perm
+ */
+ public AAFTrustChecker(final Env env) {
+ tag = env.getProperty(Config.CADI_USER_CHAIN_TAG, Config.CADI_USER_CHAIN);
+ id = env.getProperty(Config.CADI_ALIAS,env.getProperty(Config.AAF_APPID)); // share between components
+ String str = env.getProperty(Config.CADI_TRUST_PERM);
+ AAFPermission temp=null;
+ if(str!=null) {
+ String[] sp = Split.splitTrim('|', str);
+ switch(sp.length) {
+ case 3:
+ temp = new AAFPermission(null,sp[0],sp[1],sp[2]);
+ break;
+ case 4:
+ temp = new AAFPermission(sp[0],sp[1],sp[2],sp[3]);
+ break;
+ }
+ }
+ perm=temp;
+ }
- public AAFTrustChecker(final Access access) {
- tag = access.getProperty(Config.CADI_USER_CHAIN_TAG, Config.CADI_USER_CHAIN);
- id = access.getProperty(Config.CADI_ALIAS,access.getProperty(Config.AAF_APPID,null)); // share between components
- String str = access.getProperty(Config.CADI_TRUST_PERM,null);
- AAFPermission temp=null;
- if(str!=null) {
- String[] sp = Split.splitTrim('|', str);
- switch(sp.length) {
- case 3:
- temp = new AAFPermission(null,sp[0],sp[1],sp[2]);
- break;
- case 4:
- temp = new AAFPermission(sp[0],sp[1],sp[2],sp[3]);
- break;
- }
- }
- perm=temp;
- }
+ public AAFTrustChecker(final Access access) {
+ tag = access.getProperty(Config.CADI_USER_CHAIN_TAG, Config.CADI_USER_CHAIN);
+ id = access.getProperty(Config.CADI_ALIAS,access.getProperty(Config.AAF_APPID,null)); // share between components
+ String str = access.getProperty(Config.CADI_TRUST_PERM,null);
+ AAFPermission temp=null;
+ if(str!=null) {
+ String[] sp = Split.splitTrim('|', str);
+ switch(sp.length) {
+ case 3:
+ temp = new AAFPermission(null,sp[0],sp[1],sp[2]);
+ break;
+ case 4:
+ temp = new AAFPermission(sp[0],sp[1],sp[2],sp[3]);
+ break;
+ }
+ }
+ perm=temp;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.TrustChecker#setLur(org.onap.aaf.cadi.Lur)
- */
- @Override
- public void setLur(Lur lur) {
- this.lur = lur;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.TrustChecker#setLur(org.onap.aaf.cadi.Lur)
+ */
+ @Override
+ public void setLur(Lur lur) {
+ this.lur = lur;
+ }
- @Override
- public TafResp mayTrust(TafResp tresp, HttpServletRequest req) {
- String user_info = req.getHeader(tag);
- if (user_info == null) {
- return tresp;
- }
+ @Override
+ public TafResp mayTrust(TafResp tresp, HttpServletRequest req) {
+ String user_info = req.getHeader(tag);
+ if (user_info == null) {
+ return tresp;
+ }
- String[] info = Split.split(',', user_info);
- String[] flds = Split.splitTrim(':', info[0]);
- if (flds.length < 4) {
- return tresp;
- }
- if (!("AS".equals(flds[3]))) { // is it set for "AS"
- return tresp;
- }
+ String[] info = Split.split(',', user_info);
+ String[] flds = Split.splitTrim(':', info[0]);
+ if (flds.length < 4) {
+ return tresp;
+ }
+ if (!("AS".equals(flds[3]))) { // is it set for "AS"
+ return tresp;
+ }
- String principalName = tresp.getPrincipal().getName();
- if(principalName.equals(id) // We do trust our own App Components: if a trust entry is made with self, always accept
- || lur.fish(tresp.getPrincipal(), perm)) { // Have Perm set by Config.CADI_TRUST_PERM
- String desc = " " + flds[0] + " validated using " + flds[2] + " by " + flds[1] + ',';
- return new TrustTafResp(tresp, new TrustPrincipal(tresp.getPrincipal(), flds[0]), desc);
- } else if(principalName.equals(flds[0])) { // Ignore if same identity
- return tresp;
- } else {
- String desc = tresp.getPrincipal().getName() + " requested trust as " + flds[0] + ", but does not have Authorization";
- return new TrustNotTafResp(tresp, desc);
- }
- }
+ String principalName = tresp.getPrincipal().getName();
+ if(principalName.equals(id) // We do trust our own App Components: if a trust entry is made with self, always accept
+ || lur.fish(tresp.getPrincipal(), perm)) { // Have Perm set by Config.CADI_TRUST_PERM
+ String desc = " " + flds[0] + " validated using " + flds[2] + " by " + flds[1] + ',';
+ return new TrustTafResp(tresp, new TrustPrincipal(tresp.getPrincipal(), flds[0]), desc);
+ } else if(principalName.equals(flds[0])) { // Ignore if same identity
+ return tresp;
+ } else {
+ String desc = tresp.getPrincipal().getName() + " requested trust as " + flds[0] + ", but does not have Authorization";
+ return new TrustNotTafResp(tresp, desc);
+ }
+ }
} \ No newline at end of file
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java
index fca23740..3f6d7475 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java
@@ -44,462 +44,462 @@ import org.onap.aaf.misc.env.util.Split;
import locate.v1_0.Endpoint;
public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> {
- protected static final SecureRandom sr = new SecureRandom();
- private static LocatorCreator locatorCreator;
- protected final Access access;
-
- protected final double latitude;
- protected final double longitude;
- protected List<EP> epList;
- protected final String name, version;
- private String pathInfo = null;
- private String query = null;
- private String fragment = null;
- private boolean additional = false;
- protected String myhostname;
- protected int myport;
- protected final String aaf_locator_host;
- protected final URI aaf_locator_uri;
- private long earliest;
- private final long refreshWait;
-
-
- public AbsAAFLocator(Access access, String name, final long refreshMin) throws LocatorException {
- aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL, null);
- if(aaf_locator_host==null) {
- aaf_locator_uri = null;
- } else {
- try {
- aaf_locator_uri = new URI(aaf_locator_host);
- } catch (URISyntaxException e) {
- throw new LocatorException(e);
- }
- }
-
- epList = new LinkedList<>();
- refreshWait = refreshMin;
-
- this.access = access;
- String lat = access.getProperty(Config.CADI_LATITUDE,null);
- String lng = access.getProperty(Config.CADI_LONGITUDE,null);
- if(lat==null || lng==null) {
- throw new LocatorException(Config.CADI_LATITUDE + " and " + Config.CADI_LONGITUDE + " properties are required.");
- } else {
- latitude = Double.parseDouble(lat);
- longitude = Double.parseDouble(lng);
- }
- if(name.startsWith(Defaults.AAF_NS)) {
- String root_ns = access.getProperty(Config.AAF_ROOT_NS, null);
- if(root_ns!=null) {
- name=name.replace(Defaults.AAF_NS, root_ns);
- }
- }
- if(name.startsWith("http")) { // simple URL
- this.name = name;
- this.version = Config.AAF_DEFAULT_VERSION;
- } else {
- String[] split = Split.split(':', name);
- this.name = split[0];
- this.version = (split.length > 1) ? split[1] : Config.AAF_DEFAULT_VERSION;
- }
-
- }
-
- /**
- * This is the way to setup specialized AAFLocators ahead of time.
- * @param preload
- */
- public static void setCreator(LocatorCreator lc) {
- locatorCreator = lc;
- }
-
- public static Locator<URI> create(String key) throws LocatorException {
- String name = null;
- String version = Config.AAF_DEFAULT_VERSION;
- String pathInfo = null;
- int prev = key.indexOf("/locate");
- if(prev>0) {
- prev = key.indexOf('/',prev+6);
- if(prev>0) {
- int next = key.indexOf('/',++prev);
- if(next>0) {
- name = key.substring(prev, next);
- pathInfo=key.substring(next);
- } else {
- name = key.substring(prev);
- }
- String[] split = Split.split(':', name);
- switch(split.length) {
- case 3:
- case 2:
- version = split[1];
- name = split[0];
- break;
- default:
- break;
- }
- }
- }
-
- if(key.startsWith("http")) {
- if(name!=null) {
- if(locatorCreator != null) {
- AbsAAFLocator<?> aal = locatorCreator.create(name, version);
- if(pathInfo!=null) {
- aal.setPathInfo(pathInfo);
- }
- return aal;
- }
- } else {
- return new PropertyLocator(key);
- }
- }
- return null;
- }
-
- public static Locator<URI> create(final String name, final String version) throws LocatorException {
- return locatorCreator.create(name, version);
- }
-
- public interface LocatorCreator {
- public AbsAAFLocator<?> create(String key, String version) throws LocatorException;
- public void setSelf(String hostname, int port);
- }
-
- protected static String nameFromLocatorURI(URI locatorURI) {
- String[] path = Split.split('/', locatorURI.getPath());
- if(path.length>2 && "locate".equals(path[1])) {
- return path[2];
- } else {
- return locatorURI.toString();
- }
- }
-
- /**
- * Setting "self" excludes this service from the list. Critical for contacting peers.
- */
- public void setSelf(final String hostname, final int port) {
- myhostname=hostname;
- myport=port;
- }
-
-
- public static void setCreatorSelf(final String hostname, final int port) {
- if(locatorCreator!=null) {
- locatorCreator.setSelf(hostname,port);
- }
- }
-
- protected final synchronized void replace(List<EP> list) {
- epList = list;
- }
-
- /**
- * Call _refresh as needed during calls, but actual refresh will not occur if there
- * are existing entities or if it has been called in the last 10 (settable) seconds.
- * Timed Refreshes happen by Scheduled Thread
- */
- private final boolean _refresh() {
- boolean rv = false;
- long now=System.currentTimeMillis();
- if(noEntries()) {
- if(earliest<now) {
- synchronized(epList) {
- rv = refresh();
- earliest = now + refreshWait; // call only up to 10 seconds.
- }
- } else {
- access.log(Level.ERROR, "Must wait at least " + refreshWait/1000 + " seconds for Locator Refresh");
- }
- }
- return rv;
- }
-
- private boolean noEntries() {
- return epList.isEmpty();
- }
-
- @Override
- public URI get(Item item) throws LocatorException {
- if(item==null) {
- return null;
- } else if(item instanceof AAFLItem) {
- return getURI(((AAFLItem)item).uri);
- } else {
- throw new LocatorException(item.getClass().getName() + " does not belong to AAFLocator");
- }
- }
-
- @Override
- public boolean hasItems() {
- boolean isEmpty = epList.isEmpty();
- if(!isEmpty) {
- for(Iterator<EP> iter = epList.iterator(); iter.hasNext(); ) {
- EP ep = iter.next();
- if(ep.valid) {
- return true;
- }
- }
- isEmpty = true;
- }
- if(_refresh()) { // is refreshed... check again
- isEmpty = epList.isEmpty();
- }
- return !isEmpty;
- }
-
- @Override
- public void invalidate(Item item) throws LocatorException {
- if(item!=null) {
- if(item instanceof AAFLItem) {
- AAFLItem ali =(AAFLItem)item;
- EP ep = ali.ep;
- synchronized(epList) {
- epList.remove(ep);
- }
- ep.invalid();
- ali.iter = getIterator(); // for next guy... fresh iterator
- } else {
- throw new LocatorException(item.getClass().getName() + " does not belong to AAFLocator");
- }
- }
- }
-
- @Override
- public Item best() throws LocatorException {
- if(!hasItems()) {
- throw new LocatorException("No Entries found for '" + aaf_locator_uri.toString() + "/locate/" + name + ':' + version + '\'');
- }
- List<EP> lep = new ArrayList<>();
- EP first = null;
- // Note: Deque is sorted on the way by closest distance
- Iterator<EP> iter = getIterator();
- EP ep;
- while(iter.hasNext()) {
- ep = iter.next();
- if(ep.valid) {
- if(first==null) {
- first = ep;
- lep.add(first);
- } else {
- if(Math.abs(ep.distance-first.distance)<.1) { // allow for nearby/precision issues.
- lep.add(ep);
- } else {
- break;
- }
- }
- }
- }
- switch(lep.size()) {
- case 0:
- return null;
- case 1:
- return new AAFLItem(iter,first);
- default:
- int rand = sr.nextInt(); // Sonar chokes without.
- int i = Math.abs(rand)%lep.size();
- if(i<0) {
- return null;
- } else {
- return new AAFLItem(iter,lep.get(i));
- }
-
- }
- }
-
- private Iterator<EP> getIterator() {
- Object[] epa = epList.toArray();
- if(epa.length==0) {
- _refresh();
- epa = epList.toArray();
- }
- return new EPIterator(epa, epList);
- }
-
- public class EPIterator implements Iterator<EP> {
- private final Object[] epa;
- private final List<EP> epList;
- private int idx;
-
- public EPIterator(Object[] epa, List<EP> epList) {
- this.epa = epa;
- this.epList = epList;
- idx = epa.length>0?0:-1;
- }
-
- @Override
- public boolean hasNext() {
- if(idx<0) {
- return false;
- } else {
- Object obj;
- while(idx<epa.length) {
- if((obj=epa[idx])==null || !((EP)obj).valid) {
- ++idx;
- continue;
- }
- break;
- }
- return idx<epa.length;
- }
- }
-
- @Override
- public EP next() {
- if(!hasNext() ) {
- throw new NoSuchElementException();
- }
- return (EP)epa[idx++];
- }
-
- @Override
- public void remove() {
- if(idx>=0 && idx<epa.length) {
- synchronized(epList) {
- epList.remove(epa[idx]);
- }
- }
- }
- }
-
- @Override
- public Item first() {
- Iterator<EP> iter = getIterator();
- EP ep = AAFLItem.next(iter);
- if(ep==null) {
- return null;
- }
- return new AAFLItem(iter,ep);
- }
-
- @Override
- public Item next(Item prev) throws LocatorException {
- if(prev==null) {
- StringBuilder sb = new StringBuilder("Locator Item passed in next(item) is null.");
- int lines = 0;
- for(StackTraceElement st : Thread.currentThread().getStackTrace()) {
- sb.append("\n\t");
- sb.append(st.toString());
- if(++lines > 5) {
- sb.append("\n\t...");
- break;
- }
- }
- access.log(Level.ERROR, sb);
- } else {
- if(prev instanceof AAFLItem) {
- AAFLItem ali = (AAFLItem)prev;
- EP ep = AAFLItem.next(ali.iter);
- if(ep!=null) {
- return new AAFLItem(ali.iter,ep);
- }
- } else {
- throw new LocatorException(prev.getClass().getName() + " does not belong to AAFLocator");
- }
- }
- return null;
- }
-
- protected static class AAFLItem implements Item {
- private Iterator<EP> iter;
- private URI uri;
- private EP ep;
-
- public AAFLItem(Iterator<EP> iter, EP ep) {
- this.iter = iter;
- this.ep = ep;
- uri = ep.uri;
- }
-
- private static EP next(Iterator<EP> iter) {
- EP ep=null;
- while(iter.hasNext() && (ep==null || !ep.valid)) {
- ep = iter.next();
- }
- return ep;
- }
-
- public String toString() {
- return ep==null?"Locator Item Invalid":ep.toString();
- }
- }
-
- protected static class EP implements Comparable<EP> {
- private URI uri;
- private final double distance;
- private boolean valid;
-
- public EP(final Endpoint ep, double latitude, double longitude) throws URISyntaxException {
- uri = new URI(ep.getProtocol(),null,ep.getHostname(),ep.getPort(),null,null,null);
- distance = GreatCircle.calc(latitude, longitude, ep.getLatitude(), ep.getLongitude());
- valid = true;
- }
-
- public void invalid() {
- valid = false;
- }
-
- @Override
- public int compareTo(EP o) {
- if(distance<o.distance) {
- return -1;
- } else if(distance>o.distance) {
- return 1;
- } else {
- return 0;
- }
- }
-
- @Override
- public String toString() {
- return distance + ": " + uri + (valid?" valid":" invalidate");
- }
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Locator#destroy()
- */
- @Override
- public void destroy() {
- // Nothing to do
- }
-
- @Override
- public String toString() {
- return "AAFLocator for " + name + " on " + getURI();
- }
-
- public AbsAAFLocator<TRANS> setPathInfo(String pathInfo) {
- this.pathInfo = pathInfo;
- additional=true;
- return this;
- }
-
- public AbsAAFLocator<TRANS> setQuery(String query) {
- this.query = query;
- additional=true;
- return this;
- }
-
- public AbsAAFLocator<TRANS> setFragment(String fragment) {
- this.fragment = fragment;
- additional=true;
- return this;
- }
-
- // Core URI, for reporting purposes
- protected abstract URI getURI();
-
- protected URI getURI(URI rv) throws LocatorException {
- if(additional) {
- try {
- return new URI(rv.getScheme(),rv.getUserInfo(),rv.getHost(),rv.getPort(),pathInfo,query,fragment);
- } catch (URISyntaxException e) {
- throw new LocatorException("Error copying URL", e);
- }
- }
- return rv;
- }
+ protected static final SecureRandom sr = new SecureRandom();
+ private static LocatorCreator locatorCreator;
+ protected final Access access;
+
+ protected final double latitude;
+ protected final double longitude;
+ protected List<EP> epList;
+ protected final String name, version;
+ private String pathInfo = null;
+ private String query = null;
+ private String fragment = null;
+ private boolean additional = false;
+ protected String myhostname;
+ protected int myport;
+ protected final String aaf_locator_host;
+ protected final URI aaf_locator_uri;
+ private long earliest;
+ private final long refreshWait;
+
+
+ public AbsAAFLocator(Access access, String name, final long refreshMin) throws LocatorException {
+ aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL, null);
+ if(aaf_locator_host==null) {
+ aaf_locator_uri = null;
+ } else {
+ try {
+ aaf_locator_uri = new URI(aaf_locator_host);
+ } catch (URISyntaxException e) {
+ throw new LocatorException(e);
+ }
+ }
+
+ epList = new LinkedList<>();
+ refreshWait = refreshMin;
+
+ this.access = access;
+ String lat = access.getProperty(Config.CADI_LATITUDE,null);
+ String lng = access.getProperty(Config.CADI_LONGITUDE,null);
+ if(lat==null || lng==null) {
+ throw new LocatorException(Config.CADI_LATITUDE + " and " + Config.CADI_LONGITUDE + " properties are required.");
+ } else {
+ latitude = Double.parseDouble(lat);
+ longitude = Double.parseDouble(lng);
+ }
+ if(name.startsWith(Defaults.AAF_NS)) {
+ String root_ns = access.getProperty(Config.AAF_ROOT_NS, null);
+ if(root_ns!=null) {
+ name=name.replace(Defaults.AAF_NS, root_ns);
+ }
+ }
+ if(name.startsWith("http")) { // simple URL
+ this.name = name;
+ this.version = Config.AAF_DEFAULT_VERSION;
+ } else {
+ String[] split = Split.split(':', name);
+ this.name = split[0];
+ this.version = (split.length > 1) ? split[1] : Config.AAF_DEFAULT_VERSION;
+ }
+
+ }
+
+ /**
+ * This is the way to setup specialized AAFLocators ahead of time.
+ * @param preload
+ */
+ public static void setCreator(LocatorCreator lc) {
+ locatorCreator = lc;
+ }
+
+ public static Locator<URI> create(String key) throws LocatorException {
+ String name = null;
+ String version = Config.AAF_DEFAULT_VERSION;
+ String pathInfo = null;
+ int prev = key.indexOf("/locate");
+ if(prev>0) {
+ prev = key.indexOf('/',prev+6);
+ if(prev>0) {
+ int next = key.indexOf('/',++prev);
+ if(next>0) {
+ name = key.substring(prev, next);
+ pathInfo=key.substring(next);
+ } else {
+ name = key.substring(prev);
+ }
+ String[] split = Split.split(':', name);
+ switch(split.length) {
+ case 3:
+ case 2:
+ version = split[1];
+ name = split[0];
+ break;
+ default:
+ break;
+ }
+ }
+ }
+
+ if(key.startsWith("http")) {
+ if(name!=null) {
+ if(locatorCreator != null) {
+ AbsAAFLocator<?> aal = locatorCreator.create(name, version);
+ if(pathInfo!=null) {
+ aal.setPathInfo(pathInfo);
+ }
+ return aal;
+ }
+ } else {
+ return new PropertyLocator(key);
+ }
+ }
+ return null;
+ }
+
+ public static Locator<URI> create(final String name, final String version) throws LocatorException {
+ return locatorCreator.create(name, version);
+ }
+
+ public interface LocatorCreator {
+ public AbsAAFLocator<?> create(String key, String version) throws LocatorException;
+ public void setSelf(String hostname, int port);
+ }
+
+ protected static String nameFromLocatorURI(URI locatorURI) {
+ String[] path = Split.split('/', locatorURI.getPath());
+ if(path.length>2 && "locate".equals(path[1])) {
+ return path[2];
+ } else {
+ return locatorURI.toString();
+ }
+ }
+
+ /**
+ * Setting "self" excludes this service from the list. Critical for contacting peers.
+ */
+ public void setSelf(final String hostname, final int port) {
+ myhostname=hostname;
+ myport=port;
+ }
+
+
+ public static void setCreatorSelf(final String hostname, final int port) {
+ if(locatorCreator!=null) {
+ locatorCreator.setSelf(hostname,port);
+ }
+ }
+
+ protected final synchronized void replace(List<EP> list) {
+ epList = list;
+ }
+
+ /**
+ * Call _refresh as needed during calls, but actual refresh will not occur if there
+ * are existing entities or if it has been called in the last 10 (settable) seconds.
+ * Timed Refreshes happen by Scheduled Thread
+ */
+ private final boolean _refresh() {
+ boolean rv = false;
+ long now=System.currentTimeMillis();
+ if(noEntries()) {
+ if(earliest<now) {
+ synchronized(epList) {
+ rv = refresh();
+ earliest = now + refreshWait; // call only up to 10 seconds.
+ }
+ } else {
+ access.log(Level.ERROR, "Must wait at least " + refreshWait/1000 + " seconds for Locator Refresh");
+ }
+ }
+ return rv;
+ }
+
+ private boolean noEntries() {
+ return epList.isEmpty();
+ }
+
+ @Override
+ public URI get(Item item) throws LocatorException {
+ if(item==null) {
+ return null;
+ } else if(item instanceof AAFLItem) {
+ return getURI(((AAFLItem)item).uri);
+ } else {
+ throw new LocatorException(item.getClass().getName() + " does not belong to AAFLocator");
+ }
+ }
+
+ @Override
+ public boolean hasItems() {
+ boolean isEmpty = epList.isEmpty();
+ if(!isEmpty) {
+ for(Iterator<EP> iter = epList.iterator(); iter.hasNext(); ) {
+ EP ep = iter.next();
+ if(ep.valid) {
+ return true;
+ }
+ }
+ isEmpty = true;
+ }
+ if(_refresh()) { // is refreshed... check again
+ isEmpty = epList.isEmpty();
+ }
+ return !isEmpty;
+ }
+
+ @Override
+ public void invalidate(Item item) throws LocatorException {
+ if(item!=null) {
+ if(item instanceof AAFLItem) {
+ AAFLItem ali =(AAFLItem)item;
+ EP ep = ali.ep;
+ synchronized(epList) {
+ epList.remove(ep);
+ }
+ ep.invalid();
+ ali.iter = getIterator(); // for next guy... fresh iterator
+ } else {
+ throw new LocatorException(item.getClass().getName() + " does not belong to AAFLocator");
+ }
+ }
+ }
+
+ @Override
+ public Item best() throws LocatorException {
+ if(!hasItems()) {
+ throw new LocatorException("No Entries found for '" + aaf_locator_uri.toString() + "/locate/" + name + ':' + version + '\'');
+ }
+ List<EP> lep = new ArrayList<>();
+ EP first = null;
+ // Note: Deque is sorted on the way by closest distance
+ Iterator<EP> iter = getIterator();
+ EP ep;
+ while(iter.hasNext()) {
+ ep = iter.next();
+ if(ep.valid) {
+ if(first==null) {
+ first = ep;
+ lep.add(first);
+ } else {
+ if(Math.abs(ep.distance-first.distance)<.1) { // allow for nearby/precision issues.
+ lep.add(ep);
+ } else {
+ break;
+ }
+ }
+ }
+ }
+ switch(lep.size()) {
+ case 0:
+ return null;
+ case 1:
+ return new AAFLItem(iter,first);
+ default:
+ int rand = sr.nextInt(); // Sonar chokes without.
+ int i = Math.abs(rand)%lep.size();
+ if(i<0) {
+ return null;
+ } else {
+ return new AAFLItem(iter,lep.get(i));
+ }
+
+ }
+ }
+
+ private Iterator<EP> getIterator() {
+ Object[] epa = epList.toArray();
+ if(epa.length==0) {
+ _refresh();
+ epa = epList.toArray();
+ }
+ return new EPIterator(epa, epList);
+ }
+
+ public class EPIterator implements Iterator<EP> {
+ private final Object[] epa;
+ private final List<EP> epList;
+ private int idx;
+
+ public EPIterator(Object[] epa, List<EP> epList) {
+ this.epa = epa;
+ this.epList = epList;
+ idx = epa.length>0?0:-1;
+ }
+
+ @Override
+ public boolean hasNext() {
+ if(idx<0) {
+ return false;
+ } else {
+ Object obj;
+ while(idx<epa.length) {
+ if((obj=epa[idx])==null || !((EP)obj).valid) {
+ ++idx;
+ continue;
+ }
+ break;
+ }
+ return idx<epa.length;
+ }
+ }
+
+ @Override
+ public EP next() {
+ if(!hasNext() ) {
+ throw new NoSuchElementException();
+ }
+ return (EP)epa[idx++];
+ }
+
+ @Override
+ public void remove() {
+ if(idx>=0 && idx<epa.length) {
+ synchronized(epList) {
+ epList.remove(epa[idx]);
+ }
+ }
+ }
+ }
+
+ @Override
+ public Item first() {
+ Iterator<EP> iter = getIterator();
+ EP ep = AAFLItem.next(iter);
+ if(ep==null) {
+ return null;
+ }
+ return new AAFLItem(iter,ep);
+ }
+
+ @Override
+ public Item next(Item prev) throws LocatorException {
+ if(prev==null) {
+ StringBuilder sb = new StringBuilder("Locator Item passed in next(item) is null.");
+ int lines = 0;
+ for(StackTraceElement st : Thread.currentThread().getStackTrace()) {
+ sb.append("\n\t");
+ sb.append(st.toString());
+ if(++lines > 5) {
+ sb.append("\n\t...");
+ break;
+ }
+ }
+ access.log(Level.ERROR, sb);
+ } else {
+ if(prev instanceof AAFLItem) {
+ AAFLItem ali = (AAFLItem)prev;
+ EP ep = AAFLItem.next(ali.iter);
+ if(ep!=null) {
+ return new AAFLItem(ali.iter,ep);
+ }
+ } else {
+ throw new LocatorException(prev.getClass().getName() + " does not belong to AAFLocator");
+ }
+ }
+ return null;
+ }
+
+ protected static class AAFLItem implements Item {
+ private Iterator<EP> iter;
+ private URI uri;
+ private EP ep;
+
+ public AAFLItem(Iterator<EP> iter, EP ep) {
+ this.iter = iter;
+ this.ep = ep;
+ uri = ep.uri;
+ }
+
+ private static EP next(Iterator<EP> iter) {
+ EP ep=null;
+ while(iter.hasNext() && (ep==null || !ep.valid)) {
+ ep = iter.next();
+ }
+ return ep;
+ }
+
+ public String toString() {
+ return ep==null?"Locator Item Invalid":ep.toString();
+ }
+ }
+
+ protected static class EP implements Comparable<EP> {
+ private URI uri;
+ private final double distance;
+ private boolean valid;
+
+ public EP(final Endpoint ep, double latitude, double longitude) throws URISyntaxException {
+ uri = new URI(ep.getProtocol(),null,ep.getHostname(),ep.getPort(),null,null,null);
+ distance = GreatCircle.calc(latitude, longitude, ep.getLatitude(), ep.getLongitude());
+ valid = true;
+ }
+
+ public void invalid() {
+ valid = false;
+ }
+
+ @Override
+ public int compareTo(EP o) {
+ if(distance<o.distance) {
+ return -1;
+ } else if(distance>o.distance) {
+ return 1;
+ } else {
+ return 0;
+ }
+ }
+
+ @Override
+ public String toString() {
+ return distance + ": " + uri + (valid?" valid":" invalidate");
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Locator#destroy()
+ */
+ @Override
+ public void destroy() {
+ // Nothing to do
+ }
+
+ @Override
+ public String toString() {
+ return "AAFLocator for " + name + " on " + getURI();
+ }
+
+ public AbsAAFLocator<TRANS> setPathInfo(String pathInfo) {
+ this.pathInfo = pathInfo;
+ additional=true;
+ return this;
+ }
+
+ public AbsAAFLocator<TRANS> setQuery(String query) {
+ this.query = query;
+ additional=true;
+ return this;
+ }
+
+ public AbsAAFLocator<TRANS> setFragment(String fragment) {
+ this.fragment = fragment;
+ additional=true;
+ return this;
+ }
+
+ // Core URI, for reporting purposes
+ protected abstract URI getURI();
+
+ protected URI getURI(URI rv) throws LocatorException {
+ if(additional) {
+ try {
+ return new URI(rv.getScheme(),rv.getUserInfo(),rv.getHost(),rv.getPort(),pathInfo,query,fragment);
+ } catch (URISyntaxException e) {
+ throw new LocatorException("Error copying URL", e);
+ }
+ }
+ return rv;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java
index 89106cc1..e347ffb6 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java
@@ -38,264 +38,264 @@ import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.util.Split;
public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PERM> implements CachingLur<PERM> {
- protected static final byte[] BLANK_PASSWORD = new byte[0];
- private String[] debug = null;
- public AAFCon<?> aaf;
- public Lur preemptiveLur=null; // Initial Use is for OAuth2, preemptive Lur
- private String[] supports;
+ protected static final byte[] BLANK_PASSWORD = new byte[0];
+ private String[] debug = null;
+ public AAFCon<?> aaf;
+ public Lur preemptiveLur=null; // Initial Use is for OAuth2, preemptive Lur
+ private String[] supports;
- public AbsAAFLur(AAFCon<?> con) throws APIException {
- super(con.access, con.cleanInterval, con.highCount, con.usageRefreshTriggerCount);
- aaf = con;
- setLur(this);
- supports = con.access.getProperty(Config.AAF_DOMAIN_SUPPORT, Config.AAF_DOMAIN_SUPPORT_DEF).split("\\s*:\\s*");
- }
+ public AbsAAFLur(AAFCon<?> con) throws APIException {
+ super(con.access, con.cleanInterval, con.highCount, con.usageRefreshTriggerCount);
+ aaf = con;
+ setLur(this);
+ supports = con.access.getProperty(Config.AAF_DOMAIN_SUPPORT, Config.AAF_DOMAIN_SUPPORT_DEF).split("\\s*:\\s*");
+ }
- public AbsAAFLur(AAFCon<?> con, AbsUserCache<PERM> auc) throws APIException {
- super(auc);
- aaf = con;
- setLur(this);
- supports = con.access.getProperty(Config.AAF_DOMAIN_SUPPORT, Config.AAF_DOMAIN_SUPPORT_DEF).split("\\s*:\\s*");
- }
+ public AbsAAFLur(AAFCon<?> con, AbsUserCache<PERM> auc) throws APIException {
+ super(auc);
+ aaf = con;
+ setLur(this);
+ supports = con.access.getProperty(Config.AAF_DOMAIN_SUPPORT, Config.AAF_DOMAIN_SUPPORT_DEF).split("\\s*:\\s*");
+ }
- @Override
- public void setDebug(String ids) {
- this.debug = ids==null?null:Split.split(',', ids);
- }
-
- public void setPreemptiveLur(Lur preemptive) {
- this.preemptiveLur = preemptive;
- }
-
- protected abstract User<PERM> loadUser(Principal bait);
+ @Override
+ public void setDebug(String ids) {
+ this.debug = ids==null?null:Split.split(',', ids);
+ }
+
+ public void setPreemptiveLur(Lur preemptive) {
+ this.preemptiveLur = preemptive;
+ }
+
+ protected abstract User<PERM> loadUser(Principal bait);
- @Override
- public final boolean handles(Principal principal) {
- if(preemptiveLur!=null) {
- if(preemptiveLur.handles(principal)) {
- return true;
- }
- }
- String userName=principal.getName();
- if(userName!=null) {
- for(String s : supports) {
- if(userName.endsWith(s))
- return true;
- }
- }
- return false;
- }
+ @Override
+ public final boolean handles(Principal principal) {
+ if(preemptiveLur!=null) {
+ if(preemptiveLur.handles(principal)) {
+ return true;
+ }
+ }
+ String userName=principal.getName();
+ if(userName!=null) {
+ for(String s : supports) {
+ if(userName.endsWith(s))
+ return true;
+ }
+ }
+ return false;
+ }
-
- protected abstract boolean isCorrectPermType(Permission pond);
-
- // This is where you build AAF CLient Code. Answer the question "Is principal "bait" in the "pond"
- public boolean fish(Principal bait, Permission ... pond) {
- if(preemptiveLur!=null && preemptiveLur.handles(bait)) {
- return preemptiveLur.fish(bait, pond);
- } else {
- if(pond==null) {
- return false;
- }
- if(isDebug(bait)) {
- boolean rv = false;
- StringBuilder sb = new StringBuilder("Log for ");
- sb.append(bait);
- if(handles(bait)) {
- User<PERM> user = getUser(bait);
- if(user==null) {
- sb.append("\n\tUser is not in Cache");
- } else {
- if(user.noPerms()) {
- sb.append("\n\tUser has no Perms");
- }
- if(user.permExpired()) {
- sb.append("\n\tUser's perm expired [");
- sb.append(new Date(user.permExpires()));
- sb.append(']');
- } else {
- sb.append("\n\tUser's perm expires [");
- sb.append(new Date(user.permExpires()));
- sb.append(']');
- }
- }
- if(user==null || user.permsUnloaded() || user.permExpired()) {
- user = loadUser(bait);
- sb.append("\n\tloadUser called");
- }
- for (Permission p : pond) {
- if(user==null) {
- sb.append("\n\tUser was not Loaded");
- break;
- } else if(user.contains(p)) {
- sb.append("\n\tUser contains ");
- sb.append(p.getKey());
- rv = true;
- } else {
- sb.append("\n\tUser does not contain ");
- sb.append(p.getKey());
- List<Permission> perms = new ArrayList<>();
- user.copyPermsTo(perms);
- for(Permission perm : perms) {
- sb.append("\n\t\t");
- sb.append(perm.getKey());
- }
- }
- }
- } else {
- sb.append("AAF Lur does not support [");
- sb.append(bait);
- sb.append("]");
- }
- aaf.access.log(Level.INFO, sb);
- return rv;
- } else {
- boolean rv = false;
- if(handles(bait)) {
- User<PERM> user = getUser(bait);
- if(user==null || user.permsUnloaded() || user.permExpired()) {
- user = loadUser(bait);
- }
- if(user==null) {
- return false;
- } else {
- for(Permission p : pond) {
- if(rv=user.contains(p)) {
- break;
- }
- }
- }
- }
- return rv;
- }
- }
- }
+
+ protected abstract boolean isCorrectPermType(Permission pond);
+
+ // This is where you build AAF CLient Code. Answer the question "Is principal "bait" in the "pond"
+ public boolean fish(Principal bait, Permission ... pond) {
+ if(preemptiveLur!=null && preemptiveLur.handles(bait)) {
+ return preemptiveLur.fish(bait, pond);
+ } else {
+ if(pond==null) {
+ return false;
+ }
+ if(isDebug(bait)) {
+ boolean rv = false;
+ StringBuilder sb = new StringBuilder("Log for ");
+ sb.append(bait);
+ if(handles(bait)) {
+ User<PERM> user = getUser(bait);
+ if(user==null) {
+ sb.append("\n\tUser is not in Cache");
+ } else {
+ if(user.noPerms()) {
+ sb.append("\n\tUser has no Perms");
+ }
+ if(user.permExpired()) {
+ sb.append("\n\tUser's perm expired [");
+ sb.append(new Date(user.permExpires()));
+ sb.append(']');
+ } else {
+ sb.append("\n\tUser's perm expires [");
+ sb.append(new Date(user.permExpires()));
+ sb.append(']');
+ }
+ }
+ if(user==null || user.permsUnloaded() || user.permExpired()) {
+ user = loadUser(bait);
+ sb.append("\n\tloadUser called");
+ }
+ for (Permission p : pond) {
+ if(user==null) {
+ sb.append("\n\tUser was not Loaded");
+ break;
+ } else if(user.contains(p)) {
+ sb.append("\n\tUser contains ");
+ sb.append(p.getKey());
+ rv = true;
+ } else {
+ sb.append("\n\tUser does not contain ");
+ sb.append(p.getKey());
+ List<Permission> perms = new ArrayList<>();
+ user.copyPermsTo(perms);
+ for(Permission perm : perms) {
+ sb.append("\n\t\t");
+ sb.append(perm.getKey());
+ }
+ }
+ }
+ } else {
+ sb.append("AAF Lur does not support [");
+ sb.append(bait);
+ sb.append("]");
+ }
+ aaf.access.log(Level.INFO, sb);
+ return rv;
+ } else {
+ boolean rv = false;
+ if(handles(bait)) {
+ User<PERM> user = getUser(bait);
+ if(user==null || user.permsUnloaded() || user.permExpired()) {
+ user = loadUser(bait);
+ }
+ if(user==null) {
+ return false;
+ } else {
+ for(Permission p : pond) {
+ if(rv=user.contains(p)) {
+ break;
+ }
+ }
+ }
+ }
+ return rv;
+ }
+ }
+ }
- public void fishAll(Principal bait, List<Permission> perms) {
- if(preemptiveLur!=null && preemptiveLur.handles(bait)) {
- preemptiveLur.fishAll(bait, perms);
- } else {
- if(isDebug(bait)) {
- StringBuilder sb = new StringBuilder("Log for ");
- sb.append(bait);
- if(handles(bait)) {
- User<PERM> user = getUser(bait);
- if(user==null) {
- sb.append("\n\tUser is not in Cache");
- } else {
- if(user.noPerms()) {
- sb.append("\n\tUser has no Perms");
- }
- if(user.permExpired()) {
- sb.append("\n\tUser's perm expired [");
- sb.append(new Date(user.permExpires()));
- sb.append(']');
- } else {
- sb.append("\n\tUser's perm expires [");
- sb.append(new Date(user.permExpires()));
- sb.append(']');
- }
- }
- if(user==null || user.permsUnloaded() || user.permExpired()) {
- user = loadUser(bait);
- sb.append("\n\tloadUser called");
- }
- if(user==null) {
- sb.append("\n\tUser was not Loaded");
- } else {
- sb.append("\n\tCopying Perms ");
- user.copyPermsTo(perms);
- for(Permission p : perms) {
- sb.append("\n\t\t");
- sb.append(p.getKey());
- }
- }
- } else {
- sb.append("AAF Lur does not support [");
- sb.append(bait);
- sb.append("]");
- }
- aaf.access.log(Level.INFO, sb);
- } else {
- if(handles(bait)) {
- User<PERM> user = getUser(bait);
- if(user==null || user.permsUnloaded() || user.permExpired()) {
- user = loadUser(bait);
- }
- if(user!=null) {
- user.copyPermsTo(perms);
- }
- }
- }
- }
- }
-
- @Override
- public void remove(String user) {
- super.remove(user);
- }
+ public void fishAll(Principal bait, List<Permission> perms) {
+ if(preemptiveLur!=null && preemptiveLur.handles(bait)) {
+ preemptiveLur.fishAll(bait, perms);
+ } else {
+ if(isDebug(bait)) {
+ StringBuilder sb = new StringBuilder("Log for ");
+ sb.append(bait);
+ if(handles(bait)) {
+ User<PERM> user = getUser(bait);
+ if(user==null) {
+ sb.append("\n\tUser is not in Cache");
+ } else {
+ if(user.noPerms()) {
+ sb.append("\n\tUser has no Perms");
+ }
+ if(user.permExpired()) {
+ sb.append("\n\tUser's perm expired [");
+ sb.append(new Date(user.permExpires()));
+ sb.append(']');
+ } else {
+ sb.append("\n\tUser's perm expires [");
+ sb.append(new Date(user.permExpires()));
+ sb.append(']');
+ }
+ }
+ if(user==null || user.permsUnloaded() || user.permExpired()) {
+ user = loadUser(bait);
+ sb.append("\n\tloadUser called");
+ }
+ if(user==null) {
+ sb.append("\n\tUser was not Loaded");
+ } else {
+ sb.append("\n\tCopying Perms ");
+ user.copyPermsTo(perms);
+ for(Permission p : perms) {
+ sb.append("\n\t\t");
+ sb.append(p.getKey());
+ }
+ }
+ } else {
+ sb.append("AAF Lur does not support [");
+ sb.append(bait);
+ sb.append("]");
+ }
+ aaf.access.log(Level.INFO, sb);
+ } else {
+ if(handles(bait)) {
+ User<PERM> user = getUser(bait);
+ if(user==null || user.permsUnloaded() || user.permExpired()) {
+ user = loadUser(bait);
+ }
+ if(user!=null) {
+ user.copyPermsTo(perms);
+ }
+ }
+ }
+ }
+ }
+
+ @Override
+ public void remove(String user) {
+ super.remove(user);
+ }
- private boolean isDebug(Principal p) {
- if(debug!=null) {
- if(debug.length==1 && "all".equals(debug[0])) {
- return true;
- }
- String name = p.getName();
- for(String s : debug) {
- if(s.equals(name)) {
- return true;
- }
- }
- }
- return false;
- }
- /**
- * This special case minimizes loops, avoids multiple Set hits, and calls all the appropriate Actions found.
- *
- * @param bait
- * @param obj
- * @param type
- * @param instance
- * @param actions
- */
- public<A> void fishOneOf(Principal princ, A obj, String type, String instance, List<Action<A>> actions) {
- User<PERM> user = getUser(princ);
- if(user==null || user.permsUnloaded() || user.permExpired()) {
- user = loadUser(princ);
- }
- if(user!=null) {
- ReuseAAFPermission perm = new ReuseAAFPermission(type,instance);
- for(Action<A> action : actions) {
- perm.setAction(action.getName());
- if(user.contains(perm)) {
- if(action.exec(obj))return;
- }
- }
- }
- }
-
- public static interface Action<A> {
- public String getName();
- /**
- * Return false to continue, True to end now
- * @return
- */
- public boolean exec(A a);
- }
-
- private class ReuseAAFPermission extends AAFPermission {
- public ReuseAAFPermission(String type, String instance) {
- super(type,instance,null,null);
- }
+ private boolean isDebug(Principal p) {
+ if(debug!=null) {
+ if(debug.length==1 && "all".equals(debug[0])) {
+ return true;
+ }
+ String name = p.getName();
+ for(String s : debug) {
+ if(s.equals(name)) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+ /**
+ * This special case minimizes loops, avoids multiple Set hits, and calls all the appropriate Actions found.
+ *
+ * @param bait
+ * @param obj
+ * @param type
+ * @param instance
+ * @param actions
+ */
+ public<A> void fishOneOf(Principal princ, A obj, String type, String instance, List<Action<A>> actions) {
+ User<PERM> user = getUser(princ);
+ if(user==null || user.permsUnloaded() || user.permExpired()) {
+ user = loadUser(princ);
+ }
+ if(user!=null) {
+ ReuseAAFPermission perm = new ReuseAAFPermission(type,instance);
+ for(Action<A> action : actions) {
+ perm.setAction(action.getName());
+ if(user.contains(perm)) {
+ if(action.exec(obj))return;
+ }
+ }
+ }
+ }
+
+ public static interface Action<A> {
+ public String getName();
+ /**
+ * Return false to continue, True to end now
+ * @return
+ */
+ public boolean exec(A a);
+ }
+
+ private class ReuseAAFPermission extends AAFPermission {
+ public ReuseAAFPermission(String type, String instance) {
+ super(type,instance,null,null);
+ }
- public void setAction(String s) {
- action = s;
- }
-
- /**
- * This function understands that AAF Keys are hierarchical, :A:B:C,
- * Cassandra follows a similar method, so we'll short circuit and do it more efficiently when there isn't a first hit
- * @return
- */
- }
+ public void setAction(String s) {
+ action = s;
+ }
+
+ /**
+ * This function understands that AAF Keys are hierarchical, :A:B:C,
+ * Cassandra follows a similar method, so we'll short circuit and do it more efficiently when there isn't a first hit
+ * @return
+ */
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
index ef73adaa..83204d1b 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java
@@ -86,1016 +86,1016 @@ import locate.v1_1.Configuration;
import locate.v1_1.Configuration.Props;
public class Agent {
- private static final String HASHES = "################################################################";
- private static final String PRINT = "print";
- private static final String FILE = "file";
- public static final String PKCS12 = "pkcs12";
- public static final String JKS = "jks";
- private static final String SCRIPT="script";
-
- private static final String CM_VER = "1.0";
- public static final int PASS_SIZE = 24;
- private static int TIMEOUT;
-
- private static RosettaDF<CertificateRequest> reqDF;
- private static RosettaDF<CertInfo> certDF;
- private static RosettaDF<Artifacts> artifactsDF;
- private static RosettaDF<Configuration> configDF;
- private static RosettaDF<Perms> permDF;
- private static ErrMessage errMsg;
- private static Map<String,PlaceArtifact> placeArtifact;
- private static RosettaEnv env;
-
- private static boolean doExit;
- private static AAFCon<?> aafcon;
+ private static final String HASHES = "################################################################";
+ private static final String PRINT = "print";
+ private static final String FILE = "file";
+ public static final String PKCS12 = "pkcs12";
+ public static final String JKS = "jks";
+ private static final String SCRIPT="script";
+
+ private static final String CM_VER = "1.0";
+ public static final int PASS_SIZE = 24;
+ private static int TIMEOUT;
+
+ private static RosettaDF<CertificateRequest> reqDF;
+ private static RosettaDF<CertInfo> certDF;
+ private static RosettaDF<Artifacts> artifactsDF;
+ private static RosettaDF<Configuration> configDF;
+ private static RosettaDF<Perms> permDF;
+ private static ErrMessage errMsg;
+ private static Map<String,PlaceArtifact> placeArtifact;
+ private static RosettaEnv env;
+
+ private static boolean doExit;
+ private static AAFCon<?> aafcon;
- public static void main(String[] args) {
- int exitCode = 0;
- doExit = true;
- if(args.length>0 && "cadi".equals(args[0])) {
- String[] newArgs = new String[args.length-1];
- System.arraycopy(args, 1, newArgs, 0, newArgs.length);
- if(newArgs.length==0) {
- System.out.println(HASHES);
- System.out.println("Note: Cadi CmdLine is a separate component. When running with\n\t"
- + "Agent, always preface with \"cadi\",\n\tex: cadi keygen [<keyfile>]");
- System.out.println(HASHES);
- }
- CmdLine.main(newArgs);
- } else {
- try {
- AAFSSO aafsso=null;
- PropAccess access;
-
- if(args.length>1 && args[0].equals("validate") ) {
- int idx = args[1].indexOf('=');
- aafsso = null;
- access = new PropAccess(
- (idx<0?Config.CADI_PROP_FILES:args[1].substring(0, idx))+
- '='+
- (idx<0?args[1]:args[1].substring(idx+1)));
- } else {
- aafsso= new AAFSSO(args, new AAFSSO.ProcessArgs() {
- @Override
- public Properties process(String[] args, Properties props) {
- if(args.length>1) {
- if (!args[0].equals("keypairgen")) {
- props.put("aaf_id", args[1]);
- }
- }
- return props;
- }
- });
- access = aafsso.access();
- }
-
- if(aafsso!=null && aafsso.loginOnly()) {
- aafsso.setLogDefault();
- aafsso.writeFiles();
- System.out.println("AAF SSO information created in ~/.aaf");
- } else {
- env = new RosettaEnv(access.getProperties());
- Deque<String> cmds = new ArrayDeque<String>();
- for(String p : args) {
- if("-noexit".equalsIgnoreCase(p)) {
- doExit = false;
- } else if(p.indexOf('=') < 0) {
- cmds.add(p);
- }
- }
-
- if(cmds.size()==0) {
- if(aafsso!=null) {
- aafsso.setLogDefault();
- }
- // NOTE: CHANGE IN CMDS should be reflected in AAFSSO constructor, to get FQI->aaf-id or not
- System.out.println("Usage: java -jar <cadi-aaf-*-full.jar> cmd [<tag=value>]*");
- System.out.println(" create <FQI> [<machine>]");
- System.out.println(" read <FQI> [<machine>]");
- System.out.println(" update <FQI> [<machine>]");
- System.out.println(" delete <FQI> [<machine>]");
- System.out.println(" copy <FQI> <machine> <newmachine>[,<newmachine>]*");
- System.out.println(" place <FQI> [<machine>]");
- System.out.println(" showpass <FQI> [<machine>]");
- System.out.println(" check <FQI> [<machine>]");
- System.out.println(" keypairgen <FQI>");
- System.out.println(" config <FQI>");
- System.out.println(" validate <NS>.props>");
- System.out.println(" --- Additional Tool Access ---");
- System.out.println(" ** Type with no params for Tool Help");
- System.out.println(" ** If using with Agent, preface with \"cadi\"");
- System.out.println(" cadi <cadi tool params, see -?>");
-
- if (doExit) {
- System.exit(1);
- }
- }
-
- TIMEOUT = Integer.parseInt(env.getProperty(Config.AAF_CONN_TIMEOUT, "5000"));
-
- reqDF = env.newDataFactory(CertificateRequest.class);
- artifactsDF = env.newDataFactory(Artifacts.class);
- certDF = env.newDataFactory(CertInfo.class);
- configDF = env.newDataFactory(Configuration.class);
- permDF = env.newDataFactory(Perms.class);
- errMsg = new ErrMessage(env);
-
- placeArtifact = new HashMap<>();
- placeArtifact.put(JKS, new PlaceArtifactInKeystore(JKS));
- placeArtifact.put(PKCS12, new PlaceArtifactInKeystore(PKCS12));
- placeArtifact.put(FILE, new PlaceArtifactInFiles());
- placeArtifact.put(PRINT, new PlaceArtifactOnStream(System.out));
- placeArtifact.put(SCRIPT, new PlaceArtifactScripts());
-
- Trans trans = env.newTrans();
- String token;
- if((token=access.getProperty("oauth_token"))!=null) {
- trans.setProperty("oauth_token", token);
- }
- try {
- if(aafsso!=null) {
- // show Std out again
- aafsso.setLogDefault();
- aafsso.setStdErrDefault();
-
- // if CM_URL can be obtained, add to sso.props, if written
- String cm_url = getProperty(access,env,false, Config.CM_URL,Config.CM_URL+": ");
- if(cm_url!=null) {
- aafsso.addProp(Config.CM_URL, cm_url);
- }
- aafsso.writeFiles();
- }
-
-
-
- String cmd = cmds.removeFirst();
- switch(cmd) {
- case "place":
- placeCerts(trans,aafcon(access),cmds);
- break;
- case "create":
- createArtifact(trans, aafcon(access),cmds);
- break;
- case "read":
- readArtifact(trans, aafcon(access), cmds);
- break;
- case "copy":
- copyArtifact(trans, aafcon(access), cmds);
- break;
- case "update":
- updateArtifact(trans, aafcon(access), cmds);
- break;
- case "delete":
- deleteArtifact(trans, aafcon(access), cmds);
- break;
- case "showpass":
- showPass(trans, aafcon(access), cmds);
- break;
- case "keypairgen":
- keypairGen(trans, access, cmds);
- break;
- case "config":
- if(access.getProperty(Config.CADI_PROP_FILES)!=null) {
- // Get Properties from initialization Prop Files
- config(trans,access,null,cmds);
- } else {
- // Get Properties from existing AAF Instance
- config(trans,access,aafcon(access),cmds);
- }
- break;
- case "validate":
- validate(access);
- break;
- case "check":
- try {
- exitCode = check(trans,aafcon(access),cmds);
- } catch (Exception e) {
- exitCode = 1;
- throw e;
- }
- break;
- default:
- AAFSSO.cons.printf("Unknown command \"%s\"\n", cmd);
- }
- } finally {
- StringBuilder sb = new StringBuilder();
- trans.auditTrail(4, sb, Trans.REMOTE);
- if(sb.length()>0) {
- trans.info().log("Trans Info\n",sb);
- }
- }
- if(aafsso!=null) {
- aafsso.close();
- }
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
- if(exitCode != 0 && doExit) {
- System.exit(exitCode);
- }
- }
+ public static void main(String[] args) {
+ int exitCode = 0;
+ doExit = true;
+ if(args.length>0 && "cadi".equals(args[0])) {
+ String[] newArgs = new String[args.length-1];
+ System.arraycopy(args, 1, newArgs, 0, newArgs.length);
+ if(newArgs.length==0) {
+ System.out.println(HASHES);
+ System.out.println("Note: Cadi CmdLine is a separate component. When running with\n\t"
+ + "Agent, always preface with \"cadi\",\n\tex: cadi keygen [<keyfile>]");
+ System.out.println(HASHES);
+ }
+ CmdLine.main(newArgs);
+ } else {
+ try {
+ AAFSSO aafsso=null;
+ PropAccess access;
+
+ if(args.length>1 && args[0].equals("validate") ) {
+ int idx = args[1].indexOf('=');
+ aafsso = null;
+ access = new PropAccess(
+ (idx<0?Config.CADI_PROP_FILES:args[1].substring(0, idx))+
+ '='+
+ (idx<0?args[1]:args[1].substring(idx+1)));
+ } else {
+ aafsso= new AAFSSO(args, new AAFSSO.ProcessArgs() {
+ @Override
+ public Properties process(String[] args, Properties props) {
+ if(args.length>1) {
+ if (!args[0].equals("keypairgen")) {
+ props.put("aaf_id", args[1]);
+ }
+ }
+ return props;
+ }
+ });
+ access = aafsso.access();
+ }
+
+ if(aafsso!=null && aafsso.loginOnly()) {
+ aafsso.setLogDefault();
+ aafsso.writeFiles();
+ System.out.println("AAF SSO information created in ~/.aaf");
+ } else {
+ env = new RosettaEnv(access.getProperties());
+ Deque<String> cmds = new ArrayDeque<String>();
+ for(String p : args) {
+ if("-noexit".equalsIgnoreCase(p)) {
+ doExit = false;
+ } else if(p.indexOf('=') < 0) {
+ cmds.add(p);
+ }
+ }
+
+ if(cmds.size()==0) {
+ if(aafsso!=null) {
+ aafsso.setLogDefault();
+ }
+ // NOTE: CHANGE IN CMDS should be reflected in AAFSSO constructor, to get FQI->aaf-id or not
+ System.out.println("Usage: java -jar <cadi-aaf-*-full.jar> cmd [<tag=value>]*");
+ System.out.println(" create <FQI> [<machine>]");
+ System.out.println(" read <FQI> [<machine>]");
+ System.out.println(" update <FQI> [<machine>]");
+ System.out.println(" delete <FQI> [<machine>]");
+ System.out.println(" copy <FQI> <machine> <newmachine>[,<newmachine>]*");
+ System.out.println(" place <FQI> [<machine>]");
+ System.out.println(" showpass <FQI> [<machine>]");
+ System.out.println(" check <FQI> [<machine>]");
+ System.out.println(" keypairgen <FQI>");
+ System.out.println(" config <FQI>");
+ System.out.println(" validate <NS>.props>");
+ System.out.println(" --- Additional Tool Access ---");
+ System.out.println(" ** Type with no params for Tool Help");
+ System.out.println(" ** If using with Agent, preface with \"cadi\"");
+ System.out.println(" cadi <cadi tool params, see -?>");
+
+ if (doExit) {
+ System.exit(1);
+ }
+ }
+
+ TIMEOUT = Integer.parseInt(env.getProperty(Config.AAF_CONN_TIMEOUT, "5000"));
+
+ reqDF = env.newDataFactory(CertificateRequest.class);
+ artifactsDF = env.newDataFactory(Artifacts.class);
+ certDF = env.newDataFactory(CertInfo.class);
+ configDF = env.newDataFactory(Configuration.class);
+ permDF = env.newDataFactory(Perms.class);
+ errMsg = new ErrMessage(env);
+
+ placeArtifact = new HashMap<>();
+ placeArtifact.put(JKS, new PlaceArtifactInKeystore(JKS));
+ placeArtifact.put(PKCS12, new PlaceArtifactInKeystore(PKCS12));
+ placeArtifact.put(FILE, new PlaceArtifactInFiles());
+ placeArtifact.put(PRINT, new PlaceArtifactOnStream(System.out));
+ placeArtifact.put(SCRIPT, new PlaceArtifactScripts());
+
+ Trans trans = env.newTrans();
+ String token;
+ if((token=access.getProperty("oauth_token"))!=null) {
+ trans.setProperty("oauth_token", token);
+ }
+ try {
+ if(aafsso!=null) {
+ // show Std out again
+ aafsso.setLogDefault();
+ aafsso.setStdErrDefault();
+
+ // if CM_URL can be obtained, add to sso.props, if written
+ String cm_url = getProperty(access,env,false, Config.CM_URL,Config.CM_URL+": ");
+ if(cm_url!=null) {
+ aafsso.addProp(Config.CM_URL, cm_url);
+ }
+ aafsso.writeFiles();
+ }
+
+
+
+ String cmd = cmds.removeFirst();
+ switch(cmd) {
+ case "place":
+ placeCerts(trans,aafcon(access),cmds);
+ break;
+ case "create":
+ createArtifact(trans, aafcon(access),cmds);
+ break;
+ case "read":
+ readArtifact(trans, aafcon(access), cmds);
+ break;
+ case "copy":
+ copyArtifact(trans, aafcon(access), cmds);
+ break;
+ case "update":
+ updateArtifact(trans, aafcon(access), cmds);
+ break;
+ case "delete":
+ deleteArtifact(trans, aafcon(access), cmds);
+ break;
+ case "showpass":
+ showPass(trans, aafcon(access), cmds);
+ break;
+ case "keypairgen":
+ keypairGen(trans, access, cmds);
+ break;
+ case "config":
+ if(access.getProperty(Config.CADI_PROP_FILES)!=null) {
+ // Get Properties from initialization Prop Files
+ config(trans,access,null,cmds);
+ } else {
+ // Get Properties from existing AAF Instance
+ config(trans,access,aafcon(access),cmds);
+ }
+ break;
+ case "validate":
+ validate(access);
+ break;
+ case "check":
+ try {
+ exitCode = check(trans,aafcon(access),cmds);
+ } catch (Exception e) {
+ exitCode = 1;
+ throw e;
+ }
+ break;
+ default:
+ AAFSSO.cons.printf("Unknown command \"%s\"\n", cmd);
+ }
+ } finally {
+ StringBuilder sb = new StringBuilder();
+ trans.auditTrail(4, sb, Trans.REMOTE);
+ if(sb.length()>0) {
+ trans.info().log("Trans Info\n",sb);
+ }
+ }
+ if(aafsso!=null) {
+ aafsso.close();
+ }
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+ if(exitCode != 0 && doExit) {
+ System.exit(exitCode);
+ }
+ }
- private static synchronized AAFCon<?> aafcon(PropAccess access) throws APIException, CadiException, LocatorException {
- if(aafcon==null) {
- aafcon = new AAFConHttp(access,Config.CM_URL);
- }
- return aafcon;
- }
+ private static synchronized AAFCon<?> aafcon(PropAccess access) throws APIException, CadiException, LocatorException {
+ if(aafcon==null) {
+ aafcon = new AAFConHttp(access,Config.CM_URL);
+ }
+ return aafcon;
+ }
- private static String getProperty(PropAccess pa, Env env, boolean secure, String tag, String prompt, Object ... def) {
- String value;
- if((value=pa.getProperty(tag))==null) {
- if(secure) {
- value = new String(AAFSSO.cons.readPassword(prompt, def));
- } else {
- value = AAFSSO.cons.readLine(prompt,def).trim();
- }
- if(value!=null) {
- if(value.length()>0) {
- pa.setProperty(tag,value);
- env.setProperty(tag,value);
- } else if(def.length==1) {
- value=def[0].toString();
- pa.setProperty(tag,value);
- env.setProperty(tag,value);
- }
- }
- }
- return value;
- }
+ private static String getProperty(PropAccess pa, Env env, boolean secure, String tag, String prompt, Object ... def) {
+ String value;
+ if((value=pa.getProperty(tag))==null) {
+ if(secure) {
+ value = new String(AAFSSO.cons.readPassword(prompt, def));
+ } else {
+ value = AAFSSO.cons.readLine(prompt,def).trim();
+ }
+ if(value!=null) {
+ if(value.length()>0) {
+ pa.setProperty(tag,value);
+ env.setProperty(tag,value);
+ } else if(def.length==1) {
+ value=def[0].toString();
+ pa.setProperty(tag,value);
+ env.setProperty(tag,value);
+ }
+ }
+ }
+ return value;
+ }
- private static String fqi(Deque<String> cmds) {
- if(cmds.size()<1) {
- String alias = env.getProperty(Config.CADI_ALIAS);
- return alias!=null?alias:AAFSSO.cons.readLine("AppID: ");
- }
- return cmds.removeFirst();
- }
+ private static String fqi(Deque<String> cmds) {
+ if(cmds.size()<1) {
+ String alias = env.getProperty(Config.CADI_ALIAS);
+ return alias!=null?alias:AAFSSO.cons.readLine("AppID: ");
+ }
+ return cmds.removeFirst();
+ }
- private static String machine(Deque<String> cmds) throws UnknownHostException {
- if(cmds.size()>0) {
- return cmds.removeFirst();
- } else {
- String mach = env.getProperty(Config.HOSTNAME);
- return mach!=null?mach:InetAddress.getLocalHost().getHostName();
- }
- }
+ private static String machine(Deque<String> cmds) throws UnknownHostException {
+ if(cmds.size()>0) {
+ return cmds.removeFirst();
+ } else {
+ String mach = env.getProperty(Config.HOSTNAME);
+ return mach!=null?mach:InetAddress.getLocalHost().getHostName();
+ }
+ }
- private static String[] machines(Deque<String> cmds) {
- String machines;
- if(cmds.size()>0) {
- machines = cmds.removeFirst();
- } else {
- machines = AAFSSO.cons.readLine("Machines (sep by ','): ");
- }
- return Split.split(',', machines);
- }
+ private static String[] machines(Deque<String> cmds) {
+ String machines;
+ if(cmds.size()>0) {
+ machines = cmds.removeFirst();
+ } else {
+ machines = AAFSSO.cons.readLine("Machines (sep by ','): ");
+ }
+ return Split.split(',', machines);
+ }
- private static void createArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- final String mechID = fqi(cmds);
- final String machine = machine(cmds);
+ private static void createArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ final String mechID = fqi(cmds);
+ final String machine = machine(cmds);
- Artifacts artifacts = new Artifacts();
- Artifact arti = new Artifact();
- artifacts.getArtifact().add(arti);
- arti.setMechid(mechID!=null?mechID:AAFSSO.cons.readLine("AppID: "));
- arti.setMachine(machine!=null?machine:AAFSSO.cons.readLine("Machine (%s): ",InetAddress.getLocalHost().getHostName()));
- arti.setCa(AAFSSO.cons.readLine("CA: (%s): ","aaf"));
-
- String resp = AAFSSO.cons.readLine("Types [file,pkcs12,jks,script] (%s): ", PKCS12);
- for(String s : Split.splitTrim(',', resp)) {
- arti.getType().add(s);
- }
- // Always do Script
- if(!resp.contains(SCRIPT)) {
- arti.getType().add(SCRIPT);
- }
+ Artifacts artifacts = new Artifacts();
+ Artifact arti = new Artifact();
+ artifacts.getArtifact().add(arti);
+ arti.setMechid(mechID!=null?mechID:AAFSSO.cons.readLine("AppID: "));
+ arti.setMachine(machine!=null?machine:AAFSSO.cons.readLine("Machine (%s): ",InetAddress.getLocalHost().getHostName()));
+ arti.setCa(AAFSSO.cons.readLine("CA: (%s): ","aaf"));
+
+ String resp = AAFSSO.cons.readLine("Types [file,pkcs12,jks,script] (%s): ", PKCS12);
+ for(String s : Split.splitTrim(',', resp)) {
+ arti.getType().add(s);
+ }
+ // Always do Script
+ if(!resp.contains(SCRIPT)) {
+ arti.getType().add(SCRIPT);
+ }
- // Note: Sponsor is set on Creation by CM
- String configRootName = FQI.reverseDomain(arti.getMechid());
- arti.setNs(AAFSSO.cons.readLine("Namespace (%s): ",configRootName));
- arti.setDir(AAFSSO.cons.readLine("Directory (%s): ", System.getProperty("user.dir")));
- arti.setOsUser(AAFSSO.cons.readLine("OS User (%s): ", System.getProperty("user.name")));
- arti.setRenewDays(Integer.parseInt(AAFSSO.cons.readLine("Renewal Days (%s):", "30")));
- arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (mailto owner):", "")));
-
- TimeTaken tt = trans.start("Create Artifact", Env.REMOTE);
- try {
- Future<Artifacts> future = aafcon.client(CM_VER).create("/cert/artifacts", artifactsDF, artifacts);
- if(future.get(TIMEOUT)) {
- trans.info().printf("Call to AAF Certman successful %s, %s",arti.getMechid(), arti.getMachine());
- } else {
- trans.error().printf("Call to AAF Certman failed, %s",
- errMsg.toMsg(future));
- }
- } finally {
- tt.done();
- }
- }
+ // Note: Sponsor is set on Creation by CM
+ String configRootName = FQI.reverseDomain(arti.getMechid());
+ arti.setNs(AAFSSO.cons.readLine("Namespace (%s): ",configRootName));
+ arti.setDir(AAFSSO.cons.readLine("Directory (%s): ", System.getProperty("user.dir")));
+ arti.setOsUser(AAFSSO.cons.readLine("OS User (%s): ", System.getProperty("user.name")));
+ arti.setRenewDays(Integer.parseInt(AAFSSO.cons.readLine("Renewal Days (%s):", "30")));
+ arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (mailto owner):", "")));
+
+ TimeTaken tt = trans.start("Create Artifact", Env.REMOTE);
+ try {
+ Future<Artifacts> future = aafcon.client(CM_VER).create("/cert/artifacts", artifactsDF, artifacts);
+ if(future.get(TIMEOUT)) {
+ trans.info().printf("Call to AAF Certman successful %s, %s",arti.getMechid(), arti.getMachine());
+ } else {
+ trans.error().printf("Call to AAF Certman failed, %s",
+ errMsg.toMsg(future));
+ }
+ } finally {
+ tt.done();
+ }
+ }
- private static String toNotification(String notification) {
- if(notification==null) {
- notification="";
- } else if(notification.length()>0) {
- if(notification.indexOf(':')<0) {
- notification = "mailto:" + notification;
- }
- }
- return notification;
- }
-
+ private static String toNotification(String notification) {
+ if(notification==null) {
+ notification="";
+ } else if(notification.length()>0) {
+ if(notification.indexOf(':')<0) {
+ notification = "mailto:" + notification;
+ }
+ }
+ return notification;
+ }
+
- private static void readArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- String mechID = fqi(cmds);
- String machine = machine(cmds);
+ private static void readArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ String mechID = fqi(cmds);
+ String machine = machine(cmds);
- TimeTaken tt = trans.start("Read Artifact", Env.SUB);
- try {
- Future<Artifacts> future = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF,"Authorization","Bearer " + trans.getProperty("oauth_token"));
-
- if(future.get(TIMEOUT)) {
- boolean printed = false;
- for(Artifact a : future.value.getArtifact()) {
- AAFSSO.cons.printf("AppID: %s\n",a.getMechid());
- AAFSSO.cons.printf(" Sponsor: %s\n",a.getSponsor());
- AAFSSO.cons.printf("Machine: %s\n",a.getMachine());
- AAFSSO.cons.printf("CA: %s\n",a.getCa());
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- for(String t : a.getType()) {
- if(first) {first=false;}
- else{sb.append(',');}
- sb.append(t);
- }
- AAFSSO.cons.printf("Types: %s\n",sb);
- AAFSSO.cons.printf("Namespace: %s\n",a.getNs());
- AAFSSO.cons.printf("Directory: %s\n",a.getDir());
- AAFSSO.cons.printf("O/S User: %s\n",a.getOsUser());
- AAFSSO.cons.printf("Renew Days: %d\n",a.getRenewDays());
- AAFSSO.cons.printf("Notification %s\n",a.getNotification());
- printed = true;
- }
- if(!printed) {
- AAFSSO.cons.printf("Artifact for %s %s does not exist\n", mechID, machine);
- }
- } else {
- trans.error().log(errMsg.toMsg(future));
- }
- } finally {
- tt.done();
- }
- }
-
- private static void copyArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- String mechID = fqi(cmds);
- String machine = machine(cmds);
- String[] newmachs = machines(cmds);
- if(machine==null || newmachs == null) {
- trans.error().log("No machines listed to copy to");
- } else {
- TimeTaken tt = trans.start("Copy Artifact", Env.REMOTE);
- try {
- Future<Artifacts> future = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
-
- if(future.get(TIMEOUT)) {
- boolean printed = false;
- for(Artifact a : future.value.getArtifact()) {
- for(String m : newmachs) {
- a.setMachine(m);
- Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, future.value);
- if(fup.get(TIMEOUT)) {
- trans.info().printf("Copy of %s %s successful to %s",mechID,machine,m);
- } else {
- trans.error().printf("Call to AAF Certman failed, %s",
- errMsg.toMsg(fup));
- }
-
- printed = true;
- }
- }
- if(!printed) {
- AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine);
- }
- } else {
- trans.error().log(errMsg.toMsg(future));
- }
- } finally {
- tt.done();
- }
- }
- }
+ TimeTaken tt = trans.start("Read Artifact", Env.SUB);
+ try {
+ Future<Artifacts> future = aafcon.client(CM_VER)
+ .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF,"Authorization","Bearer " + trans.getProperty("oauth_token"));
+
+ if(future.get(TIMEOUT)) {
+ boolean printed = false;
+ for(Artifact a : future.value.getArtifact()) {
+ AAFSSO.cons.printf("AppID: %s\n",a.getMechid());
+ AAFSSO.cons.printf(" Sponsor: %s\n",a.getSponsor());
+ AAFSSO.cons.printf("Machine: %s\n",a.getMachine());
+ AAFSSO.cons.printf("CA: %s\n",a.getCa());
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ for(String t : a.getType()) {
+ if(first) {first=false;}
+ else{sb.append(',');}
+ sb.append(t);
+ }
+ AAFSSO.cons.printf("Types: %s\n",sb);
+ AAFSSO.cons.printf("Namespace: %s\n",a.getNs());
+ AAFSSO.cons.printf("Directory: %s\n",a.getDir());
+ AAFSSO.cons.printf("O/S User: %s\n",a.getOsUser());
+ AAFSSO.cons.printf("Renew Days: %d\n",a.getRenewDays());
+ AAFSSO.cons.printf("Notification %s\n",a.getNotification());
+ printed = true;
+ }
+ if(!printed) {
+ AAFSSO.cons.printf("Artifact for %s %s does not exist\n", mechID, machine);
+ }
+ } else {
+ trans.error().log(errMsg.toMsg(future));
+ }
+ } finally {
+ tt.done();
+ }
+ }
+
+ private static void copyArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ String mechID = fqi(cmds);
+ String machine = machine(cmds);
+ String[] newmachs = machines(cmds);
+ if(machine==null || newmachs == null) {
+ trans.error().log("No machines listed to copy to");
+ } else {
+ TimeTaken tt = trans.start("Copy Artifact", Env.REMOTE);
+ try {
+ Future<Artifacts> future = aafcon.client(CM_VER)
+ .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
+
+ if(future.get(TIMEOUT)) {
+ boolean printed = false;
+ for(Artifact a : future.value.getArtifact()) {
+ for(String m : newmachs) {
+ a.setMachine(m);
+ Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, future.value);
+ if(fup.get(TIMEOUT)) {
+ trans.info().printf("Copy of %s %s successful to %s",mechID,machine,m);
+ } else {
+ trans.error().printf("Call to AAF Certman failed, %s",
+ errMsg.toMsg(fup));
+ }
+
+ printed = true;
+ }
+ }
+ if(!printed) {
+ AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine);
+ }
+ } else {
+ trans.error().log(errMsg.toMsg(future));
+ }
+ } finally {
+ tt.done();
+ }
+ }
+ }
- private static void updateArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- String mechID = fqi(cmds);
- String machine = machine(cmds);
+ private static void updateArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ String mechID = fqi(cmds);
+ String machine = machine(cmds);
- TimeTaken tt = trans.start("Update Artifact", Env.REMOTE);
- try {
- Future<Artifacts> fread = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
-
- if(fread.get(TIMEOUT)) {
- Artifacts artifacts = new Artifacts();
- for(Artifact a : fread.value.getArtifact()) {
- Artifact arti = new Artifact();
- artifacts.getArtifact().add(arti);
-
- AAFSSO.cons.printf("For %s on %s\n", a.getMechid(),a.getMachine());
- arti.setMechid(a.getMechid());
- arti.setMachine(a.getMachine());
- arti.setCa(AAFSSO.cons.readLine("CA: (%s): ",a.getCa()));
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- for(String t : a.getType()) {
- if(first) {first=false;}
- else{sb.append(',');}
- sb.append(t);
- }
-
- String resp = AAFSSO.cons.readLine("Types [file,jks,pkcs12] (%s): ", sb);
- for(String s : Split.splitTrim(',', resp)) {
- arti.getType().add(s);
- }
- // Always do Script
- if(!resp.contains(SCRIPT)) {
- arti.getType().add(SCRIPT);
- }
+ TimeTaken tt = trans.start("Update Artifact", Env.REMOTE);
+ try {
+ Future<Artifacts> fread = aafcon.client(CM_VER)
+ .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
+
+ if(fread.get(TIMEOUT)) {
+ Artifacts artifacts = new Artifacts();
+ for(Artifact a : fread.value.getArtifact()) {
+ Artifact arti = new Artifact();
+ artifacts.getArtifact().add(arti);
+
+ AAFSSO.cons.printf("For %s on %s\n", a.getMechid(),a.getMachine());
+ arti.setMechid(a.getMechid());
+ arti.setMachine(a.getMachine());
+ arti.setCa(AAFSSO.cons.readLine("CA: (%s): ",a.getCa()));
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ for(String t : a.getType()) {
+ if(first) {first=false;}
+ else{sb.append(',');}
+ sb.append(t);
+ }
+
+ String resp = AAFSSO.cons.readLine("Types [file,jks,pkcs12] (%s): ", sb);
+ for(String s : Split.splitTrim(',', resp)) {
+ arti.getType().add(s);
+ }
+ // Always do Script
+ if(!resp.contains(SCRIPT)) {
+ arti.getType().add(SCRIPT);
+ }
- // Note: Sponsor is set on Creation by CM
- arti.setNs(AAFSSO.cons.readLine("Namespace (%s): ",a.getNs()));
- arti.setDir(AAFSSO.cons.readLine("Directory (%s): ", a.getDir()));
- arti.setOsUser(AAFSSO.cons.readLine("OS User (%s): ", a.getOsUser()));
- arti.setRenewDays(Integer.parseInt(AAFSSO.cons.readLine("Renew Days (%s):", a.getRenewDays())));
- arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (%s):", a.getNotification())));
-
- }
- if(artifacts.getArtifact().size()==0) {
- AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine);
- } else {
- Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, artifacts);
- if(fup.get(TIMEOUT)) {
- trans.info().printf("Call to AAF Certman successful %s, %s",mechID,machine);
- } else {
- trans.error().printf("Call to AAF Certman failed, %s",
- errMsg.toMsg(fup));
- }
- }
- } else {
- trans.error().printf("Call to AAF Certman failed, %s %s, %s",
- errMsg.toMsg(fread),mechID,machine);
- }
- } finally {
- tt.done();
- }
- }
-
- private static void deleteArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- String mechid = fqi(cmds);
- String machine = machine(cmds);
-
- TimeTaken tt = trans.start("Delete Artifact", Env.REMOTE);
- try {
- Future<Void> future = aafcon.client(CM_VER)
- .delete("/cert/artifacts/"+mechid+"/"+machine,"application/json" );
-
- if(future.get(TIMEOUT)) {
- trans.info().printf("Call to AAF Certman successful %s, %s",mechid,machine);
- } else {
- trans.error().printf("Call to AAF Certman failed, %s %s, %s",
- errMsg.toMsg(future),mechid,machine);
- }
- } finally {
- tt.done();
- }
- }
+ // Note: Sponsor is set on Creation by CM
+ arti.setNs(AAFSSO.cons.readLine("Namespace (%s): ",a.getNs()));
+ arti.setDir(AAFSSO.cons.readLine("Directory (%s): ", a.getDir()));
+ arti.setOsUser(AAFSSO.cons.readLine("OS User (%s): ", a.getOsUser()));
+ arti.setRenewDays(Integer.parseInt(AAFSSO.cons.readLine("Renew Days (%s):", a.getRenewDays())));
+ arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (%s):", a.getNotification())));
+
+ }
+ if(artifacts.getArtifact().size()==0) {
+ AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine);
+ } else {
+ Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, artifacts);
+ if(fup.get(TIMEOUT)) {
+ trans.info().printf("Call to AAF Certman successful %s, %s",mechID,machine);
+ } else {
+ trans.error().printf("Call to AAF Certman failed, %s",
+ errMsg.toMsg(fup));
+ }
+ }
+ } else {
+ trans.error().printf("Call to AAF Certman failed, %s %s, %s",
+ errMsg.toMsg(fread),mechID,machine);
+ }
+ } finally {
+ tt.done();
+ }
+ }
+
+ private static void deleteArtifact(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ String mechid = fqi(cmds);
+ String machine = machine(cmds);
+
+ TimeTaken tt = trans.start("Delete Artifact", Env.REMOTE);
+ try {
+ Future<Void> future = aafcon.client(CM_VER)
+ .delete("/cert/artifacts/"+mechid+"/"+machine,"application/json" );
+
+ if(future.get(TIMEOUT)) {
+ trans.info().printf("Call to AAF Certman successful %s, %s",mechid,machine);
+ } else {
+ trans.error().printf("Call to AAF Certman failed, %s %s, %s",
+ errMsg.toMsg(future),mechid,machine);
+ }
+ } finally {
+ tt.done();
+ }
+ }
-
+
- private static boolean placeCerts(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- boolean rv = false;
- String mechID = fqi(cmds);
- String machine = machine(cmds);
- String[] fqdns = Split.split(':', machine);
- String key;
- if(fqdns.length>1) {
- key = fqdns[0];
- machine = fqdns[1];
- } else {
- key = machine;
- }
-
- TimeTaken tt = trans.start("Place Artifact", Env.REMOTE);
- try {
- Future<Artifacts> acf = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+key, artifactsDF);
- if(acf.get(TIMEOUT)) {
- if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) {
- AAFSSO.cons.printf("===> There are no artifacts for %s on machine '%s'\n", mechID, key);
- } else {
- for(Artifact a : acf.value.getArtifact()) {
- String osID = System.getProperty("user.name");
- if(a.getOsUser().equals(osID)) {
- CertificateRequest cr = new CertificateRequest();
- cr.setMechid(a.getMechid());
- cr.setSponsor(a.getSponsor());
- for(int i=0;i<fqdns.length;++i) {
- cr.getFqdns().add(fqdns[i]);
- }
- Future<String> f = aafcon.client(CM_VER)
- .updateRespondString("/cert/" + a.getCa()+"?withTrust",reqDF, cr);
- if(f.get(TIMEOUT)) {
- CertInfo capi = certDF.newData().in(TYPE.JSON).load(f.body()).asObject();
- for(String type : a.getType()) {
- PlaceArtifact pa = placeArtifact.get(type);
- if(pa!=null) {
- if(rv = pa.place(trans, capi, a,machine)) {
- notifyPlaced(a,rv);
- }
- }
- }
- // Cover for the above multiple pass possibilities with some static Data, then clear per Artifact
- } else {
- trans.error().log(errMsg.toMsg(f));
- }
- } else {
- trans.error().log("You must be OS User \"" + a.getOsUser() +"\" to place Certificates on this box");
- }
- }
- }
- } else {
- trans.error().log(errMsg.toMsg(acf));
- }
- } finally {
- tt.done();
- }
- return rv;
- }
-
- private static void notifyPlaced(Artifact a, boolean rv) {
- }
+ private static boolean placeCerts(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ boolean rv = false;
+ String mechID = fqi(cmds);
+ String machine = machine(cmds);
+ String[] fqdns = Split.split(':', machine);
+ String key;
+ if(fqdns.length>1) {
+ key = fqdns[0];
+ machine = fqdns[1];
+ } else {
+ key = machine;
+ }
+
+ TimeTaken tt = trans.start("Place Artifact", Env.REMOTE);
+ try {
+ Future<Artifacts> acf = aafcon.client(CM_VER)
+ .read("/cert/artifacts/"+mechID+'/'+key, artifactsDF);
+ if(acf.get(TIMEOUT)) {
+ if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) {
+ AAFSSO.cons.printf("===> There are no artifacts for %s on machine '%s'\n", mechID, key);
+ } else {
+ for(Artifact a : acf.value.getArtifact()) {
+ String osID = System.getProperty("user.name");
+ if(a.getOsUser().equals(osID)) {
+ CertificateRequest cr = new CertificateRequest();
+ cr.setMechid(a.getMechid());
+ cr.setSponsor(a.getSponsor());
+ for(int i=0;i<fqdns.length;++i) {
+ cr.getFqdns().add(fqdns[i]);
+ }
+ Future<String> f = aafcon.client(CM_VER)
+ .updateRespondString("/cert/" + a.getCa()+"?withTrust",reqDF, cr);
+ if(f.get(TIMEOUT)) {
+ CertInfo capi = certDF.newData().in(TYPE.JSON).load(f.body()).asObject();
+ for(String type : a.getType()) {
+ PlaceArtifact pa = placeArtifact.get(type);
+ if(pa!=null) {
+ if(rv = pa.place(trans, capi, a,machine)) {
+ notifyPlaced(a,rv);
+ }
+ }
+ }
+ // Cover for the above multiple pass possibilities with some static Data, then clear per Artifact
+ } else {
+ trans.error().log(errMsg.toMsg(f));
+ }
+ } else {
+ trans.error().log("You must be OS User \"" + a.getOsUser() +"\" to place Certificates on this box");
+ }
+ }
+ }
+ } else {
+ trans.error().log(errMsg.toMsg(acf));
+ }
+ } finally {
+ tt.done();
+ }
+ return rv;
+ }
+
+ private static void notifyPlaced(Artifact a, boolean rv) {
+ }
- private static void showPass(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- String mechID = fqi(cmds);
- String machine = machine(cmds);
+ private static void showPass(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ String mechID = fqi(cmds);
+ String machine = machine(cmds);
- TimeTaken tt = trans.start("Show Password", Env.REMOTE);
- try {
- Future<Artifacts> acf = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
- if(acf.get(TIMEOUT)) {
- // Have to wait for JDK 1.7 source...
- //switch(artifact.getType()) {
- if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) {
- AAFSSO.cons.printf("No Artifacts found for %s on %s ", mechID, machine);
- } else {
- String id = aafcon.defID();
- boolean allowed;
- for(Artifact a : acf.value.getArtifact()) {
- allowed = id!=null && (id.equals(a.getSponsor()) ||
- (id.equals(a.getMechid())
- && aafcon.securityInfo().defSS.getClass().isAssignableFrom(HBasicAuthSS.class)));
- if(!allowed) {
- Future<String> pf = aafcon.client(CM_VER).read("/cert/may/" +
- a.getNs()+"|certman|"+a.getCa()+"|showpass","*/*");
- if(pf.get(TIMEOUT)) {
- allowed = true;
- } else {
- trans.error().log(errMsg.toMsg(pf));
- }
- }
- if(allowed) {
- File dir = new File(a.getDir());
- Properties props = new Properties();
- FileInputStream fis = new FileInputStream(new File(dir,a.getNs()+".cred.props"));
- try {
- props.load(fis);
- fis.close();
- fis = new FileInputStream(new File(dir,a.getNs()+".chal"));
- props.load(fis);
- } finally {
- fis.close();
- }
-
- File f = new File(dir,a.getNs()+".keyfile");
- if(f.exists()) {
- Symm symm = Symm.obtain(f);
-
- for(Iterator<Entry<Object,Object>> iter = props.entrySet().iterator(); iter.hasNext();) {
- Entry<Object,Object> en = iter.next();
- if(en.getValue().toString().startsWith("enc:")) {
- System.out.printf("%s=%s\n", en.getKey(), symm.depass(en.getValue().toString()));
- }
- }
- } else {
- trans.error().printf("%s.keyfile must exist to read passwords for %s on %s",
- f.getAbsolutePath(),a.getMechid(), a.getMachine());
- }
- }
- }
- }
- } else {
- trans.error().log(errMsg.toMsg(acf));
- }
- } finally {
- tt.done();
- }
+ TimeTaken tt = trans.start("Show Password", Env.REMOTE);
+ try {
+ Future<Artifacts> acf = aafcon.client(CM_VER)
+ .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
+ if(acf.get(TIMEOUT)) {
+ // Have to wait for JDK 1.7 source...
+ //switch(artifact.getType()) {
+ if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) {
+ AAFSSO.cons.printf("No Artifacts found for %s on %s ", mechID, machine);
+ } else {
+ String id = aafcon.defID();
+ boolean allowed;
+ for(Artifact a : acf.value.getArtifact()) {
+ allowed = id!=null && (id.equals(a.getSponsor()) ||
+ (id.equals(a.getMechid())
+ && aafcon.securityInfo().defSS.getClass().isAssignableFrom(HBasicAuthSS.class)));
+ if(!allowed) {
+ Future<String> pf = aafcon.client(CM_VER).read("/cert/may/" +
+ a.getNs()+"|certman|"+a.getCa()+"|showpass","*/*");
+ if(pf.get(TIMEOUT)) {
+ allowed = true;
+ } else {
+ trans.error().log(errMsg.toMsg(pf));
+ }
+ }
+ if(allowed) {
+ File dir = new File(a.getDir());
+ Properties props = new Properties();
+ FileInputStream fis = new FileInputStream(new File(dir,a.getNs()+".cred.props"));
+ try {
+ props.load(fis);
+ fis.close();
+ fis = new FileInputStream(new File(dir,a.getNs()+".chal"));
+ props.load(fis);
+ } finally {
+ fis.close();
+ }
+
+ File f = new File(dir,a.getNs()+".keyfile");
+ if(f.exists()) {
+ Symm symm = Symm.obtain(f);
+
+ for(Iterator<Entry<Object,Object>> iter = props.entrySet().iterator(); iter.hasNext();) {
+ Entry<Object,Object> en = iter.next();
+ if(en.getValue().toString().startsWith("enc:")) {
+ System.out.printf("%s=%s\n", en.getKey(), symm.depass(en.getValue().toString()));
+ }
+ }
+ } else {
+ trans.error().printf("%s.keyfile must exist to read passwords for %s on %s",
+ f.getAbsolutePath(),a.getMechid(), a.getMachine());
+ }
+ }
+ }
+ }
+ } else {
+ trans.error().log(errMsg.toMsg(acf));
+ }
+ } finally {
+ tt.done();
+ }
- }
-
- private static void keypairGen(final Trans trans, final PropAccess access, final Deque<String> cmds) throws IOException {
- final String fqi = fqi(cmds);
- final String ns = FQI.reverseDomain(fqi);
- File dir = new File(access.getProperty(Config.CADI_ETCDIR,".")); // default to current Directory
- File f = new File(dir,ns+".key");
-
- if(f.exists()) {
- String line = AAFSSO.cons.readLine("%s exists. Overwrite? (y/n): ", f.getCanonicalPath());
- if(!"Y".equalsIgnoreCase(line)) {
- System.out.println("Canceling...");
- return;
- }
- }
-
- KeyPair kp = Factory.generateKeyPair(trans);
- ArtifactDir.write(f, Chmod.to400, Factory.toString(trans, kp.getPrivate()));
- System.out.printf("Wrote %s\n", f.getCanonicalFile());
+ }
+
+ private static void keypairGen(final Trans trans, final PropAccess access, final Deque<String> cmds) throws IOException {
+ final String fqi = fqi(cmds);
+ final String ns = FQI.reverseDomain(fqi);
+ File dir = new File(access.getProperty(Config.CADI_ETCDIR,".")); // default to current Directory
+ File f = new File(dir,ns+".key");
+
+ if(f.exists()) {
+ String line = AAFSSO.cons.readLine("%s exists. Overwrite? (y/n): ", f.getCanonicalPath());
+ if(!"Y".equalsIgnoreCase(line)) {
+ System.out.println("Canceling...");
+ return;
+ }
+ }
+
+ KeyPair kp = Factory.generateKeyPair(trans);
+ ArtifactDir.write(f, Chmod.to400, Factory.toString(trans, kp.getPrivate()));
+ System.out.printf("Wrote %s\n", f.getCanonicalFile());
- f=new File(dir,ns+".pubkey");
- ArtifactDir.write(f, Chmod.to644, Factory.toString(trans, kp.getPublic()));
- System.out.printf("Wrote %s\n", f.getCanonicalFile());
- }
-
- private static void config(Trans trans, PropAccess pa, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- final String fqi = fqi(cmds);
- final String rootFile = FQI.reverseDomain(fqi);
- final File dir = new File(pa.getProperty(Config.CADI_ETCDIR, "."));
- if(dir.exists()) {
- System.out.println("Writing to " + dir.getCanonicalFile());
- } else if(dir.mkdirs()) {
- System.out.println("Created directory " + dir.getCanonicalFile());
- } else {
- System.err.println("Unable to create or write to " + dir.getCanonicalPath());
- return;
- }
-
- TimeTaken tt = trans.start("Get Configuration", Env.REMOTE);
- try {
- boolean ok=false;
- File fProps = File.createTempFile(rootFile, ".tmp",dir);
- File fSecureTempProps = File.createTempFile(rootFile, ".cred.tmp",dir);
- File fSecureProps = new File(dir,rootFile+".cred.props");
- PrintStream psProps;
+ f=new File(dir,ns+".pubkey");
+ ArtifactDir.write(f, Chmod.to644, Factory.toString(trans, kp.getPublic()));
+ System.out.printf("Wrote %s\n", f.getCanonicalFile());
+ }
+
+ private static void config(Trans trans, PropAccess pa, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ final String fqi = fqi(cmds);
+ final String rootFile = FQI.reverseDomain(fqi);
+ final File dir = new File(pa.getProperty(Config.CADI_ETCDIR, "."));
+ if(dir.exists()) {
+ System.out.println("Writing to " + dir.getCanonicalFile());
+ } else if(dir.mkdirs()) {
+ System.out.println("Created directory " + dir.getCanonicalFile());
+ } else {
+ System.err.println("Unable to create or write to " + dir.getCanonicalPath());
+ return;
+ }
+
+ TimeTaken tt = trans.start("Get Configuration", Env.REMOTE);
+ try {
+ boolean ok=false;
+ File fProps = File.createTempFile(rootFile, ".tmp",dir);
+ File fSecureTempProps = File.createTempFile(rootFile, ".cred.tmp",dir);
+ File fSecureProps = new File(dir,rootFile+".cred.props");
+ PrintStream psProps;
- File fLocProps = new File(dir,rootFile + ".location.props");
- if(!fLocProps.exists()) {
- psProps = new PrintStream(new FileOutputStream(fLocProps));
- try {
- psProps.println(HASHES);
- psProps.print("# Configuration File generated on ");
- psProps.println(new Date().toString());
- psProps.println(HASHES);
- for(String tag : LOC_TAGS) {
- psProps.print(tag);
- psProps.print('=');
- psProps.println(getProperty(pa, trans, false, tag, "%s: ",tag));
- }
- } finally {
- psProps.close();
- }
- }
+ File fLocProps = new File(dir,rootFile + ".location.props");
+ if(!fLocProps.exists()) {
+ psProps = new PrintStream(new FileOutputStream(fLocProps));
+ try {
+ psProps.println(HASHES);
+ psProps.print("# Configuration File generated on ");
+ psProps.println(new Date().toString());
+ psProps.println(HASHES);
+ for(String tag : LOC_TAGS) {
+ psProps.print(tag);
+ psProps.print('=');
+ psProps.println(getProperty(pa, trans, false, tag, "%s: ",tag));
+ }
+ } finally {
+ psProps.close();
+ }
+ }
- psProps = new PrintStream(new FileOutputStream(fProps));
- try {
- PrintStream psCredProps = new PrintStream(new FileOutputStream(fSecureTempProps));
- try {
- psCredProps.println(HASHES);
- psCredProps.print("# Configuration File generated on ");
- psCredProps.println(new Date().toString());
- psCredProps.println(HASHES);
+ psProps = new PrintStream(new FileOutputStream(fProps));
+ try {
+ PrintStream psCredProps = new PrintStream(new FileOutputStream(fSecureTempProps));
+ try {
+ psCredProps.println(HASHES);
+ psCredProps.print("# Configuration File generated on ");
+ psCredProps.println(new Date().toString());
+ psCredProps.println(HASHES);
- psProps.println(HASHES);
- psProps.print("# Configuration File generated on ");
- psProps.println(new Date().toString());
- psProps.println(HASHES);
-
- psProps.print(Config.CADI_PROP_FILES);
- psProps.print('=');
- psProps.print(fSecureProps.getCanonicalPath());
- psProps.print(File.pathSeparatorChar);
- psProps.println(fLocProps.getCanonicalPath());
-
- File fkf = new File(dir,rootFile+".keyfile");
- if(!fkf.exists()) {
- CmdLine.main(new String[] {"keygen",fkf.toString()});
- }
- Symm filesymm = Symm.obtain(fkf);
- Map<String,String> normal = new TreeMap<>();
- Map<String,String> creds = new TreeMap<>();
+ psProps.println(HASHES);
+ psProps.print("# Configuration File generated on ");
+ psProps.println(new Date().toString());
+ psProps.println(HASHES);
+
+ psProps.print(Config.CADI_PROP_FILES);
+ psProps.print('=');
+ psProps.print(fSecureProps.getCanonicalPath());
+ psProps.print(File.pathSeparatorChar);
+ psProps.println(fLocProps.getCanonicalPath());
+
+ File fkf = new File(dir,rootFile+".keyfile");
+ if(!fkf.exists()) {
+ CmdLine.main(new String[] {"keygen",fkf.toString()});
+ }
+ Symm filesymm = Symm.obtain(fkf);
+ Map<String,String> normal = new TreeMap<>();
+ Map<String,String> creds = new TreeMap<>();
- directedPut(pa, filesymm, normal,creds, Config.CADI_KEYFILE, fkf.getCanonicalPath());
- directedPut(pa, filesymm, normal,creds, Config.AAF_APPID,fqi);
- directedPut(pa, filesymm, normal,creds, Config.AAF_APPPASS,null);
- directedPut(pa, filesymm, normal,creds, Config.AAF_URL, Defaults.AAF_URL);
-
+ directedPut(pa, filesymm, normal,creds, Config.CADI_KEYFILE, fkf.getCanonicalPath());
+ directedPut(pa, filesymm, normal,creds, Config.AAF_APPID,fqi);
+ directedPut(pa, filesymm, normal,creds, Config.AAF_APPPASS,null);
+ directedPut(pa, filesymm, normal,creds, Config.AAF_URL, Defaults.AAF_URL);
+
- String cts = pa.getProperty(Config.CADI_TRUSTSTORE);
- if(cts!=null) {
- File origTruststore = new File(cts);
- if(!origTruststore.exists()) {
- // Try same directory as cadi_prop_files
- String cpf = pa.getProperty(Config.CADI_PROP_FILES);
- if(cpf!=null) {
- for(String f : Split.split(File.pathSeparatorChar, cpf)) {
- File fcpf = new File(f);
- if(fcpf.exists()) {
- int lastSep = cts.lastIndexOf(File.pathSeparator);
- origTruststore = new File(fcpf.getParentFile(),lastSep>=0?cts.substring(lastSep):cts);
- if(origTruststore.exists()) {
- break;
- }
- }
- }
- if(!origTruststore.exists()) {
- throw new CadiException(cts + " does not exist");
- }
- }
-
- }
- File newTruststore = new File(dir,origTruststore.getName());
- if(!newTruststore.exists()) {
- Files.copy(origTruststore.toPath(), newTruststore.toPath());
- }
-
- directedPut(pa, filesymm, normal,creds, Config.CADI_TRUSTSTORE,newTruststore.getCanonicalPath());
- directedPut(pa, filesymm, normal,creds, Config.CADI_TRUSTSTORE_PASSWORD,null);
- }
-
- if(aafcon!=null) { // get Properties from Remote AAF
- final String locator = getProperty(pa,aafcon.env,false,Config.AAF_LOCATE_URL,"AAF Locator URL: ");
+ String cts = pa.getProperty(Config.CADI_TRUSTSTORE);
+ if(cts!=null) {
+ File origTruststore = new File(cts);
+ if(!origTruststore.exists()) {
+ // Try same directory as cadi_prop_files
+ String cpf = pa.getProperty(Config.CADI_PROP_FILES);
+ if(cpf!=null) {
+ for(String f : Split.split(File.pathSeparatorChar, cpf)) {
+ File fcpf = new File(f);
+ if(fcpf.exists()) {
+ int lastSep = cts.lastIndexOf(File.pathSeparator);
+ origTruststore = new File(fcpf.getParentFile(),lastSep>=0?cts.substring(lastSep):cts);
+ if(origTruststore.exists()) {
+ break;
+ }
+ }
+ }
+ if(!origTruststore.exists()) {
+ throw new CadiException(cts + " does not exist");
+ }
+ }
+
+ }
+ File newTruststore = new File(dir,origTruststore.getName());
+ if(!newTruststore.exists()) {
+ Files.copy(origTruststore.toPath(), newTruststore.toPath());
+ }
+
+ directedPut(pa, filesymm, normal,creds, Config.CADI_TRUSTSTORE,newTruststore.getCanonicalPath());
+ directedPut(pa, filesymm, normal,creds, Config.CADI_TRUSTSTORE_PASSWORD,null);
+ }
+
+ if(aafcon!=null) { // get Properties from Remote AAF
+ final String locator = getProperty(pa,aafcon.env,false,Config.AAF_LOCATE_URL,"AAF Locator URL: ");
- Future<Configuration> acf = aafcon.client(new SingleEndpointLocator(locator))
- .read("/configure/"+fqi+"/aaf", configDF);
- if(acf.get(TIMEOUT)) {
- for(Props props : acf.value.getProps()) {
- directedPut(pa, filesymm, normal,creds, props.getTag(),props.getValue());
- }
- ok = true;
- } else if(acf.code()==401){
- trans.error().log("Bad Password sent to AAF");
- } else {
- trans.error().log(errMsg.toMsg(acf));
- }
- } else {
- String cpf = pa.getProperty(Config.CADI_PROP_FILES);
- if(cpf!=null){
- for(String f : Split.split(File.pathSeparatorChar, cpf)) {
- System.out.format("Reading %s\n",f);
- FileInputStream fis = new FileInputStream(f);
- try {
- Properties props = new Properties();
- props.load(fis);
- for(Entry<Object, Object> prop : props.entrySet()) {
- directedPut(pa, filesymm, normal,creds, prop.getKey().toString(),prop.getValue().toString());
- }
- } finally {
- fis.close();
- }
- }
- }
- ok = true;
- }
- if(ok) {
- for(Entry<String, String> es : normal.entrySet()) {
- psProps.print(es.getKey());
- psProps.print('=');
- psProps.println(es.getValue());
- }
-
- for(Entry<String, String> es : creds.entrySet()) {
- psCredProps.print(es.getKey());
- psCredProps.print('=');
- psCredProps.println(es.getValue());
- }
-
- File newFile = new File(dir,rootFile+".props");
- if(newFile.exists()) {
- File backup = new File(dir,rootFile+".props.backup");
- newFile.renameTo(backup);
- System.out.println("Backed up to " + backup.getCanonicalPath());
- }
- fProps.renameTo(newFile);
- System.out.println("Created " + newFile.getCanonicalPath());
- fProps = newFile;
-
- if(fSecureProps.exists()) {
- File backup = new File(dir,fSecureProps.getName()+".backup");
- fSecureProps.renameTo(backup);
- System.out.println("Backed up to " + backup.getCanonicalPath());
- }
- fSecureTempProps.renameTo(fSecureProps);
- System.out.println("Created " + fSecureProps.getCanonicalPath());
- fProps = newFile;
- } else {
- fProps.delete();
- fSecureTempProps.delete();
- }
- } finally {
- psCredProps.close();
- }
- } finally {
- psProps.close();
- }
- } finally {
- tt.done();
- }
- }
+ Future<Configuration> acf = aafcon.client(new SingleEndpointLocator(locator))
+ .read("/configure/"+fqi+"/aaf", configDF);
+ if(acf.get(TIMEOUT)) {
+ for(Props props : acf.value.getProps()) {
+ directedPut(pa, filesymm, normal,creds, props.getTag(),props.getValue());
+ }
+ ok = true;
+ } else if(acf.code()==401){
+ trans.error().log("Bad Password sent to AAF");
+ } else {
+ trans.error().log(errMsg.toMsg(acf));
+ }
+ } else {
+ String cpf = pa.getProperty(Config.CADI_PROP_FILES);
+ if(cpf!=null){
+ for(String f : Split.split(File.pathSeparatorChar, cpf)) {
+ System.out.format("Reading %s\n",f);
+ FileInputStream fis = new FileInputStream(f);
+ try {
+ Properties props = new Properties();
+ props.load(fis);
+ for(Entry<Object, Object> prop : props.entrySet()) {
+ directedPut(pa, filesymm, normal,creds, prop.getKey().toString(),prop.getValue().toString());
+ }
+ } finally {
+ fis.close();
+ }
+ }
+ }
+ ok = true;
+ }
+ if(ok) {
+ for(Entry<String, String> es : normal.entrySet()) {
+ psProps.print(es.getKey());
+ psProps.print('=');
+ psProps.println(es.getValue());
+ }
+
+ for(Entry<String, String> es : creds.entrySet()) {
+ psCredProps.print(es.getKey());
+ psCredProps.print('=');
+ psCredProps.println(es.getValue());
+ }
+
+ File newFile = new File(dir,rootFile+".props");
+ if(newFile.exists()) {
+ File backup = new File(dir,rootFile+".props.backup");
+ newFile.renameTo(backup);
+ System.out.println("Backed up to " + backup.getCanonicalPath());
+ }
+ fProps.renameTo(newFile);
+ System.out.println("Created " + newFile.getCanonicalPath());
+ fProps = newFile;
+
+ if(fSecureProps.exists()) {
+ File backup = new File(dir,fSecureProps.getName()+".backup");
+ fSecureProps.renameTo(backup);
+ System.out.println("Backed up to " + backup.getCanonicalPath());
+ }
+ fSecureTempProps.renameTo(fSecureProps);
+ System.out.println("Created " + fSecureProps.getCanonicalPath());
+ fProps = newFile;
+ } else {
+ fProps.delete();
+ fSecureTempProps.delete();
+ }
+ } finally {
+ psCredProps.close();
+ }
+ } finally {
+ psProps.close();
+ }
+ } finally {
+ tt.done();
+ }
+ }
- private static List<String> CRED_TAGS = Arrays.asList(new String[] {
- Config.CADI_KEYFILE,
- Config.AAF_APPID, Config.AAF_APPPASS,
- Config.CADI_KEYSTORE, Config.CADI_KEYSTORE_PASSWORD, Config.CADI_KEY_PASSWORD,
- Config.CADI_TRUSTSTORE,Config.CADI_TRUSTSTORE_PASSWORD,
- Config.CADI_ALIAS, Config.CADI_X509_ISSUERS
- });
+ private static List<String> CRED_TAGS = Arrays.asList(new String[] {
+ Config.CADI_KEYFILE,
+ Config.AAF_APPID, Config.AAF_APPPASS,
+ Config.CADI_KEYSTORE, Config.CADI_KEYSTORE_PASSWORD, Config.CADI_KEY_PASSWORD,
+ Config.CADI_TRUSTSTORE,Config.CADI_TRUSTSTORE_PASSWORD,
+ Config.CADI_ALIAS, Config.CADI_X509_ISSUERS
+ });
- private static List<String> LOC_TAGS = Arrays.asList(new String[] {Config.CADI_LATITUDE, Config.CADI_LONGITUDE});
-
- private static void directedPut(final PropAccess orig, final Symm symm, final Map<String,String> main, final Map<String,String> secured, final String tag, final String value) throws IOException {
- if(!LOC_TAGS.contains(tag)) { // Location already covered
- String val = value==null?orig.getProperty(tag):value;
- if(tag.endsWith("_password")) {
- if(val.length()>4) {
- if(val.startsWith("enc:")) {
- val = orig.decrypt(val, true);
- }
- val = "enc:" + symm.enpass(val);
- }
- }
- if(CRED_TAGS.contains(tag)) {
- secured.put(tag, val);
- } else {
- main.put(tag, val);
- }
- }
- }
+ private static List<String> LOC_TAGS = Arrays.asList(new String[] {Config.CADI_LATITUDE, Config.CADI_LONGITUDE});
+
+ private static void directedPut(final PropAccess orig, final Symm symm, final Map<String,String> main, final Map<String,String> secured, final String tag, final String value) throws IOException {
+ if(!LOC_TAGS.contains(tag)) { // Location already covered
+ String val = value==null?orig.getProperty(tag):value;
+ if(tag.endsWith("_password")) {
+ if(val.length()>4) {
+ if(val.startsWith("enc:")) {
+ val = orig.decrypt(val, true);
+ }
+ val = "enc:" + symm.enpass(val);
+ }
+ }
+ if(CRED_TAGS.contains(tag)) {
+ secured.put(tag, val);
+ } else {
+ main.put(tag, val);
+ }
+ }
+ }
- private static void validate(final PropAccess pa) throws LocatorException, CadiException, APIException {
- System.out.println("Validating Configuration...");
- final AAFCon<?> aafcon = new AAFConHttp(pa,Config.AAF_URL,new SecurityInfoC<HttpURLConnection>(pa));
- aafcon.best(new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Perms> fc = client.read("/authz/perms/user/"+aafcon.defID(),permDF);
- if(fc.get(aafcon.timeout)) {
- System.out.print("Success connecting to ");
- System.out.println(client.getURI());
- System.out.print(" Permissions for ");
- System.out.println(aafcon.defID());
- for(Perm p : fc.value.getPerm()) {
- System.out.print('\t');
- System.out.print(p.getType());
- System.out.print('|');
- System.out.print(p.getInstance());
- System.out.print('|');
- System.out.println(p.getAction());
- }
- } else {
- System.err.println("Error: " + fc.code() + ' ' + fc.body());
- }
- return null;
- }
- });
- }
+ private static void validate(final PropAccess pa) throws LocatorException, CadiException, APIException {
+ System.out.println("Validating Configuration...");
+ final AAFCon<?> aafcon = new AAFConHttp(pa,Config.AAF_URL,new SecurityInfoC<HttpURLConnection>(pa));
+ aafcon.best(new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Perms> fc = client.read("/authz/perms/user/"+aafcon.defID(),permDF);
+ if(fc.get(aafcon.timeout)) {
+ System.out.print("Success connecting to ");
+ System.out.println(client.getURI());
+ System.out.print(" Permissions for ");
+ System.out.println(aafcon.defID());
+ for(Perm p : fc.value.getPerm()) {
+ System.out.print('\t');
+ System.out.print(p.getType());
+ System.out.print('|');
+ System.out.print(p.getInstance());
+ System.out.print('|');
+ System.out.println(p.getAction());
+ }
+ } else {
+ System.err.println("Error: " + fc.code() + ' ' + fc.body());
+ }
+ return null;
+ }
+ });
+ }
- /**
- * Check returns Error Codes, so that Scripts can know what to do
- *
- * 0 - Check Complete, nothing to do
- * 1 - General Error
- * 2 - Error for specific Artifact - read check.msg
- * 10 - Certificate Updated - check.msg is email content
- *
- * @param trans
- * @param aafcon
- * @param cmds
- * @return
- * @throws Exception
- */
- private static int check(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
- int exitCode=1;
- String mechID = fqi(cmds);
- String machine = machine(cmds);
-
- TimeTaken tt = trans.start("Check Certificate", Env.REMOTE);
- try {
-
- Future<Artifacts> acf = aafcon.client(CM_VER)
- .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
- if(acf.get(TIMEOUT)) {
- // Have to wait for JDK 1.7 source...
- //switch(artifact.getType()) {
- if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) {
- AAFSSO.cons.printf("No Artifacts found for %s on %s", mechID, machine);
- } else {
- String id = aafcon.defID();
- GregorianCalendar now = new GregorianCalendar();
- for(Artifact a : acf.value.getArtifact()) {
- if(id.equals(a.getMechid())) {
- File dir = new File(a.getDir());
- Properties props = new Properties();
- FileInputStream fis = new FileInputStream(new File(dir,a.getNs()+".props"));
- try {
- props.load(fis);
- } finally {
- fis.close();
- }
-
- String prop;
- File f;
-
- if((prop=trans.getProperty(Config.CADI_KEYFILE))==null ||
- !(f=new File(prop)).exists()) {
- trans.error().printf("Keyfile must exist to check Certificates for %s on %s",
- a.getMechid(), a.getMachine());
- } else {
- String ksf = trans.getProperty(Config.CADI_KEYSTORE);
- String ksps = trans.getProperty(Config.CADI_KEYSTORE_PASSWORD);
- if(ksf==null || ksps == null) {
- trans.error().printf("Properties %s and %s must exist to check Certificates for %s on %s",
- Config.CADI_KEYSTORE, Config.CADI_KEYSTORE_PASSWORD,a.getMechid(), a.getMachine());
- } else {
- KeyStore ks = KeyStore.getInstance("JKS");
- Symm symm = Symm.obtain(f);
-
- fis = new FileInputStream(ksf);
- try {
- ks.load(fis,symm.depass(ksps).toCharArray());
- } finally {
- fis.close();
- }
- X509Certificate cert = (X509Certificate)ks.getCertificate(mechID);
- String msg = null;
+ /**
+ * Check returns Error Codes, so that Scripts can know what to do
+ *
+ * 0 - Check Complete, nothing to do
+ * 1 - General Error
+ * 2 - Error for specific Artifact - read check.msg
+ * 10 - Certificate Updated - check.msg is email content
+ *
+ * @param trans
+ * @param aafcon
+ * @param cmds
+ * @return
+ * @throws Exception
+ */
+ private static int check(Trans trans, AAFCon<?> aafcon, Deque<String> cmds) throws Exception {
+ int exitCode=1;
+ String mechID = fqi(cmds);
+ String machine = machine(cmds);
+
+ TimeTaken tt = trans.start("Check Certificate", Env.REMOTE);
+ try {
+
+ Future<Artifacts> acf = aafcon.client(CM_VER)
+ .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF);
+ if(acf.get(TIMEOUT)) {
+ // Have to wait for JDK 1.7 source...
+ //switch(artifact.getType()) {
+ if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) {
+ AAFSSO.cons.printf("No Artifacts found for %s on %s", mechID, machine);
+ } else {
+ String id = aafcon.defID();
+ GregorianCalendar now = new GregorianCalendar();
+ for(Artifact a : acf.value.getArtifact()) {
+ if(id.equals(a.getMechid())) {
+ File dir = new File(a.getDir());
+ Properties props = new Properties();
+ FileInputStream fis = new FileInputStream(new File(dir,a.getNs()+".props"));
+ try {
+ props.load(fis);
+ } finally {
+ fis.close();
+ }
+
+ String prop;
+ File f;
+
+ if((prop=trans.getProperty(Config.CADI_KEYFILE))==null ||
+ !(f=new File(prop)).exists()) {
+ trans.error().printf("Keyfile must exist to check Certificates for %s on %s",
+ a.getMechid(), a.getMachine());
+ } else {
+ String ksf = trans.getProperty(Config.CADI_KEYSTORE);
+ String ksps = trans.getProperty(Config.CADI_KEYSTORE_PASSWORD);
+ if(ksf==null || ksps == null) {
+ trans.error().printf("Properties %s and %s must exist to check Certificates for %s on %s",
+ Config.CADI_KEYSTORE, Config.CADI_KEYSTORE_PASSWORD,a.getMechid(), a.getMachine());
+ } else {
+ KeyStore ks = KeyStore.getInstance("JKS");
+ Symm symm = Symm.obtain(f);
+
+ fis = new FileInputStream(ksf);
+ try {
+ ks.load(fis,symm.depass(ksps).toCharArray());
+ } finally {
+ fis.close();
+ }
+ X509Certificate cert = (X509Certificate)ks.getCertificate(mechID);
+ String msg = null;
- if(cert==null) {
- msg = String.format("X509Certificate does not exist for %s on %s in %s",
- a.getMechid(), a.getMachine(), ksf);
- trans.error().log(msg);
- exitCode = 2;
- } else {
- GregorianCalendar renew = new GregorianCalendar();
- renew.setTime(cert.getNotAfter());
- renew.add(GregorianCalendar.DAY_OF_MONTH,-1*a.getRenewDays());
- if(renew.after(now)) {
- msg = String.format("X509Certificate for %s on %s has been checked on %s. It expires on %s; it will not be renewed until %s.\n",
- a.getMechid(), a.getMachine(),Chrono.dateOnlyStamp(now),cert.getNotAfter(),Chrono.dateOnlyStamp(renew));
- trans.info().log(msg);
- exitCode = 0; // OK
- } else {
- trans.info().printf("X509Certificate for %s on %s expiration, %s, needs Renewal.\n",
- a.getMechid(), a.getMachine(),cert.getNotAfter());
- cmds.offerLast(mechID);
- cmds.offerLast(machine);
- if(placeCerts(trans,aafcon,cmds)) {
- msg = String.format("X509Certificate for %s on %s has been renewed. Ensure services using are refreshed.\n",
- a.getMechid(), a.getMachine());
- exitCode = 10; // Refreshed
- } else {
- msg = String.format("X509Certificate for %s on %s attempted renewal, but failed. Immediate Investigation is required!\n",
- a.getMechid(), a.getMachine());
- exitCode = 1; // Error Renewing
- }
- }
- }
- if(msg!=null) {
- FileOutputStream fos = new FileOutputStream(a.getDir()+'/'+a.getNs()+".msg");
- try {
- fos.write(msg.getBytes());
- } finally {
- fos.close();
- }
- }
- }
-
- }
- }
- }
- }
- } else {
- trans.error().log(errMsg.toMsg(acf));
- exitCode=1;
- }
- } finally {
- tt.done();
- }
- return exitCode;
- }
+ if(cert==null) {
+ msg = String.format("X509Certificate does not exist for %s on %s in %s",
+ a.getMechid(), a.getMachine(), ksf);
+ trans.error().log(msg);
+ exitCode = 2;
+ } else {
+ GregorianCalendar renew = new GregorianCalendar();
+ renew.setTime(cert.getNotAfter());
+ renew.add(GregorianCalendar.DAY_OF_MONTH,-1*a.getRenewDays());
+ if(renew.after(now)) {
+ msg = String.format("X509Certificate for %s on %s has been checked on %s. It expires on %s; it will not be renewed until %s.\n",
+ a.getMechid(), a.getMachine(),Chrono.dateOnlyStamp(now),cert.getNotAfter(),Chrono.dateOnlyStamp(renew));
+ trans.info().log(msg);
+ exitCode = 0; // OK
+ } else {
+ trans.info().printf("X509Certificate for %s on %s expiration, %s, needs Renewal.\n",
+ a.getMechid(), a.getMachine(),cert.getNotAfter());
+ cmds.offerLast(mechID);
+ cmds.offerLast(machine);
+ if(placeCerts(trans,aafcon,cmds)) {
+ msg = String.format("X509Certificate for %s on %s has been renewed. Ensure services using are refreshed.\n",
+ a.getMechid(), a.getMachine());
+ exitCode = 10; // Refreshed
+ } else {
+ msg = String.format("X509Certificate for %s on %s attempted renewal, but failed. Immediate Investigation is required!\n",
+ a.getMechid(), a.getMachine());
+ exitCode = 1; // Error Renewing
+ }
+ }
+ }
+ if(msg!=null) {
+ FileOutputStream fos = new FileOutputStream(a.getDir()+'/'+a.getNs()+".msg");
+ try {
+ fos.write(msg.getBytes());
+ } finally {
+ fos.close();
+ }
+ }
+ }
+
+ }
+ }
+ }
+ }
+ } else {
+ trans.error().log(errMsg.toMsg(acf));
+ exitCode=1;
+ }
+ } finally {
+ tt.done();
+ }
+ return exitCode;
+ }
}
-
-
+
+
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/ArtifactDir.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/ArtifactDir.java
index d553ceb1..b5353828 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/ArtifactDir.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/ArtifactDir.java
@@ -45,243 +45,243 @@ import certman.v1_0.CertInfo;
public abstract class ArtifactDir implements PlaceArtifact {
- protected static final String C_R = "\n";
- protected File dir;
- private List<String> encodeds = new ArrayList<>();
-
- private Symm symm;
- // This checks for multiple passes of Dir on the same objects. Run clear after done.
- protected static Map<String,Object> processed = new HashMap<>();
+ protected static final String C_R = "\n";
+ protected File dir;
+ private List<String> encodeds = new ArrayList<>();
+
+ private Symm symm;
+ // This checks for multiple passes of Dir on the same objects. Run clear after done.
+ protected static Map<String,Object> processed = new HashMap<>();
- /**
- * Note: Derived Classes should ALWAYS call "super.place(cert,arti)" first, and
- * then "placeProperties(arti)" just after they implement
- */
- @Override
- public final boolean place(Trans trans, CertInfo certInfo, Artifact arti, String machine) throws CadiException {
- validate(arti);
-
- try {
- // Obtain/setup directory as required
- dir = new File(arti.getDir());
- if(processed.get("dir")==null) {
- if(!dir.exists()) {
- Chmod.to755.chmod(dir);
- if(!dir.mkdirs()) {
- throw new CadiException("Could not create " + dir);
- }
- }
-
- // Also place cm_url and Host Name
- addProperty(Config.CM_URL,trans.getProperty(Config.CM_URL));
-// addProperty(Config.HOSTNAME,machine);
-// addProperty(Config.AAF_ENV,certInfo.getEnv());
- // Obtain Issuers
- boolean first = true;
- StringBuilder issuers = new StringBuilder();
- for(String dn : certInfo.getCaIssuerDNs()) {
- if(first) {
- first=false;
- } else {
- issuers.append(':');
- }
- issuers.append(dn);
- }
- addProperty(Config.CADI_X509_ISSUERS,issuers.toString());
- }
- symm = (Symm)processed.get("symm");
- if(symm==null) {
- // CADI Key Gen
- File f = new File(dir,arti.getNs() + ".keyfile");
- if(!f.exists()) {
- write(f,Chmod.to400,Symm.keygen());
- }
- symm = Symm.obtain(f);
+ /**
+ * Note: Derived Classes should ALWAYS call "super.place(cert,arti)" first, and
+ * then "placeProperties(arti)" just after they implement
+ */
+ @Override
+ public final boolean place(Trans trans, CertInfo certInfo, Artifact arti, String machine) throws CadiException {
+ validate(arti);
+
+ try {
+ // Obtain/setup directory as required
+ dir = new File(arti.getDir());
+ if(processed.get("dir")==null) {
+ if(!dir.exists()) {
+ Chmod.to755.chmod(dir);
+ if(!dir.mkdirs()) {
+ throw new CadiException("Could not create " + dir);
+ }
+ }
+
+ // Also place cm_url and Host Name
+ addProperty(Config.CM_URL,trans.getProperty(Config.CM_URL));
+// addProperty(Config.HOSTNAME,machine);
+// addProperty(Config.AAF_ENV,certInfo.getEnv());
+ // Obtain Issuers
+ boolean first = true;
+ StringBuilder issuers = new StringBuilder();
+ for(String dn : certInfo.getCaIssuerDNs()) {
+ if(first) {
+ first=false;
+ } else {
+ issuers.append(':');
+ }
+ issuers.append(dn);
+ }
+ addProperty(Config.CADI_X509_ISSUERS,issuers.toString());
+ }
+ symm = (Symm)processed.get("symm");
+ if(symm==null) {
+ // CADI Key Gen
+ File f = new File(dir,arti.getNs() + ".keyfile");
+ if(!f.exists()) {
+ write(f,Chmod.to400,Symm.keygen());
+ }
+ symm = Symm.obtain(f);
- addEncProperty("ChallengePassword", certInfo.getChallenge());
-
- processed.put("symm",symm);
- }
+ addEncProperty("ChallengePassword", certInfo.getChallenge());
+
+ processed.put("symm",symm);
+ }
- _place(trans, certInfo,arti);
-
- placeProperties(arti);
-
- processed.put("dir",dir);
+ _place(trans, certInfo,arti);
+
+ placeProperties(arti);
+
+ processed.put("dir",dir);
- } catch (Exception e) {
- throw new CadiException(e);
- }
- return true;
- }
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ return true;
+ }
- /**
- * Derived Classes implement this instead, so Dir can process first, and write any Properties last
- * @param cert
- * @param arti
- * @return
- * @throws CadiException
- */
- protected abstract boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException;
+ /**
+ * Derived Classes implement this instead, so Dir can process first, and write any Properties last
+ * @param cert
+ * @param arti
+ * @return
+ * @throws CadiException
+ */
+ protected abstract boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException;
- protected void addProperty(String tag, String value) throws IOException {
- StringBuilder sb = new StringBuilder();
- sb.append(tag);
- sb.append('=');
- sb.append(value);
- encodeds.add(sb.toString());
- }
+ protected void addProperty(String tag, String value) throws IOException {
+ StringBuilder sb = new StringBuilder();
+ sb.append(tag);
+ sb.append('=');
+ sb.append(value);
+ encodeds.add(sb.toString());
+ }
- protected void addEncProperty(String tag, String value) throws IOException {
- StringBuilder sb = new StringBuilder();
- sb.append(tag);
- sb.append('=');
- sb.append("enc:");
- sb.append(symm.enpass(value));
- encodeds.add(sb.toString());
- }
+ protected void addEncProperty(String tag, String value) throws IOException {
+ StringBuilder sb = new StringBuilder();
+ sb.append(tag);
+ sb.append('=');
+ sb.append("enc:");
+ sb.append(symm.enpass(value));
+ encodeds.add(sb.toString());
+ }
- public static void write(File f, Chmod c, String ... data) throws IOException {
- f.setWritable(true,true);
-
- FileOutputStream fos = new FileOutputStream(f);
- PrintStream ps = new PrintStream(fos);
- try {
- for(String s : data) {
- ps.print(s);
- }
- } finally {
- ps.close();
- c.chmod(f);
- }
- }
+ public static void write(File f, Chmod c, String ... data) throws IOException {
+ f.setWritable(true,true);
+
+ FileOutputStream fos = new FileOutputStream(f);
+ PrintStream ps = new PrintStream(fos);
+ try {
+ for(String s : data) {
+ ps.print(s);
+ }
+ } finally {
+ ps.close();
+ c.chmod(f);
+ }
+ }
- public static void write(File f, Chmod c, byte[] bytes) throws IOException {
- f.setWritable(true,true);
-
- FileOutputStream fos = new FileOutputStream(f);
- try {
- fos.write(bytes);
- } finally {
- fos.close();
- c.chmod(f);
- }
- }
-
- public static void write(File f, Chmod c, KeyStore ks, char[] pass ) throws IOException, CadiException {
- f.setWritable(true,true);
-
- FileOutputStream fos = new FileOutputStream(f);
- try {
- ks.store(fos, pass);
- } catch (Exception e) {
- throw new CadiException(e);
- } finally {
- fos.close();
- c.chmod(f);
- }
- }
+ public static void write(File f, Chmod c, byte[] bytes) throws IOException {
+ f.setWritable(true,true);
+
+ FileOutputStream fos = new FileOutputStream(f);
+ try {
+ fos.write(bytes);
+ } finally {
+ fos.close();
+ c.chmod(f);
+ }
+ }
+
+ public static void write(File f, Chmod c, KeyStore ks, char[] pass ) throws IOException, CadiException {
+ f.setWritable(true,true);
+
+ FileOutputStream fos = new FileOutputStream(f);
+ try {
+ ks.store(fos, pass);
+ } catch (Exception e) {
+ throw new CadiException(e);
+ } finally {
+ fos.close();
+ c.chmod(f);
+ }
+ }
- private void validate(Artifact a) throws CadiException {
- StringBuilder sb = new StringBuilder();
- if(a.getDir()==null) {
- sb.append("File Artifacts require a path");
- }
+ private void validate(Artifact a) throws CadiException {
+ StringBuilder sb = new StringBuilder();
+ if(a.getDir()==null) {
+ sb.append("File Artifacts require a path");
+ }
- if(a.getNs()==null) {
- if(sb.length()>0) {
- sb.append('\n');
- }
- sb.append("File Artifacts require an AAF Namespace");
- }
-
- if(sb.length()>0) {
- throw new CadiException(sb.toString());
- }
- }
+ if(a.getNs()==null) {
+ if(sb.length()>0) {
+ sb.append('\n');
+ }
+ sb.append("File Artifacts require an AAF Namespace");
+ }
+
+ if(sb.length()>0) {
+ throw new CadiException(sb.toString());
+ }
+ }
- private boolean placeProperties(Artifact arti) throws CadiException {
- if(encodeds.size()==0) {
- return true;
- }
- boolean first=processed.get("dir")==null;
- try {
- File f = new File(dir,arti.getNs()+".cred.props");
- if(f.exists()) {
- if(first) {
- File backup = File.createTempFile(f.getName()+'.', ".backup",dir);
- f.renameTo(backup);
- } else {
- f.setWritable(true);
- }
- }
-
- // Append if not first
- PrintWriter pw = new PrintWriter(new FileWriter(f,!first));
- try {
- // Write a Header
- if(first) {
- for(int i=0;i<60;++i) {
- pw.print('#');
- }
- pw.println();
- pw.println("# Properties Generated by AT&T Certificate Manager");
- pw.print("# by ");
- pw.println(System.getProperty("user.name"));
- pw.print("# on ");
- pw.println(Chrono.dateStamp());
- pw.println("# @copyright 2016, AT&T");
- for(int i=0;i<60;++i) {
- pw.print('#');
- }
- pw.println();
- for(String prop : encodeds) {
- if( prop.startsWith("cm_")
- || prop.startsWith(Config.HOSTNAME)
- || prop.startsWith(Config.AAF_ENV)) {
- pw.println(prop);
- }
- }
- }
-
- for(String prop : encodeds) {
- if(prop.startsWith("cadi")) {
- pw.println(prop);
- }
- }
- } finally {
- pw.close();
- }
- Chmod.to644.chmod(f);
-
- if(first) {
- // Challenge
- f = new File(dir,arti.getNs()+".chal");
- if(f.exists()) {
- f.delete();
- }
- pw = new PrintWriter(new FileWriter(f));
- try {
- for(String prop : encodeds) {
- if(prop.startsWith("Challenge")) {
- pw.println(prop);
- }
- }
- } finally {
- pw.close();
- }
- Chmod.to400.chmod(f);
- }
- } catch(Exception e) {
- throw new CadiException(e);
- }
- return true;
- }
-
- public static void clear() {
- processed.clear();
- }
+ private boolean placeProperties(Artifact arti) throws CadiException {
+ if(encodeds.size()==0) {
+ return true;
+ }
+ boolean first=processed.get("dir")==null;
+ try {
+ File f = new File(dir,arti.getNs()+".cred.props");
+ if(f.exists()) {
+ if(first) {
+ File backup = File.createTempFile(f.getName()+'.', ".backup",dir);
+ f.renameTo(backup);
+ } else {
+ f.setWritable(true);
+ }
+ }
+
+ // Append if not first
+ PrintWriter pw = new PrintWriter(new FileWriter(f,!first));
+ try {
+ // Write a Header
+ if(first) {
+ for(int i=0;i<60;++i) {
+ pw.print('#');
+ }
+ pw.println();
+ pw.println("# Properties Generated by AT&T Certificate Manager");
+ pw.print("# by ");
+ pw.println(System.getProperty("user.name"));
+ pw.print("# on ");
+ pw.println(Chrono.dateStamp());
+ pw.println("# @copyright 2016, AT&T");
+ for(int i=0;i<60;++i) {
+ pw.print('#');
+ }
+ pw.println();
+ for(String prop : encodeds) {
+ if( prop.startsWith("cm_")
+ || prop.startsWith(Config.HOSTNAME)
+ || prop.startsWith(Config.AAF_ENV)) {
+ pw.println(prop);
+ }
+ }
+ }
+
+ for(String prop : encodeds) {
+ if(prop.startsWith("cadi")) {
+ pw.println(prop);
+ }
+ }
+ } finally {
+ pw.close();
+ }
+ Chmod.to644.chmod(f);
+
+ if(first) {
+ // Challenge
+ f = new File(dir,arti.getNs()+".chal");
+ if(f.exists()) {
+ f.delete();
+ }
+ pw = new PrintWriter(new FileWriter(f));
+ try {
+ for(String prop : encodeds) {
+ if(prop.startsWith("Challenge")) {
+ pw.println(prop);
+ }
+ }
+ } finally {
+ pw.close();
+ }
+ Chmod.to400.chmod(f);
+ }
+ } catch(Exception e) {
+ throw new CadiException(e);
+ }
+ return true;
+ }
+
+ public static void clear() {
+ processed.clear();
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/CertException.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/CertException.java
index 4ea5e335..526673e3 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/CertException.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/CertException.java
@@ -23,23 +23,23 @@ package org.onap.aaf.cadi.configure;
public class CertException extends Exception {
- /**
- *
- */
- private static final long serialVersionUID = 1373028409048516401L;
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1373028409048516401L;
- public CertException() {
- }
+ public CertException() {
+ }
- public CertException(String message) {
- super(message);
- }
+ public CertException(String message) {
+ super(message);
+ }
- public CertException(Throwable cause) {
- super(cause);
- }
+ public CertException(Throwable cause) {
+ super(cause);
+ }
- public CertException(String message, Throwable cause) {
- super(message, cause);
- }
+ public CertException(String message, Throwable cause) {
+ super(message, cause);
+ }
} \ No newline at end of file
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Factory.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Factory.java
index 5bb99131..40f31706 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Factory.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Factory.java
@@ -70,435 +70,435 @@ import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.Trans;
public class Factory {
- private static final String PRIVATE_KEY_HEADER = "PRIVATE KEY";
- public static final String KEY_ALGO = "RSA";
- public static final String SIG_ALGO = "SHA256withRSA";
-
- public static final int KEY_LENGTH = 2048;
- private static final KeyPairGenerator keygen;
- private static final KeyFactory keyFactory;
- private static final CertificateFactory certificateFactory;
- private static final SecureRandom random;
-
-
- private static final Symm base64 = Symm.base64.copy(64);
-
- static {
- random = new SecureRandom();
- KeyPairGenerator tempKeygen;
- try {
- tempKeygen = KeyPairGenerator.getInstance(KEY_ALGO);//,"BC");
- tempKeygen.initialize(KEY_LENGTH, random);
- } catch (NoSuchAlgorithmException e) {
- tempKeygen = null;
- e.printStackTrace(System.err);
- }
- keygen = tempKeygen;
-
- KeyFactory tempKeyFactory;
- try {
- tempKeyFactory=KeyFactory.getInstance(KEY_ALGO);//,"BC"
- } catch (NoSuchAlgorithmException e) {
- tempKeyFactory = null;
- e.printStackTrace(System.err);
- };
- keyFactory = tempKeyFactory;
-
- CertificateFactory tempCertificateFactory;
- try {
- tempCertificateFactory = CertificateFactory.getInstance("X.509");
- } catch (CertificateException e) {
- tempCertificateFactory = null;
- e.printStackTrace(System.err);
- }
- certificateFactory = tempCertificateFactory;
-
-
- }
-
-
- public static KeyPair generateKeyPair(Trans trans) {
- TimeTaken tt;
- if(trans!=null) {
- tt = trans.start("Generate KeyPair", Env.SUB);
- } else {
- tt = null;
- }
- try {
- return keygen.generateKeyPair();
- } finally {
- if(tt!=null) {
- tt.done();
- }
- }
- }
-
- private static final String LINE_END = "-----\n";
-
- protected static String textBuilder(String kind, byte[] bytes) throws IOException {
- StringBuilder sb = new StringBuilder();
- sb.append("-----BEGIN ");
- sb.append(kind);
- sb.append(LINE_END);
-
- ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- base64.encode(bais, baos);
- sb.append(new String(baos.toByteArray()));
-
- if(sb.charAt(sb.length()-1)!='\n') {
- sb.append('\n');
- }
- sb.append("-----END ");
- sb.append(kind);
- sb.append(LINE_END);
- return sb.toString();
- }
-
- public static PrivateKey toPrivateKey(Trans trans, String pk) throws IOException, CertException {
- byte[] bytes = decode(new StringReader(pk), null);
- return toPrivateKey(trans, bytes);
- }
-
- public static PrivateKey toPrivateKey(Trans trans, byte[] bytes) throws IOException, CertException {
- TimeTaken tt=trans.start("Reconstitute Private Key", Env.SUB);
- try {
- return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bytes));
- } catch (InvalidKeySpecException e) {
- throw new CertException("Translating Private Key from PKCS8 KeySpec",e);
- } finally {
- tt.done();
- }
- }
-
- public static PrivateKey toPrivateKey(Trans trans, File file) throws IOException, CertException {
- TimeTaken tt = trans.start("Decode Private Key File", Env.SUB);
- try {
- Holder<String> firstLine = new Holder<String>(null);
- return toPrivateKey(trans,decode(file,firstLine));
- }finally {
- tt.done();
- }
- }
-
- public static String toString(Trans trans, PrivateKey pk) throws IOException {
-// PKCS8EncodedKeySpec pemContents = new PKCS8EncodedKeySpec(pk.getEncoded());
- trans.debug().log("Private Key to String");
- return textBuilder(PRIVATE_KEY_HEADER,pk.getEncoded());
- }
-
- public static PublicKey toPublicKey(Trans trans, String pk) throws IOException {
- TimeTaken tt = trans.start("Reconstitute Public Key", Env.SUB);
- try {
- ByteArrayInputStream bais = new ByteArrayInputStream(pk.getBytes());
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- Symm.base64noSplit.decode(new StripperInputStream(bais), baos);
-
- return keyFactory.generatePublic(new X509EncodedKeySpec(baos.toByteArray()));
- } catch (InvalidKeySpecException e) {
- trans.error().log(e,"Translating Public Key from X509 KeySpec");
- return null;
- } finally {
- tt.done();
- }
- }
-
- public static String toString(Trans trans, PublicKey pk) throws IOException {
- trans.debug().log("Public Key to String");
- return textBuilder("PUBLIC KEY",pk.getEncoded());
- }
-
- public static Collection<? extends Certificate> toX509Certificate(String x509) throws CertificateException {
- return toX509Certificate(x509.getBytes());
- }
-
- public static Collection<? extends Certificate> toX509Certificate(List<String> x509s) throws CertificateException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- try {
- for(String x509 : x509s) {
- baos.write(x509.getBytes());
- }
- } catch (IOException e) {
- throw new CertificateException(e);
- }
- return toX509Certificate(new ByteArrayInputStream(baos.toByteArray()));
- }
-
- public static Collection<? extends Certificate> toX509Certificate(byte[] x509) throws CertificateException {
- return certificateFactory.generateCertificates(new ByteArrayInputStream(x509));
- }
-
- public static Collection<? extends Certificate> toX509Certificate(Trans trans, File file) throws CertificateException, FileNotFoundException {
- FileInputStream fis = new FileInputStream(file);
- try {
- try {
- return toX509Certificate(fis);
- } finally {
- fis.close();
- }
- } catch (IOException e) {
- throw new CertificateException(e);
- }
- }
-
- public static Collection<? extends Certificate> toX509Certificate(InputStream is) throws CertificateException {
- return certificateFactory.generateCertificates(is);
- }
-
- public static String toString(Trans trans, Certificate cert) throws IOException, CertException {
- if(trans.debug().isLoggable()) {
- StringBuilder sb = new StringBuilder("Certificate to String");
- if(cert instanceof X509Certificate) {
- sb.append(" - ");
- sb.append(((X509Certificate)cert).getSubjectDN());
- }
- trans.debug().log(sb);
- }
- try {
- if(cert==null) {
- throw new CertException("Certificate not built");
- }
- return textBuilder("CERTIFICATE",cert.getEncoded());
- } catch (CertificateEncodingException e) {
- throw new CertException(e);
- }
- }
-
- public static Cipher pkCipher() throws NoSuchAlgorithmException, NoSuchPaddingException {
- return Cipher.getInstance(KEY_ALGO);
- }
-
- public static Cipher pkCipher(Key key, boolean encrypt) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException {
- Cipher cipher = Cipher.getInstance(KEY_ALGO);
- cipher.init(encrypt?Cipher.ENCRYPT_MODE:Cipher.DECRYPT_MODE,key);
- return cipher;
- }
-
- public static byte[] strip(Reader rdr) throws IOException {
- return strip(rdr,null);
- }
-
- public static byte[] strip(Reader rdr, Holder<String> hs) throws IOException {
- BufferedReader br = new BufferedReader(rdr);
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- String line;
- boolean notStarted = true;
- while((line=br.readLine())!=null) {
- if(notStarted) {
- if(line.startsWith("-----")) {
- notStarted = false;
- if(hs!=null) {
- hs.set(line);
- }
- } else {
- continue;
- }
- }
- if(line.length()>0 &&
- !line.startsWith("-----") &&
- line.indexOf(':')<0) { // Header elements
- baos.write(line.getBytes());
- }
- }
- return baos.toByteArray();
- }
-
- public static class StripperInputStream extends InputStream {
- private Reader created;
- private BufferedReader br;
- private int idx;
- private String line;
-
- public StripperInputStream(Reader rdr) {
- if(rdr instanceof BufferedReader) {
- br = (BufferedReader)rdr;
- } else {
- br = new BufferedReader(rdr);
- }
- created = null;
- }
-
- public StripperInputStream(File file) throws FileNotFoundException {
- this(new FileReader(file));
- created = br;
- }
-
- public StripperInputStream(InputStream is) throws FileNotFoundException {
- this(new InputStreamReader(is));
- created = br;
- }
-
- @Override
- public int read() throws IOException {
- if(line==null || idx>=line.length()) {
- while((line=br.readLine())!=null) {
- if(line.length()>0 &&
- !line.startsWith("-----") &&
- line.indexOf(':')<0) { // Header elements
- break;
- }
- }
-
- if(line==null) {
- return -1;
- }
- idx = 0;
- }
- return line.charAt(idx++);
- }
-
- /* (non-Javadoc)
- * @see java.io.InputStream#close()
- */
- @Override
- public void close() throws IOException {
- if(created!=null) {
- created.close();
- }
- }
- }
-
- public static class Base64InputStream extends InputStream {
- private InputStream created;
- private InputStream is;
- private byte trio[];
- private byte duo[];
- private int idx;
-
-
- public Base64InputStream(File file) throws FileNotFoundException {
- this(new FileInputStream(file));
- created = is;
- }
-
- public Base64InputStream(InputStream is) throws FileNotFoundException {
- this.is = is;
- trio = new byte[3];
- idx = 4;
- }
-
- @Override
- public int read() throws IOException {
- if(duo==null || idx>=duo.length) {
- int read = is.read(trio);
- if(read==-1) {
- return -1;
- }
- duo = Symm.base64.decode(trio);
- if(duo==null || duo.length==0) {
- return -1;
- }
- idx=0;
- }
-
- return duo[idx++];
- }
-
- /* (non-Javadoc)
- * @see java.io.InputStream#close()
- */
- @Override
- public void close() throws IOException {
- if(created!=null) {
- created.close();
- }
- }
- }
-
- public static byte[] decode(byte[] bytes) throws IOException {
- ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- Symm.base64.decode(bais, baos);
- return baos.toByteArray();
- }
-
- public static byte[] decode(File f, Holder<String> hs) throws IOException {
- FileReader fr = new FileReader(f);
- try {
- return Factory.decode(fr,hs);
- } finally {
- fr.close();
- }
- }
-
-
- public static byte[] decode(Reader rdr,Holder<String> hs) throws IOException {
- return decode(strip(rdr,hs));
- }
-
-
- public static byte[] binary(File file) throws IOException {
- DataInputStream dis = new DataInputStream(new FileInputStream(file));
- try {
- byte[] bytes = new byte[(int)file.length()];
- dis.readFully(bytes);
- return bytes;
- } finally {
- dis.close();
- }
- }
-
-
- public static byte[] sign(Trans trans, byte[] bytes, PrivateKey pk) throws IOException, InvalidKeyException, SignatureException, NoSuchAlgorithmException {
- TimeTaken tt = trans.start("Sign Data", Env.SUB);
- try {
- Signature sig = Signature.getInstance(SIG_ALGO);
- sig.initSign(pk, random);
- sig.update(bytes);
- return sig.sign();
- } finally {
- tt.done();
- }
- }
-
- public static String toSignatureString(byte[] signed) throws IOException {
- return textBuilder("SIGNATURE", signed);
- }
-
- public static boolean verify(Trans trans, byte[] bytes, byte[] signature, PublicKey pk) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
- TimeTaken tt = trans.start("Verify Data", Env.SUB);
- try {
- Signature sig = Signature.getInstance(SIG_ALGO);
- sig.initVerify(pk);
- sig.update(bytes);
- return sig.verify(signature);
- } finally {
- tt.done();
- }
- }
-
- /**
- * Get the Security Provider, or, if not exists yet, attempt to load
- *
- * @param providerType
- * @param params
- * @return
- * @throws CertException
- */
- public static synchronized Provider getSecurityProvider(String providerType, String[][] params) throws CertException {
- Provider p = Security.getProvider(providerType);
- if(p!=null) {
- switch(providerType) {
- case "PKCS12":
-
- break;
- case "PKCS11": // PKCS11 only known to be supported by Sun
- try {
- Class<?> clsSunPKCS11 = Class.forName("sun.security.pkcs11.SunPKCS11");
- Constructor<?> cnst = clsSunPKCS11.getConstructor(String.class);
- Object sunPKCS11 = cnst.newInstance(params[0][0]);
- if (sunPKCS11==null) {
- throw new CertException("SunPKCS11 Provider cannot be constructed for " + params[0][0]);
- }
- Security.addProvider((Provider)sunPKCS11);
- } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
- throw new CertException(e);
- }
- break;
- default:
- throw new CertException(providerType + " is not a known Security Provider for your JDK.");
- }
- }
- return p;
- }
+ private static final String PRIVATE_KEY_HEADER = "PRIVATE KEY";
+ public static final String KEY_ALGO = "RSA";
+ public static final String SIG_ALGO = "SHA256withRSA";
+
+ public static final int KEY_LENGTH = 2048;
+ private static final KeyPairGenerator keygen;
+ private static final KeyFactory keyFactory;
+ private static final CertificateFactory certificateFactory;
+ private static final SecureRandom random;
+
+
+ private static final Symm base64 = Symm.base64.copy(64);
+
+ static {
+ random = new SecureRandom();
+ KeyPairGenerator tempKeygen;
+ try {
+ tempKeygen = KeyPairGenerator.getInstance(KEY_ALGO);//,"BC");
+ tempKeygen.initialize(KEY_LENGTH, random);
+ } catch (NoSuchAlgorithmException e) {
+ tempKeygen = null;
+ e.printStackTrace(System.err);
+ }
+ keygen = tempKeygen;
+
+ KeyFactory tempKeyFactory;
+ try {
+ tempKeyFactory=KeyFactory.getInstance(KEY_ALGO);//,"BC"
+ } catch (NoSuchAlgorithmException e) {
+ tempKeyFactory = null;
+ e.printStackTrace(System.err);
+ };
+ keyFactory = tempKeyFactory;
+
+ CertificateFactory tempCertificateFactory;
+ try {
+ tempCertificateFactory = CertificateFactory.getInstance("X.509");
+ } catch (CertificateException e) {
+ tempCertificateFactory = null;
+ e.printStackTrace(System.err);
+ }
+ certificateFactory = tempCertificateFactory;
+
+
+ }
+
+
+ public static KeyPair generateKeyPair(Trans trans) {
+ TimeTaken tt;
+ if(trans!=null) {
+ tt = trans.start("Generate KeyPair", Env.SUB);
+ } else {
+ tt = null;
+ }
+ try {
+ return keygen.generateKeyPair();
+ } finally {
+ if(tt!=null) {
+ tt.done();
+ }
+ }
+ }
+
+ private static final String LINE_END = "-----\n";
+
+ protected static String textBuilder(String kind, byte[] bytes) throws IOException {
+ StringBuilder sb = new StringBuilder();
+ sb.append("-----BEGIN ");
+ sb.append(kind);
+ sb.append(LINE_END);
+
+ ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ base64.encode(bais, baos);
+ sb.append(new String(baos.toByteArray()));
+
+ if(sb.charAt(sb.length()-1)!='\n') {
+ sb.append('\n');
+ }
+ sb.append("-----END ");
+ sb.append(kind);
+ sb.append(LINE_END);
+ return sb.toString();
+ }
+
+ public static PrivateKey toPrivateKey(Trans trans, String pk) throws IOException, CertException {
+ byte[] bytes = decode(new StringReader(pk), null);
+ return toPrivateKey(trans, bytes);
+ }
+
+ public static PrivateKey toPrivateKey(Trans trans, byte[] bytes) throws IOException, CertException {
+ TimeTaken tt=trans.start("Reconstitute Private Key", Env.SUB);
+ try {
+ return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bytes));
+ } catch (InvalidKeySpecException e) {
+ throw new CertException("Translating Private Key from PKCS8 KeySpec",e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ public static PrivateKey toPrivateKey(Trans trans, File file) throws IOException, CertException {
+ TimeTaken tt = trans.start("Decode Private Key File", Env.SUB);
+ try {
+ Holder<String> firstLine = new Holder<String>(null);
+ return toPrivateKey(trans,decode(file,firstLine));
+ }finally {
+ tt.done();
+ }
+ }
+
+ public static String toString(Trans trans, PrivateKey pk) throws IOException {
+// PKCS8EncodedKeySpec pemContents = new PKCS8EncodedKeySpec(pk.getEncoded());
+ trans.debug().log("Private Key to String");
+ return textBuilder(PRIVATE_KEY_HEADER,pk.getEncoded());
+ }
+
+ public static PublicKey toPublicKey(Trans trans, String pk) throws IOException {
+ TimeTaken tt = trans.start("Reconstitute Public Key", Env.SUB);
+ try {
+ ByteArrayInputStream bais = new ByteArrayInputStream(pk.getBytes());
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ Symm.base64noSplit.decode(new StripperInputStream(bais), baos);
+
+ return keyFactory.generatePublic(new X509EncodedKeySpec(baos.toByteArray()));
+ } catch (InvalidKeySpecException e) {
+ trans.error().log(e,"Translating Public Key from X509 KeySpec");
+ return null;
+ } finally {
+ tt.done();
+ }
+ }
+
+ public static String toString(Trans trans, PublicKey pk) throws IOException {
+ trans.debug().log("Public Key to String");
+ return textBuilder("PUBLIC KEY",pk.getEncoded());
+ }
+
+ public static Collection<? extends Certificate> toX509Certificate(String x509) throws CertificateException {
+ return toX509Certificate(x509.getBytes());
+ }
+
+ public static Collection<? extends Certificate> toX509Certificate(List<String> x509s) throws CertificateException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ try {
+ for(String x509 : x509s) {
+ baos.write(x509.getBytes());
+ }
+ } catch (IOException e) {
+ throw new CertificateException(e);
+ }
+ return toX509Certificate(new ByteArrayInputStream(baos.toByteArray()));
+ }
+
+ public static Collection<? extends Certificate> toX509Certificate(byte[] x509) throws CertificateException {
+ return certificateFactory.generateCertificates(new ByteArrayInputStream(x509));
+ }
+
+ public static Collection<? extends Certificate> toX509Certificate(Trans trans, File file) throws CertificateException, FileNotFoundException {
+ FileInputStream fis = new FileInputStream(file);
+ try {
+ try {
+ return toX509Certificate(fis);
+ } finally {
+ fis.close();
+ }
+ } catch (IOException e) {
+ throw new CertificateException(e);
+ }
+ }
+
+ public static Collection<? extends Certificate> toX509Certificate(InputStream is) throws CertificateException {
+ return certificateFactory.generateCertificates(is);
+ }
+
+ public static String toString(Trans trans, Certificate cert) throws IOException, CertException {
+ if(trans.debug().isLoggable()) {
+ StringBuilder sb = new StringBuilder("Certificate to String");
+ if(cert instanceof X509Certificate) {
+ sb.append(" - ");
+ sb.append(((X509Certificate)cert).getSubjectDN());
+ }
+ trans.debug().log(sb);
+ }
+ try {
+ if(cert==null) {
+ throw new CertException("Certificate not built");
+ }
+ return textBuilder("CERTIFICATE",cert.getEncoded());
+ } catch (CertificateEncodingException e) {
+ throw new CertException(e);
+ }
+ }
+
+ public static Cipher pkCipher() throws NoSuchAlgorithmException, NoSuchPaddingException {
+ return Cipher.getInstance(KEY_ALGO);
+ }
+
+ public static Cipher pkCipher(Key key, boolean encrypt) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException {
+ Cipher cipher = Cipher.getInstance(KEY_ALGO);
+ cipher.init(encrypt?Cipher.ENCRYPT_MODE:Cipher.DECRYPT_MODE,key);
+ return cipher;
+ }
+
+ public static byte[] strip(Reader rdr) throws IOException {
+ return strip(rdr,null);
+ }
+
+ public static byte[] strip(Reader rdr, Holder<String> hs) throws IOException {
+ BufferedReader br = new BufferedReader(rdr);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ String line;
+ boolean notStarted = true;
+ while((line=br.readLine())!=null) {
+ if(notStarted) {
+ if(line.startsWith("-----")) {
+ notStarted = false;
+ if(hs!=null) {
+ hs.set(line);
+ }
+ } else {
+ continue;
+ }
+ }
+ if(line.length()>0 &&
+ !line.startsWith("-----") &&
+ line.indexOf(':')<0) { // Header elements
+ baos.write(line.getBytes());
+ }
+ }
+ return baos.toByteArray();
+ }
+
+ public static class StripperInputStream extends InputStream {
+ private Reader created;
+ private BufferedReader br;
+ private int idx;
+ private String line;
+
+ public StripperInputStream(Reader rdr) {
+ if(rdr instanceof BufferedReader) {
+ br = (BufferedReader)rdr;
+ } else {
+ br = new BufferedReader(rdr);
+ }
+ created = null;
+ }
+
+ public StripperInputStream(File file) throws FileNotFoundException {
+ this(new FileReader(file));
+ created = br;
+ }
+
+ public StripperInputStream(InputStream is) throws FileNotFoundException {
+ this(new InputStreamReader(is));
+ created = br;
+ }
+
+ @Override
+ public int read() throws IOException {
+ if(line==null || idx>=line.length()) {
+ while((line=br.readLine())!=null) {
+ if(line.length()>0 &&
+ !line.startsWith("-----") &&
+ line.indexOf(':')<0) { // Header elements
+ break;
+ }
+ }
+
+ if(line==null) {
+ return -1;
+ }
+ idx = 0;
+ }
+ return line.charAt(idx++);
+ }
+
+ /* (non-Javadoc)
+ * @see java.io.InputStream#close()
+ */
+ @Override
+ public void close() throws IOException {
+ if(created!=null) {
+ created.close();
+ }
+ }
+ }
+
+ public static class Base64InputStream extends InputStream {
+ private InputStream created;
+ private InputStream is;
+ private byte trio[];
+ private byte duo[];
+ private int idx;
+
+
+ public Base64InputStream(File file) throws FileNotFoundException {
+ this(new FileInputStream(file));
+ created = is;
+ }
+
+ public Base64InputStream(InputStream is) throws FileNotFoundException {
+ this.is = is;
+ trio = new byte[3];
+ idx = 4;
+ }
+
+ @Override
+ public int read() throws IOException {
+ if(duo==null || idx>=duo.length) {
+ int read = is.read(trio);
+ if(read==-1) {
+ return -1;
+ }
+ duo = Symm.base64.decode(trio);
+ if(duo==null || duo.length==0) {
+ return -1;
+ }
+ idx=0;
+ }
+
+ return duo[idx++];
+ }
+
+ /* (non-Javadoc)
+ * @see java.io.InputStream#close()
+ */
+ @Override
+ public void close() throws IOException {
+ if(created!=null) {
+ created.close();
+ }
+ }
+ }
+
+ public static byte[] decode(byte[] bytes) throws IOException {
+ ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ Symm.base64.decode(bais, baos);
+ return baos.toByteArray();
+ }
+
+ public static byte[] decode(File f, Holder<String> hs) throws IOException {
+ FileReader fr = new FileReader(f);
+ try {
+ return Factory.decode(fr,hs);
+ } finally {
+ fr.close();
+ }
+ }
+
+
+ public static byte[] decode(Reader rdr,Holder<String> hs) throws IOException {
+ return decode(strip(rdr,hs));
+ }
+
+
+ public static byte[] binary(File file) throws IOException {
+ DataInputStream dis = new DataInputStream(new FileInputStream(file));
+ try {
+ byte[] bytes = new byte[(int)file.length()];
+ dis.readFully(bytes);
+ return bytes;
+ } finally {
+ dis.close();
+ }
+ }
+
+
+ public static byte[] sign(Trans trans, byte[] bytes, PrivateKey pk) throws IOException, InvalidKeyException, SignatureException, NoSuchAlgorithmException {
+ TimeTaken tt = trans.start("Sign Data", Env.SUB);
+ try {
+ Signature sig = Signature.getInstance(SIG_ALGO);
+ sig.initSign(pk, random);
+ sig.update(bytes);
+ return sig.sign();
+ } finally {
+ tt.done();
+ }
+ }
+
+ public static String toSignatureString(byte[] signed) throws IOException {
+ return textBuilder("SIGNATURE", signed);
+ }
+
+ public static boolean verify(Trans trans, byte[] bytes, byte[] signature, PublicKey pk) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
+ TimeTaken tt = trans.start("Verify Data", Env.SUB);
+ try {
+ Signature sig = Signature.getInstance(SIG_ALGO);
+ sig.initVerify(pk);
+ sig.update(bytes);
+ return sig.verify(signature);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /**
+ * Get the Security Provider, or, if not exists yet, attempt to load
+ *
+ * @param providerType
+ * @param params
+ * @return
+ * @throws CertException
+ */
+ public static synchronized Provider getSecurityProvider(String providerType, String[][] params) throws CertException {
+ Provider p = Security.getProvider(providerType);
+ if(p!=null) {
+ switch(providerType) {
+ case "PKCS12":
+
+ break;
+ case "PKCS11": // PKCS11 only known to be supported by Sun
+ try {
+ Class<?> clsSunPKCS11 = Class.forName("sun.security.pkcs11.SunPKCS11");
+ Constructor<?> cnst = clsSunPKCS11.getConstructor(String.class);
+ Object sunPKCS11 = cnst.newInstance(params[0][0]);
+ if (sunPKCS11==null) {
+ throw new CertException("SunPKCS11 Provider cannot be constructed for " + params[0][0]);
+ }
+ Security.addProvider((Provider)sunPKCS11);
+ } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
+ throw new CertException(e);
+ }
+ break;
+ default:
+ throw new CertException(providerType + " is not a known Security Provider for your JDK.");
+ }
+ }
+ return p;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifact.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifact.java
index 4b200c04..2d7d3124 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifact.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifact.java
@@ -28,5 +28,5 @@ import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.misc.env.Trans;
public interface PlaceArtifact {
- public boolean place(Trans trans, CertInfo cert, Artifact arti, String machine) throws CadiException;
+ public boolean place(Trans trans, CertInfo cert, Artifact arti, String machine) throws CadiException;
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInFiles.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInFiles.java
index 25fe776c..93c5a12a 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInFiles.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInFiles.java
@@ -31,23 +31,23 @@ import certman.v1_0.Artifacts.Artifact;
import certman.v1_0.CertInfo;
public class PlaceArtifactInFiles extends ArtifactDir {
- @Override
- public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
- try {
- // Setup Public Cert
- File f = new File(dir,arti.getNs()+".crt");
- // In Version 1.0, App Cert is first
- write(f,Chmod.to644,certInfo.getCerts().get(0),C_R);
-
- // Setup Private Key
- f = new File(dir,arti.getNs()+".key");
- write(f,Chmod.to400,certInfo.getPrivatekey(),C_R);
-
- } catch (Exception e) {
- throw new CadiException(e);
- }
- return true;
- }
+ @Override
+ public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
+ try {
+ // Setup Public Cert
+ File f = new File(dir,arti.getNs()+".crt");
+ // In Version 1.0, App Cert is first
+ write(f,Chmod.to644,certInfo.getCerts().get(0),C_R);
+
+ // Setup Private Key
+ f = new File(dir,arti.getNs()+".key");
+ write(f,Chmod.to400,certInfo.getPrivatekey(),C_R);
+
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ return true;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java
index c5413919..e85b903f 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java
@@ -42,109 +42,109 @@ import certman.v1_0.Artifacts.Artifact;
import certman.v1_0.CertInfo;
public class PlaceArtifactInKeystore extends ArtifactDir {
- private String kst;
+ private String kst;
- public PlaceArtifactInKeystore(String kst) {
- this.kst = kst;
- }
+ public PlaceArtifactInKeystore(String kst) {
+ this.kst = kst;
+ }
- @Override
- public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
- File fks = new File(dir,arti.getNs()+'.'+(kst==Agent.PKCS12?"p12":kst));
- try {
- KeyStore jks = KeyStore.getInstance(kst);
- if(fks.exists()) {
- File backup = File.createTempFile(fks.getName()+'.', ".backup",dir);
- fks.renameTo(backup);
- }
+ @Override
+ public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
+ File fks = new File(dir,arti.getNs()+'.'+(kst==Agent.PKCS12?"p12":kst));
+ try {
+ KeyStore jks = KeyStore.getInstance(kst);
+ if(fks.exists()) {
+ File backup = File.createTempFile(fks.getName()+'.', ".backup",dir);
+ fks.renameTo(backup);
+ }
- // Get the Cert(s)... Might include Trust store
- Collection<? extends Certificate> certColl = Factory.toX509Certificate(certInfo.getCerts());
- // find where the trusts end in 1.0 API
-
- X509Certificate x509;
- List<X509Certificate> chainList = new ArrayList<>();
- Set<X509Certificate> caSet = new HashSet<>();
- for(Certificate c : certColl) {
- x509 = (X509Certificate)c;
- // Is a Root (self-signed, anyway)
- if(x509.getSubjectDN().equals(x509.getIssuerDN())) {
- caSet.add(x509);
- } else {
- chainList.add(x509);
- }
- }
-// chainList.addAll(caSet);
- //Collections.reverse(chainList);
+ // Get the Cert(s)... Might include Trust store
+ Collection<? extends Certificate> certColl = Factory.toX509Certificate(certInfo.getCerts());
+ // find where the trusts end in 1.0 API
+
+ X509Certificate x509;
+ List<X509Certificate> chainList = new ArrayList<>();
+ Set<X509Certificate> caSet = new HashSet<>();
+ for(Certificate c : certColl) {
+ x509 = (X509Certificate)c;
+ // Is a Root (self-signed, anyway)
+ if(x509.getSubjectDN().equals(x509.getIssuerDN())) {
+ caSet.add(x509);
+ } else {
+ chainList.add(x509);
+ }
+ }
+// chainList.addAll(caSet);
+ //Collections.reverse(chainList);
- // Properties, etc
- // Add CADI Keyfile Entry to Properties
- addProperty(Config.CADI_KEYFILE,arti.getDir()+'/'+arti.getNs() + ".keyfile");
- // Set Keystore Password
- addProperty(Config.CADI_KEYSTORE,fks.getAbsolutePath());
- String keystorePass = Symm.randomGen(Agent.PASS_SIZE);
- addEncProperty(Config.CADI_KEYSTORE_PASSWORD,keystorePass);
- char[] keystorePassArray = keystorePass.toCharArray();
- jks.load(null,keystorePassArray); // load in
-
- // Add Private Key/Cert Entry for App
- // Note: Java SSL security classes, while having a separate key from keystore,
- // is documented to not actually work.
- // java.security.UnrecoverableKeyException: Cannot recover key
- // You can create a custom Key Manager to make it work, but Practicality
- // dictates that you live with the default, meaning, they are the same
- String keyPass = keystorePass; //Symm.randomGen(CmAgent.PASS_SIZE);
- PrivateKey pk = Factory.toPrivateKey(trans, certInfo.getPrivatekey());
- addEncProperty(Config.CADI_KEY_PASSWORD, keyPass);
- addProperty(Config.CADI_ALIAS, arti.getMechid());
-// Set<Attribute> attribs = new HashSet<>();
-// if(kst.equals("pkcs12")) {
-// // Friendly Name
-// attribs.add(new PKCS12Attribute("1.2.840.113549.1.9.20", arti.getNs()));
-// }
-//
- KeyStore.ProtectionParameter protParam =
- new KeyStore.PasswordProtection(keyPass.toCharArray());
-
- Certificate[] trustChain = new Certificate[chainList.size()];
- chainList.toArray(trustChain);
- KeyStore.PrivateKeyEntry pkEntry =
- new KeyStore.PrivateKeyEntry(pk, trustChain);
- jks.setEntry(arti.getMechid(),
- pkEntry, protParam);
+ // Properties, etc
+ // Add CADI Keyfile Entry to Properties
+ addProperty(Config.CADI_KEYFILE,arti.getDir()+'/'+arti.getNs() + ".keyfile");
+ // Set Keystore Password
+ addProperty(Config.CADI_KEYSTORE,fks.getAbsolutePath());
+ String keystorePass = Symm.randomGen(Agent.PASS_SIZE);
+ addEncProperty(Config.CADI_KEYSTORE_PASSWORD,keystorePass);
+ char[] keystorePassArray = keystorePass.toCharArray();
+ jks.load(null,keystorePassArray); // load in
+
+ // Add Private Key/Cert Entry for App
+ // Note: Java SSL security classes, while having a separate key from keystore,
+ // is documented to not actually work.
+ // java.security.UnrecoverableKeyException: Cannot recover key
+ // You can create a custom Key Manager to make it work, but Practicality
+ // dictates that you live with the default, meaning, they are the same
+ String keyPass = keystorePass; //Symm.randomGen(CmAgent.PASS_SIZE);
+ PrivateKey pk = Factory.toPrivateKey(trans, certInfo.getPrivatekey());
+ addEncProperty(Config.CADI_KEY_PASSWORD, keyPass);
+ addProperty(Config.CADI_ALIAS, arti.getMechid());
+// Set<Attribute> attribs = new HashSet<>();
+// if(kst.equals("pkcs12")) {
+// // Friendly Name
+// attribs.add(new PKCS12Attribute("1.2.840.113549.1.9.20", arti.getNs()));
+// }
+//
+ KeyStore.ProtectionParameter protParam =
+ new KeyStore.PasswordProtection(keyPass.toCharArray());
+
+ Certificate[] trustChain = new Certificate[chainList.size()];
+ chainList.toArray(trustChain);
+ KeyStore.PrivateKeyEntry pkEntry =
+ new KeyStore.PrivateKeyEntry(pk, trustChain);
+ jks.setEntry(arti.getMechid(),
+ pkEntry, protParam);
- // Write out
- write(fks,Chmod.to400,jks,keystorePassArray);
-
- // Change out to TrustStore
- // NOTE: PKCS12 does NOT support Trusted Entries. Put in JKS Always
- fks = new File(dir,arti.getNs()+".trust.jks");
- if(fks.exists()) {
- File backup = File.createTempFile(fks.getName()+'.', ".backup",dir);
- fks.renameTo(backup);
- }
+ // Write out
+ write(fks,Chmod.to400,jks,keystorePassArray);
+
+ // Change out to TrustStore
+ // NOTE: PKCS12 does NOT support Trusted Entries. Put in JKS Always
+ fks = new File(dir,arti.getNs()+".trust.jks");
+ if(fks.exists()) {
+ File backup = File.createTempFile(fks.getName()+'.', ".backup",dir);
+ fks.renameTo(backup);
+ }
- jks = KeyStore.getInstance(Agent.JKS);
-
- // Set Truststore Password
- addProperty(Config.CADI_TRUSTSTORE,fks.getAbsolutePath());
- String trustStorePass = Symm.randomGen(Agent.PASS_SIZE);
- addEncProperty(Config.CADI_TRUSTSTORE_PASSWORD,trustStorePass);
- char[] truststorePassArray = trustStorePass.toCharArray();
- jks.load(null,truststorePassArray); // load in
-
- // Add Trusted Certificates, but PKCS12 doesn't support
- Certificate[] trustCAs = new Certificate[caSet.size()];
- caSet.toArray(trustCAs);
- for(int i=0; i<trustCAs.length;++i) {
- jks.setCertificateEntry("ca_" + arti.getCa() + '_' + i, trustCAs[i]);
- }
- // Write out
- write(fks,Chmod.to644,jks,truststorePassArray);
- return true;
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
+ jks = KeyStore.getInstance(Agent.JKS);
+
+ // Set Truststore Password
+ addProperty(Config.CADI_TRUSTSTORE,fks.getAbsolutePath());
+ String trustStorePass = Symm.randomGen(Agent.PASS_SIZE);
+ addEncProperty(Config.CADI_TRUSTSTORE_PASSWORD,trustStorePass);
+ char[] truststorePassArray = trustStorePass.toCharArray();
+ jks.load(null,truststorePassArray); // load in
+
+ // Add Trusted Certificates, but PKCS12 doesn't support
+ Certificate[] trustCAs = new Certificate[caSet.size()];
+ caSet.toArray(trustCAs);
+ for(int i=0; i<trustCAs.length;++i) {
+ jks.setCertificateEntry("ca_" + arti.getCa() + '_' + i, trustCAs[i]);
+ }
+ // Write out
+ write(fks,Chmod.to644,jks,truststorePassArray);
+ return true;
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactOnStream.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactOnStream.java
index 92308034..b5dcfbc5 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactOnStream.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactOnStream.java
@@ -29,25 +29,25 @@ import certman.v1_0.Artifacts.Artifact;
import certman.v1_0.CertInfo;
public class PlaceArtifactOnStream implements PlaceArtifact {
- private PrintStream out;
-
- public PlaceArtifactOnStream(PrintStream printStream) {
- out = printStream;
- }
-
- @Override
- public boolean place(Trans trans, CertInfo capi, Artifact a, String machine) {
- String lineSeparator = System.lineSeparator();
-
- if(capi.getNotes()!=null && capi.getNotes().length()>0) {
- trans.info().printf("Warning: %s" + lineSeparator, capi.getNotes());
- }
- out.printf("Challenge: %s" + lineSeparator, capi.getChallenge());
- out.printf("PrivateKey:" + lineSeparator + "%s" + lineSeparator, capi.getPrivatekey());
- out.println("Certificate Chain:");
- for(String c : capi.getCerts()) {
- out.println(c);
- }
- return true;
- }
+ private PrintStream out;
+
+ public PlaceArtifactOnStream(PrintStream printStream) {
+ out = printStream;
+ }
+
+ @Override
+ public boolean place(Trans trans, CertInfo capi, Artifact a, String machine) {
+ String lineSeparator = System.lineSeparator();
+
+ if(capi.getNotes()!=null && capi.getNotes().length()>0) {
+ trans.info().printf("Warning: %s" + lineSeparator, capi.getNotes());
+ }
+ out.printf("Challenge: %s" + lineSeparator, capi.getChallenge());
+ out.printf("PrivateKey:" + lineSeparator + "%s" + lineSeparator, capi.getPrivatekey());
+ out.println("Certificate Chain:");
+ for(String c : capi.getCerts()) {
+ out.println(c);
+ }
+ return true;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactScripts.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactScripts.java
index 84161b50..2393c4c8 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactScripts.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactScripts.java
@@ -33,124 +33,124 @@ import certman.v1_0.Artifacts.Artifact;
import certman.v1_0.CertInfo;
public class PlaceArtifactScripts extends ArtifactDir {
- @Override
- public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
- try {
- // Setup check.sh script
- String filename = arti.getNs()+".check.sh";
- File f1 = new File(dir,filename);
- String email = arti.getNotification() + '\n';
- if(email.startsWith("mailto:")) {
- email=email.substring(7);
- } else {
- email=arti.getOsUser() + '\n';
- }
-
- StringBuilder classpath = new StringBuilder();
- boolean first = true;
- for(String pth : Split.split(File.pathSeparatorChar, System.getProperty("java.class.path"))) {
- if(first) {
- first=false;
- } else {
- classpath.append(File.pathSeparatorChar);
- }
- File f = new File(pth);
- classpath.append(f.getCanonicalPath().replaceAll("[0-9]+\\.[0-9]+\\.[0-9]+","*"));
- }
-
- write(f1,Chmod.to644,
- "#!/bin/bash " + f1.getCanonicalPath()+'\n',
- "# Certificate Manager Check Script\n",
- "# Check on Certificate, and renew if needed.\n",
- "# Generated by Certificate Manager " + Chrono.timeStamp()+'\n',
- "DIR="+arti.getDir()+'\n',
- "APP="+arti.getNs()+'\n',
- "EMAIL="+email,
- "CP=\""+classpath.toString()+"\"\n",
- checkScript
- );
-
- // Setup check.sh script
- File f2 = new File(dir,arti.getNs()+".crontab.sh");
- write(f2,Chmod.to644,
- "#!/bin/bash " + f2.getCanonicalPath()+'\n',
- "# Certificate Manager Crontab Loading Script\n",
- "# Add/Update a Crontab entry, that adds a check on Certificate Manager generated Certificate nightly.\n",
- "# Generated by Certificate Manager " + Chrono.timeStamp()+'\n',
- "TFILE=\"/tmp/cmcron$$.temp\"\n",
- "DIR=\""+arti.getDir()+"\"\n",
- "CF=\""+arti.getNs()+" Certificate Check Script\"\n",
- "SCRIPT=\""+f1.getCanonicalPath()+"\"\n",
- cronScript
- );
+ @Override
+ public boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
+ try {
+ // Setup check.sh script
+ String filename = arti.getNs()+".check.sh";
+ File f1 = new File(dir,filename);
+ String email = arti.getNotification() + '\n';
+ if(email.startsWith("mailto:")) {
+ email=email.substring(7);
+ } else {
+ email=arti.getOsUser() + '\n';
+ }
+
+ StringBuilder classpath = new StringBuilder();
+ boolean first = true;
+ for(String pth : Split.split(File.pathSeparatorChar, System.getProperty("java.class.path"))) {
+ if(first) {
+ first=false;
+ } else {
+ classpath.append(File.pathSeparatorChar);
+ }
+ File f = new File(pth);
+ classpath.append(f.getCanonicalPath().replaceAll("[0-9]+\\.[0-9]+\\.[0-9]+","*"));
+ }
+
+ write(f1,Chmod.to644,
+ "#!/bin/bash " + f1.getCanonicalPath()+'\n',
+ "# Certificate Manager Check Script\n",
+ "# Check on Certificate, and renew if needed.\n",
+ "# Generated by Certificate Manager " + Chrono.timeStamp()+'\n',
+ "DIR="+arti.getDir()+'\n',
+ "APP="+arti.getNs()+'\n',
+ "EMAIL="+email,
+ "CP=\""+classpath.toString()+"\"\n",
+ checkScript
+ );
+
+ // Setup check.sh script
+ File f2 = new File(dir,arti.getNs()+".crontab.sh");
+ write(f2,Chmod.to644,
+ "#!/bin/bash " + f2.getCanonicalPath()+'\n',
+ "# Certificate Manager Crontab Loading Script\n",
+ "# Add/Update a Crontab entry, that adds a check on Certificate Manager generated Certificate nightly.\n",
+ "# Generated by Certificate Manager " + Chrono.timeStamp()+'\n',
+ "TFILE=\"/tmp/cmcron$$.temp\"\n",
+ "DIR=\""+arti.getDir()+"\"\n",
+ "CF=\""+arti.getNs()+" Certificate Check Script\"\n",
+ "SCRIPT=\""+f1.getCanonicalPath()+"\"\n",
+ cronScript
+ );
- } catch (Exception e) {
- throw new CadiException(e);
- }
- return true;
- }
-
- /**
- * Note: java.home gets Absolute Path of Java, where we probably want soft links from
- * JAVA_HOME
- * @return
- */
- private final static String javaHome() {
- String rc = System.getenv("JAVA_HOME");
- return rc==null?System.getProperty("java.home"):rc;
- }
- private final static String checkScript =
- "> $DIR/$APP.msg\n\n" +
- "function mailit {\n" +
- " if [ -e /bin/mail ]; then\n" +
- " MAILER=/bin/mail\n" +
- " elif [ -e /usr/bin/mail ]; then \n" +
- " MAILER=/usr/bin/mail\n" +
- " else \n" +
- " MAILER=\"\"\n" +
- " fi\n" +
- " if [ \"$MAILER\" = \"\" ]; then\n" +
- " printf \"$*\"\n" +
- " else \n" +
- " printf \"$*\" | $MAILER -s \"AAF Certman Notification for `uname -n`\" $EMAIL\n"+
- " fi\n" +
- "}\n\n" +
- javaHome() + "/bin/" +"java -cp $CP " +
- Agent.class.getName() +
- " cadi_prop_files=$DIR/$APP.props check 2> $DIR/$APP.STDERR > $DIR/$APP.STDOUT\n" +
- "case \"$?\" in\n" +
- " 0)\n" +
- " # Note: Validation will be mailed only the first day after any modification\n" +
- " if [ \"`find $DIR -mtime 0 -name $APP.check.sh`\" != \"\" ] ; then\n" +
- " mailit `echo \"Certficate Validated:\\n\\n\" | cat - $DIR/$APP.msg`\n" +
- " else\n" +
- " cat $DIR/$APP.msg\n" +
- " fi\n" +
- " ;;\n" +
- " 1) mailit \"Error with Certificate Check:\\\\n\\\\nCheck logs $DIR/$APP.STDOUT and $DIR/$APP.STDERR on `uname -n`\"\n" +
- " ;;\n" +
- " 2) mailit `echo \"Certificate Check Error\\\\n\\\\n\" | cat - $DIR/$APP.msg`\n" +
- " ;;\n" +
- " 10) mailit `echo \"Certificate Replaced\\\\n\\\\n\" | cat - $DIR/$APP.msg`\n" +
- " if [ -e $DIR/$APP.restart.sh ]; then\n" +
- " # Note: it is THIS SCRIPT'S RESPONSIBILITY to notify upon success or failure as necessary!!\n" +
- " /bin/sh $DIR/$APP.restart.sh\n" +
- " fi\n" +
- " ;;\n" +
- " *) mailit `echo \"Unknown Error code for CM Agent\\\\n\\\\n\" | cat - $DIR/$APP.msg`\n" +
- " ;;\n" +
- " esac\n\n" +
- " # Note: make sure to cover this sripts' exit Code\n";
-
- private final static String cronScript =
- "crontab -l | sed -n \"/#### BEGIN $CF/,/END $CF ####/!p\" > $TFILE\n" +
- "# Note: Randomize Minutes (0-60) and hours (1-4)\n" +
- "echo \"#### BEGIN $CF ####\" >> $TFILE\n" +
- "echo \"$(( $RANDOM % 60)) $(( $(( $RANDOM % 3 )) + 1 )) * * * /bin/bash $SCRIPT " +
- ">> $DIR/cronlog 2>&1 \" >> $TFILE\n" +
- "echo \"#### END $CF ####\" >> $TFILE\n" +
- "crontab $TFILE\n" +
- "rm $TFILE\n";
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ return true;
+ }
+
+ /**
+ * Note: java.home gets Absolute Path of Java, where we probably want soft links from
+ * JAVA_HOME
+ * @return
+ */
+ private final static String javaHome() {
+ String rc = System.getenv("JAVA_HOME");
+ return rc==null?System.getProperty("java.home"):rc;
+ }
+ private final static String checkScript =
+ "> $DIR/$APP.msg\n\n" +
+ "function mailit {\n" +
+ " if [ -e /bin/mail ]; then\n" +
+ " MAILER=/bin/mail\n" +
+ " elif [ -e /usr/bin/mail ]; then \n" +
+ " MAILER=/usr/bin/mail\n" +
+ " else \n" +
+ " MAILER=\"\"\n" +
+ " fi\n" +
+ " if [ \"$MAILER\" = \"\" ]; then\n" +
+ " printf \"$*\"\n" +
+ " else \n" +
+ " printf \"$*\" | $MAILER -s \"AAF Certman Notification for `uname -n`\" $EMAIL\n"+
+ " fi\n" +
+ "}\n\n" +
+ javaHome() + "/bin/" +"java -cp $CP " +
+ Agent.class.getName() +
+ " cadi_prop_files=$DIR/$APP.props check 2> $DIR/$APP.STDERR > $DIR/$APP.STDOUT\n" +
+ "case \"$?\" in\n" +
+ " 0)\n" +
+ " # Note: Validation will be mailed only the first day after any modification\n" +
+ " if [ \"`find $DIR -mtime 0 -name $APP.check.sh`\" != \"\" ] ; then\n" +
+ " mailit `echo \"Certficate Validated:\\n\\n\" | cat - $DIR/$APP.msg`\n" +
+ " else\n" +
+ " cat $DIR/$APP.msg\n" +
+ " fi\n" +
+ " ;;\n" +
+ " 1) mailit \"Error with Certificate Check:\\\\n\\\\nCheck logs $DIR/$APP.STDOUT and $DIR/$APP.STDERR on `uname -n`\"\n" +
+ " ;;\n" +
+ " 2) mailit `echo \"Certificate Check Error\\\\n\\\\n\" | cat - $DIR/$APP.msg`\n" +
+ " ;;\n" +
+ " 10) mailit `echo \"Certificate Replaced\\\\n\\\\n\" | cat - $DIR/$APP.msg`\n" +
+ " if [ -e $DIR/$APP.restart.sh ]; then\n" +
+ " # Note: it is THIS SCRIPT'S RESPONSIBILITY to notify upon success or failure as necessary!!\n" +
+ " /bin/sh $DIR/$APP.restart.sh\n" +
+ " fi\n" +
+ " ;;\n" +
+ " *) mailit `echo \"Unknown Error code for CM Agent\\\\n\\\\n\" | cat - $DIR/$APP.msg`\n" +
+ " ;;\n" +
+ " esac\n\n" +
+ " # Note: make sure to cover this sripts' exit Code\n";
+
+ private final static String cronScript =
+ "crontab -l | sed -n \"/#### BEGIN $CF/,/END $CF ####/!p\" > $TFILE\n" +
+ "# Note: Randomize Minutes (0-60) and hours (1-4)\n" +
+ "echo \"#### BEGIN $CF ####\" >> $TFILE\n" +
+ "echo \"$(( $RANDOM % 60)) $(( $(( $RANDOM % 3 )) + 1 )) * * * /bin/bash $SCRIPT " +
+ ">> $DIR/cronlog 2>&1 \" >> $TFILE\n" +
+ "echo \"#### END $CF ####\" >> $TFILE\n" +
+ "crontab $TFILE\n" +
+ "rm $TFILE\n";
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AAFToken.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AAFToken.java
index 16bd8669..38890681 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AAFToken.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AAFToken.java
@@ -28,59 +28,59 @@ import java.util.UUID;
import org.onap.aaf.cadi.Hash;
public class AAFToken {
- private static final int CAPACITY = (Long.SIZE*2+Byte.SIZE*3)/8;
- private static final SecureRandom sr = new SecureRandom();
+ private static final int CAPACITY = (Long.SIZE*2+Byte.SIZE*3)/8;
+ private static final SecureRandom sr = new SecureRandom();
- public static final String toToken(UUID uuid) {
- long lsb = uuid.getLeastSignificantBits();
- long msb = uuid.getMostSignificantBits();
- int sum=35; // AAF
- for(int i=0;i<Long.SIZE;i+=8) {
- sum+=((lsb>>i) & 0xFF);
- }
- for(int i=0;i<Long.SIZE;i+=8) {
- sum+=((((msb>>i) & 0xFF))<<0xB);
- }
- sum+=(sr.nextInt()&0xEFC00000); // this is just to not leave zeros laying around
+ public static final String toToken(UUID uuid) {
+ long lsb = uuid.getLeastSignificantBits();
+ long msb = uuid.getMostSignificantBits();
+ int sum=35; // AAF
+ for(int i=0;i<Long.SIZE;i+=8) {
+ sum+=((lsb>>i) & 0xFF);
+ }
+ for(int i=0;i<Long.SIZE;i+=8) {
+ sum+=((((msb>>i) & 0xFF))<<0xB);
+ }
+ sum+=(sr.nextInt()&0xEFC00000); // this is just to not leave zeros laying around
- ByteBuffer bb = ByteBuffer.allocate(CAPACITY);
- bb.put((byte)sum);
- bb.putLong(msb);
- bb.put((byte)(sum>>8));
- bb.putLong(lsb);
- bb.put((byte)(sum>>16));
- return Hash.toHexNo0x(bb.array());
- }
+ ByteBuffer bb = ByteBuffer.allocate(CAPACITY);
+ bb.put((byte)sum);
+ bb.putLong(msb);
+ bb.put((byte)(sum>>8));
+ bb.putLong(lsb);
+ bb.put((byte)(sum>>16));
+ return Hash.toHexNo0x(bb.array());
+ }
- public static final UUID fromToken(String token) {
- byte[] bytes = Hash.fromHexNo0x(token);
- if(bytes==null) {
- return null;
- }
- ByteBuffer bb = ByteBuffer.wrap(bytes);
- if(bb.capacity()!=CAPACITY ) {
- return null; // not a CADI Token
- }
- byte b1 = bb.get();
- long msb = bb.getLong();
- byte b2 = bb.get();
- long lsb = bb.getLong();
- byte b3 = (byte)(0x3F&bb.get());
- int sum=35;
-
- for(int i=0;i<Long.SIZE;i+=8) {
- sum+=((lsb>>i) & 0xFF);
- }
- for(int i=0;i<Long.SIZE;i+=8) {
- sum+=((((msb>>i) & 0xFF))<<0xB);
- }
+ public static final UUID fromToken(String token) {
+ byte[] bytes = Hash.fromHexNo0x(token);
+ if(bytes==null) {
+ return null;
+ }
+ ByteBuffer bb = ByteBuffer.wrap(bytes);
+ if(bb.capacity()!=CAPACITY ) {
+ return null; // not a CADI Token
+ }
+ byte b1 = bb.get();
+ long msb = bb.getLong();
+ byte b2 = bb.get();
+ long lsb = bb.getLong();
+ byte b3 = (byte)(0x3F&bb.get());
+ int sum=35;
+
+ for(int i=0;i<Long.SIZE;i+=8) {
+ sum+=((lsb>>i) & 0xFF);
+ }
+ for(int i=0;i<Long.SIZE;i+=8) {
+ sum+=((((msb>>i) & 0xFF))<<0xB);
+ }
- if(b1!=((byte)sum) ||
- b2!=((byte)(sum>>8)) ||
- b3!=((byte)((sum>>16)))) {
- return null; // not a CADI Token
- }
- return new UUID(msb, lsb);
- }
-
+ if(b1!=((byte)sum) ||
+ b2!=((byte)(sum>>8)) ||
+ b3!=((byte)((sum>>16)))) {
+ return null; // not a CADI Token
+ }
+ return new UUID(msb, lsb);
+ }
+
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java
index fb844518..26a8a69d 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java
@@ -34,101 +34,101 @@ import org.onap.aaf.misc.env.util.Pool;
import org.onap.aaf.misc.env.util.Pool.Creator;
public abstract class AbsOTafLur {
- protected static final String ERROR_GETTING_TOKEN_CLIENT = "Error getting TokenClient";
- protected static final String REQUIRED_FOR_OAUTH2 = " is required for OAuth Access";
+ protected static final String ERROR_GETTING_TOKEN_CLIENT = "Error getting TokenClient";
+ protected static final String REQUIRED_FOR_OAUTH2 = " is required for OAuth Access";
- protected final TokenMgr tkMgr;
- protected final PropAccess access;
- protected final String client_id;
- protected static Pool<TokenClient> tokenClientPool;
-
- protected AbsOTafLur(final PropAccess access, final String token_url, final String introspect_url) throws CadiException {
- this.access = access;
- String ci;
- if((ci = access.getProperty(Config.AAF_APPID,null))==null) {
- if((ci = access.getProperty(Config.CADI_ALIAS,null))==null) {
- throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2);
- }
- }
- client_id = ci;
+ protected final TokenMgr tkMgr;
+ protected final PropAccess access;
+ protected final String client_id;
+ protected static Pool<TokenClient> tokenClientPool;
+
+ protected AbsOTafLur(final PropAccess access, final String token_url, final String introspect_url) throws CadiException {
+ this.access = access;
+ String ci;
+ if((ci = access.getProperty(Config.AAF_APPID,null))==null) {
+ if((ci = access.getProperty(Config.CADI_ALIAS,null))==null) {
+ throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2);
+ }
+ }
+ client_id = ci;
- synchronized(access) {
- if(tokenClientPool==null) {
- tokenClientPool = new Pool<TokenClient>(new TCCreator(access));
- }
- try {
- tkMgr = TokenMgr.getInstance(access, token_url, introspect_url);
- } catch (APIException e) {
- throw new CadiException("Unable to create TokenManager",e);
- }
- }
- }
+ synchronized(access) {
+ if(tokenClientPool==null) {
+ tokenClientPool = new Pool<TokenClient>(new TCCreator(access));
+ }
+ try {
+ tkMgr = TokenMgr.getInstance(access, token_url, introspect_url);
+ } catch (APIException e) {
+ throw new CadiException("Unable to create TokenManager",e);
+ }
+ }
+ }
- private class TCCreator implements Creator<TokenClient> {
- private TokenClientFactory tcf;
- private final int timeout;
- private final String url,enc_secret;
-
- public TCCreator(PropAccess access) throws CadiException {
- try {
- tcf = TokenClientFactory.instance(access);
- } catch (APIException | GeneralSecurityException | IOException e1) {
- throw new CadiException(e1);
- }
-
- if((url = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null))==null) {
- throw new CadiException(Config.AAF_OAUTH2_TOKEN_URL + REQUIRED_FOR_OAUTH2);
- }
-
- try {
- timeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
- } catch (NumberFormatException e) {
- throw new CadiException("Bad format for " + Config.AAF_CONN_TIMEOUT, e);
- }
- if((enc_secret= access.getProperty(Config.AAF_APPPASS,null))==null) {
- throw new CadiException(Config.AAF_APPPASS + REQUIRED_FOR_OAUTH2);
- }
- }
-
- @Override
- public TokenClient create() throws APIException {
- try {
- TokenClient tc = tcf.newClient(url, timeout);
- tc.client_creds(client_id, access.decrypt(enc_secret, true));
- return tc;
- } catch (CadiException | LocatorException | IOException e) {
- throw new APIException(e);
- }
- }
+ private class TCCreator implements Creator<TokenClient> {
+ private TokenClientFactory tcf;
+ private final int timeout;
+ private final String url,enc_secret;
+
+ public TCCreator(PropAccess access) throws CadiException {
+ try {
+ tcf = TokenClientFactory.instance(access);
+ } catch (APIException | GeneralSecurityException | IOException e1) {
+ throw new CadiException(e1);
+ }
+
+ if((url = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null))==null) {
+ throw new CadiException(Config.AAF_OAUTH2_TOKEN_URL + REQUIRED_FOR_OAUTH2);
+ }
+
+ try {
+ timeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
+ } catch (NumberFormatException e) {
+ throw new CadiException("Bad format for " + Config.AAF_CONN_TIMEOUT, e);
+ }
+ if((enc_secret= access.getProperty(Config.AAF_APPPASS,null))==null) {
+ throw new CadiException(Config.AAF_APPPASS + REQUIRED_FOR_OAUTH2);
+ }
+ }
+
+ @Override
+ public TokenClient create() throws APIException {
+ try {
+ TokenClient tc = tcf.newClient(url, timeout);
+ tc.client_creds(client_id, access.decrypt(enc_secret, true));
+ return tc;
+ } catch (CadiException | LocatorException | IOException e) {
+ throw new APIException(e);
+ }
+ }
- @Override
- public void destroy(TokenClient t) {
- }
+ @Override
+ public void destroy(TokenClient t) {
+ }
- @Override
- public boolean isValid(TokenClient t) {
- return t!=null && t.client_id()!=null;
- }
+ @Override
+ public boolean isValid(TokenClient t) {
+ return t!=null && t.client_id()!=null;
+ }
- @Override
- public void reuse(TokenClient t) {
- }
- };
+ @Override
+ public void reuse(TokenClient t) {
+ }
+ };
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#destroy()
- */
- public void destroy() {
- tkMgr.close();
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#clear(java.security.Principal, java.lang.StringBuilder)
- */
- public void clear(Principal p, StringBuilder report) {
- tkMgr.clear(p, report);
- }
-
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#destroy()
+ */
+ public void destroy() {
+ tkMgr.close();
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#clear(java.security.Principal, java.lang.StringBuilder)
+ */
+ public void clear(Principal p, StringBuilder report) {
+ tkMgr.clear(p, report);
+ }
+
-
+
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/HRenewingTokenSS.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/HRenewingTokenSS.java
index dc6fe390..100b58ec 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/HRenewingTokenSS.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/HRenewingTokenSS.java
@@ -36,69 +36,69 @@ import org.onap.aaf.cadi.util.FQI;
import org.onap.aaf.misc.env.APIException;
public class HRenewingTokenSS extends HAuthorizationHeader {
- private TokenClientFactory tcf;
- private final TokenClient tc;
- private final String[] scopes;
- private final String tokenURL;
-
- public HRenewingTokenSS(final PropAccess access, final String tokenURL, final String ... nss) throws CadiException, IOException, GeneralSecurityException {
- this(access,SecurityInfoC.instance(access, HttpURLConnection.class),tokenURL,nss);
- }
-
- public HRenewingTokenSS(final PropAccess access, final SecurityInfoC<HttpURLConnection> si, final String tokenURL, final String ... nss) throws CadiException, IOException, GeneralSecurityException {
- super(si,null,null/*Note: HeadValue overloaded */);
- this.tokenURL = tokenURL;
- try {
- tcf = TokenClientFactory.instance(access);
- tc = tcf.newClient(tokenURL);
- tc.client_creds(access);
- setUser(tc.client_id());
- String defaultNS = FQI.reverseDomain(tc.client_id());
- if(nss.length>0) {
- boolean hasDefault = false;
- for(String ns : nss) {
- if(ns.equals(defaultNS)) {
- hasDefault = true;
- }
- }
- if(hasDefault) {
- scopes=nss;
- } else {
- String[] nssPlus = new String[nss.length+1];
- nssPlus[0]=defaultNS;
- System.arraycopy(nss, 0, nssPlus, 1, nss.length);
- scopes = nssPlus;
- }
- } else {
- scopes = new String[] {defaultNS};
- }
+ private TokenClientFactory tcf;
+ private final TokenClient tc;
+ private final String[] scopes;
+ private final String tokenURL;
+
+ public HRenewingTokenSS(final PropAccess access, final String tokenURL, final String ... nss) throws CadiException, IOException, GeneralSecurityException {
+ this(access,SecurityInfoC.instance(access, HttpURLConnection.class),tokenURL,nss);
+ }
+
+ public HRenewingTokenSS(final PropAccess access, final SecurityInfoC<HttpURLConnection> si, final String tokenURL, final String ... nss) throws CadiException, IOException, GeneralSecurityException {
+ super(si,null,null/*Note: HeadValue overloaded */);
+ this.tokenURL = tokenURL;
+ try {
+ tcf = TokenClientFactory.instance(access);
+ tc = tcf.newClient(tokenURL);
+ tc.client_creds(access);
+ setUser(tc.client_id());
+ String defaultNS = FQI.reverseDomain(tc.client_id());
+ if(nss.length>0) {
+ boolean hasDefault = false;
+ for(String ns : nss) {
+ if(ns.equals(defaultNS)) {
+ hasDefault = true;
+ }
+ }
+ if(hasDefault) {
+ scopes=nss;
+ } else {
+ String[] nssPlus = new String[nss.length+1];
+ nssPlus[0]=defaultNS;
+ System.arraycopy(nss, 0, nssPlus, 1, nss.length);
+ scopes = nssPlus;
+ }
+ } else {
+ scopes = new String[] {defaultNS};
+ }
- } catch (GeneralSecurityException | IOException | LocatorException | APIException e) {
- throw new CadiException(e);
- }
- }
+ } catch (GeneralSecurityException | IOException | LocatorException | APIException e) {
+ throw new CadiException(e);
+ }
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.client.AbsAuthentication#headValue()
- */
- @Override
- protected String headValue() throws IOException {
- Result<TimedToken> token;
- try {
- token = tc.getToken(Kind.OAUTH,scopes);
- if(token.isOK()) {
- return "Bearer " + token.value.getAccessToken();
- } else {
- throw new IOException("Token cannot be obtained: " + token.code + '-' + token.error);
- }
- } catch (IOException e) {
- throw e;
- } catch (LocatorException | CadiException | APIException e) {
- throw new IOException(e);
- }
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.client.AbsAuthentication#headValue()
+ */
+ @Override
+ protected String headValue() throws IOException {
+ Result<TimedToken> token;
+ try {
+ token = tc.getToken(Kind.OAUTH,scopes);
+ if(token.isOK()) {
+ return "Bearer " + token.value.getAccessToken();
+ } else {
+ throw new IOException("Token cannot be obtained: " + token.code + '-' + token.error);
+ }
+ } catch (IOException e) {
+ throw e;
+ } catch (LocatorException | CadiException | APIException e) {
+ throw new IOException(e);
+ }
+ }
- public String tokenURL() {
- return tokenURL;
- }
+ public String tokenURL() {
+ return tokenURL;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTaf.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTaf.java
index 3d5f7d9a..b4b4b1e3 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTaf.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTaf.java
@@ -41,42 +41,42 @@ import org.onap.aaf.cadi.taf.TafResp.RESP;
import org.onap.aaf.misc.env.APIException;
public class OAuth2HttpTaf implements HttpTaf {
- final private Access access;
- final private TokenMgr tmgr;
+ final private Access access;
+ final private TokenMgr tmgr;
- public OAuth2HttpTaf(final Access access, final TokenMgr tmgr) {
- this.tmgr = tmgr;
- this.access = access;
- }
-
- @Override
- public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
- String authz = req.getHeader("Authorization");
- if(authz != null && authz.length()>7 && authz.startsWith("Bearer ")) {
- if(!req.isSecure()) {
- access.log(Level.WARN,"WARNING! OAuth has been used over an insecure channel");
- }
- try {
- String tkn = authz.substring(7);
- Result<OAuth2Principal> rp = tmgr.toPrincipal(tkn,Hash.hashSHA256(tkn.getBytes()));
- if(rp.isOK()) {
- return new OAuth2HttpTafResp(access,rp.value,rp.value.getName()+" authenticated by Bearer Token",RESP.IS_AUTHENTICATED,resp,false);
- } else {
- return new OAuth2HttpTafResp(access,null,rp.error,RESP.FAIL,resp,true);
- }
- } catch (APIException | CadiException | LocatorException e) {
- return new OAuth2HttpTafResp(access,null,"Bearer Token invalid",RESP.FAIL,resp,true);
- } catch (NoSuchAlgorithmException e) {
- return new OAuth2HttpTafResp(access,null,"Security Algorithm not available",RESP.FAIL,resp,true);
- }
- }
- return new OAuth2HttpTafResp(access,null,"No OAuth2 ",RESP.TRY_ANOTHER_TAF,resp,true);
- }
+ public OAuth2HttpTaf(final Access access, final TokenMgr tmgr) {
+ this.tmgr = tmgr;
+ this.access = access;
+ }
+
+ @Override
+ public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
+ String authz = req.getHeader("Authorization");
+ if(authz != null && authz.length()>7 && authz.startsWith("Bearer ")) {
+ if(!req.isSecure()) {
+ access.log(Level.WARN,"WARNING! OAuth has been used over an insecure channel");
+ }
+ try {
+ String tkn = authz.substring(7);
+ Result<OAuth2Principal> rp = tmgr.toPrincipal(tkn,Hash.hashSHA256(tkn.getBytes()));
+ if(rp.isOK()) {
+ return new OAuth2HttpTafResp(access,rp.value,rp.value.getName()+" authenticated by Bearer Token",RESP.IS_AUTHENTICATED,resp,false);
+ } else {
+ return new OAuth2HttpTafResp(access,null,rp.error,RESP.FAIL,resp,true);
+ }
+ } catch (APIException | CadiException | LocatorException e) {
+ return new OAuth2HttpTafResp(access,null,"Bearer Token invalid",RESP.FAIL,resp,true);
+ } catch (NoSuchAlgorithmException e) {
+ return new OAuth2HttpTafResp(access,null,"Security Algorithm not available",RESP.FAIL,resp,true);
+ }
+ }
+ return new OAuth2HttpTafResp(access,null,"No OAuth2 ",RESP.TRY_ANOTHER_TAF,resp,true);
+ }
- @Override
- public Resp revalidate(CachedPrincipal prin,Object state) {
- //TODO!!!!
- return null;
- }
+ @Override
+ public Resp revalidate(CachedPrincipal prin,Object state) {
+ //TODO!!!!
+ return null;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTafResp.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTafResp.java
index 9292e75e..4fa58700 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTafResp.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTafResp.java
@@ -31,36 +31,36 @@ import org.onap.aaf.cadi.taf.AbsTafResp;
import org.onap.aaf.cadi.taf.TafResp;
public class OAuth2HttpTafResp extends AbsTafResp implements TafResp {
- private static final String tafName = OAuth2HttpTaf.class.getSimpleName();
- private HttpServletResponse httpResp;
- private RESP status;
- private final boolean wasFailed;
-
- public OAuth2HttpTafResp(Access access, OAuth2Principal principal, String desc, RESP status, HttpServletResponse resp, boolean wasFailed) {
- super(access,tafName, principal, desc);
- httpResp = resp;
- this.status = status;
- this.wasFailed = wasFailed;
- }
+ private static final String tafName = OAuth2HttpTaf.class.getSimpleName();
+ private HttpServletResponse httpResp;
+ private RESP status;
+ private final boolean wasFailed;
+
+ public OAuth2HttpTafResp(Access access, OAuth2Principal principal, String desc, RESP status, HttpServletResponse resp, boolean wasFailed) {
+ super(access,tafName, principal, desc);
+ httpResp = resp;
+ this.status = status;
+ this.wasFailed = wasFailed;
+ }
- public OAuth2HttpTafResp(Access access, TrustPrincipal principal, String desc, RESP status,HttpServletResponse resp) {
- super(access,tafName, principal, desc);
- httpResp = resp;
- this.status = status;
- wasFailed = true; // if Trust Principal added, must be good
- }
+ public OAuth2HttpTafResp(Access access, TrustPrincipal principal, String desc, RESP status,HttpServletResponse resp) {
+ super(access,tafName, principal, desc);
+ httpResp = resp;
+ this.status = status;
+ wasFailed = true; // if Trust Principal added, must be good
+ }
- public RESP authenticate() throws IOException {
- httpResp.setStatus(401); // Unauthorized
- return RESP.HTTP_REDIRECT_INVOKED;
- }
+ public RESP authenticate() throws IOException {
+ httpResp.setStatus(401); // Unauthorized
+ return RESP.HTTP_REDIRECT_INVOKED;
+ }
- public RESP isAuthenticated() {
- return status;
- }
+ public RESP isAuthenticated() {
+ return status;
+ }
- public boolean isFailedAttempt() {
- return wasFailed;
- }
+ public boolean isFailedAttempt() {
+ return wasFailed;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Lur.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Lur.java
index b3fe2947..5f4009d5 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Lur.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Lur.java
@@ -32,79 +32,79 @@ import org.onap.aaf.cadi.principal.BearerPrincipal;
import org.onap.aaf.misc.env.util.Split;
public class OAuth2Lur implements Lur {
- private TokenMgr tm;
+ private TokenMgr tm;
- public OAuth2Lur(TokenMgr tm) {
- this.tm = tm;
- }
-
- @Override
- public Permission createPerm(String p) {
- String[] params = Split.split('|', p);
- switch(params.length) {
- case 3:
- return new AAFPermission(null,params[0],params[1],params[2]);
- case 4:
- return new AAFPermission(params[0],params[1],params[2],params[3]);
- default:
- return new LocalPermission(p);
- }
- }
+ public OAuth2Lur(TokenMgr tm) {
+ this.tm = tm;
+ }
+
+ @Override
+ public Permission createPerm(String p) {
+ String[] params = Split.split('|', p);
+ switch(params.length) {
+ case 3:
+ return new AAFPermission(null,params[0],params[1],params[2]);
+ case 4:
+ return new AAFPermission(params[0],params[1],params[2],params[3]);
+ default:
+ return new LocalPermission(p);
+ }
+ }
- @Override
- public boolean fish(Principal bait, Permission ... pond) {
- boolean rv = false;
-
- if(bait instanceof OAuth2Principal) {
- OAuth2Principal oap = (OAuth2Principal)bait;
- for (Permission p : pond ) {
- AAFPermission apond = (AAFPermission)p;
-
- TokenPerm tp = oap.tokenPerm();
- if(tp==null) {
- } else {
- for(Permission perm : tp.perms()) {
- if(perm.match(apond)) {
- return true;
- }
- }
- }
- }
- }
- return rv;
- }
+ @Override
+ public boolean fish(Principal bait, Permission ... pond) {
+ boolean rv = false;
+
+ if(bait instanceof OAuth2Principal) {
+ OAuth2Principal oap = (OAuth2Principal)bait;
+ for (Permission p : pond ) {
+ AAFPermission apond = (AAFPermission)p;
+
+ TokenPerm tp = oap.tokenPerm();
+ if(tp==null) {
+ } else {
+ for(Permission perm : tp.perms()) {
+ if(perm.match(apond)) {
+ return true;
+ }
+ }
+ }
+ }
+ }
+ return rv;
+ }
- @Override
- public void fishAll(Principal bait, List<Permission> permissions) {
- OAuth2Principal oap = (OAuth2Principal)bait;
- TokenPerm tp = oap.tokenPerm();
- if(tp!=null) {
- for(AAFPermission p : tp.perms()) {
- permissions.add(p);
- }
- }
- }
+ @Override
+ public void fishAll(Principal bait, List<Permission> permissions) {
+ OAuth2Principal oap = (OAuth2Principal)bait;
+ TokenPerm tp = oap.tokenPerm();
+ if(tp!=null) {
+ for(AAFPermission p : tp.perms()) {
+ permissions.add(p);
+ }
+ }
+ }
- @Override
- public void destroy() {
- }
+ @Override
+ public void destroy() {
+ }
- @Override
- public boolean handlesExclusively(Permission ... pond) {
- return false;
- }
+ @Override
+ public boolean handlesExclusively(Permission ... pond) {
+ return false;
+ }
- @Override
- public boolean handles(Principal p) {
- if(p!=null && p instanceof BearerPrincipal) {
- return ((BearerPrincipal)p).getBearer()!=null;
- }
- return false;
- }
+ @Override
+ public boolean handles(Principal p) {
+ if(p!=null && p instanceof BearerPrincipal) {
+ return ((BearerPrincipal)p).getBearer()!=null;
+ }
+ return false;
+ }
- @Override
- public void clear(Principal p, StringBuilder report) {
- tm.clear(p,report);
- }
+ @Override
+ public void clear(Principal p, StringBuilder report) {
+ tm.clear(p,report);
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Principal.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Principal.java
index 90d59635..86475d53 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Principal.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Principal.java
@@ -24,31 +24,31 @@ package org.onap.aaf.cadi.oauth;
import org.onap.aaf.cadi.principal.TaggedPrincipal;
public class OAuth2Principal extends TaggedPrincipal {
- private TokenPerm tp;
-// private byte[] hash; // hashed cred for disk validation
-
- public OAuth2Principal(TokenPerm tp, byte[] hash) {
- this.tp = tp;
-// this.hash = hash;
- }
-
- @Override
- public String getName() {
- return tp.getUsername();
- }
-
- public TokenPerm tokenPerm() {
- return tp;
- }
+ private TokenPerm tp;
+// private byte[] hash; // hashed cred for disk validation
+
+ public OAuth2Principal(TokenPerm tp, byte[] hash) {
+ this.tp = tp;
+// this.hash = hash;
+ }
+
+ @Override
+ public String getName() {
+ return tp.getUsername();
+ }
+
+ public TokenPerm tokenPerm() {
+ return tp;
+ }
- @Override
- public String tag() {
- return "OAuth";
- }
+ @Override
+ public String tag() {
+ return "OAuth";
+ }
- @Override
- public String personalName() {
- return tp.getUsername();
- }
-
+ @Override
+ public String personalName() {
+ return tp.getUsername();
+ }
+
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TimedToken.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TimedToken.java
index d4f343f9..38accc7a 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TimedToken.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TimedToken.java
@@ -42,91 +42,91 @@ import aafoauth.v2_0.Token;
*/
// Package on purpose
public class TimedToken extends Token implements Persistable<Token> {
- private Persisting<Token> cacheable; // no double inheritance...
+ private Persisting<Token> cacheable; // no double inheritance...
-// public TimedToken(Token t, byte[] hash) {
-// this(t,(System.currentTimeMillis()/1000)+t.getExpiresIn(),hash,null);
-// }
+// public TimedToken(Token t, byte[] hash) {
+// this(t,(System.currentTimeMillis()/1000)+t.getExpiresIn(),hash,null);
+// }
//
- public TimedToken(Persist<Token,?> p, Token t, byte[] hash, Path path){
- this(p,t,t.getExpiresIn()+(System.currentTimeMillis()/1000),hash, path);
- }
-
- public TimedToken(Persist<Token,?> p, Token t, long expires_secsFrom1970, byte[] hash, Path path) {
- cacheable = new Persisting<Token>(p, t,expires_secsFrom1970, hash, path);
- accessToken=t.getAccessToken();
- expiresIn=t.getExpiresIn();
- refreshToken=t.getRefreshToken();
- scope = t.getScope();
- state = t.getState();
- tokenType = t.getTokenType();
- }
-
-
- @Override
- public Token get() {
- return cacheable.get();
- }
-
- @Override
- public boolean checkSyncTime() {
- return cacheable.checkSyncTime();
- }
-
- @Override
- public boolean checkReloadable() {
- return cacheable.checkReloadable();
- }
-
- @Override
- public boolean hasBeenTouched() {
- return cacheable.hasBeenTouched();
- }
-
- @Override
- public long expires() {
- return cacheable.expires();
- }
-
- @Override
- public boolean expired() {
- return cacheable.expired();
- }
-
- @Override
- public boolean match(byte[] hashIn) {
- return cacheable.match(hashIn);
- }
-
- @Override
- public byte[] getHash() {
- return cacheable.getHash();
- }
-
- @Override
- public void inc() {
- cacheable.inc();
- }
-
- @Override
- public int count() {
- return cacheable.count();
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.oauth.Persistable#clearCount()
- */
- @Override
- public void clearCount() {
- cacheable.clearCount();
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.persist.Persistable#path()
- */
- @Override
- public Path path() {
- return cacheable.path();
- }
+ public TimedToken(Persist<Token,?> p, Token t, byte[] hash, Path path){
+ this(p,t,t.getExpiresIn()+(System.currentTimeMillis()/1000),hash, path);
+ }
+
+ public TimedToken(Persist<Token,?> p, Token t, long expires_secsFrom1970, byte[] hash, Path path) {
+ cacheable = new Persisting<Token>(p, t,expires_secsFrom1970, hash, path);
+ accessToken=t.getAccessToken();
+ expiresIn=t.getExpiresIn();
+ refreshToken=t.getRefreshToken();
+ scope = t.getScope();
+ state = t.getState();
+ tokenType = t.getTokenType();
+ }
+
+
+ @Override
+ public Token get() {
+ return cacheable.get();
+ }
+
+ @Override
+ public boolean checkSyncTime() {
+ return cacheable.checkSyncTime();
+ }
+
+ @Override
+ public boolean checkReloadable() {
+ return cacheable.checkReloadable();
+ }
+
+ @Override
+ public boolean hasBeenTouched() {
+ return cacheable.hasBeenTouched();
+ }
+
+ @Override
+ public long expires() {
+ return cacheable.expires();
+ }
+
+ @Override
+ public boolean expired() {
+ return cacheable.expired();
+ }
+
+ @Override
+ public boolean match(byte[] hashIn) {
+ return cacheable.match(hashIn);
+ }
+
+ @Override
+ public byte[] getHash() {
+ return cacheable.getHash();
+ }
+
+ @Override
+ public void inc() {
+ cacheable.inc();
+ }
+
+ @Override
+ public int count() {
+ return cacheable.count();
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.oauth.Persistable#clearCount()
+ */
+ @Override
+ public void clearCount() {
+ cacheable.clearCount();
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.persist.Persistable#path()
+ */
+ @Override
+ public Path path() {
+ return cacheable.path();
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java
index e0d6bf0e..3b4e074a 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java
@@ -51,446 +51,446 @@ import aafoauth.v2_0.Introspect;
import aafoauth.v2_0.Token;
public class TokenClient {
- private static final String UTF_8 = "UTF-8";
+ private static final String UTF_8 = "UTF-8";
- public enum AUTHN_METHOD {client_credentials,password,payload,basic_auth,certificate,refresh_token, none}
+ public enum AUTHN_METHOD {client_credentials,password,payload,basic_auth,certificate,refresh_token, none}
- private final TokenClientFactory factory;
- private final AAFCon<?> tkCon;
- private static RosettaDF<Token> tokenDF;
- protected static RosettaDF<Introspect> introspectDF;
+ private final TokenClientFactory factory;
+ private final AAFCon<?> tkCon;
+ private static RosettaDF<Token> tokenDF;
+ protected static RosettaDF<Introspect> introspectDF;
- private int timeout;
- private String client_id, username;
- private byte[] enc_client_secret, enc_password;
+ private int timeout;
+ private String client_id, username;
+ private byte[] enc_client_secret, enc_password;
- private GetSetter ss;
- private AUTHN_METHOD authn_method;
- private byte[] hash;
- private final char okind;
- private String default_scope;
+ private GetSetter ss;
+ private AUTHN_METHOD authn_method;
+ private byte[] hash;
+ private final char okind;
+ private String default_scope;
- // Package on Purpose
- TokenClient(char okind, final TokenClientFactory tcf, final AAFCon<?> tkCon, final int timeout, AUTHN_METHOD am) throws CadiException, APIException {
- this.okind = okind;
- factory = tcf;
- this.tkCon = tkCon;
- this.timeout = timeout;
- ss = null;
- authn_method = am;
- synchronized(tcf) {
- if(introspectDF==null) {
- tokenDF = tkCon.env().newDataFactory(Token.class);
- introspectDF = tkCon.env().newDataFactory(Introspect.class);
- }
- }
+ // Package on Purpose
+ TokenClient(char okind, final TokenClientFactory tcf, final AAFCon<?> tkCon, final int timeout, AUTHN_METHOD am) throws CadiException, APIException {
+ this.okind = okind;
+ factory = tcf;
+ this.tkCon = tkCon;
+ this.timeout = timeout;
+ ss = null;
+ authn_method = am;
+ synchronized(tcf) {
+ if(introspectDF==null) {
+ tokenDF = tkCon.env().newDataFactory(Token.class);
+ introspectDF = tkCon.env().newDataFactory(Introspect.class);
+ }
+ }
- }
+ }
- public void client_id(String client_id) {
- this.client_id = client_id;
- default_scope = FQI.reverseDomain(client_id);
- }
-
- public String client_id() {
- return client_id;
- }
-
- /**
- * This scope based on client_id... the App configured for call
- * @return
- */
- public String defaultScope() {
- return default_scope;
- }
+ public void client_id(String client_id) {
+ this.client_id = client_id;
+ default_scope = FQI.reverseDomain(client_id);
+ }
+
+ public String client_id() {
+ return client_id;
+ }
+
+ /**
+ * This scope based on client_id... the App configured for call
+ * @return
+ */
+ public String defaultScope() {
+ return default_scope;
+ }
- public void client_creds(Access access) throws CadiException {
- if(okind=='A') {
- String alias = access.getProperty(Config.CADI_ALIAS, null);
- if(alias == null) {
- client_creds(access.getProperty(Config.AAF_APPID, null),access.getProperty(Config.AAF_APPPASS, null));
- } else {
- client_creds(alias,null);
- }
- } else {
- client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID, null),access.getProperty(Config.AAF_ALT_CLIENT_SECRET, null));
- }
- }
+ public void client_creds(Access access) throws CadiException {
+ if(okind=='A') {
+ String alias = access.getProperty(Config.CADI_ALIAS, null);
+ if(alias == null) {
+ client_creds(access.getProperty(Config.AAF_APPID, null),access.getProperty(Config.AAF_APPPASS, null));
+ } else {
+ client_creds(alias,null);
+ }
+ } else {
+ client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID, null),access.getProperty(Config.AAF_ALT_CLIENT_SECRET, null));
+ }
+ }
- /**
- * Note: OAuth2 provides for normal Authentication parameters when getting tokens. Basic Auth is one such valid
- * way to get Credentials. However, support is up to the OAuth2 Implementation
- *
- * This method is for setting an App's creds (client) to another App.
- *
- * @param client_id
- * @param client_secret
- * @throws IOException
- */
- public void client_creds(final String client_id, final String client_secret) throws CadiException {
- if(client_id==null) {
- throw new CadiException("client_creds:client_id is null");
- }
- this.client_id = client_id;
- default_scope = FQI.reverseDomain(client_id);
+ /**
+ * Note: OAuth2 provides for normal Authentication parameters when getting tokens. Basic Auth is one such valid
+ * way to get Credentials. However, support is up to the OAuth2 Implementation
+ *
+ * This method is for setting an App's creds (client) to another App.
+ *
+ * @param client_id
+ * @param client_secret
+ * @throws IOException
+ */
+ public void client_creds(final String client_id, final String client_secret) throws CadiException {
+ if(client_id==null) {
+ throw new CadiException("client_creds:client_id is null");
+ }
+ this.client_id = client_id;
+ default_scope = FQI.reverseDomain(client_id);
- if(client_secret!=null) {
- try {
- if(client_secret.startsWith("enc:")) {
- final String temp = factory.access.decrypt(client_secret, false); // this is a more powerful, but non-thread-safe encryption
- hash = Hash.hashSHA256(temp.getBytes());
- this.enc_client_secret = factory.symm.encode(temp.getBytes());
- ss = new GetSetter() {
- @Override
- public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
- return con.basicAuth(client_id, temp);// Base class encrypts password
- }
- };
- } else {
- byte[] temp = client_secret.getBytes();
- hash = Hash.hashSHA256(temp);
- this.enc_client_secret = factory.symm.encode(temp);
- ss = new GetSetter() {
- @Override
- public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
- return con.basicAuth(client_id, client_secret);// Base class encrypts password
- }
- };
- }
- authn_method = AUTHN_METHOD.client_credentials;
- } catch(IOException | NoSuchAlgorithmException e) {
- throw new CadiException(e);
- }
- } else {
- ss = new GetSetter() {
- @Override
- public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
- try {
- return con.x509Alias(client_id);// no password, assume Cert
- } catch (APIException e) {
- throw new CadiException(e);
- }
- }
- };
- authn_method = AUTHN_METHOD.client_credentials;
- }
- }
-
- public void username(String username) {
- this.username = username;
- }
+ if(client_secret!=null) {
+ try {
+ if(client_secret.startsWith("enc:")) {
+ final String temp = factory.access.decrypt(client_secret, false); // this is a more powerful, but non-thread-safe encryption
+ hash = Hash.hashSHA256(temp.getBytes());
+ this.enc_client_secret = factory.symm.encode(temp.getBytes());
+ ss = new GetSetter() {
+ @Override
+ public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
+ return con.basicAuth(client_id, temp);// Base class encrypts password
+ }
+ };
+ } else {
+ byte[] temp = client_secret.getBytes();
+ hash = Hash.hashSHA256(temp);
+ this.enc_client_secret = factory.symm.encode(temp);
+ ss = new GetSetter() {
+ @Override
+ public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
+ return con.basicAuth(client_id, client_secret);// Base class encrypts password
+ }
+ };
+ }
+ authn_method = AUTHN_METHOD.client_credentials;
+ } catch(IOException | NoSuchAlgorithmException e) {
+ throw new CadiException(e);
+ }
+ } else {
+ ss = new GetSetter() {
+ @Override
+ public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
+ try {
+ return con.x509Alias(client_id);// no password, assume Cert
+ } catch (APIException e) {
+ throw new CadiException(e);
+ }
+ }
+ };
+ authn_method = AUTHN_METHOD.client_credentials;
+ }
+ }
+
+ public void username(String username) {
+ this.username = username;
+ }
- /**
- * Note: OAuth2 provides for normal Authentication parameters when getting tokens. Basic Auth is one such valid
- * way to get Credentials. However, support is up to the OAuth2 Implementation
- *
- * This method is for setting the End-User's Creds
- *
- * @param client_id
- * @param client_secret
- * @throws IOException
- */
- public void password(final String user, final String password) throws CadiException {
- this.username = user;
- if(password!=null) {
- try {
- if(password.startsWith("enc:")) {
- final String temp = factory.access.decrypt(password, false); // this is a more powerful, but non-thread-safe encryption
- hash = Hash.hashSHA256(temp.getBytes());
- this.enc_password = factory.symm.encode(temp.getBytes());
- ss = new GetSetter() {
- @Override
- public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
- return con.basicAuth(user, temp);// Base class encrypts password
- }
- };
- } else {
- byte[] temp = password.getBytes();
- hash = Hash.hashSHA256(temp);
- this.enc_password = factory.symm.encode(temp);
- ss = new GetSetter() {
- @Override
- public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
- return con.basicAuth(user, password);// Base class encrypts password
- }
- };
- }
- authn_method = AUTHN_METHOD.password;
- } catch (IOException | NoSuchAlgorithmException e) {
- throw new CadiException(e);
- }
- }
- }
-
- public void clearEndUser() {
- username = null;
- enc_password = null;
- if(client_id!=null && enc_client_secret!=null) {
- authn_method = AUTHN_METHOD.client_credentials;
- } else {
- authn_method = AUTHN_METHOD.password;
- }
- }
+ /**
+ * Note: OAuth2 provides for normal Authentication parameters when getting tokens. Basic Auth is one such valid
+ * way to get Credentials. However, support is up to the OAuth2 Implementation
+ *
+ * This method is for setting the End-User's Creds
+ *
+ * @param client_id
+ * @param client_secret
+ * @throws IOException
+ */
+ public void password(final String user, final String password) throws CadiException {
+ this.username = user;
+ if(password!=null) {
+ try {
+ if(password.startsWith("enc:")) {
+ final String temp = factory.access.decrypt(password, false); // this is a more powerful, but non-thread-safe encryption
+ hash = Hash.hashSHA256(temp.getBytes());
+ this.enc_password = factory.symm.encode(temp.getBytes());
+ ss = new GetSetter() {
+ @Override
+ public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
+ return con.basicAuth(user, temp);// Base class encrypts password
+ }
+ };
+ } else {
+ byte[] temp = password.getBytes();
+ hash = Hash.hashSHA256(temp);
+ this.enc_password = factory.symm.encode(temp);
+ ss = new GetSetter() {
+ @Override
+ public <CLIENT> SecuritySetter<CLIENT> get(AAFCon<CLIENT> con) throws CadiException {
+ return con.basicAuth(user, password);// Base class encrypts password
+ }
+ };
+ }
+ authn_method = AUTHN_METHOD.password;
+ } catch (IOException | NoSuchAlgorithmException e) {
+ throw new CadiException(e);
+ }
+ }
+ }
+
+ public void clearEndUser() {
+ username = null;
+ enc_password = null;
+ if(client_id!=null && enc_client_secret!=null) {
+ authn_method = AUTHN_METHOD.client_credentials;
+ } else {
+ authn_method = AUTHN_METHOD.password;
+ }
+ }
- public Result<TimedToken> getToken(final String ... scopes) throws LocatorException, CadiException, APIException {
- return getToken(Kind.OAUTH,scopes);
- }
+ public Result<TimedToken> getToken(final String ... scopes) throws LocatorException, CadiException, APIException {
+ return getToken(Kind.OAUTH,scopes);
+ }
- public void clearToken(final String ... scopes) throws CadiException {
- clearToken(Kind.OAUTH,scopes);
- }
+ public void clearToken(final String ... scopes) throws CadiException {
+ clearToken(Kind.OAUTH,scopes);
+ }
- public void clearToken(final char kind, final String ... scopes) throws CadiException {
- final String scope = addScope(scopes);
- char c;
- if(kind==Kind.OAUTH) {
- c = okind;
- } else {
- c = kind;
- }
- final String key = TokenClientFactory.getKey(c,client_id,username,hash,scope);
- factory.delete(key);
- }
- /**
- * Get AuthToken
- * @throws APIException
- * @throws CadiException
- * @throws LocatorException
- */
- public Result<TimedToken> getToken(final char kind, final String ... scopes) throws LocatorException, CadiException, APIException {
- final String scope = addScope(scopes);
- char c;
- if(kind==Kind.OAUTH) {
- c = okind;
- } else {
- c = kind;
- }
- final String key = TokenClientFactory.getKey(c,client_id,username,hash,scope);
- if(ss==null) {
- throw new APIException("client_creds(...) must be set before obtaining Access Tokens");
- }
-
- Result<TimedToken> rtt = factory.get(key,hash,new Loader<TimedToken>() {
- @Override
- public Result<TimedToken> load(final String key) throws APIException, CadiException, LocatorException {
- final List<String> params = new ArrayList<>();
- params.add(scope);
- addSecurity(params,authn_method);
-
- final String paramsa[] = new String[params.size()];
- params.toArray(paramsa);
- Result<Token> rt = tkCon.best(new Retryable<Result<Token>>() {
- @Override
- public Result<Token> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test
- Future<Token> f = client.postForm(null,tokenDF,paramsa);
- if(f.get(timeout)) {
- return Result.ok(f.code(),f.value);
- } else {
- return Result.err(f.code(), f.body());
- }
- }
- });
-
- if(rt.isOK()) {
- try {
- return Result.ok(rt.code,factory.putTimedToken(key,rt.value, hash));
- } catch (IOException e) {
- // TODO What to do here?
- e.printStackTrace();
- return Result.err(999,e.getMessage());
- }
- } else {
- return Result.err(rt);
- }
- }
- });
- if(rtt.isOK()) { // not validated for Expired
- TimedToken tt = rtt.value;
- if(tt.expired()) {
- rtt = refreshToken(tt);
- if(rtt.isOK()) {
- tkCon.access.printf(Level.INFO, "Refreshed token %s to %s",tt.getAccessToken(),rtt.value.getAccessToken());
- return Result.ok(200,rtt.value);
- } else {
- tkCon.access.printf(Level.INFO, "Expired token %s cannot be renewed %d %s",tt.getAccessToken(),rtt.code,rtt.error);
- factory.delete(key);
- tt=null;
- }
- } else {
- return Result.ok(200,tt);
- }
- } else {
- Result.err(rtt);
- }
- return Result.err(404,"Not Found");
- }
-
- public Result<TimedToken> refreshToken(Token token) throws APIException, LocatorException, CadiException {
- if(ss==null) {
- throw new APIException("client_creds(...) must be set before obtaining Access Tokens");
- }
- final List<String> params = new ArrayList<>();
- params.add("refresh_token="+token.getRefreshToken());
- addSecurity(params,AUTHN_METHOD.refresh_token);
- final String scope="scope="+token.getScope().replace(' ', '+');
- params.add(scope);
-
- final String paramsa[] = new String[params.size()];
- params.toArray(paramsa);
- Result<Token> rt = tkCon.best(new Retryable<Result<Token>>() {
- @Override
- public Result<Token> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test
- Future<Token> f = client.postForm(null,tokenDF,paramsa);
- if(f.get(timeout)) {
- return Result.ok(f.code(),f.value);
- } else {
- return Result.err(f.code(), f.body());
- }
- }
- });
- String key = TokenClientFactory.getKey(okind,client_id, username, hash, scope);
- if(rt.isOK()) {
- try {
- return Result.ok(200,factory.putTimedToken(key, rt.value, hash));
- } catch (IOException e) {
- //TODO what to do here?
- return Result.err(999, e.getMessage());
- }
- } else if(rt.code==404) {
- factory.deleteFromDisk(key);
- }
- return Result.err(rt);
- }
+ public void clearToken(final char kind, final String ... scopes) throws CadiException {
+ final String scope = addScope(scopes);
+ char c;
+ if(kind==Kind.OAUTH) {
+ c = okind;
+ } else {
+ c = kind;
+ }
+ final String key = TokenClientFactory.getKey(c,client_id,username,hash,scope);
+ factory.delete(key);
+ }
+ /**
+ * Get AuthToken
+ * @throws APIException
+ * @throws CadiException
+ * @throws LocatorException
+ */
+ public Result<TimedToken> getToken(final char kind, final String ... scopes) throws LocatorException, CadiException, APIException {
+ final String scope = addScope(scopes);
+ char c;
+ if(kind==Kind.OAUTH) {
+ c = okind;
+ } else {
+ c = kind;
+ }
+ final String key = TokenClientFactory.getKey(c,client_id,username,hash,scope);
+ if(ss==null) {
+ throw new APIException("client_creds(...) must be set before obtaining Access Tokens");
+ }
+
+ Result<TimedToken> rtt = factory.get(key,hash,new Loader<TimedToken>() {
+ @Override
+ public Result<TimedToken> load(final String key) throws APIException, CadiException, LocatorException {
+ final List<String> params = new ArrayList<>();
+ params.add(scope);
+ addSecurity(params,authn_method);
+
+ final String paramsa[] = new String[params.size()];
+ params.toArray(paramsa);
+ Result<Token> rt = tkCon.best(new Retryable<Result<Token>>() {
+ @Override
+ public Result<Token> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test
+ Future<Token> f = client.postForm(null,tokenDF,paramsa);
+ if(f.get(timeout)) {
+ return Result.ok(f.code(),f.value);
+ } else {
+ return Result.err(f.code(), f.body());
+ }
+ }
+ });
+
+ if(rt.isOK()) {
+ try {
+ return Result.ok(rt.code,factory.putTimedToken(key,rt.value, hash));
+ } catch (IOException e) {
+ // TODO What to do here?
+ e.printStackTrace();
+ return Result.err(999,e.getMessage());
+ }
+ } else {
+ return Result.err(rt);
+ }
+ }
+ });
+ if(rtt.isOK()) { // not validated for Expired
+ TimedToken tt = rtt.value;
+ if(tt.expired()) {
+ rtt = refreshToken(tt);
+ if(rtt.isOK()) {
+ tkCon.access.printf(Level.INFO, "Refreshed token %s to %s",tt.getAccessToken(),rtt.value.getAccessToken());
+ return Result.ok(200,rtt.value);
+ } else {
+ tkCon.access.printf(Level.INFO, "Expired token %s cannot be renewed %d %s",tt.getAccessToken(),rtt.code,rtt.error);
+ factory.delete(key);
+ tt=null;
+ }
+ } else {
+ return Result.ok(200,tt);
+ }
+ } else {
+ Result.err(rtt);
+ }
+ return Result.err(404,"Not Found");
+ }
+
+ public Result<TimedToken> refreshToken(Token token) throws APIException, LocatorException, CadiException {
+ if(ss==null) {
+ throw new APIException("client_creds(...) must be set before obtaining Access Tokens");
+ }
+ final List<String> params = new ArrayList<>();
+ params.add("refresh_token="+token.getRefreshToken());
+ addSecurity(params,AUTHN_METHOD.refresh_token);
+ final String scope="scope="+token.getScope().replace(' ', '+');
+ params.add(scope);
+
+ final String paramsa[] = new String[params.size()];
+ params.toArray(paramsa);
+ Result<Token> rt = tkCon.best(new Retryable<Result<Token>>() {
+ @Override
+ public Result<Token> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test
+ Future<Token> f = client.postForm(null,tokenDF,paramsa);
+ if(f.get(timeout)) {
+ return Result.ok(f.code(),f.value);
+ } else {
+ return Result.err(f.code(), f.body());
+ }
+ }
+ });
+ String key = TokenClientFactory.getKey(okind,client_id, username, hash, scope);
+ if(rt.isOK()) {
+ try {
+ return Result.ok(200,factory.putTimedToken(key, rt.value, hash));
+ } catch (IOException e) {
+ //TODO what to do here?
+ return Result.err(999, e.getMessage());
+ }
+ } else if(rt.code==404) {
+ factory.deleteFromDisk(key);
+ }
+ return Result.err(rt);
+ }
- public Result<Introspect> introspect(final String token) throws APIException, LocatorException, CadiException {
- if(ss==null) {
- throw new APIException("client_creds(...) must be set before introspecting Access Tokens");
- }
+ public Result<Introspect> introspect(final String token) throws APIException, LocatorException, CadiException {
+ if(ss==null) {
+ throw new APIException("client_creds(...) must be set before introspecting Access Tokens");
+ }
- return tkCon.best(new Retryable<Result<Introspect>>() {
- @Override
- public Result<Introspect> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- final List<String> params = new ArrayList<>();
- params.add("token="+token);
- addSecurity(params,AUTHN_METHOD.client_credentials);
- final String paramsa[] = new String[params.size()];
- params.toArray(paramsa);
- // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test
- Future<Introspect> f = client.postForm(null,introspectDF,paramsa);
- if(f.get(timeout)) {
- return Result.ok(f.code(),f.value);
- } else {
- return Result.err(f.code(), f.body());
- }
- }
- }
- );
- }
-
- private String addScope(String[] scopes) {
- String rv = null;
- StringBuilder scope=null;
- boolean first = true;
- for(String s : scopes) {
- if(first) {
- scope = new StringBuilder();
- scope.append("scope=");
- first=false;
- } else {
- scope.append('+');
- }
- scope.append(s);
- }
- if(scope!=null) {
- rv=scope.toString();
- }
- return rv;
- }
+ return tkCon.best(new Retryable<Result<Introspect>>() {
+ @Override
+ public Result<Introspect> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ final List<String> params = new ArrayList<>();
+ params.add("token="+token);
+ addSecurity(params,AUTHN_METHOD.client_credentials);
+ final String paramsa[] = new String[params.size()];
+ params.toArray(paramsa);
+ // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test
+ Future<Introspect> f = client.postForm(null,introspectDF,paramsa);
+ if(f.get(timeout)) {
+ return Result.ok(f.code(),f.value);
+ } else {
+ return Result.err(f.code(), f.body());
+ }
+ }
+ }
+ );
+ }
+
+ private String addScope(String[] scopes) {
+ String rv = null;
+ StringBuilder scope=null;
+ boolean first = true;
+ for(String s : scopes) {
+ if(first) {
+ scope = new StringBuilder();
+ scope.append("scope=");
+ first=false;
+ } else {
+ scope.append('+');
+ }
+ scope.append(s);
+ }
+ if(scope!=null) {
+ rv=scope.toString();
+ }
+ return rv;
+ }
- private void addSecurity(List<String> params, AUTHN_METHOD authn) throws APIException {
- // Set GrantType... different than Credentials
- switch(authn) {
- case client_credentials:
- params.add("grant_type=client_credentials");
- break;
- case password:
- params.add("grant_type=password");
- break;
- case refresh_token:
- params.add("grant_type=refresh_token");
- break;
- case none:
- break;
- default:
- // Nothing to do
- break;
- }
-
- // Set Credentials appropriate
- switch(authn_method) {
- case client_credentials:
- if(client_id!=null) {
- params.add("client_id="+client_id);
- }
-
- if(enc_client_secret!=null) {
- try {
- params.add("client_secret="+URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8));
- } catch (IOException e) {
- throw new APIException("Error Decrypting Password",e);
- }
- }
-
- if(username!=null) {
- params.add("username="+username);
- }
+ private void addSecurity(List<String> params, AUTHN_METHOD authn) throws APIException {
+ // Set GrantType... different than Credentials
+ switch(authn) {
+ case client_credentials:
+ params.add("grant_type=client_credentials");
+ break;
+ case password:
+ params.add("grant_type=password");
+ break;
+ case refresh_token:
+ params.add("grant_type=refresh_token");
+ break;
+ case none:
+ break;
+ default:
+ // Nothing to do
+ break;
+ }
+
+ // Set Credentials appropriate
+ switch(authn_method) {
+ case client_credentials:
+ if(client_id!=null) {
+ params.add("client_id="+client_id);
+ }
+
+ if(enc_client_secret!=null) {
+ try {
+ params.add("client_secret="+URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8));
+ } catch (IOException e) {
+ throw new APIException("Error Decrypting Password",e);
+ }
+ }
+
+ if(username!=null) {
+ params.add("username="+username);
+ }
- break;
- case refresh_token:
- if(client_id!=null) {
- params.add("client_id="+client_id);
- }
-
- if(enc_client_secret!=null) {
- try {
- params.add("client_secret="+URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8));
- } catch (IOException e) {
- throw new APIException("Error Decrypting Password",e);
- }
- }
- break;
+ break;
+ case refresh_token:
+ if(client_id!=null) {
+ params.add("client_id="+client_id);
+ }
+
+ if(enc_client_secret!=null) {
+ try {
+ params.add("client_secret="+URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8));
+ } catch (IOException e) {
+ throw new APIException("Error Decrypting Password",e);
+ }
+ }
+ break;
- case password:
- if(client_id!=null) {
- params.add("client_id="+client_id);
- }
-
- if(enc_client_secret!=null) {
- try {
- params.add("client_secret="+ URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8));
- } catch (IOException e) {
- throw new APIException("Error Decrypting Password",e);
- }
- }
- if(username!=null) {
- params.add("username="+username);
- }
-
- if(enc_password!=null) {
- try {
- params.add("password="+ URLEncoder.encode(new String(factory.symm.decode(enc_password)),UTF_8));
- } catch (IOException e) {
- throw new APIException("Error Decrypting Password",e);
- }
- }
-
- break;
- default:
- // Nothing to do
- break;
- }
- }
+ case password:
+ if(client_id!=null) {
+ params.add("client_id="+client_id);
+ }
+
+ if(enc_client_secret!=null) {
+ try {
+ params.add("client_secret="+ URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8));
+ } catch (IOException e) {
+ throw new APIException("Error Decrypting Password",e);
+ }
+ }
+ if(username!=null) {
+ params.add("username="+username);
+ }
+
+ if(enc_password!=null) {
+ try {
+ params.add("password="+ URLEncoder.encode(new String(factory.symm.decode(enc_password)),UTF_8));
+ } catch (IOException e) {
+ throw new APIException("Error Decrypting Password",e);
+ }
+ }
+
+ break;
+ default:
+ // Nothing to do
+ break;
+ }
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java
index e235b681..8a7118c7 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java
@@ -54,132 +54,132 @@ import org.onap.aaf.misc.rosetta.env.RosettaEnv;
import aafoauth.v2_0.Token;
public class TokenClientFactory extends Persist<Token,TimedToken> {
- private static TokenClientFactory instance;
- private Map<String,AAFConHttp> aafcons = new ConcurrentHashMap<>();
- private SecurityInfoC<HttpURLConnection> hsi;
- // Package on purpose
- final Symm symm;
+ private static TokenClientFactory instance;
+ private Map<String,AAFConHttp> aafcons = new ConcurrentHashMap<>();
+ private SecurityInfoC<HttpURLConnection> hsi;
+ // Package on purpose
+ final Symm symm;
- private TokenClientFactory(Access pa) throws APIException, GeneralSecurityException, IOException, CadiException {
- super(pa, new RosettaEnv(pa.getProperties()),Token.class,"outgoing");
-
- if(access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null)==null) {
- access.getProperties().put(Config.AAF_OAUTH2_TOKEN_URL, Defaults.OAUTH2_TOKEN_URL); // Default to AAF
- }
- if(access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,null)==null) {
- access.getProperties().put(Config.AAF_OAUTH2_INTROSPECT_URL, Defaults.OAUTH2_INTROSPECT_URL); // Default to AAF);
- }
+ private TokenClientFactory(Access pa) throws APIException, GeneralSecurityException, IOException, CadiException {
+ super(pa, new RosettaEnv(pa.getProperties()),Token.class,"outgoing");
+
+ if(access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null)==null) {
+ access.getProperties().put(Config.AAF_OAUTH2_TOKEN_URL, Defaults.OAUTH2_TOKEN_URL); // Default to AAF
+ }
+ if(access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,null)==null) {
+ access.getProperties().put(Config.AAF_OAUTH2_INTROSPECT_URL, Defaults.OAUTH2_INTROSPECT_URL); // Default to AAF);
+ }
- symm = Symm.encrypt.obtain();
- hsi = SecurityInfoC.instance(access, HttpURLConnection.class);
- }
-
- public synchronized static final TokenClientFactory instance(Access access) throws APIException, GeneralSecurityException, IOException, CadiException {
- if(instance==null) {
- instance = new TokenClientFactory(access);
- }
- return instance;
- }
-
- /**
- * Pickup Timeout from Properties
- *
- * @param tagOrURL
- * @return
- * @throws CadiException
- * @throws LocatorException
- * @throws APIException
- */
- public<INTR> TokenClient newClient(final String tagOrURL) throws CadiException, LocatorException, APIException {
- return newClient(tagOrURL,Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF)));
- }
-
- public<INTR> TokenClient newClient(final String tagOrURL, final int timeout) throws CadiException, LocatorException, APIException {
- AAFConHttp ach;
- if(tagOrURL==null) {
- throw new CadiException("parameter tagOrURL cannot be null.");
- } else {
- ach = aafcons.get(tagOrURL);
- if(ach==null) {
- aafcons.put(tagOrURL, ach=new AAFConHttp(access,tagOrURL));
- }
- }
- char okind;
- if( Config.AAF_OAUTH2_TOKEN_URL.equals(tagOrURL) ||
- Config.AAF_OAUTH2_INTROSPECT_URL.equals(tagOrURL) ||
- tagOrURL.equals(access.getProperty(Config.AAF_OAUTH2_TOKEN_URL, null)) ||
- tagOrURL.equals(access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL, null))
- ) {
- okind = Kind.AAF_OAUTH;
- } else {
- okind = Kind.OAUTH;
- }
- TokenClient tci = new TokenClient(
- okind,
- this,
- ach,
- timeout,
- AUTHN_METHOD.none);
- tci.client_creds(access);
- return tci;
- }
-
- public TzClient newTzClient(final String locatorURL) throws CadiException, LocatorException {
- try {
- return new TzHClient(access,hsi,bestLocator(locatorURL));
- } catch (URISyntaxException e) {
- throw new LocatorException(e);
- }
- }
+ symm = Symm.encrypt.obtain();
+ hsi = SecurityInfoC.instance(access, HttpURLConnection.class);
+ }
+
+ public synchronized static final TokenClientFactory instance(Access access) throws APIException, GeneralSecurityException, IOException, CadiException {
+ if(instance==null) {
+ instance = new TokenClientFactory(access);
+ }
+ return instance;
+ }
+
+ /**
+ * Pickup Timeout from Properties
+ *
+ * @param tagOrURL
+ * @return
+ * @throws CadiException
+ * @throws LocatorException
+ * @throws APIException
+ */
+ public<INTR> TokenClient newClient(final String tagOrURL) throws CadiException, LocatorException, APIException {
+ return newClient(tagOrURL,Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF)));
+ }
+
+ public<INTR> TokenClient newClient(final String tagOrURL, final int timeout) throws CadiException, LocatorException, APIException {
+ AAFConHttp ach;
+ if(tagOrURL==null) {
+ throw new CadiException("parameter tagOrURL cannot be null.");
+ } else {
+ ach = aafcons.get(tagOrURL);
+ if(ach==null) {
+ aafcons.put(tagOrURL, ach=new AAFConHttp(access,tagOrURL));
+ }
+ }
+ char okind;
+ if( Config.AAF_OAUTH2_TOKEN_URL.equals(tagOrURL) ||
+ Config.AAF_OAUTH2_INTROSPECT_URL.equals(tagOrURL) ||
+ tagOrURL.equals(access.getProperty(Config.AAF_OAUTH2_TOKEN_URL, null)) ||
+ tagOrURL.equals(access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL, null))
+ ) {
+ okind = Kind.AAF_OAUTH;
+ } else {
+ okind = Kind.OAUTH;
+ }
+ TokenClient tci = new TokenClient(
+ okind,
+ this,
+ ach,
+ timeout,
+ AUTHN_METHOD.none);
+ tci.client_creds(access);
+ return tci;
+ }
+
+ public TzClient newTzClient(final String locatorURL) throws CadiException, LocatorException {
+ try {
+ return new TzHClient(access,hsi,bestLocator(locatorURL));
+ } catch (URISyntaxException e) {
+ throw new LocatorException(e);
+ }
+ }
- static String getKey(char tokenSource,String client_id, String username, byte[] hash, String scope) throws CadiException {
- try {
- StringBuilder sb = new StringBuilder(client_id);
- sb.append('_');
- if(username!=null) {
- sb.append(username);
- }
- sb.append('_');
- sb.append(tokenSource);
- byte[] tohash=scope.getBytes();
- if(hash!=null && hash.length>0) {
- byte temp[] = new byte[hash.length+tohash.length];
- System.arraycopy(tohash, 0, temp, 0, tohash.length);
- System.arraycopy(hash, 0, temp, tohash.length, hash.length);
- tohash = temp;
- }
- if(scope!=null && scope.length()>0) {
- sb.append(Hash.toHexNo0x(Hash.hashSHA256(tohash)));
- }
- return sb.toString();
- } catch (NoSuchAlgorithmException e) {
- throw new CadiException(e);
- }
- }
+ static String getKey(char tokenSource,String client_id, String username, byte[] hash, String scope) throws CadiException {
+ try {
+ StringBuilder sb = new StringBuilder(client_id);
+ sb.append('_');
+ if(username!=null) {
+ sb.append(username);
+ }
+ sb.append('_');
+ sb.append(tokenSource);
+ byte[] tohash=scope.getBytes();
+ if(hash!=null && hash.length>0) {
+ byte temp[] = new byte[hash.length+tohash.length];
+ System.arraycopy(tohash, 0, temp, 0, tohash.length);
+ System.arraycopy(hash, 0, temp, tohash.length, hash.length);
+ tohash = temp;
+ }
+ if(scope!=null && scope.length()>0) {
+ sb.append(Hash.toHexNo0x(Hash.hashSHA256(tohash)));
+ }
+ return sb.toString();
+ } catch (NoSuchAlgorithmException e) {
+ throw new CadiException(e);
+ }
+ }
- @Override
- protected TimedToken newCacheable(Token t, long expires, byte[] hash, Path path) throws IOException {
- return new TimedToken(this,t,expires,hash,path);
- }
+ @Override
+ protected TimedToken newCacheable(Token t, long expires, byte[] hash, Path path) throws IOException {
+ return new TimedToken(this,t,expires,hash,path);
+ }
- public TimedToken putTimedToken(String key, Token token, byte[] hash) throws IOException, CadiException {
- TimedToken tt = new TimedToken(this,token,token.getExpiresIn()+(System.currentTimeMillis()/1000),hash,getPath(key));
- put(key,tt);
- return tt;
- }
-
- private static final Pattern locatePattern = Pattern.compile("https://.*/locate/.*");
- public Locator<URI> bestLocator(final String locatorURL ) throws LocatorException, URISyntaxException {
- if(locatorURL==null) {
- throw new LocatorException("Cannot have a null locatorURL in bestLocator");
- }
- if(locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) {
- return new AAFLocator(hsi,new URI(locatorURL));
- } else if(locatorURL.indexOf(',')>0) { // multiple URLs is a Property Locator
- return new PropertyLocator(locatorURL);
- } else {
- return new SingleEndpointLocator(locatorURL);
- }
- // Note: Removed DME2Locator... If DME2 client is needed, use DME2Clients
- }
+ public TimedToken putTimedToken(String key, Token token, byte[] hash) throws IOException, CadiException {
+ TimedToken tt = new TimedToken(this,token,token.getExpiresIn()+(System.currentTimeMillis()/1000),hash,getPath(key));
+ put(key,tt);
+ return tt;
+ }
+
+ private static final Pattern locatePattern = Pattern.compile("https://.*/locate/.*");
+ public Locator<URI> bestLocator(final String locatorURL ) throws LocatorException, URISyntaxException {
+ if(locatorURL==null) {
+ throw new LocatorException("Cannot have a null locatorURL in bestLocator");
+ }
+ if(locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) {
+ return new AAFLocator(hsi,new URI(locatorURL));
+ } else if(locatorURL.indexOf(',')>0) { // multiple URLs is a Property Locator
+ return new PropertyLocator(locatorURL);
+ } else {
+ return new SingleEndpointLocator(locatorURL);
+ }
+ // Note: Removed DME2Locator... If DME2 client is needed, use DME2Clients
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenMgr.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenMgr.java
index 4e781bfa..147621fc 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenMgr.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenMgr.java
@@ -44,150 +44,150 @@ import aaf.v2_0.Perms;
import aafoauth.v2_0.Introspect;
public class TokenMgr extends Persist<Introspect, TokenPerm> {
- protected static Map<String,TokenPerm> tpmap = new ConcurrentHashMap<>();
- protected static Map<String,TokenMgr> tmmap = new HashMap<>(); // synchronized in getInstance
- protected static Map<String,String> currentToken = new HashMap<>(); // synchronized in getTP
- public static RosettaDF<Perms> permsDF;
- public static RosettaDF<Introspect> introspectDF;
+ protected static Map<String,TokenPerm> tpmap = new ConcurrentHashMap<>();
+ protected static Map<String,TokenMgr> tmmap = new HashMap<>(); // synchronized in getInstance
+ protected static Map<String,String> currentToken = new HashMap<>(); // synchronized in getTP
+ public static RosettaDF<Perms> permsDF;
+ public static RosettaDF<Introspect> introspectDF;
- private final TokenPermLoader tpLoader;
-
- private TokenMgr(PropAccess access, String tokenURL, String introspectURL) throws APIException, CadiException {
- super(access,new RosettaEnv(access.getProperties()),Introspect.class,"introspect");
- synchronized(access) {
- if(permsDF==null) {
- permsDF = env.newDataFactory(Perms.class);
- introspectDF = env.newDataFactory(Introspect.class);
- }
- }
- if("dbToken".equals(tokenURL) && "dbIntrospect".equals(introspectURL)) {
- tpLoader = new TokenPermLoader() { // null Loader
- @Override
- public Result<TokenPerm> load(String accessToken, byte[] cred)
- throws APIException, CadiException, LocatorException {
- return Result.err(404, "DBLoader");
- }
- };
- } else {
- RemoteTokenPermLoader rtpl = new RemoteTokenPermLoader(tokenURL, introspectURL); // default is remote
- String i = access.getProperty(Config.AAF_APPID,null);
- String p = access.getProperty(Config.AAF_APPPASS, null);
- if(i==null || p==null) {
- throw new CadiException(Config.AAF_APPID + " and " + Config.AAF_APPPASS + " must be set to initialize TokenMgr");
- }
- rtpl.introCL.client_creds(i,p);
- tpLoader = rtpl;
- }
- }
+ private final TokenPermLoader tpLoader;
+
+ private TokenMgr(PropAccess access, String tokenURL, String introspectURL) throws APIException, CadiException {
+ super(access,new RosettaEnv(access.getProperties()),Introspect.class,"introspect");
+ synchronized(access) {
+ if(permsDF==null) {
+ permsDF = env.newDataFactory(Perms.class);
+ introspectDF = env.newDataFactory(Introspect.class);
+ }
+ }
+ if("dbToken".equals(tokenURL) && "dbIntrospect".equals(introspectURL)) {
+ tpLoader = new TokenPermLoader() { // null Loader
+ @Override
+ public Result<TokenPerm> load(String accessToken, byte[] cred)
+ throws APIException, CadiException, LocatorException {
+ return Result.err(404, "DBLoader");
+ }
+ };
+ } else {
+ RemoteTokenPermLoader rtpl = new RemoteTokenPermLoader(tokenURL, introspectURL); // default is remote
+ String i = access.getProperty(Config.AAF_APPID,null);
+ String p = access.getProperty(Config.AAF_APPPASS, null);
+ if(i==null || p==null) {
+ throw new CadiException(Config.AAF_APPID + " and " + Config.AAF_APPPASS + " must be set to initialize TokenMgr");
+ }
+ rtpl.introCL.client_creds(i,p);
+ tpLoader = rtpl;
+ }
+ }
- private TokenMgr(PropAccess access, TokenPermLoader tpl) throws APIException, CadiException {
- super(access,new RosettaEnv(access.getProperties()),Introspect.class,"incoming");
- synchronized(access) {
- if(permsDF==null) {
- permsDF = env.newDataFactory(Perms.class);
- introspectDF = env.newDataFactory(Introspect.class);
- }
- }
- tpLoader = tpl;
- }
+ private TokenMgr(PropAccess access, TokenPermLoader tpl) throws APIException, CadiException {
+ super(access,new RosettaEnv(access.getProperties()),Introspect.class,"incoming");
+ synchronized(access) {
+ if(permsDF==null) {
+ permsDF = env.newDataFactory(Perms.class);
+ introspectDF = env.newDataFactory(Introspect.class);
+ }
+ }
+ tpLoader = tpl;
+ }
- public static synchronized TokenMgr getInstance(final PropAccess access, final String tokenURL, final String introspectURL) throws APIException, CadiException {
- String key;
- TokenMgr tm = tmmap.get(key=tokenURL+'/'+introspectURL);
- if(tm==null) {
- tmmap.put(key, tm=new TokenMgr(access,tokenURL,introspectURL));
- }
- return tm;
- }
-
- public Result<OAuth2Principal> toPrincipal(final String accessToken, final byte[] hash) throws APIException, CadiException, LocatorException {
- Result<TokenPerm> tp = get(accessToken, hash, new Loader<TokenPerm>() {
- @Override
- public Result<TokenPerm> load(String key) throws APIException, CadiException, LocatorException {
- try {
- return tpLoader.load(accessToken,hash);
- } catch (APIException | LocatorException e) {
- throw new CadiException(e);
- }
- }
- });
- if(tp.isOK()) {
- return Result.ok(200, new OAuth2Principal(tp.value,hash));
- } else {
- return Result.err(tp);
- }
- }
-
- public Result<TokenPerm> get(final String accessToken, final byte[] hash) throws APIException, CadiException, LocatorException {
- return get(accessToken,hash,new Loader<TokenPerm>() {
- @Override
- public Result<TokenPerm> load(String key) throws APIException, CadiException, LocatorException {
- return tpLoader.load(key,hash);
- }
-
- });
-// return tpLoader.load(accessToken,hash);
- }
+ public static synchronized TokenMgr getInstance(final PropAccess access, final String tokenURL, final String introspectURL) throws APIException, CadiException {
+ String key;
+ TokenMgr tm = tmmap.get(key=tokenURL+'/'+introspectURL);
+ if(tm==null) {
+ tmmap.put(key, tm=new TokenMgr(access,tokenURL,introspectURL));
+ }
+ return tm;
+ }
+
+ public Result<OAuth2Principal> toPrincipal(final String accessToken, final byte[] hash) throws APIException, CadiException, LocatorException {
+ Result<TokenPerm> tp = get(accessToken, hash, new Loader<TokenPerm>() {
+ @Override
+ public Result<TokenPerm> load(String key) throws APIException, CadiException, LocatorException {
+ try {
+ return tpLoader.load(accessToken,hash);
+ } catch (APIException | LocatorException e) {
+ throw new CadiException(e);
+ }
+ }
+ });
+ if(tp.isOK()) {
+ return Result.ok(200, new OAuth2Principal(tp.value,hash));
+ } else {
+ return Result.err(tp);
+ }
+ }
+
+ public Result<TokenPerm> get(final String accessToken, final byte[] hash) throws APIException, CadiException, LocatorException {
+ return get(accessToken,hash,new Loader<TokenPerm>() {
+ @Override
+ public Result<TokenPerm> load(String key) throws APIException, CadiException, LocatorException {
+ return tpLoader.load(key,hash);
+ }
+
+ });
+// return tpLoader.load(accessToken,hash);
+ }
- public interface TokenPermLoader{
- public Result<TokenPerm> load(final String accessToken, final byte[] cred) throws APIException, CadiException, LocatorException;
- }
-
- private class RemoteTokenPermLoader implements TokenPermLoader {
- private TokenClientFactory tcf;
- private TokenClient tokenCL, introCL;
+ public interface TokenPermLoader{
+ public Result<TokenPerm> load(final String accessToken, final byte[] cred) throws APIException, CadiException, LocatorException;
+ }
+
+ private class RemoteTokenPermLoader implements TokenPermLoader {
+ private TokenClientFactory tcf;
+ private TokenClient tokenCL, introCL;
- public RemoteTokenPermLoader(final String tokenURL, final String introspectURL) throws APIException, CadiException {
- try {
- tcf = TokenClientFactory.instance(access);
- int timeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
- tokenCL = tcf.newClient(tokenURL,
- timeout);
- if(introspectURL.equals(tokenURL)) {
- introCL = tokenCL;
- } else {
- introCL = tcf.newClient(introspectURL,
- timeout);
- }
+ public RemoteTokenPermLoader(final String tokenURL, final String introspectURL) throws APIException, CadiException {
+ try {
+ tcf = TokenClientFactory.instance(access);
+ int timeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
+ tokenCL = tcf.newClient(tokenURL,
+ timeout);
+ if(introspectURL.equals(tokenURL)) {
+ introCL = tokenCL;
+ } else {
+ introCL = tcf.newClient(introspectURL,
+ timeout);
+ }
- } catch (GeneralSecurityException | IOException | NumberFormatException | LocatorException e) {
- throw new CadiException(e);
- }
- }
-
- public Result<TokenPerm> load(final String accessToken, final byte[] cred) throws APIException, CadiException, LocatorException {
- long start = System.currentTimeMillis();
- try {
- Result<Introspect> ri = introCL.introspect(accessToken);
- if(ri.isOK()) {
- return Result.ok(ri.code, new TokenPerm(TokenMgr.this,permsDF,ri.value,cred,getPath(accessToken)));
- } else {
- return Result.err(ri);
- }
- } finally {
- access.printf(Level.INFO, "Token loaded in %d ms",System.currentTimeMillis()-start);
- }
- }
- }
+ } catch (GeneralSecurityException | IOException | NumberFormatException | LocatorException e) {
+ throw new CadiException(e);
+ }
+ }
+
+ public Result<TokenPerm> load(final String accessToken, final byte[] cred) throws APIException, CadiException, LocatorException {
+ long start = System.currentTimeMillis();
+ try {
+ Result<Introspect> ri = introCL.introspect(accessToken);
+ if(ri.isOK()) {
+ return Result.ok(ri.code, new TokenPerm(TokenMgr.this,permsDF,ri.value,cred,getPath(accessToken)));
+ } else {
+ return Result.err(ri);
+ }
+ } finally {
+ access.printf(Level.INFO, "Token loaded in %d ms",System.currentTimeMillis()-start);
+ }
+ }
+ }
- public void clear(Principal p, StringBuilder report) {
- TokenPerm tp = tpmap.remove(p.getName());
- if(tp==null) {
- report.append("Nothing to clear");
- } else {
- report.append("Cleared ");
- report.append(p.getName());
- }
- }
+ public void clear(Principal p, StringBuilder report) {
+ TokenPerm tp = tpmap.remove(p.getName());
+ if(tp==null) {
+ report.append("Nothing to clear");
+ } else {
+ report.append("Cleared ");
+ report.append(p.getName());
+ }
+ }
- @Override
- protected TokenPerm newCacheable(Introspect i, long expires, byte[] hash, Path path) throws APIException {
- // Note: Introspect drives the Expiration... ignoring expires.
- return new TokenPerm(this,permsDF,i,hash,path);
- }
+ @Override
+ protected TokenPerm newCacheable(Introspect i, long expires, byte[] hash, Path path) throws APIException {
+ // Note: Introspect drives the Expiration... ignoring expires.
+ return new TokenPerm(this,permsDF,i,hash,path);
+ }
- public TokenPerm putIntrospect(Introspect intro, byte[] cred) throws APIException {
- return newCacheable(intro, intro.getExp(), cred, getPath(intro.getAccessToken()));
- }
+ public TokenPerm putIntrospect(Introspect intro, byte[] cred) throws APIException {
+ return newCacheable(intro, intro.getExp(), cred, getPath(intro.getAccessToken()));
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenPerm.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenPerm.java
index bb33bc76..daac8f43 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenPerm.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenPerm.java
@@ -42,133 +42,133 @@ import aaf.v2_0.Perms;
import aafoauth.v2_0.Introspect;
public class TokenPerm extends Persisting<Introspect>{
- private static final List<AAFPermission> NULL_PERMS = new ArrayList<>();
- private Introspect introspect;
- private List<AAFPermission> perms;
- private String scopes;
- public TokenPerm(Persist<Introspect,?> p, RosettaDF<Perms> permsDF, Introspect ti, byte[] hash, Path path) throws APIException {
- super(p,ti,ti.getExp(),hash,path); // ti.getExp() is seconds after Jan 1, 1970 )
- this.introspect = ti;
- if(ti.getContent()==null || ti.getContent().length()==0) {
- perms = NULL_PERMS;
- } else {
- LoadPermissions lp;
- try {
- lp = new LoadPermissions(new StringReader(ti.getContent()));
- perms = lp.perms;
- } catch (ParseException e) {
- throw new APIException("Error parsing Content",e);
- }
- }
- scopes = ti.getScope();
- }
-
- public List<AAFPermission> perms() {
- return perms;
- }
-
- public String getClientId() {
- return introspect.getClientId();
- }
-
- public String getUsername() {
- return introspect.getUsername();
- }
-
- public String getToken() {
- return introspect.getAccessToken();
- }
-
- public synchronized String getScopes() {
- return scopes;
- }
+ private static final List<AAFPermission> NULL_PERMS = new ArrayList<>();
+ private Introspect introspect;
+ private List<AAFPermission> perms;
+ private String scopes;
+ public TokenPerm(Persist<Introspect,?> p, RosettaDF<Perms> permsDF, Introspect ti, byte[] hash, Path path) throws APIException {
+ super(p,ti,ti.getExp(),hash,path); // ti.getExp() is seconds after Jan 1, 1970 )
+ this.introspect = ti;
+ if(ti.getContent()==null || ti.getContent().length()==0) {
+ perms = NULL_PERMS;
+ } else {
+ LoadPermissions lp;
+ try {
+ lp = new LoadPermissions(new StringReader(ti.getContent()));
+ perms = lp.perms;
+ } catch (ParseException e) {
+ throw new APIException("Error parsing Content",e);
+ }
+ }
+ scopes = ti.getScope();
+ }
+
+ public List<AAFPermission> perms() {
+ return perms;
+ }
+
+ public String getClientId() {
+ return introspect.getClientId();
+ }
+
+ public String getUsername() {
+ return introspect.getUsername();
+ }
+
+ public String getToken() {
+ return introspect.getAccessToken();
+ }
+
+ public synchronized String getScopes() {
+ return scopes;
+ }
- public Introspect getIntrospect() {
- return introspect;
- }
-
- // Direct Parse Perms into List
- public static class LoadPermissions {
- public List<AAFPermission> perms;
+ public Introspect getIntrospect() {
+ return introspect;
+ }
+
+ // Direct Parse Perms into List
+ public static class LoadPermissions {
+ public List<AAFPermission> perms;
- public LoadPermissions(Reader r) throws ParseException {
- PermInfo pi = new PermInfo();
- InJson ij = new InJson();
- Parsed<State> pd = ij.newParsed();
- boolean inPerms = false, inPerm = false;
- while((pd = ij.parse(r,pd.reuse())).valid()) {
- switch(pd.event) {
- case Parse.START_DOC:
- perms = new ArrayList<>();
- break;
- case Parse.START_ARRAY:
- inPerms = "perm".equals(pd.name);
- break;
- case '{':
- if(inPerms) {
- inPerm=true;
- pi.clear();
- }
- break;
- case ',':
- if(inPerm) {
- pi.eval(pd);
- }
- break;
- case '}':
- if(inPerms) {
- if(inPerm) {
- pi.eval(pd);
- AAFPermission perm = pi.create();
- if(perm!=null) {
- perms.add(perm);
- }
- }
- inPerm=false;
- }
- break;
- case Parse.END_ARRAY:
- if(inPerms) {
- inPerms=false;
- }
- break;
- case Parse.END_DOC:
- break;
- }
- }
- }
- }
-
- // Gathering object for parsing objects, then creating AAF Permission
- private static class PermInfo {
- public String ns,type,instance,action;
- public void clear() {
- ns=type=instance=action=null;
- }
- public void eval(Parsed<State> pd) {
- if(pd.hasName()) {
- switch(pd.name) {
- case "ns":
- ns=pd.sb.toString();
- break;
- case "type":
- type=pd.sb.toString();
- break;
- case "instance":
- instance=pd.sb.toString();
- break;
- case "action":
- action=pd.sb.toString();
- break;
- }
- }
- }
- public AAFPermission create() {
- if(type!=null && instance!=null && action !=null) {
- return new AAFPermission(ns,type, instance, action);
- } else {
- return null;
- }
- }
- }
+ public LoadPermissions(Reader r) throws ParseException {
+ PermInfo pi = new PermInfo();
+ InJson ij = new InJson();
+ Parsed<State> pd = ij.newParsed();
+ boolean inPerms = false, inPerm = false;
+ while((pd = ij.parse(r,pd.reuse())).valid()) {
+ switch(pd.event) {
+ case Parse.START_DOC:
+ perms = new ArrayList<>();
+ break;
+ case Parse.START_ARRAY:
+ inPerms = "perm".equals(pd.name);
+ break;
+ case '{':
+ if(inPerms) {
+ inPerm=true;
+ pi.clear();
+ }
+ break;
+ case ',':
+ if(inPerm) {
+ pi.eval(pd);
+ }
+ break;
+ case '}':
+ if(inPerms) {
+ if(inPerm) {
+ pi.eval(pd);
+ AAFPermission perm = pi.create();
+ if(perm!=null) {
+ perms.add(perm);
+ }
+ }
+ inPerm=false;
+ }
+ break;
+ case Parse.END_ARRAY:
+ if(inPerms) {
+ inPerms=false;
+ }
+ break;
+ case Parse.END_DOC:
+ break;
+ }
+ }
+ }
+ }
+
+ // Gathering object for parsing objects, then creating AAF Permission
+ private static class PermInfo {
+ public String ns,type,instance,action;
+ public void clear() {
+ ns=type=instance=action=null;
+ }
+ public void eval(Parsed<State> pd) {
+ if(pd.hasName()) {
+ switch(pd.name) {
+ case "ns":
+ ns=pd.sb.toString();
+ break;
+ case "type":
+ type=pd.sb.toString();
+ break;
+ case "instance":
+ instance=pd.sb.toString();
+ break;
+ case "action":
+ action=pd.sb.toString();
+ break;
+ }
+ }
+ }
+ public AAFPermission create() {
+ if(type!=null && instance!=null && action !=null) {
+ return new AAFPermission(ns,type, instance, action);
+ } else {
+ return null;
+ }
+ }
+ }
} \ No newline at end of file
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzClient.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzClient.java
index a14c0f8e..1ebbe877 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzClient.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzClient.java
@@ -35,6 +35,6 @@ import org.onap.aaf.misc.env.APIException;
*
*/
public abstract class TzClient {
- public abstract void setToken(final String client_id, final TimedToken token) throws IOException;
- public abstract <RET> RET best(Retryable<RET> rcode) throws CadiException, LocatorException, APIException;
+ public abstract void setToken(final String client_id, final TimedToken token) throws IOException;
+ public abstract <RET> RET best(Retryable<RET> rcode) throws CadiException, LocatorException, APIException;
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzHClient.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzHClient.java
index c565fa84..77348390 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzHClient.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzHClient.java
@@ -45,38 +45,38 @@ import org.onap.aaf.misc.env.APIException;
*
*/
public class TzHClient extends TzClient {
- private HMangr hman;
- public SecurityInfoC<HttpURLConnection> si;
- private TimedToken token;
- private SecuritySetter<HttpURLConnection> tokenSS;
+ private HMangr hman;
+ public SecurityInfoC<HttpURLConnection> si;
+ private TimedToken token;
+ private SecuritySetter<HttpURLConnection> tokenSS;
- public TzHClient(Access access, String tagOrURL) throws CadiException, LocatorException {
- try {
- si = SecurityInfoC.instance(access, HttpURLConnection.class);
- hman = new HMangr(access, new AAFLocator(si,new URI(access.getProperty(tagOrURL, tagOrURL))));
- } catch (URISyntaxException e) {
- throw new CadiException(e);
- }
- }
- public TzHClient(Access access, SecurityInfoC<HttpURLConnection> hsi, Locator<URI> loc) throws LocatorException {
- si = hsi;
- hman = new HMangr(access, loc);
- }
-
- public void setToken(final String client_id, TimedToken token) throws IOException {
- this.token = token;
- tokenSS = new HTokenSS(si, client_id, token.getAccessToken());
- }
+ public TzHClient(Access access, String tagOrURL) throws CadiException, LocatorException {
+ try {
+ si = SecurityInfoC.instance(access, HttpURLConnection.class);
+ hman = new HMangr(access, new AAFLocator(si,new URI(access.getProperty(tagOrURL, tagOrURL))));
+ } catch (URISyntaxException e) {
+ throw new CadiException(e);
+ }
+ }
+ public TzHClient(Access access, SecurityInfoC<HttpURLConnection> hsi, Locator<URI> loc) throws LocatorException {
+ si = hsi;
+ hman = new HMangr(access, loc);
+ }
+
+ public void setToken(final String client_id, TimedToken token) throws IOException {
+ this.token = token;
+ tokenSS = new HTokenSS(si, client_id, token.getAccessToken());
+ }
- public <RET> RET best (Retryable<RET> retryable) throws CadiException, LocatorException, APIException {
- if(token == null || tokenSS==null) {
- throw new CadiException("OAuth2 Token has not been set");
- }
- if(token.expired()) {
- //TODO Refresh?
- throw new CadiException("Expired Token");
- } else {
- return hman.best(tokenSS, retryable);
- }
- }
+ public <RET> RET best (Retryable<RET> retryable) throws CadiException, LocatorException, APIException {
+ if(token == null || tokenSS==null) {
+ throw new CadiException("OAuth2 Token has not been set");
+ }
+ if(token.expired()) {
+ //TODO Refresh?
+ throw new CadiException("Expired Token");
+ } else {
+ return hman.best(tokenSS, retryable);
+ }
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/obasic/OBasicHttpTaf.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/obasic/OBasicHttpTaf.java
index ff0c246b..688f30b1 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/obasic/OBasicHttpTaf.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/obasic/OBasicHttpTaf.java
@@ -68,129 +68,129 @@ import org.onap.aaf.misc.env.util.Pool.Pooled;
*
*/
public class OBasicHttpTaf extends AbsOTafLur implements HttpTaf {
- private final String realm;
- private final CredVal rbac;
-
-
- public OBasicHttpTaf(final PropAccess access, final CredVal rbac, final String realm, final String token_url, final String introspect_url) throws CadiException {
- super(access, token_url,introspect_url);
- this.rbac = rbac;
- this.realm = realm;
- }
-
- /**
- * Note: BasicHttp works for either Carbon Based (Humans) or Silicon Based (machine) Lifeforms.
- * @see Taf
- */
- public TafResp validate(Taf.LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
- // See if Request implements BasicCred (aka CadiWrap or other), and if User/Pass has already been set separately
- final String user;
- String password=null;
- byte[] cred=null;
- if(req instanceof BasicCred) {
- BasicCred bc = (BasicCred)req;
- user = bc.getUser();
- cred = bc.getCred();
- } else {
- String authz = req.getHeader("Authorization");
- if(authz != null && authz.startsWith("Basic ")) {
- if(!req.isSecure()) {
- access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
- }
- try {
- String temp = Symm.base64noSplit.decode(authz.substring(6));
- int colon = temp.lastIndexOf(':');
- if(colon>0) {
- user = temp.substring(0,colon);
- password = temp.substring(colon+1);
- } else {
- access.printf(Level.AUDIT,"Malformed BasicAuth entry ip=%s, entry=%s",req.getRemoteAddr(),
- access.encrypt(temp));
- return new BasicHttpTafResp(access,null,"Malformed BasicAuth entry",RESP.FAIL,resp,realm,false);
- }
- if(!rbac.validate(user,Type.PASSWORD,password.getBytes(),req)) {
- return new BasicHttpTafResp(access,null,buildMsg(null,req,"user/pass combo invalid for ",user,"from",req.getRemoteAddr()),
- RESP.TRY_AUTHENTICATING,resp,realm,true);
- }
- } catch (IOException e) {
- access.log(e, ERROR_GETTING_TOKEN_CLIENT);
- return new BasicHttpTafResp(access,null,ERROR_GETTING_TOKEN_CLIENT,RESP.FAIL,resp,realm,false);
- }
- } else {
- return new BasicHttpTafResp(access,null,"Not a Basic Auth",RESP.TRY_ANOTHER_TAF,resp,realm,false);
- }
- }
+ private final String realm;
+ private final CredVal rbac;
+
+
+ public OBasicHttpTaf(final PropAccess access, final CredVal rbac, final String realm, final String token_url, final String introspect_url) throws CadiException {
+ super(access, token_url,introspect_url);
+ this.rbac = rbac;
+ this.realm = realm;
+ }
+
+ /**
+ * Note: BasicHttp works for either Carbon Based (Humans) or Silicon Based (machine) Lifeforms.
+ * @see Taf
+ */
+ public TafResp validate(Taf.LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
+ // See if Request implements BasicCred (aka CadiWrap or other), and if User/Pass has already been set separately
+ final String user;
+ String password=null;
+ byte[] cred=null;
+ if(req instanceof BasicCred) {
+ BasicCred bc = (BasicCred)req;
+ user = bc.getUser();
+ cred = bc.getCred();
+ } else {
+ String authz = req.getHeader("Authorization");
+ if(authz != null && authz.startsWith("Basic ")) {
+ if(!req.isSecure()) {
+ access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
+ }
+ try {
+ String temp = Symm.base64noSplit.decode(authz.substring(6));
+ int colon = temp.lastIndexOf(':');
+ if(colon>0) {
+ user = temp.substring(0,colon);
+ password = temp.substring(colon+1);
+ } else {
+ access.printf(Level.AUDIT,"Malformed BasicAuth entry ip=%s, entry=%s",req.getRemoteAddr(),
+ access.encrypt(temp));
+ return new BasicHttpTafResp(access,null,"Malformed BasicAuth entry",RESP.FAIL,resp,realm,false);
+ }
+ if(!rbac.validate(user,Type.PASSWORD,password.getBytes(),req)) {
+ return new BasicHttpTafResp(access,null,buildMsg(null,req,"user/pass combo invalid for ",user,"from",req.getRemoteAddr()),
+ RESP.TRY_AUTHENTICATING,resp,realm,true);
+ }
+ } catch (IOException e) {
+ access.log(e, ERROR_GETTING_TOKEN_CLIENT);
+ return new BasicHttpTafResp(access,null,ERROR_GETTING_TOKEN_CLIENT,RESP.FAIL,resp,realm,false);
+ }
+ } else {
+ return new BasicHttpTafResp(access,null,"Not a Basic Auth",RESP.TRY_ANOTHER_TAF,resp,realm,false);
+ }
+ }
- try {
- if(password==null && cred!=null) {
- password = new String(cred);
- cred = Hash.hashSHA256(cred);
- } else if(password!=null && cred==null) {
- cred = Hash.hashSHA256(password.getBytes());
- }
- Pooled<TokenClient> pclient = tokenClientPool.get();
- try {
- pclient.content.password(user, password);
- String scope=FQI.reverseDomain(client_id);
- Result<TimedToken> rtt = pclient.content.getToken('B',scope);
- if(rtt.isOK()) {
- if(rtt.value.expired()) {
- return new BasicHttpTafResp(access,null,"BasicAuth/OAuth Token: Token Expired",RESP.FAIL,resp,realm,true);
- } else {
- TimedToken tt = rtt.value;
- Result<OAuth2Principal> prin = tkMgr.toPrincipal(tt.getAccessToken(), cred);
- if(prin.isOK()) {
- return new BasicHttpTafResp(access,prin.value,"BasicAuth/OAuth Token Authentication",RESP.IS_AUTHENTICATED,resp,realm,true);
- } else {
- return new BasicHttpTafResp(access,null,"BasicAuth/OAuth Token: " + prin.code + ' ' + prin.error,RESP.FAIL,resp,realm,true);
- }
- }
- } else {
- return new BasicHttpTafResp(access,null,"BasicAuth/OAuth Token: " + rtt.code + ' ' + rtt.error,RESP.FAIL,resp,realm,true);
- }
- } finally {
- pclient.done();
- }
- } catch (APIException | CadiException | LocatorException | NoSuchAlgorithmException e) {
- access.log(e, ERROR_GETTING_TOKEN_CLIENT);
- return new BasicHttpTafResp(access,null,ERROR_GETTING_TOKEN_CLIENT,RESP.TRY_ANOTHER_TAF,resp,realm,false);
- }
- }
-
- protected String buildMsg(Principal pr, HttpServletRequest req, Object ... msg) {
- StringBuilder sb = new StringBuilder();
- if(pr!=null) {
- sb.append("user=");
- sb.append(pr.getName());
- sb.append(',');
- }
- sb.append("ip=");
- sb.append(req.getRemoteAddr());
- sb.append(",port=");
- sb.append(req.getRemotePort());
- if(msg.length>0) {
- sb.append(",msg=\"");
- for(Object s : msg) {
- sb.append(s.toString());
- }
- sb.append('"');
- }
- return sb.toString();
- }
+ try {
+ if(password==null && cred!=null) {
+ password = new String(cred);
+ cred = Hash.hashSHA256(cred);
+ } else if(password!=null && cred==null) {
+ cred = Hash.hashSHA256(password.getBytes());
+ }
+ Pooled<TokenClient> pclient = tokenClientPool.get();
+ try {
+ pclient.content.password(user, password);
+ String scope=FQI.reverseDomain(client_id);
+ Result<TimedToken> rtt = pclient.content.getToken('B',scope);
+ if(rtt.isOK()) {
+ if(rtt.value.expired()) {
+ return new BasicHttpTafResp(access,null,"BasicAuth/OAuth Token: Token Expired",RESP.FAIL,resp,realm,true);
+ } else {
+ TimedToken tt = rtt.value;
+ Result<OAuth2Principal> prin = tkMgr.toPrincipal(tt.getAccessToken(), cred);
+ if(prin.isOK()) {
+ return new BasicHttpTafResp(access,prin.value,"BasicAuth/OAuth Token Authentication",RESP.IS_AUTHENTICATED,resp,realm,true);
+ } else {
+ return new BasicHttpTafResp(access,null,"BasicAuth/OAuth Token: " + prin.code + ' ' + prin.error,RESP.FAIL,resp,realm,true);
+ }
+ }
+ } else {
+ return new BasicHttpTafResp(access,null,"BasicAuth/OAuth Token: " + rtt.code + ' ' + rtt.error,RESP.FAIL,resp,realm,true);
+ }
+ } finally {
+ pclient.done();
+ }
+ } catch (APIException | CadiException | LocatorException | NoSuchAlgorithmException e) {
+ access.log(e, ERROR_GETTING_TOKEN_CLIENT);
+ return new BasicHttpTafResp(access,null,ERROR_GETTING_TOKEN_CLIENT,RESP.TRY_ANOTHER_TAF,resp,realm,false);
+ }
+ }
+
+ protected String buildMsg(Principal pr, HttpServletRequest req, Object ... msg) {
+ StringBuilder sb = new StringBuilder();
+ if(pr!=null) {
+ sb.append("user=");
+ sb.append(pr.getName());
+ sb.append(',');
+ }
+ sb.append("ip=");
+ sb.append(req.getRemoteAddr());
+ sb.append(",port=");
+ sb.append(req.getRemotePort());
+ if(msg.length>0) {
+ sb.append(",msg=\"");
+ for(Object s : msg) {
+ sb.append(s.toString());
+ }
+ sb.append('"');
+ }
+ return sb.toString();
+ }
- @Override
- public Resp revalidate(CachedPrincipal prin, Object state) {
-// if(prin instanceof BasicPrincipal) {
-// BasicPrincipal ba = (BasicPrincipal)prin;
-// if(DenialOfServiceTaf.isDeniedID(ba.getName())!=null) {
-// return Resp.UNVALIDATED;
-// }
-// return rbac.validate(ba.getName(), Type.PASSWORD, ba.getCred(), state)?Resp.REVALIDATED:Resp.UNVALIDATED;
-// }
- return Resp.NOT_MINE;
- }
-
- public String toString() {
- return "Basic Auth enabled on realm: " + realm;
- }
+ @Override
+ public Resp revalidate(CachedPrincipal prin, Object state) {
+// if(prin instanceof BasicPrincipal) {
+// BasicPrincipal ba = (BasicPrincipal)prin;
+// if(DenialOfServiceTaf.isDeniedID(ba.getName())!=null) {
+// return Resp.UNVALIDATED;
+// }
+// return rbac.validate(ba.getName(), Type.PASSWORD, ba.getCred(), state)?Resp.REVALIDATED:Resp.UNVALIDATED;
+// }
+ return Resp.NOT_MINE;
+ }
+
+ public String toString() {
+ return "Basic Auth enabled on realm: " + realm;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/olur/OLur.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/olur/OLur.java
index 73c6c113..c67f986e 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/olur/OLur.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/olur/OLur.java
@@ -46,132 +46,132 @@ import org.onap.aaf.misc.env.util.Pool.Pooled;
import org.onap.aaf.misc.env.util.Split;
public class OLur extends AbsOTafLur implements Lur {
- public OLur(PropAccess access, final String token_url, final String introspect_url) throws APIException, CadiException {
- super(access, token_url, introspect_url);
- }
+ public OLur(PropAccess access, final String token_url, final String introspect_url) throws APIException, CadiException {
+ super(access, token_url, introspect_url);
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#fish(java.security.Principal, org.onap.aaf.cadi.Permission)
- */
- @Override
- public boolean fish(Principal bait, Permission ... pond) {
- TokenPerm tp;
- if(bait instanceof OAuth2Principal) {
- OAuth2Principal oa2p = (OAuth2Principal)bait;
- tp = oa2p.tokenPerm();
- } else {
- tp=null;
- }
- if(tp==null) {
- // if no Token Perm preset, get
- try {
- Pooled<TokenClient> tcp = tokenClientPool.get();
- try {
- TokenClient tc = tcp.content;
- tc.username(bait.getName());
- Set<String> scopeSet = new HashSet<>();
- scopeSet.add(tc.defaultScope());
- AAFPermission ap;
- for (Permission p : pond) {
- if(p instanceof AAFPermission) {
- ap = (AAFPermission)p;
- scopeSet.add(ap.getNS());
- }
- }
- String[] scopes = new String[scopeSet.size()];
- scopeSet.toArray(scopes);
-
- Result<TimedToken> rtt = tc.getToken(Kind.getKind(bait),scopes);
- if(rtt.isOK()) {
- Result<TokenPerm> rtp = tkMgr.get(rtt.value.getAccessToken(), bait.getName().getBytes());
- if(rtp.isOK()) {
- tp = rtp.value;
- }
- }
- } finally {
- tcp.done();
- }
- } catch (APIException | LocatorException | CadiException e) {
- access.log(e, "Unable to Get a Token");
- }
- }
-
- boolean rv = false;
- if(tp!=null) {
- if(tkMgr.access.willLog(Level.DEBUG)) {
- StringBuilder sb = new StringBuilder("AAF Permissions for user ");
- sb.append(bait.getName());
- sb.append(", from token ");
- sb.append(tp.get().getAccessToken());
- for (AAFPermission p : tp.perms()) {
- sb.append("\n\t[");
- sb.append(p.getNS());
- sb.append(']');
- sb.append(p.getType());
- sb.append('|');
- sb.append(p.getInstance());
- sb.append('|');
- sb.append(p.getAction());
- }
- sb.append('\n');
- access.log(Level.DEBUG, sb);
- }
- for (Permission p : pond) {
- if(rv) {
- break;
- }
- for (AAFPermission perm : tp.perms()) {
- if (rv=perm.match(p)) {
- break;
- }
- }
- }
- }
- return rv;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#fish(java.security.Principal, org.onap.aaf.cadi.Permission)
+ */
+ @Override
+ public boolean fish(Principal bait, Permission ... pond) {
+ TokenPerm tp;
+ if(bait instanceof OAuth2Principal) {
+ OAuth2Principal oa2p = (OAuth2Principal)bait;
+ tp = oa2p.tokenPerm();
+ } else {
+ tp=null;
+ }
+ if(tp==null) {
+ // if no Token Perm preset, get
+ try {
+ Pooled<TokenClient> tcp = tokenClientPool.get();
+ try {
+ TokenClient tc = tcp.content;
+ tc.username(bait.getName());
+ Set<String> scopeSet = new HashSet<>();
+ scopeSet.add(tc.defaultScope());
+ AAFPermission ap;
+ for (Permission p : pond) {
+ if(p instanceof AAFPermission) {
+ ap = (AAFPermission)p;
+ scopeSet.add(ap.getNS());
+ }
+ }
+ String[] scopes = new String[scopeSet.size()];
+ scopeSet.toArray(scopes);
+
+ Result<TimedToken> rtt = tc.getToken(Kind.getKind(bait),scopes);
+ if(rtt.isOK()) {
+ Result<TokenPerm> rtp = tkMgr.get(rtt.value.getAccessToken(), bait.getName().getBytes());
+ if(rtp.isOK()) {
+ tp = rtp.value;
+ }
+ }
+ } finally {
+ tcp.done();
+ }
+ } catch (APIException | LocatorException | CadiException e) {
+ access.log(e, "Unable to Get a Token");
+ }
+ }
+
+ boolean rv = false;
+ if(tp!=null) {
+ if(tkMgr.access.willLog(Level.DEBUG)) {
+ StringBuilder sb = new StringBuilder("AAF Permissions for user ");
+ sb.append(bait.getName());
+ sb.append(", from token ");
+ sb.append(tp.get().getAccessToken());
+ for (AAFPermission p : tp.perms()) {
+ sb.append("\n\t[");
+ sb.append(p.getNS());
+ sb.append(']');
+ sb.append(p.getType());
+ sb.append('|');
+ sb.append(p.getInstance());
+ sb.append('|');
+ sb.append(p.getAction());
+ }
+ sb.append('\n');
+ access.log(Level.DEBUG, sb);
+ }
+ for (Permission p : pond) {
+ if(rv) {
+ break;
+ }
+ for (AAFPermission perm : tp.perms()) {
+ if (rv=perm.match(p)) {
+ break;
+ }
+ }
+ }
+ }
+ return rv;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#fishAll(java.security.Principal, java.util.List)
- */
- @Override
- public void fishAll(Principal bait, List<Permission> permissions) {
- if(bait instanceof OAuth2Principal) {
- for (AAFPermission p : ((OAuth2Principal)bait).tokenPerm().perms()) {
- permissions.add(p);
- }
- }
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#fishAll(java.security.Principal, java.util.List)
+ */
+ @Override
+ public void fishAll(Principal bait, List<Permission> permissions) {
+ if(bait instanceof OAuth2Principal) {
+ for (AAFPermission p : ((OAuth2Principal)bait).tokenPerm().perms()) {
+ permissions.add(p);
+ }
+ }
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#handlesExclusively(org.onap.aaf.cadi.Permission)
- */
- @Override
- public boolean handlesExclusively(Permission ... pond) {
- return false;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#handlesExclusively(org.onap.aaf.cadi.Permission)
+ */
+ @Override
+ public boolean handlesExclusively(Permission ... pond) {
+ return false;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#handles(java.security.Principal)
- */
- @Override
- public boolean handles(Principal principal) {
- return principal instanceof OAuth2Principal;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#handles(java.security.Principal)
+ */
+ @Override
+ public boolean handles(Principal principal) {
+ return principal instanceof OAuth2Principal;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#createPerm(java.lang.String)
- */
- @Override
- public Permission createPerm(final String p) {
- String[] s = Split.split('|',p);
- switch(s.length) {
- case 3:
- return new AAFPermission(null, s[0],s[1],s[2]);
- case 4:
- return new AAFPermission(s[0],s[1],s[2],s[3]);
- default:
- return new LocalPermission(p);
- }
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#createPerm(java.lang.String)
+ */
+ @Override
+ public Permission createPerm(final String p) {
+ String[] s = Split.split('|',p);
+ switch(s.length) {
+ case 3:
+ return new AAFPermission(null, s[0],s[1],s[2]);
+ case 4:
+ return new AAFPermission(s[0],s[1],s[2],s[3]);
+ default:
+ return new LocalPermission(p);
+ }
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persist.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persist.java
index 11acbe91..d87ee780 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persist.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persist.java
@@ -48,254 +48,254 @@ import org.onap.aaf.misc.rosetta.env.RosettaDF;
import org.onap.aaf.misc.rosetta.env.RosettaEnv;
public abstract class Persist<T,CT extends Persistable<T>> extends PersistFile {
- private static final long ONE_DAY = 86400000L;
- private static final long CLEAN_CHECK = 2*60*1000L; // check every 2 mins
- private static Timer clean;
+ private static final long ONE_DAY = 86400000L;
+ private static final long CLEAN_CHECK = 2*60*1000L; // check every 2 mins
+ private static Timer clean;
- // store all the directories to review
- // No Concurrent HashSet, or at least, it is all implemented with HashMap in older versions
- private static Queue<Persist<?,?>> allPersists = new ConcurrentLinkedQueue<Persist<?,?>>();
-
- private Map<String,CT> tmap;
- protected RosettaEnv env;
- private RosettaDF<T> df;
+ // store all the directories to review
+ // No Concurrent HashSet, or at least, it is all implemented with HashMap in older versions
+ private static Queue<Persist<?,?>> allPersists = new ConcurrentLinkedQueue<Persist<?,?>>();
+
+ private Map<String,CT> tmap;
+ protected RosettaEnv env;
+ private RosettaDF<T> df;
-
- public Persist(Access access, RosettaEnv env, Class<T> cls, String sub_dir) throws CadiException, APIException {
- super(access, sub_dir);
- this.env = env;
- df = env.newDataFactory(cls);
- tmap = new ConcurrentHashMap<>();
- synchronized(Persist.class) {
- if(clean==null) {
- clean = new Timer(true);
- clean.schedule(new Clean(access), 20000, CLEAN_CHECK);
- }
- }
- allPersists.add(this);
- }
-
- public void close() {
- allPersists.remove(this);
- }
-
- protected abstract CT newCacheable(T t, long expires_secsFrom1970, byte[] hash, Path path) throws APIException, IOException;
+
+ public Persist(Access access, RosettaEnv env, Class<T> cls, String sub_dir) throws CadiException, APIException {
+ super(access, sub_dir);
+ this.env = env;
+ df = env.newDataFactory(cls);
+ tmap = new ConcurrentHashMap<>();
+ synchronized(Persist.class) {
+ if(clean==null) {
+ clean = new Timer(true);
+ clean.schedule(new Clean(access), 20000, CLEAN_CHECK);
+ }
+ }
+ allPersists.add(this);
+ }
+
+ public void close() {
+ allPersists.remove(this);
+ }
+
+ protected abstract CT newCacheable(T t, long expires_secsFrom1970, byte[] hash, Path path) throws APIException, IOException;
- public RosettaDF<T> getDF() {
- return df;
- }
- public Result<CT> get(final String key, final byte[] hash, Loader<CT> rl) throws CadiException, APIException, LocatorException {
- if(key==null) {
- return null;
- }
- Holder<Path> hp = new Holder<Path>(null);
- CT ct = tmap.get(key);
- // Make sure cached Item is synced with Disk, but only even Minute to save Disk hits
- if(ct!=null && ct.checkSyncTime()) { // check File Time only every SYNC Period (2 min)
- if(ct.hasBeenTouched()) {
- tmap.remove(key);
- ct = null;
- access.log(Level.DEBUG,"File for",key,"has been touched, removing memory entry");
- }
- }
+ public RosettaDF<T> getDF() {
+ return df;
+ }
+ public Result<CT> get(final String key, final byte[] hash, Loader<CT> rl) throws CadiException, APIException, LocatorException {
+ if(key==null) {
+ return null;
+ }
+ Holder<Path> hp = new Holder<Path>(null);
+ CT ct = tmap.get(key);
+ // Make sure cached Item is synced with Disk, but only even Minute to save Disk hits
+ if(ct!=null && ct.checkSyncTime()) { // check File Time only every SYNC Period (2 min)
+ if(ct.hasBeenTouched()) {
+ tmap.remove(key);
+ ct = null;
+ access.log(Level.DEBUG,"File for",key,"has been touched, removing memory entry");
+ }
+ }
- // If not currently in memory, check with Disk (which might have been updated by other processes)
- if(ct==null) {
- Holder<Long> hl = new Holder<Long>(0L);
- T t;
- if((t = readDisk(df, hash, key, hp, hl))!=null) {
- try {
- if((ct = newCacheable(t,hl.get(),hash,hp.get()))!=null) {
- tmap.put(key, ct);
- }
- access.log(Level.DEBUG,"Read Token from",key);
- } catch (IOException e) {
- access.log(e,"Reading Token from",key);
- }
- } // if not read, then ct still==null
-
- // If not in memory, or on disk, get from Remote... IF reloadable (meaning, isn't hitting too often, etc).
- if(ct==null || ct.checkReloadable()) {
- // Load from external (if makes sense)
- Result<CT> rtp = rl.load(key);
- if(rtp.isOK()) {
- ct = rtp.value;
- try {
- Path p = getPath(key);
- writeDisk(df, ct.get(),ct.getHash(),p,ct.expires());
- access.log(Level.DEBUG, "Writing token",key);
- } catch(CadiException e) {
- throw e;
- } catch (Exception e) {
- throw new CadiException(e);
- }
- } else {
- return Result.err(rtp);
- }
- }
-
- if(ct!=null) {
- tmap.put(key, ct);
- }
- } else {
- access.log(Level.DEBUG,"Found token in memory",key);
- }
- // ct can only be not-null here
- ct.inc();
- return Result.ok(200,ct);
- }
+ // If not currently in memory, check with Disk (which might have been updated by other processes)
+ if(ct==null) {
+ Holder<Long> hl = new Holder<Long>(0L);
+ T t;
+ if((t = readDisk(df, hash, key, hp, hl))!=null) {
+ try {
+ if((ct = newCacheable(t,hl.get(),hash,hp.get()))!=null) {
+ tmap.put(key, ct);
+ }
+ access.log(Level.DEBUG,"Read Token from",key);
+ } catch (IOException e) {
+ access.log(e,"Reading Token from",key);
+ }
+ } // if not read, then ct still==null
+
+ // If not in memory, or on disk, get from Remote... IF reloadable (meaning, isn't hitting too often, etc).
+ if(ct==null || ct.checkReloadable()) {
+ // Load from external (if makes sense)
+ Result<CT> rtp = rl.load(key);
+ if(rtp.isOK()) {
+ ct = rtp.value;
+ try {
+ Path p = getPath(key);
+ writeDisk(df, ct.get(),ct.getHash(),p,ct.expires());
+ access.log(Level.DEBUG, "Writing token",key);
+ } catch(CadiException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ } else {
+ return Result.err(rtp);
+ }
+ }
+
+ if(ct!=null) {
+ tmap.put(key, ct);
+ }
+ } else {
+ access.log(Level.DEBUG,"Found token in memory",key);
+ }
+ // ct can only be not-null here
+ ct.inc();
+ return Result.ok(200,ct);
+ }
- public void put(String key, CT ct) throws CadiException {
- writeDisk(df, ct.get(), ct.getHash(), key, ct.expires());
- tmap.put(key,ct);
- }
-
- public void delete(String key) {
- tmap.remove(key);
- deleteFromDisk(key);
- }
+ public void put(String key, CT ct) throws CadiException {
+ writeDisk(df, ct.get(), ct.getHash(), key, ct.expires());
+ tmap.put(key,ct);
+ }
+
+ public void delete(String key) {
+ tmap.remove(key);
+ deleteFromDisk(key);
+ }
- public interface Loader<CT> {
- Result<CT> load(String key) throws APIException, CadiException, LocatorException;
- }
+ public interface Loader<CT> {
+ Result<CT> load(String key) throws APIException, CadiException, LocatorException;
+ }
- /**
- * Clean will examine resources, and remove those that have expired.
- *
- * If "highs" have been exceeded, then we'll expire 10% more the next time. This will adjust after each run
- * without checking contents more than once, making a good average "high" in the minimum speed.
- *
- * @author Jonathan
- *
- */
- private static final class Clean extends TimerTask {
- private final Access access;
- private long hourly;
-
- public Clean(Access access) {
- this.access = access;
- hourly=0;
- }
-
- private static class Metrics {
- public int mexists = 0, dexists=0;
- public int mremoved = 0, dremoved=0;
- }
-
- public void run() {
- final long now = System.currentTimeMillis();
- final long dayFromNow = now + ONE_DAY;
- final Metrics metrics = new Metrics();
- for(final Persist<?,?> persist : allPersists) {
- // Clear memory
- if(access.willLog(Level.DEBUG)) {
- access.log(Level.DEBUG, "Persist: Cleaning memory cache for",persist.tokenPath.toAbsolutePath());
- }
- for(Entry<String, ?> es : persist.tmap.entrySet()) {
- ++metrics.mexists;
- Persistable<?> p = (Persistable<?>)es.getValue();
- if(p.checkSyncTime()) {
- if(p.count()==0) {
- ++metrics.mremoved;
- persist.tmap.remove(es.getKey());
- access.printf(Level.DEBUG, "Persist: removed cached item %s from memory\n", es.getKey());
- } else {
- p.clearCount();
- }
- } else if(Files.exists(p.path())) {
-
- }
- }
- // Clear disk
- try {
- final StringBuilder sb = new StringBuilder();
- Files.walkFileTree(persist.tokenPath, new FileVisitor<Path>() {
- @Override
- public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) throws IOException {
- sb.setLength(0);
- sb.append("Persist: Cleaning files from ");
- sb.append(dir.toAbsolutePath());
- return FileVisitResult.CONTINUE;
- }
+ /**
+ * Clean will examine resources, and remove those that have expired.
+ *
+ * If "highs" have been exceeded, then we'll expire 10% more the next time. This will adjust after each run
+ * without checking contents more than once, making a good average "high" in the minimum speed.
+ *
+ * @author Jonathan
+ *
+ */
+ private static final class Clean extends TimerTask {
+ private final Access access;
+ private long hourly;
+
+ public Clean(Access access) {
+ this.access = access;
+ hourly=0;
+ }
+
+ private static class Metrics {
+ public int mexists = 0, dexists=0;
+ public int mremoved = 0, dremoved=0;
+ }
+
+ public void run() {
+ final long now = System.currentTimeMillis();
+ final long dayFromNow = now + ONE_DAY;
+ final Metrics metrics = new Metrics();
+ for(final Persist<?,?> persist : allPersists) {
+ // Clear memory
+ if(access.willLog(Level.DEBUG)) {
+ access.log(Level.DEBUG, "Persist: Cleaning memory cache for",persist.tokenPath.toAbsolutePath());
+ }
+ for(Entry<String, ?> es : persist.tmap.entrySet()) {
+ ++metrics.mexists;
+ Persistable<?> p = (Persistable<?>)es.getValue();
+ if(p.checkSyncTime()) {
+ if(p.count()==0) {
+ ++metrics.mremoved;
+ persist.tmap.remove(es.getKey());
+ access.printf(Level.DEBUG, "Persist: removed cached item %s from memory\n", es.getKey());
+ } else {
+ p.clearCount();
+ }
+ } else if(Files.exists(p.path())) {
+
+ }
+ }
+ // Clear disk
+ try {
+ final StringBuilder sb = new StringBuilder();
+ Files.walkFileTree(persist.tokenPath, new FileVisitor<Path>() {
+ @Override
+ public FileVisitResult preVisitDirectory(Path dir, BasicFileAttributes attrs) throws IOException {
+ sb.setLength(0);
+ sb.append("Persist: Cleaning files from ");
+ sb.append(dir.toAbsolutePath());
+ return FileVisitResult.CONTINUE;
+ }
- @Override
- public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
- if(attrs.isRegularFile()) {
- ++metrics.dexists;
- try {
+ @Override
+ public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
+ if(attrs.isRegularFile()) {
+ ++metrics.dexists;
+ try {
- long exp = persist.readExpiration(file)*1000; // readExpiration is seconds from 1970
- if(now > exp) { // cover for bad token
- sb.append("\n\tFile ");
- sb.append(file.getFileName());
- sb.append(" expired ");
- sb.append(Chrono.dateTime(new Date(exp)));
- persist.deleteFromDisk(file);
- ++metrics.dremoved;
- } else if(exp > dayFromNow) {
- sb.append("\n\tFile ");
- sb.append(file.toString());
- sb.append(" data corrupted.");
- persist.deleteFromDisk(file);
- ++metrics.dremoved;
- }
- } catch (CadiException e) {
- sb.append("\n\tError reading File ");
- sb.append(file.toString());
- sb.append(". ");
- sb.append(e.getMessage());
- ++metrics.dremoved;
- }
-
- }
- return FileVisitResult.CONTINUE;
- }
+ long exp = persist.readExpiration(file)*1000; // readExpiration is seconds from 1970
+ if(now > exp) { // cover for bad token
+ sb.append("\n\tFile ");
+ sb.append(file.getFileName());
+ sb.append(" expired ");
+ sb.append(Chrono.dateTime(new Date(exp)));
+ persist.deleteFromDisk(file);
+ ++metrics.dremoved;
+ } else if(exp > dayFromNow) {
+ sb.append("\n\tFile ");
+ sb.append(file.toString());
+ sb.append(" data corrupted.");
+ persist.deleteFromDisk(file);
+ ++metrics.dremoved;
+ }
+ } catch (CadiException e) {
+ sb.append("\n\tError reading File ");
+ sb.append(file.toString());
+ sb.append(". ");
+ sb.append(e.getMessage());
+ ++metrics.dremoved;
+ }
+
+ }
+ return FileVisitResult.CONTINUE;
+ }
- @Override
- public FileVisitResult visitFileFailed(Path file, IOException exc) throws IOException {
- access.log(Level.ERROR,"Error visiting file %s (%s)\n",file.toString(),exc.getMessage());
- return FileVisitResult.CONTINUE;
- }
+ @Override
+ public FileVisitResult visitFileFailed(Path file, IOException exc) throws IOException {
+ access.log(Level.ERROR,"Error visiting file %s (%s)\n",file.toString(),exc.getMessage());
+ return FileVisitResult.CONTINUE;
+ }
- @Override
- public FileVisitResult postVisitDirectory(Path dir, IOException exc) throws IOException {
- access.log(Level.DEBUG, sb);
- return FileVisitResult.CONTINUE;
- }
-
- });
- } catch (IOException e) {
- access.log(e, "Exception while cleaning Persistance");
- }
-
- }
-
- // We want to print some activity of Persistence Check at least hourly, even if no activity has occurred, but not litter the log if nothing is happening
- boolean go=false;
- Level level=Level.WARN;
- if(access.willLog(Level.INFO)) {
- go = true;
- level=Level.INFO;
- } else if(access.willLog(Level.WARN)) {
- go = metrics.mremoved>0 || metrics.dremoved>0 || --hourly <= 0;
- }
-
- if(go) {
- access.printf(level, "Persist Cache: removed %d of %d items from memory and %d of %d from disk",
- metrics.mremoved, metrics.mexists, metrics.dremoved, metrics.dexists);
- hourly = 3600000/CLEAN_CHECK;
- }
- }
- }
+ @Override
+ public FileVisitResult postVisitDirectory(Path dir, IOException exc) throws IOException {
+ access.log(Level.DEBUG, sb);
+ return FileVisitResult.CONTINUE;
+ }
+
+ });
+ } catch (IOException e) {
+ access.log(e, "Exception while cleaning Persistance");
+ }
+
+ }
+
+ // We want to print some activity of Persistence Check at least hourly, even if no activity has occurred, but not litter the log if nothing is happening
+ boolean go=false;
+ Level level=Level.WARN;
+ if(access.willLog(Level.INFO)) {
+ go = true;
+ level=Level.INFO;
+ } else if(access.willLog(Level.WARN)) {
+ go = metrics.mremoved>0 || metrics.dremoved>0 || --hourly <= 0;
+ }
+
+ if(go) {
+ access.printf(level, "Persist Cache: removed %d of %d items from memory and %d of %d from disk",
+ metrics.mremoved, metrics.mexists, metrics.dremoved, metrics.dexists);
+ hourly = 3600000/CLEAN_CHECK;
+ }
+ }
+ }
- /* (non-Javadoc)
- * @see java.lang.Object#finalize()
- */
- @Override
- protected void finalize() throws Throwable {
- close(); // can call twice.
- }
+ /* (non-Javadoc)
+ * @see java.lang.Object#finalize()
+ */
+ @Override
+ protected void finalize() throws Throwable {
+ close(); // can call twice.
+ }
-
+
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/PersistFile.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/PersistFile.java
index 8fd2c986..7aab519d 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/PersistFile.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/PersistFile.java
@@ -50,206 +50,206 @@ import org.onap.aaf.misc.rosetta.env.RosettaDF;
public class PersistFile {
- private static final String HASH_NO_MATCH = "Hash does not match in Persistence";
- private static final Object LOCK = new Object();
-
- protected static Symm symm;
- public Access access;
- protected final Path tokenPath;
- protected final String tokenDir;
- private static final boolean isWindows = System.getProperty("os.name").startsWith("Windows");
-
- public PersistFile(Access access, String sub_dir) throws CadiException, APIException {
- this.access = access;
- tokenPath = Paths.get(access.getProperty(Config.CADI_TOKEN_DIR,"tokens"), sub_dir);
- try {
- if(!Files.exists(tokenPath)) {
- if(isWindows) {
- // Sorry Windows users, you need to secure your own paths
- Files.createDirectories(tokenPath);
- } else {
- Set<PosixFilePermission> spfp = PosixFilePermissions.fromString("rwxr-x---");
- Files.createDirectories(tokenPath,PosixFilePermissions.asFileAttribute(spfp));
- }
- }
- tokenDir=tokenPath.toRealPath().toString();
- } catch (IOException e) {
- throw new CadiException(e);
- }
- synchronized(LOCK) {
- if(symm==null) {
- symm = Symm.obtain(access);
- }
- }
- }
+ private static final String HASH_NO_MATCH = "Hash does not match in Persistence";
+ private static final Object LOCK = new Object();
+
+ protected static Symm symm;
+ public Access access;
+ protected final Path tokenPath;
+ protected final String tokenDir;
+ private static final boolean isWindows = System.getProperty("os.name").startsWith("Windows");
+
+ public PersistFile(Access access, String sub_dir) throws CadiException, APIException {
+ this.access = access;
+ tokenPath = Paths.get(access.getProperty(Config.CADI_TOKEN_DIR,"tokens"), sub_dir);
+ try {
+ if(!Files.exists(tokenPath)) {
+ if(isWindows) {
+ // Sorry Windows users, you need to secure your own paths
+ Files.createDirectories(tokenPath);
+ } else {
+ Set<PosixFilePermission> spfp = PosixFilePermissions.fromString("rwxr-x---");
+ Files.createDirectories(tokenPath,PosixFilePermissions.asFileAttribute(spfp));
+ }
+ }
+ tokenDir=tokenPath.toRealPath().toString();
+ } catch (IOException e) {
+ throw new CadiException(e);
+ }
+ synchronized(LOCK) {
+ if(symm==null) {
+ symm = Symm.obtain(access);
+ }
+ }
+ }
- public<T> Path writeDisk(final RosettaDF<T> df, final T t, final byte[] cred, final String filename, final long expires) throws CadiException {
- return writeDisk(df,t,cred,Paths.get(tokenDir,filename),expires);
- }
+ public<T> Path writeDisk(final RosettaDF<T> df, final T t, final byte[] cred, final String filename, final long expires) throws CadiException {
+ return writeDisk(df,t,cred,Paths.get(tokenDir,filename),expires);
+ }
- public<T> Path writeDisk(final RosettaDF<T> df, final T t, final byte[] cred, final Path target, final long expires) throws CadiException {
- // Make sure File is completely written before making accessible on disk... avoid corruption.
- try {
- Path tpath = Files.createTempFile(tokenPath,target.getFileName().toString(), ".tmp");
- final OutputStream dos = Files.newOutputStream(tpath, StandardOpenOption.CREATE,StandardOpenOption.WRITE);
- try {
- // Write Expires so that we can read unencrypted.
- for(int i=0;i<Long.SIZE;i+=8) {
- dos.write((byte)((expires>>i)&0xFF));
- }
+ public<T> Path writeDisk(final RosettaDF<T> df, final T t, final byte[] cred, final Path target, final long expires) throws CadiException {
+ // Make sure File is completely written before making accessible on disk... avoid corruption.
+ try {
+ Path tpath = Files.createTempFile(tokenPath,target.getFileName().toString(), ".tmp");
+ final OutputStream dos = Files.newOutputStream(tpath, StandardOpenOption.CREATE,StandardOpenOption.WRITE);
+ try {
+ // Write Expires so that we can read unencrypted.
+ for(int i=0;i<Long.SIZE;i+=8) {
+ dos.write((byte)((expires>>i)&0xFF));
+ }
- symm.exec(new Symm.SyncExec<Void>() {
- @Override
- public Void exec(Encryption enc) throws Exception {
- CipherOutputStream os = enc.outputStream(dos, true);
- try {
- int size = cred==null?0:cred.length;
- for(int i=0;i<Integer.SIZE;i+=8) {
- os.write((byte)((size>>i)&0xFF));
- }
- if(cred!=null) {
- os.write(cred);
- }
- df.newData().load(t).to(os);
- } finally {
- // Note: Someone on the Web noticed that using a DataOutputStream would not full close out without a flush first,
- // leaving files open.
- try {
- os.flush();
- } catch (IOException e) {
- access.log(Level.INFO, "Note: Caught Exeption while flushing CipherStream. Handled.");
- }
- try {
- os.close();
- } catch (IOException e) {
- access.log(Level.INFO, "Note: Caught Exeption while closing CipherStream. Handled.");
- }
- }
- return null;
- }
- });
- } catch(Exception e) {
- throw new CadiException(e);
- } finally {
- dos.close();
- }
- return Files.move(tpath, target, StandardCopyOption.ATOMIC_MOVE,StandardCopyOption.REPLACE_EXISTING);
- } catch (IOException e) {
- throw new CadiException(e);
- }
+ symm.exec(new Symm.SyncExec<Void>() {
+ @Override
+ public Void exec(Encryption enc) throws Exception {
+ CipherOutputStream os = enc.outputStream(dos, true);
+ try {
+ int size = cred==null?0:cred.length;
+ for(int i=0;i<Integer.SIZE;i+=8) {
+ os.write((byte)((size>>i)&0xFF));
+ }
+ if(cred!=null) {
+ os.write(cred);
+ }
+ df.newData().load(t).to(os);
+ } finally {
+ // Note: Someone on the Web noticed that using a DataOutputStream would not full close out without a flush first,
+ // leaving files open.
+ try {
+ os.flush();
+ } catch (IOException e) {
+ access.log(Level.INFO, "Note: Caught Exeption while flushing CipherStream. Handled.");
+ }
+ try {
+ os.close();
+ } catch (IOException e) {
+ access.log(Level.INFO, "Note: Caught Exeption while closing CipherStream. Handled.");
+ }
+ }
+ return null;
+ }
+ });
+ } catch(Exception e) {
+ throw new CadiException(e);
+ } finally {
+ dos.close();
+ }
+ return Files.move(tpath, target, StandardCopyOption.ATOMIC_MOVE,StandardCopyOption.REPLACE_EXISTING);
+ } catch (IOException e) {
+ throw new CadiException(e);
+ }
- }
+ }
- public <T> T readDisk(final RosettaDF<T> df, final byte[] cred, final String filename,final Holder<Path> hp, final Holder<Long> hl) throws CadiException {
- if(hp.get()==null) {
- hp.set(Paths.get(tokenDir,filename));
- }
- return readDisk(df,cred,hp.get(),hl);
- }
-
- public <T> T readDisk(final RosettaDF<T> df, final byte[] cred, final Path target, final Holder<Long> hexpired) throws CadiException {
- // Try from Disk
- T t = null;
- if(Files.exists(target)) {
- try {
- final InputStream is = Files.newInputStream(target,StandardOpenOption.READ);
- try {
- // Read Expired unencrypted
- long exp=0;
- for(int i=0;i<Long.SIZE;i+=8) {
- exp |= ((long)is.read()<<i);
- }
- hexpired.set(exp);
-
- t = symm.exec(new Symm.SyncExec<T>() {
- @Override
- public T exec(Encryption enc) throws Exception {
- CipherInputStream dis = enc.inputStream(is,false);
- try {
- int size=0;
- for(int i=0;i<Integer.SIZE;i+=8) {
- size |= ((int)dis.read()<<i);
- }
- if(size>256) {
- throw new CadiException("Invalid size in Token Persistence");
- } else if(cred!=null && size!=cred.length) {
- throw new CadiException(HASH_NO_MATCH);
- }
- if(cred!=null) {
- byte[] array = new byte[size];
- if(dis.read(array)>0) {
- for(int i=0;i<size;++i) {
- if(cred[i]!=array[i]) {
- throw new CadiException(HASH_NO_MATCH);
- }
- }
- }
- }
- return df.newData().load(dis).asObject();
- } finally {
- dis.close();
- }
- }
- });
- } finally {
- is.close();
- }
- } catch (NoSuchFileException e) {
- return t;
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
- return t;
- }
-
- public long readExpiration(final Path target) throws CadiException {
- long exp=0L;
- if(Files.exists(target)) {
- try {
- final InputStream is = Files.newInputStream(target,StandardOpenOption.READ);
- try {
- for(int i=0;i<Long.SIZE;i+=8) {
- exp |= ((long)is.read()<<i);
- }
- } finally {
- is.close();
- }
- return exp;
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
- return exp;
- }
+ public <T> T readDisk(final RosettaDF<T> df, final byte[] cred, final String filename,final Holder<Path> hp, final Holder<Long> hl) throws CadiException {
+ if(hp.get()==null) {
+ hp.set(Paths.get(tokenDir,filename));
+ }
+ return readDisk(df,cred,hp.get(),hl);
+ }
+
+ public <T> T readDisk(final RosettaDF<T> df, final byte[] cred, final Path target, final Holder<Long> hexpired) throws CadiException {
+ // Try from Disk
+ T t = null;
+ if(Files.exists(target)) {
+ try {
+ final InputStream is = Files.newInputStream(target,StandardOpenOption.READ);
+ try {
+ // Read Expired unencrypted
+ long exp=0;
+ for(int i=0;i<Long.SIZE;i+=8) {
+ exp |= ((long)is.read()<<i);
+ }
+ hexpired.set(exp);
+
+ t = symm.exec(new Symm.SyncExec<T>() {
+ @Override
+ public T exec(Encryption enc) throws Exception {
+ CipherInputStream dis = enc.inputStream(is,false);
+ try {
+ int size=0;
+ for(int i=0;i<Integer.SIZE;i+=8) {
+ size |= ((int)dis.read()<<i);
+ }
+ if(size>256) {
+ throw new CadiException("Invalid size in Token Persistence");
+ } else if(cred!=null && size!=cred.length) {
+ throw new CadiException(HASH_NO_MATCH);
+ }
+ if(cred!=null) {
+ byte[] array = new byte[size];
+ if(dis.read(array)>0) {
+ for(int i=0;i<size;++i) {
+ if(cred[i]!=array[i]) {
+ throw new CadiException(HASH_NO_MATCH);
+ }
+ }
+ }
+ }
+ return df.newData().load(dis).asObject();
+ } finally {
+ dis.close();
+ }
+ }
+ });
+ } finally {
+ is.close();
+ }
+ } catch (NoSuchFileException e) {
+ return t;
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ }
+ return t;
+ }
+
+ public long readExpiration(final Path target) throws CadiException {
+ long exp=0L;
+ if(Files.exists(target)) {
+ try {
+ final InputStream is = Files.newInputStream(target,StandardOpenOption.READ);
+ try {
+ for(int i=0;i<Long.SIZE;i+=8) {
+ exp |= ((long)is.read()<<i);
+ }
+ } finally {
+ is.close();
+ }
+ return exp;
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ }
+ return exp;
+ }
- public void deleteFromDisk(Path path) {
- try {
- Files.deleteIfExists(path);
- } catch (IOException e) {
- access.log(Level.ERROR, e);
- }
- }
+ public void deleteFromDisk(Path path) {
+ try {
+ Files.deleteIfExists(path);
+ } catch (IOException e) {
+ access.log(Level.ERROR, e);
+ }
+ }
- public void deleteFromDisk(String token) {
- Path tpath = Paths.get(tokenDir,token);
- try {
- Files.deleteIfExists(tpath);
- } catch (IOException e) {
- access.log(Level.ERROR, e);
- }
- }
+ public void deleteFromDisk(String token) {
+ Path tpath = Paths.get(tokenDir,token);
+ try {
+ Files.deleteIfExists(tpath);
+ } catch (IOException e) {
+ access.log(Level.ERROR, e);
+ }
+ }
- public Path getPath(String filename) {
- return Paths.get(tokenDir,filename);
- }
-
- public FileTime getFileTime(String filename, Holder<Path> hp) throws IOException {
- Path p = hp.get();
- if(p==null) {
- hp.set(p=Paths.get(tokenDir,filename));
- }
- return Files.getLastModifiedTime(p);
- }
+ public Path getPath(String filename) {
+ return Paths.get(tokenDir,filename);
+ }
+
+ public FileTime getFileTime(String filename, Holder<Path> hp) throws IOException {
+ Path p = hp.get();
+ if(p==null) {
+ hp.set(p=Paths.get(tokenDir,filename));
+ }
+ return Files.getLastModifiedTime(p);
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persistable.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persistable.java
index 65437795..1f22028b 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persistable.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persistable.java
@@ -24,16 +24,16 @@ package org.onap.aaf.cadi.persist;
import java.nio.file.Path;
public interface Persistable<T> {
- public boolean checkSyncTime();
- public boolean checkReloadable();
- public void inc();
- public int count();
- public void clearCount();
- public boolean hasBeenTouched();
- public long expires(); // seconds from 1970
- public boolean expired();
- public byte[] getHash();
- public boolean match(byte[] hashIn);
- public T get();
- public Path path();
+ public boolean checkSyncTime();
+ public boolean checkReloadable();
+ public void inc();
+ public int count();
+ public void clearCount();
+ public boolean hasBeenTouched();
+ public long expires(); // seconds from 1970
+ public boolean expired();
+ public byte[] getHash();
+ public boolean match(byte[] hashIn);
+ public T get();
+ public Path path();
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persisting.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persisting.java
index 8b98f5bf..dd136a2a 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persisting.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persisting.java
@@ -30,134 +30,134 @@ import java.nio.file.attribute.FileTime;
import org.onap.aaf.cadi.Access.Level;
public class Persisting<T> implements Persistable<T> {
- private static final byte[] EMPTY = new byte[0];
- private final byte[] hash; // need to be able to validate disk entry
-
- private static final long SYNC_TIME = 1000*60*1L; // Checking File change max 1 min
- private FileTime lastTouched;
- private int count;
- private long expires;
- private long nextCheck;
- private T t;
- private Path path;
- private Persist<T, ?> persist;
-
- public Persisting(Persist<T,?> p, T t, long expiresSecsFrom1970, byte[] hash, Path path) {
- persist = p;
- this.t=t;
- expires = expiresSecsFrom1970;
- this.path = path;
- try {
- lastTouched = Files.getLastModifiedTime(path);
- } catch (IOException e) {
- lastTouched = null;
- }
- count=0;
- nextCheck=0;
- if(hash==null) {
- this.hash = EMPTY;
- } else {
- this.hash = hash;
- }
- }
-
- @Override
- public T get() {
- return t;
- }
-
- @Override
- public long expires() {
- return expires;
- }
-
- @Override
- public boolean expired() {
- return System.currentTimeMillis()/1000>expires;
- }
-
- @Override
- public boolean hasBeenTouched() {
- try {
- FileTime modT = Files.getLastModifiedTime(path);
- if(lastTouched==null) {
- lastTouched = modT;
- return true;
- } else {
- return !modT.equals(lastTouched);
- }
- } catch (NoSuchFileException e) {
- persist.access.log(Level.DEBUG, "File not found " + e.getMessage() + ", this is ok, marking as touched.");
- return true;
- } catch (IOException e) {
- persist.access.log(e, "Accessing File Time");
- return true;
- }
- }
-
- @Override
- public synchronized boolean checkSyncTime() {
- long temp=System.currentTimeMillis();
- if(nextCheck==0 || nextCheck<temp) {
- nextCheck = temp+SYNC_TIME;
- return true;
- }
- return false;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.oauth.Persistable#checkReloadTime()
- */
- @Override
- public boolean checkReloadable() {
- //TODO other elements to add here...
- // Ideas: Is it valid?
- // if not, How many times has it been checked in the last minute
- return expired();
- }
-
- @Override
- public byte[] getHash() {
- return hash;
- }
-
- @Override
- public boolean match(byte[] hashIn) {
- if(hash==null || hashIn==null || hash.length!=hashIn.length) {
- return false;
- }
- for(int i=0;i<hashIn.length;++i) {
- if(hash[i]!=hashIn[i]) {
- return false;
- }
- }
- return true;
- }
-
- @Override
- public synchronized void inc() {
- ++count;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.oauth.Cacheable#count()
- */
- @Override
- public int count() {
- return count;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.oauth.Persistable#clearCount()
- */
- @Override
- public synchronized void clearCount() {
- count=0;
- }
-
- @Override
- public Path path() {
- return path;
- }
+ private static final byte[] EMPTY = new byte[0];
+ private final byte[] hash; // need to be able to validate disk entry
+
+ private static final long SYNC_TIME = 1000*60*1L; // Checking File change max 1 min
+ private FileTime lastTouched;
+ private int count;
+ private long expires;
+ private long nextCheck;
+ private T t;
+ private Path path;
+ private Persist<T, ?> persist;
+
+ public Persisting(Persist<T,?> p, T t, long expiresSecsFrom1970, byte[] hash, Path path) {
+ persist = p;
+ this.t=t;
+ expires = expiresSecsFrom1970;
+ this.path = path;
+ try {
+ lastTouched = Files.getLastModifiedTime(path);
+ } catch (IOException e) {
+ lastTouched = null;
+ }
+ count=0;
+ nextCheck=0;
+ if(hash==null) {
+ this.hash = EMPTY;
+ } else {
+ this.hash = hash;
+ }
+ }
+
+ @Override
+ public T get() {
+ return t;
+ }
+
+ @Override
+ public long expires() {
+ return expires;
+ }
+
+ @Override
+ public boolean expired() {
+ return System.currentTimeMillis()/1000>expires;
+ }
+
+ @Override
+ public boolean hasBeenTouched() {
+ try {
+ FileTime modT = Files.getLastModifiedTime(path);
+ if(lastTouched==null) {
+ lastTouched = modT;
+ return true;
+ } else {
+ return !modT.equals(lastTouched);
+ }
+ } catch (NoSuchFileException e) {
+ persist.access.log(Level.DEBUG, "File not found " + e.getMessage() + ", this is ok, marking as touched.");
+ return true;
+ } catch (IOException e) {
+ persist.access.log(e, "Accessing File Time");
+ return true;
+ }
+ }
+
+ @Override
+ public synchronized boolean checkSyncTime() {
+ long temp=System.currentTimeMillis();
+ if(nextCheck==0 || nextCheck<temp) {
+ nextCheck = temp+SYNC_TIME;
+ return true;
+ }
+ return false;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.oauth.Persistable#checkReloadTime()
+ */
+ @Override
+ public boolean checkReloadable() {
+ //TODO other elements to add here...
+ // Ideas: Is it valid?
+ // if not, How many times has it been checked in the last minute
+ return expired();
+ }
+
+ @Override
+ public byte[] getHash() {
+ return hash;
+ }
+
+ @Override
+ public boolean match(byte[] hashIn) {
+ if(hash==null || hashIn==null || hash.length!=hashIn.length) {
+ return false;
+ }
+ for(int i=0;i<hashIn.length;++i) {
+ if(hash[i]!=hashIn[i]) {
+ return false;
+ }
+ }
+ return true;
+ }
+
+ @Override
+ public synchronized void inc() {
+ ++count;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.oauth.Cacheable#count()
+ */
+ @Override
+ public int count() {
+ return count;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.oauth.Persistable#clearCount()
+ */
+ @Override
+ public synchronized void clearCount() {
+ count=0;
+ }
+
+ @Override
+ public Path path() {
+ return path;
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrant.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrant.java
index 17e850ff..4bbe5ff9 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrant.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrant.java
@@ -25,6 +25,6 @@ import org.onap.aaf.cadi.client.Result;
import org.onap.aaf.misc.env.impl.BasicEnv;
public interface Registrant<ENV extends BasicEnv> {
- public Result<Void> update(ENV env);
- public Result<Void> cancel(ENV env);
+ public Result<Void> update(ENV env);
+ public Result<Void> cancel(ENV env);
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrar.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrar.java
index 954c8555..32ff8109 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrar.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrar.java
@@ -31,72 +31,72 @@ import org.onap.aaf.cadi.client.Result;
import org.onap.aaf.misc.env.impl.BasicEnv;
public class Registrar<ENV extends BasicEnv> {
- private static final String REGISTRAR = "Registrar";
- private static final long INTERVAL = 15*60*1000L; // 15 mins
- private static final long START = 3000; // Start in 3 seconds
- private static final Object LOCK = new Object();
- private Deque<Registrant<ENV>> registrants;
- private Timer timer, erroringTimer;
+ private static final String REGISTRAR = "Registrar";
+ private static final long INTERVAL = 15*60*1000L; // 15 mins
+ private static final long START = 3000; // Start in 3 seconds
+ private static final Object LOCK = new Object();
+ private Deque<Registrant<ENV>> registrants;
+ private Timer timer, erroringTimer;
- public Registrar(final ENV env, boolean shutdownHook) {
- registrants = new ConcurrentLinkedDeque<Registrant<ENV>>();
+ public Registrar(final ENV env, boolean shutdownHook) {
+ registrants = new ConcurrentLinkedDeque<Registrant<ENV>>();
- erroringTimer = null;
- timer = new Timer(REGISTRAR,true);
- timer.schedule(new RegistrationTimerTask(env), START, INTERVAL);
-
- if(shutdownHook) {
- Runtime.getRuntime().addShutdownHook(new Thread() {
- public void run() {
- close(env);
- }
- });
- }
- }
-
- private class RegistrationTimerTask extends TimerTask {
- private final ENV env;
- public RegistrationTimerTask(ENV env) {
- this.env = env;
- }
- @Override
- public void run() {
- for(Iterator<Registrant<ENV>> iter = registrants.iterator(); iter.hasNext();) {
- Registrant<ENV> reg = iter.next();
- Result<Void> rv = reg.update(env);
- synchronized(LOCK) {
- if(rv.isOK()) {
- if(erroringTimer!=null) {
- erroringTimer.cancel();
- erroringTimer = null;
- }
- } else {
- // Account for different Registrations not being to same place
- if(erroringTimer==null) {
- erroringTimer = new Timer(REGISTRAR + " error re-check ",true);
- erroringTimer.schedule(new RegistrationTimerTask(env),20000,20000);
- }
- }
- }
- }
- }
- }
-
- public void register(Registrant<ENV> r) {
- registrants.addLast(r);
- }
-
- public void deregister(Registrant<ENV> r) {
- registrants.remove(r);
- }
+ erroringTimer = null;
+ timer = new Timer(REGISTRAR,true);
+ timer.schedule(new RegistrationTimerTask(env), START, INTERVAL);
+
+ if(shutdownHook) {
+ Runtime.getRuntime().addShutdownHook(new Thread() {
+ public void run() {
+ close(env);
+ }
+ });
+ }
+ }
+
+ private class RegistrationTimerTask extends TimerTask {
+ private final ENV env;
+ public RegistrationTimerTask(ENV env) {
+ this.env = env;
+ }
+ @Override
+ public void run() {
+ for(Iterator<Registrant<ENV>> iter = registrants.iterator(); iter.hasNext();) {
+ Registrant<ENV> reg = iter.next();
+ Result<Void> rv = reg.update(env);
+ synchronized(LOCK) {
+ if(rv.isOK()) {
+ if(erroringTimer!=null) {
+ erroringTimer.cancel();
+ erroringTimer = null;
+ }
+ } else {
+ // Account for different Registrations not being to same place
+ if(erroringTimer==null) {
+ erroringTimer = new Timer(REGISTRAR + " error re-check ",true);
+ erroringTimer.schedule(new RegistrationTimerTask(env),20000,20000);
+ }
+ }
+ }
+ }
+ }
+ }
+
+ public void register(Registrant<ENV> r) {
+ registrants.addLast(r);
+ }
+
+ public void deregister(Registrant<ENV> r) {
+ registrants.remove(r);
+ }
- public void close(ENV env) {
- timer.cancel();
+ public void close(ENV env) {
+ timer.cancel();
- Registrant<ENV> r;
- while(registrants.peek()!=null) {
- r = registrants.pop();
- r.cancel(env);
- }
- }
+ Registrant<ENV> r;
+ while(registrants.peek()!=null) {
+ r = registrants.pop();
+ r.cancel(env);
+ }
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java
index b21f8975..ae7ded3a 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java
@@ -48,136 +48,136 @@ import locate.v1_0.MgmtEndpoint;
import locate.v1_0.MgmtEndpoints;
public class RemoteRegistrant<ENV extends BasicEnv> implements Registrant<ENV> {
- private final MgmtEndpoint mep;
- private final MgmtEndpoints meps;
- private final AAFCon<HttpURLConnection> aafcon;
- private final RosettaDF<MgmtEndpoints> mgmtEndpointsDF;
- private final Locator<URI> locator;
- private final Access access;
- private final int timeout;
+ private final MgmtEndpoint mep;
+ private final MgmtEndpoints meps;
+ private final AAFCon<HttpURLConnection> aafcon;
+ private final RosettaDF<MgmtEndpoints> mgmtEndpointsDF;
+ private final Locator<URI> locator;
+ private final Access access;
+ private final int timeout;
- @SafeVarargs
- public RemoteRegistrant(AAFCon<HttpURLConnection> aafcon, String name, String version, int port, RemoteRegistrant<ENV> ... others) throws CadiException, LocatorException {
- this.aafcon = aafcon;
- access = aafcon.access;
- try {
- mgmtEndpointsDF = aafcon.env.newDataFactory(MgmtEndpoints.class);
- } catch (APIException e1) {
- throw new CadiException(e1);
- }
- timeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
- String aaf_locate = access.getProperty(Config.AAF_LOCATE_URL,null);
- if(aaf_locate==null) {
- throw new CadiException(Config.AAF_LOCATE_URL + " is required.");
- } else {
- // Note: want Property Locator or Single, not AAFLocator, because we want the core service, not what it can find
- try {
- if(aaf_locate.indexOf(',')>=0) {
- locator = new PropertyLocator(aaf_locate);
- } else {
- locator = new SingleEndpointLocator(aaf_locate);
- }
- } catch (URISyntaxException e) {
- throw new CadiException(e);
- }
- }
-
- mep = new MgmtEndpoint();
- mep.setName(name);
- mep.setPort(port);
+ @SafeVarargs
+ public RemoteRegistrant(AAFCon<HttpURLConnection> aafcon, String name, String version, int port, RemoteRegistrant<ENV> ... others) throws CadiException, LocatorException {
+ this.aafcon = aafcon;
+ access = aafcon.access;
+ try {
+ mgmtEndpointsDF = aafcon.env.newDataFactory(MgmtEndpoints.class);
+ } catch (APIException e1) {
+ throw new CadiException(e1);
+ }
+ timeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
+ String aaf_locate = access.getProperty(Config.AAF_LOCATE_URL,null);
+ if(aaf_locate==null) {
+ throw new CadiException(Config.AAF_LOCATE_URL + " is required.");
+ } else {
+ // Note: want Property Locator or Single, not AAFLocator, because we want the core service, not what it can find
+ try {
+ if(aaf_locate.indexOf(',')>=0) {
+ locator = new PropertyLocator(aaf_locate);
+ } else {
+ locator = new SingleEndpointLocator(aaf_locate);
+ }
+ } catch (URISyntaxException e) {
+ throw new CadiException(e);
+ }
+ }
+
+ mep = new MgmtEndpoint();
+ mep.setName(name);
+ mep.setPort(port);
- try {
- String hostnameToRegister = access.getProperty(Config.AAF_REGISTER_AS, null);
- if(hostnameToRegister==null) {
- hostnameToRegister = access.getProperty(Config.HOSTNAME, null);
- }
- if(hostnameToRegister==null) {
- hostnameToRegister = Inet4Address.getLocalHost().getHostName();
- }
- mep.setHostname(hostnameToRegister);
-
- String latitude = access.getProperty(Config.CADI_LATITUDE, null);
- if(latitude==null) {
- latitude = access.getProperty("AFT_LATITUDE", null);
- }
- String longitude = access.getProperty(Config.CADI_LONGITUDE, null);
- if(longitude==null) {
- longitude = access.getProperty("AFT_LONGITUDE", null);
- }
- if(latitude==null || longitude==null) {
- throw new CadiException(Config.CADI_LATITUDE + " and " + Config.CADI_LONGITUDE + " is required");
- } else {
- mep.setLatitude(Float.parseFloat(latitude));
- mep.setLongitude(Float.parseFloat(longitude));
- }
- String split[] = Split.split('.', version);
- mep.setPkg(split.length>3?Integer.parseInt(split[3]):0);
- mep.setPatch(split.length>2?Integer.parseInt(split[2]):0);
- mep.setMinor(split.length>1?Integer.parseInt(split[1]):0);
- mep.setMajor(split.length>0?Integer.parseInt(split[0]):0);
-
- String subprotocols = access.getProperty(Config.CADI_PROTOCOLS, null);
- if(subprotocols==null) {
- mep.setProtocol("http");
- } else {
- mep.setProtocol("https");
- for(String s : Split.split(',', subprotocols)) {
- mep.getSubprotocol().add(s);
- }
- }
- } catch (NumberFormatException | UnknownHostException e) {
- throw new CadiException("Error extracting Data from Properties for Registrar",e);
- }
- meps = new MgmtEndpoints();
- meps.getMgmtEndpoint().add(mep);
- for(RemoteRegistrant<ENV> rr : others) {
- meps.getMgmtEndpoint().add(rr.mep);
- }
- }
-
- @Override
- public Result<Void> update(ENV env) {
- try {
- Rcli<?> client = aafcon.client(locator);
- try {
- Future<MgmtEndpoints> fup = client.update("/registration",mgmtEndpointsDF,meps);
- if(fup.get(timeout)) {
- access.log(Level.INFO, "Registration complete to",client.getURI());
- return Result.ok(fup.code(),null);
- } else {
- access.log(Level.ERROR,"Error registering to AAF Locator on ", client.getURI());
- return Result.err(fup.code(),fup.body());
- }
- } catch (APIException e) {
- access.log(e, "Error registering service to AAF Locator");
- return Result.err(503,e.getMessage());
- }
-
- } catch (CadiException e) {
- return Result.err(503,e.getMessage());
- }
- }
+ try {
+ String hostnameToRegister = access.getProperty(Config.AAF_REGISTER_AS, null);
+ if(hostnameToRegister==null) {
+ hostnameToRegister = access.getProperty(Config.HOSTNAME, null);
+ }
+ if(hostnameToRegister==null) {
+ hostnameToRegister = Inet4Address.getLocalHost().getHostName();
+ }
+ mep.setHostname(hostnameToRegister);
+
+ String latitude = access.getProperty(Config.CADI_LATITUDE, null);
+ if(latitude==null) {
+ latitude = access.getProperty("AFT_LATITUDE", null);
+ }
+ String longitude = access.getProperty(Config.CADI_LONGITUDE, null);
+ if(longitude==null) {
+ longitude = access.getProperty("AFT_LONGITUDE", null);
+ }
+ if(latitude==null || longitude==null) {
+ throw new CadiException(Config.CADI_LATITUDE + " and " + Config.CADI_LONGITUDE + " is required");
+ } else {
+ mep.setLatitude(Float.parseFloat(latitude));
+ mep.setLongitude(Float.parseFloat(longitude));
+ }
+ String split[] = Split.split('.', version);
+ mep.setPkg(split.length>3?Integer.parseInt(split[3]):0);
+ mep.setPatch(split.length>2?Integer.parseInt(split[2]):0);
+ mep.setMinor(split.length>1?Integer.parseInt(split[1]):0);
+ mep.setMajor(split.length>0?Integer.parseInt(split[0]):0);
+
+ String subprotocols = access.getProperty(Config.CADI_PROTOCOLS, null);
+ if(subprotocols==null) {
+ mep.setProtocol("http");
+ } else {
+ mep.setProtocol("https");
+ for(String s : Split.split(',', subprotocols)) {
+ mep.getSubprotocol().add(s);
+ }
+ }
+ } catch (NumberFormatException | UnknownHostException e) {
+ throw new CadiException("Error extracting Data from Properties for Registrar",e);
+ }
+ meps = new MgmtEndpoints();
+ meps.getMgmtEndpoint().add(mep);
+ for(RemoteRegistrant<ENV> rr : others) {
+ meps.getMgmtEndpoint().add(rr.mep);
+ }
+ }
+
+ @Override
+ public Result<Void> update(ENV env) {
+ try {
+ Rcli<?> client = aafcon.client(locator);
+ try {
+ Future<MgmtEndpoints> fup = client.update("/registration",mgmtEndpointsDF,meps);
+ if(fup.get(timeout)) {
+ access.log(Level.INFO, "Registration complete to",client.getURI());
+ return Result.ok(fup.code(),null);
+ } else {
+ access.log(Level.ERROR,"Error registering to AAF Locator on ", client.getURI());
+ return Result.err(fup.code(),fup.body());
+ }
+ } catch (APIException e) {
+ access.log(e, "Error registering service to AAF Locator");
+ return Result.err(503,e.getMessage());
+ }
+
+ } catch (CadiException e) {
+ return Result.err(503,e.getMessage());
+ }
+ }
- @Override
- public Result<Void> cancel(ENV env) {
- try {
- Rcli<?> client = aafcon.client(locator);
- try {
- Future<MgmtEndpoints> fup = client.delete("/registration",mgmtEndpointsDF,meps);
- if(fup.get(timeout)) {
- access.log(Level.INFO, "Deregistration complete on",client.getURI());
- return Result.ok(fup.code(),null);
- } else {
- return Result.err(fup.code(),fup.body());
- }
- } catch (APIException e) {
- access.log(e, "Error deregistering service on AAF Locator");
- return Result.err(503,e.getMessage());
- }
-
- } catch (CadiException e) {
- return Result.err(503,e.getMessage());
- }
- }
+ @Override
+ public Result<Void> cancel(ENV env) {
+ try {
+ Rcli<?> client = aafcon.client(locator);
+ try {
+ Future<MgmtEndpoints> fup = client.delete("/registration",mgmtEndpointsDF,meps);
+ if(fup.get(timeout)) {
+ access.log(Level.INFO, "Deregistration complete on",client.getURI());
+ return Result.ok(fup.code(),null);
+ } else {
+ return Result.err(fup.code(),fup.body());
+ }
+ } catch (APIException e) {
+ access.log(e, "Error deregistering service on AAF Locator");
+ return Result.err(503,e.getMessage());
+ }
+
+ } catch (CadiException e) {
+ return Result.err(503,e.getMessage());
+ }
+ }
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java
index 41931976..77be3449 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java
@@ -45,449 +45,449 @@ import org.onap.aaf.cadi.util.SubStandardConsole;
import org.onap.aaf.cadi.util.TheConsole;
public class AAFSSO {
- public static final MyConsole cons = TheConsole.implemented() ? new TheConsole() : new SubStandardConsole();
-// private static final int EIGHT_HOURS = 8 * 60 * 60 * 1000;
+ public static final MyConsole cons = TheConsole.implemented() ? new TheConsole() : new SubStandardConsole();
+// private static final int EIGHT_HOURS = 8 * 60 * 60 * 1000;
- private Properties diskprops;
- private boolean touchDiskprops;
- private File dot_aaf = null;
- private File sso = null; // instantiated, if ever, with diskprops
+ private Properties diskprops;
+ private boolean touchDiskprops;
+ private File dot_aaf = null;
+ private File sso = null; // instantiated, if ever, with diskprops
- boolean removeSSO = false;
- boolean loginOnly = false;
- boolean doExit = true;
- private PropAccess access;
- private StringBuilder err;
- private String user;
- private String encrypted_pass;
- private boolean use_X509;
+ boolean removeSSO = false;
+ boolean loginOnly = false;
+ boolean doExit = true;
+ private PropAccess access;
+ private StringBuilder err;
+ private String user;
+ private String encrypted_pass;
+ private boolean use_X509;
- private PrintStream os;
+ private PrintStream os;
- private Method close;
- private final PrintStream stdOutOrig;
- private final PrintStream stdErrOrig;
- private boolean ok;
+ private Method close;
+ private final PrintStream stdOutOrig;
+ private final PrintStream stdErrOrig;
+ private boolean ok;
- public AAFSSO(String[] args) throws IOException, CadiException {
- this(args,new Properties());
- }
-
- public AAFSSO(String[] args, ProcessArgs pa) throws IOException, CadiException {
- this(args,pa.process(args, new Properties()));
- }
+ public AAFSSO(String[] args) throws IOException, CadiException {
+ this(args,new Properties());
+ }
+
+ public AAFSSO(String[] args, ProcessArgs pa) throws IOException, CadiException {
+ this(args,pa.process(args, new Properties()));
+ }
- public AAFSSO(String[] args, Properties dp) throws IOException, CadiException {
- stdOutOrig = System.out;
- stdErrOrig = System.err;
- ok = true;
- List<String> nargs = parseArgs(args);
- diskprops = dp;
- touchDiskprops = false;
+ public AAFSSO(String[] args, Properties dp) throws IOException, CadiException {
+ stdOutOrig = System.out;
+ stdErrOrig = System.err;
+ ok = true;
+ List<String> nargs = parseArgs(args);
+ diskprops = dp;
+ touchDiskprops = false;
- dot_aaf = new File(System.getProperty("user.home") + "/.aaf");
- if (!dot_aaf.exists()) {
- dot_aaf.mkdirs();
- }
- File f = new File(dot_aaf, "sso.out");
- os = new PrintStream(new FileOutputStream(f, true));
- //System.setOut(os);
- System.setErr(os);
+ dot_aaf = new File(System.getProperty("user.home") + "/.aaf");
+ if (!dot_aaf.exists()) {
+ dot_aaf.mkdirs();
+ }
+ File f = new File(dot_aaf, "sso.out");
+ os = new PrintStream(new FileOutputStream(f, true));
+ //System.setOut(os);
+ System.setErr(os);
- sso = new File(dot_aaf, "sso.props");
- if(sso.exists()) {
- InputStream propStream = new FileInputStream(sso);
- try {
- diskprops.load(propStream);
- } finally {
- propStream.close();
- }
- }
-
- File dot_aaf_kf = new File(dot_aaf, "keyfile");
+ sso = new File(dot_aaf, "sso.props");
+ if(sso.exists()) {
+ InputStream propStream = new FileInputStream(sso);
+ try {
+ diskprops.load(propStream);
+ } finally {
+ propStream.close();
+ }
+ }
+
+ File dot_aaf_kf = new File(dot_aaf, "keyfile");
- if (removeSSO) {
- if (dot_aaf_kf.exists()) {
- dot_aaf_kf.setWritable(true, true);
- dot_aaf_kf.delete();
- }
- if (sso.exists()) {
- Properties temp = new Properties();
- // Keep only these
- for(Entry<Object, Object> es : diskprops.entrySet()) {
- if(Config.CADI_LATITUDE.equals(es.getKey()) ||
- Config.CADI_LONGITUDE.equals(es.getKey()) ||
- Config.AAF_DEFAULT_REALM.equals(es.getKey())) {
- temp.setProperty(es.getKey().toString(), es.getValue().toString());
- }
- }
- diskprops = temp;
- touchDiskprops = true;
- }
- String[] naargs = new String[nargs.size()];
- nargs.toArray(naargs);
- access = new PropAccess(os, naargs);
- ok = false;
- setLogDefault();
- System.out.println("AAF SSO information removed");
- } else {
- // Config.setDefaultRealm(access);
-
- if (!dot_aaf_kf.exists()) {
- FileOutputStream fos = new FileOutputStream(dot_aaf_kf);
- try {
- fos.write(Symm.keygen());
- setReadonly(dot_aaf_kf);
- } finally {
- fos.close();
- }
- }
+ if (removeSSO) {
+ if (dot_aaf_kf.exists()) {
+ dot_aaf_kf.setWritable(true, true);
+ dot_aaf_kf.delete();
+ }
+ if (sso.exists()) {
+ Properties temp = new Properties();
+ // Keep only these
+ for(Entry<Object, Object> es : diskprops.entrySet()) {
+ if(Config.CADI_LATITUDE.equals(es.getKey()) ||
+ Config.CADI_LONGITUDE.equals(es.getKey()) ||
+ Config.AAF_DEFAULT_REALM.equals(es.getKey())) {
+ temp.setProperty(es.getKey().toString(), es.getValue().toString());
+ }
+ }
+ diskprops = temp;
+ touchDiskprops = true;
+ }
+ String[] naargs = new String[nargs.size()];
+ nargs.toArray(naargs);
+ access = new PropAccess(os, naargs);
+ ok = false;
+ setLogDefault();
+ System.out.println("AAF SSO information removed");
+ } else {
+ // Config.setDefaultRealm(access);
+
+ if (!dot_aaf_kf.exists()) {
+ FileOutputStream fos = new FileOutputStream(dot_aaf_kf);
+ try {
+ fos.write(Symm.keygen());
+ setReadonly(dot_aaf_kf);
+ } finally {
+ fos.close();
+ }
+ }
- for(Entry<Object, Object> es : diskprops.entrySet()) {
- nargs.add(es.getKey().toString() + '=' + es.getValue().toString());
- }
- String[] naargs = new String[nargs.size()];
- nargs.toArray(naargs);
- access = new PropAccess(os, naargs);
-
- if(loginOnly) {
- for(String tag : new String[] {Config.AAF_APPID, Config.AAF_APPPASS,
- Config.CADI_ALIAS, Config.CADI_KEYSTORE,Config.CADI_KEYSTORE_PASSWORD,Config.CADI_KEY_PASSWORD}) {
- access.getProperties().remove(tag);
- diskprops.remove(tag);
- }
- touchDiskprops=true;
+ for(Entry<Object, Object> es : diskprops.entrySet()) {
+ nargs.add(es.getKey().toString() + '=' + es.getValue().toString());
+ }
+ String[] naargs = new String[nargs.size()];
+ nargs.toArray(naargs);
+ access = new PropAccess(os, naargs);
+
+ if(loginOnly) {
+ for(String tag : new String[] {Config.AAF_APPID, Config.AAF_APPPASS,
+ Config.CADI_ALIAS, Config.CADI_KEYSTORE,Config.CADI_KEYSTORE_PASSWORD,Config.CADI_KEY_PASSWORD}) {
+ access.getProperties().remove(tag);
+ diskprops.remove(tag);
+ }
+ touchDiskprops=true;
// TODO Do we want to require reset of Passwords at least every Eight Hours.
-// } else if (sso.lastModified() > (System.currentTimeMillis() - EIGHT_HOURS)) {
-// for(String tag : new String[] {Config.AAF_APPPASS,Config.CADI_KEYSTORE_PASSWORD,Config.CADI_KEY_PASSWORD}) {
-// access.getProperties().remove(tag);
-// diskprops.remove(tag);
-// }
-// touchDiskprops=true;
- }
-
- String keyfile = access.getProperty(Config.CADI_KEYFILE); // in case its CertificateMan props
- if (keyfile == null) {
- access.setProperty(Config.CADI_KEYFILE, dot_aaf_kf.getAbsolutePath());
- addProp(Config.CADI_KEYFILE,dot_aaf_kf.getAbsolutePath());
- }
-
-
- String alias, appID;
- alias = access.getProperty(Config.CADI_ALIAS);
- if(alias==null) {
- appID = access.getProperty(Config.AAF_APPID);
- user=appID;
- } else {
- user=alias;
- appID=null;
- }
-
- if(appID!=null && access.getProperty(Config.AAF_APPPASS)==null) {
- char[] password = cons.readPassword("Password for %s: ", appID);
- String app_pass = access.encrypt(new String(password));
- access.setProperty(Config.AAF_APPPASS,app_pass);
- diskprops.setProperty(Config.AAF_APPPASS, app_pass);
- }
-
- String keystore=access.getProperty(Config.CADI_KEYSTORE);
- String keystore_pass=access.getProperty(Config.CADI_KEYSTORE_PASSWORD);
-
- if(user==null || (alias!=null && (keystore==null || keystore_pass==null))) {
- String select = null;
- String name;
- for (File tsf : dot_aaf.listFiles()) {
- name = tsf.getName();
- if (!name.contains("trust") && (name.endsWith(".jks") || name.endsWith(".p12"))) {
- setLogDefault();
- select = cons.readLine("Use %s for Identity? (y/n): ",tsf.getName());
- if("y".equalsIgnoreCase(select)) {
- keystore = tsf.getCanonicalPath();
- access.setProperty(Config.CADI_KEYSTORE, keystore);
- addProp(Config.CADI_KEYSTORE, keystore);
- char[] password = cons.readPassword("Keystore Password: ");
- encrypted_pass= access.encrypt(new String(password));
- access.setProperty(Config.CADI_KEYSTORE_PASSWORD, encrypted_pass);
- addProp(Config.CADI_KEYSTORE_PASSWORD, encrypted_pass);
-
- // TODO READ Aliases out of Keystore?
- user = alias = cons.readLine("Keystore alias: ");
- access.setProperty(Config.CADI_ALIAS, user);
- addProp(Config.CADI_ALIAS, user);
- break;
- }
- }
- }
- if(alias==null) {
- user = appID = cons.readLine(Config.AAF_APPID + ": ");
- access.setProperty(Config.AAF_APPID, appID);
- addProp(Config.AAF_APPID, appID);
- char[] password = cons.readPassword(Config.AAF_APPPASS + ": ");
- encrypted_pass= access.encrypt(new String(password));
- access.setProperty(Config.AAF_APPPASS, encrypted_pass);
- addProp(Config.AAF_APPPASS, encrypted_pass);
- }
- } else {
- encrypted_pass = access.getProperty(Config.CADI_KEYSTORE_PASSWORD);
- if(encrypted_pass == null) {
- keystore_pass = null;
- encrypted_pass = access.getProperty(Config.AAF_APPPASS);
- } else {
- keystore_pass = encrypted_pass;
- }
- }
-
-
- if (alias!=null) {
- use_X509 = true;
- } else {
- use_X509 = false;
- Symm decryptor = Symm.obtain(dot_aaf_kf);
- if (user == null) {
- if (sso.exists()) {
- String cm_url = access.getProperty(Config.CM_URL); // SSO might overwrite...
- FileInputStream fos = new FileInputStream(sso);
- try {
- access.load(fos);
- user = access.getProperty(Config.AAF_APPID);
- encrypted_pass = access.getProperty(Config.AAF_APPPASS);
- // decrypt with .aaf, and re-encrypt with regular Keyfile
- access.setProperty(Config.AAF_APPPASS,
- access.encrypt(decryptor.depass(encrypted_pass)));
- if (cm_url != null) { //Command line CM_URL Overwrites ssofile.
- access.setProperty(Config.CM_URL, cm_url);
- }
- } finally {
- fos.close();
- }
- } else {
- diskprops = new Properties();
- String realm = Config.getDefaultRealm();
- // Turn on Console Sysout
- System.setOut(System.out);
- user = cons.readLine("aaf_id(%s@%s): ", System.getProperty("user.name"), realm);
- if (user == null) {
- user = System.getProperty("user.name") + '@' + realm;
- } else if (user.length() == 0) { //
- user = System.getProperty("user.name") + '@' + realm;
- } else if ((user.indexOf('@') < 0) && (realm != null)) {
- user = user + '@' + realm;
- }
- access.setProperty(Config.AAF_APPID, user);
- diskprops.setProperty(Config.AAF_APPID, user);
- encrypted_pass = new String(cons.readPassword("aaf_password: "));
- System.setOut(os);
- encrypted_pass = Symm.ENC + decryptor.enpass(encrypted_pass);
- access.setProperty(Config.AAF_APPPASS, encrypted_pass);
- diskprops.setProperty(Config.AAF_APPPASS, encrypted_pass);
- diskprops.setProperty(Config.CADI_KEYFILE, access.getProperty(Config.CADI_KEYFILE));
- }
- }
- }
- if (user == null) {
- err = new StringBuilder("Add -D" + Config.AAF_APPID + "=<id> ");
- }
-
- if (encrypted_pass == null && alias == null) {
- if (err == null) {
- err = new StringBuilder();
- } else {
- err.append("and ");
- }
- err.append("-D" + Config.AAF_APPPASS + "=<passwd> ");
- }
-
- String locateUrl = access.getProperty(Config.AAF_LOCATE_URL);
- if(locateUrl==null) {
- locateUrl=AAFSSO.cons.readLine("AAF Locator URL=https://");
- if(locateUrl==null || locateUrl.length()==0) {
- err = new StringBuilder(Config.AAF_LOCATE_URL);
- err.append(" is required.");
- ok = false;
- return;
- } else {
- locateUrl="https://"+locateUrl;
- }
- access.setProperty(Config.AAF_LOCATE_URL, locateUrl);
- addProp(Config.AAF_LOCATE_URL, locateUrl);
- }
-
- access.setProperty(Config.AAF_URL, Defaults.AAF_URL);
- access.setProperty(Config.CM_URL, Defaults.CM_URL);
- String cadiLatitude = access.getProperty(Config.CADI_LATITUDE);
- if(cadiLatitude==null) {
- System.out.println("# If you do not know your Global Coordinates, we suggest bing.com/maps");
- cadiLatitude=AAFSSO.cons.readLine("cadi_latitude[0.000]=");
- if(cadiLatitude==null || cadiLatitude.isEmpty()) {
- cadiLatitude="0.000";
- }
- access.setProperty(Config.CADI_LATITUDE, cadiLatitude);
- addProp(Config.CADI_LATITUDE, cadiLatitude);
-
- }
- String cadiLongitude = access.getProperty(Config.CADI_LONGITUDE);
- if(cadiLongitude==null) {
- cadiLongitude=AAFSSO.cons.readLine("cadi_longitude[0.000]=");
- if(cadiLongitude==null || cadiLongitude.isEmpty()) {
- cadiLongitude="0.000";
- }
- access.setProperty(Config.CADI_LONGITUDE, cadiLongitude);
- addProp(Config.CADI_LONGITUDE, cadiLongitude);
- }
-
- String cadi_truststore = access.getProperty(Config.CADI_TRUSTSTORE);
- if(cadi_truststore==null) {
- String name;
- String select;
- for (File tsf : dot_aaf.listFiles()) {
- name = tsf.getName();
- if (name.contains("trust") &&
- (name.endsWith(".jks") || name.endsWith(".p12"))) {
- select = cons.readLine("Use %s for TrustStore? (y/n):",tsf.getName());
- if("y".equalsIgnoreCase(select)) {
- cadi_truststore=tsf.getCanonicalPath();
- access.setProperty(Config.CADI_TRUSTSTORE, cadi_truststore);
- addProp(Config.CADI_TRUSTSTORE, cadi_truststore);
- break;
- }
- }
- }
- }
- if(cadi_truststore!=null) {
- if(cadi_truststore.indexOf(File.separatorChar)<0) {
- cadi_truststore=dot_aaf.getPath()+File.separator+cadi_truststore;
- }
- String cadi_truststore_password = access.getProperty(Config.CADI_TRUSTSTORE_PASSWORD);
- if(cadi_truststore_password==null) {
- cadi_truststore_password=AAFSSO.cons.readLine("cadi_truststore_password[%s]=","changeit");
- cadi_truststore_password = access.encrypt(cadi_truststore_password);
- access.setProperty(Config.CADI_TRUSTSTORE_PASSWORD, cadi_truststore_password);
- addProp(Config.CADI_TRUSTSTORE_PASSWORD, cadi_truststore_password);
- }
- }
- ok = err==null;
- }
- writeFiles();
- }
+// } else if (sso.lastModified() > (System.currentTimeMillis() - EIGHT_HOURS)) {
+// for(String tag : new String[] {Config.AAF_APPPASS,Config.CADI_KEYSTORE_PASSWORD,Config.CADI_KEY_PASSWORD}) {
+// access.getProperties().remove(tag);
+// diskprops.remove(tag);
+// }
+// touchDiskprops=true;
+ }
+
+ String keyfile = access.getProperty(Config.CADI_KEYFILE); // in case its CertificateMan props
+ if (keyfile == null) {
+ access.setProperty(Config.CADI_KEYFILE, dot_aaf_kf.getAbsolutePath());
+ addProp(Config.CADI_KEYFILE,dot_aaf_kf.getAbsolutePath());
+ }
+
+
+ String alias, appID;
+ alias = access.getProperty(Config.CADI_ALIAS);
+ if(alias==null) {
+ appID = access.getProperty(Config.AAF_APPID);
+ user=appID;
+ } else {
+ user=alias;
+ appID=null;
+ }
+
+ if(appID!=null && access.getProperty(Config.AAF_APPPASS)==null) {
+ char[] password = cons.readPassword("Password for %s: ", appID);
+ String app_pass = access.encrypt(new String(password));
+ access.setProperty(Config.AAF_APPPASS,app_pass);
+ diskprops.setProperty(Config.AAF_APPPASS, app_pass);
+ }
+
+ String keystore=access.getProperty(Config.CADI_KEYSTORE);
+ String keystore_pass=access.getProperty(Config.CADI_KEYSTORE_PASSWORD);
+
+ if(user==null || (alias!=null && (keystore==null || keystore_pass==null))) {
+ String select = null;
+ String name;
+ for (File tsf : dot_aaf.listFiles()) {
+ name = tsf.getName();
+ if (!name.contains("trust") && (name.endsWith(".jks") || name.endsWith(".p12"))) {
+ setLogDefault();
+ select = cons.readLine("Use %s for Identity? (y/n): ",tsf.getName());
+ if("y".equalsIgnoreCase(select)) {
+ keystore = tsf.getCanonicalPath();
+ access.setProperty(Config.CADI_KEYSTORE, keystore);
+ addProp(Config.CADI_KEYSTORE, keystore);
+ char[] password = cons.readPassword("Keystore Password: ");
+ encrypted_pass= access.encrypt(new String(password));
+ access.setProperty(Config.CADI_KEYSTORE_PASSWORD, encrypted_pass);
+ addProp(Config.CADI_KEYSTORE_PASSWORD, encrypted_pass);
+
+ // TODO READ Aliases out of Keystore?
+ user = alias = cons.readLine("Keystore alias: ");
+ access.setProperty(Config.CADI_ALIAS, user);
+ addProp(Config.CADI_ALIAS, user);
+ break;
+ }
+ }
+ }
+ if(alias==null) {
+ user = appID = cons.readLine(Config.AAF_APPID + ": ");
+ access.setProperty(Config.AAF_APPID, appID);
+ addProp(Config.AAF_APPID, appID);
+ char[] password = cons.readPassword(Config.AAF_APPPASS + ": ");
+ encrypted_pass= access.encrypt(new String(password));
+ access.setProperty(Config.AAF_APPPASS, encrypted_pass);
+ addProp(Config.AAF_APPPASS, encrypted_pass);
+ }
+ } else {
+ encrypted_pass = access.getProperty(Config.CADI_KEYSTORE_PASSWORD);
+ if(encrypted_pass == null) {
+ keystore_pass = null;
+ encrypted_pass = access.getProperty(Config.AAF_APPPASS);
+ } else {
+ keystore_pass = encrypted_pass;
+ }
+ }
+
+
+ if (alias!=null) {
+ use_X509 = true;
+ } else {
+ use_X509 = false;
+ Symm decryptor = Symm.obtain(dot_aaf_kf);
+ if (user == null) {
+ if (sso.exists()) {
+ String cm_url = access.getProperty(Config.CM_URL); // SSO might overwrite...
+ FileInputStream fos = new FileInputStream(sso);
+ try {
+ access.load(fos);
+ user = access.getProperty(Config.AAF_APPID);
+ encrypted_pass = access.getProperty(Config.AAF_APPPASS);
+ // decrypt with .aaf, and re-encrypt with regular Keyfile
+ access.setProperty(Config.AAF_APPPASS,
+ access.encrypt(decryptor.depass(encrypted_pass)));
+ if (cm_url != null) { //Command line CM_URL Overwrites ssofile.
+ access.setProperty(Config.CM_URL, cm_url);
+ }
+ } finally {
+ fos.close();
+ }
+ } else {
+ diskprops = new Properties();
+ String realm = Config.getDefaultRealm();
+ // Turn on Console Sysout
+ System.setOut(System.out);
+ user = cons.readLine("aaf_id(%s@%s): ", System.getProperty("user.name"), realm);
+ if (user == null) {
+ user = System.getProperty("user.name") + '@' + realm;
+ } else if (user.length() == 0) { //
+ user = System.getProperty("user.name") + '@' + realm;
+ } else if ((user.indexOf('@') < 0) && (realm != null)) {
+ user = user + '@' + realm;
+ }
+ access.setProperty(Config.AAF_APPID, user);
+ diskprops.setProperty(Config.AAF_APPID, user);
+ encrypted_pass = new String(cons.readPassword("aaf_password: "));
+ System.setOut(os);
+ encrypted_pass = Symm.ENC + decryptor.enpass(encrypted_pass);
+ access.setProperty(Config.AAF_APPPASS, encrypted_pass);
+ diskprops.setProperty(Config.AAF_APPPASS, encrypted_pass);
+ diskprops.setProperty(Config.CADI_KEYFILE, access.getProperty(Config.CADI_KEYFILE));
+ }
+ }
+ }
+ if (user == null) {
+ err = new StringBuilder("Add -D" + Config.AAF_APPID + "=<id> ");
+ }
+
+ if (encrypted_pass == null && alias == null) {
+ if (err == null) {
+ err = new StringBuilder();
+ } else {
+ err.append("and ");
+ }
+ err.append("-D" + Config.AAF_APPPASS + "=<passwd> ");
+ }
+
+ String locateUrl = access.getProperty(Config.AAF_LOCATE_URL);
+ if(locateUrl==null) {
+ locateUrl=AAFSSO.cons.readLine("AAF Locator URL=https://");
+ if(locateUrl==null || locateUrl.length()==0) {
+ err = new StringBuilder(Config.AAF_LOCATE_URL);
+ err.append(" is required.");
+ ok = false;
+ return;
+ } else {
+ locateUrl="https://"+locateUrl;
+ }
+ access.setProperty(Config.AAF_LOCATE_URL, locateUrl);
+ addProp(Config.AAF_LOCATE_URL, locateUrl);
+ }
+
+ access.setProperty(Config.AAF_URL, Defaults.AAF_URL);
+ access.setProperty(Config.CM_URL, Defaults.CM_URL);
+ String cadiLatitude = access.getProperty(Config.CADI_LATITUDE);
+ if(cadiLatitude==null) {
+ System.out.println("# If you do not know your Global Coordinates, we suggest bing.com/maps");
+ cadiLatitude=AAFSSO.cons.readLine("cadi_latitude[0.000]=");
+ if(cadiLatitude==null || cadiLatitude.isEmpty()) {
+ cadiLatitude="0.000";
+ }
+ access.setProperty(Config.CADI_LATITUDE, cadiLatitude);
+ addProp(Config.CADI_LATITUDE, cadiLatitude);
+
+ }
+ String cadiLongitude = access.getProperty(Config.CADI_LONGITUDE);
+ if(cadiLongitude==null) {
+ cadiLongitude=AAFSSO.cons.readLine("cadi_longitude[0.000]=");
+ if(cadiLongitude==null || cadiLongitude.isEmpty()) {
+ cadiLongitude="0.000";
+ }
+ access.setProperty(Config.CADI_LONGITUDE, cadiLongitude);
+ addProp(Config.CADI_LONGITUDE, cadiLongitude);
+ }
+
+ String cadi_truststore = access.getProperty(Config.CADI_TRUSTSTORE);
+ if(cadi_truststore==null) {
+ String name;
+ String select;
+ for (File tsf : dot_aaf.listFiles()) {
+ name = tsf.getName();
+ if (name.contains("trust") &&
+ (name.endsWith(".jks") || name.endsWith(".p12"))) {
+ select = cons.readLine("Use %s for TrustStore? (y/n):",tsf.getName());
+ if("y".equalsIgnoreCase(select)) {
+ cadi_truststore=tsf.getCanonicalPath();
+ access.setProperty(Config.CADI_TRUSTSTORE, cadi_truststore);
+ addProp(Config.CADI_TRUSTSTORE, cadi_truststore);
+ break;
+ }
+ }
+ }
+ }
+ if(cadi_truststore!=null) {
+ if(cadi_truststore.indexOf(File.separatorChar)<0) {
+ cadi_truststore=dot_aaf.getPath()+File.separator+cadi_truststore;
+ }
+ String cadi_truststore_password = access.getProperty(Config.CADI_TRUSTSTORE_PASSWORD);
+ if(cadi_truststore_password==null) {
+ cadi_truststore_password=AAFSSO.cons.readLine("cadi_truststore_password[%s]=","changeit");
+ cadi_truststore_password = access.encrypt(cadi_truststore_password);
+ access.setProperty(Config.CADI_TRUSTSTORE_PASSWORD, cadi_truststore_password);
+ addProp(Config.CADI_TRUSTSTORE_PASSWORD, cadi_truststore_password);
+ }
+ }
+ ok = err==null;
+ }
+ writeFiles();
+ }
- public void setLogDefault() {
- this.setLogDefault(PropAccess.DEFAULT);
- System.setOut(stdOutOrig);
- }
+ public void setLogDefault() {
+ this.setLogDefault(PropAccess.DEFAULT);
+ System.setOut(stdOutOrig);
+ }
- public void setStdErrDefault() {
- access.setLogLevel(PropAccess.DEFAULT);
- System.setErr(stdErrOrig);
- }
+ public void setStdErrDefault() {
+ access.setLogLevel(PropAccess.DEFAULT);
+ System.setErr(stdErrOrig);
+ }
- public void setLogDefault(Level level) {
- if(access!=null) {
- access.setLogLevel(level);
- }
- System.setOut(stdOutOrig);
- }
+ public void setLogDefault(Level level) {
+ if(access!=null) {
+ access.setLogLevel(level);
+ }
+ System.setOut(stdOutOrig);
+ }
- public boolean loginOnly() {
- return loginOnly;
- }
+ public boolean loginOnly() {
+ return loginOnly;
+ }
- public void addProp(String key, String value) {
- if(key==null || value==null) {
- return;
- }
- touchDiskprops=true;
- diskprops.setProperty(key, value);
- }
+ public void addProp(String key, String value) {
+ if(key==null || value==null) {
+ return;
+ }
+ touchDiskprops=true;
+ diskprops.setProperty(key, value);
+ }
- public void writeFiles() throws IOException {
- if(touchDiskprops) {
- // Store Creds, if they work
- if (diskprops != null) {
- if (!dot_aaf.exists()) {
- dot_aaf.mkdirs();
- }
- FileOutputStream fos = new FileOutputStream(sso);
- try {
- diskprops.store(fos, "AAF Single Signon");
- } finally {
- fos.close();
- setReadonly(sso);
- }
- }
- if (sso != null) {
- setReadonly(sso);
- sso.setWritable(true, true);
- }
- }
- }
+ public void writeFiles() throws IOException {
+ if(touchDiskprops) {
+ // Store Creds, if they work
+ if (diskprops != null) {
+ if (!dot_aaf.exists()) {
+ dot_aaf.mkdirs();
+ }
+ FileOutputStream fos = new FileOutputStream(sso);
+ try {
+ diskprops.store(fos, "AAF Single Signon");
+ } finally {
+ fos.close();
+ setReadonly(sso);
+ }
+ }
+ if (sso != null) {
+ setReadonly(sso);
+ sso.setWritable(true, true);
+ }
+ }
+ }
- public PropAccess access() {
- return access;
- }
+ public PropAccess access() {
+ return access;
+ }
- public StringBuilder err() {
- return err;
- }
+ public StringBuilder err() {
+ return err;
+ }
- public String user() {
- return user;
- }
+ public String user() {
+ return user;
+ }
- public String enc_pass() {
- return encrypted_pass;
- }
+ public String enc_pass() {
+ return encrypted_pass;
+ }
- public boolean useX509() {
- return use_X509;
- }
+ public boolean useX509() {
+ return use_X509;
+ }
- public void close() {
- if (close != null) {
- try {
- close.invoke(null);
- } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
- // nothing to do here.
- }
- close = null;
- }
- }
+ public void close() {
+ if (close != null) {
+ try {
+ close.invoke(null);
+ } catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
+ // nothing to do here.
+ }
+ close = null;
+ }
+ }
- private List<String> parseArgs(String[] args)
- {
- List<String> larg = new ArrayList<>(args.length);
+ private List<String> parseArgs(String[] args)
+ {
+ List<String> larg = new ArrayList<>(args.length);
- // Cover for bash's need to escape *.. (\\*)
- // also, remove SSO if required
- for (int i = 0; i < args.length; ++i) {
- if ("\\*".equals(args[i])) {
- args[i] = "*";
- }
+ // Cover for bash's need to escape *.. (\\*)
+ // also, remove SSO if required
+ for (int i = 0; i < args.length; ++i) {
+ if ("\\*".equals(args[i])) {
+ args[i] = "*";
+ }
- if ("-logout".equalsIgnoreCase(args[i])) {
- removeSSO = true;
- } else if ("-login".equalsIgnoreCase(args[i])) {
- loginOnly = true;
- } else if ("-noexit".equalsIgnoreCase(args[i])) {
- doExit = false;
- } else {
- larg.add(args[i]);
- }
- }
- return larg;
- }
-
- private void setReadonly(File file) {
- file.setExecutable(false, false);
- file.setWritable(false, false);
- file.setReadable(false, false);
- file.setReadable(true, true);
- }
+ if ("-logout".equalsIgnoreCase(args[i])) {
+ removeSSO = true;
+ } else if ("-login".equalsIgnoreCase(args[i])) {
+ loginOnly = true;
+ } else if ("-noexit".equalsIgnoreCase(args[i])) {
+ doExit = false;
+ } else {
+ larg.add(args[i]);
+ }
+ }
+ return larg;
+ }
+
+ private void setReadonly(File file) {
+ file.setExecutable(false, false);
+ file.setWritable(false, false);
+ file.setReadable(false, false);
+ file.setReadable(true, true);
+ }
- public boolean ok() {
- return ok;
- }
-
- public static interface ProcessArgs {
- public Properties process(final String[] args, final Properties props);
- }
+ public boolean ok() {
+ return ok;
+ }
+
+ public static interface ProcessArgs {
+ public Properties process(final String[] args, final Properties props);
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java
index f2d91b02..1d1c6163 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java
@@ -59,119 +59,119 @@ import aaf.v2_0.Users.User;
public class JU_AAFListedCertIdentity {
- @Mock private AAFCon<?> conMock;
- @Mock private Rcli<Object> rcliMock;
- @Mock private RosettaDF<Users> userDFMock;
- @Mock private RosettaDF<Certs> certDFMock;
- @Mock private Future<Users> futureUsersMock;
- @Mock private Future<Certs> futureCertsMock;
-
- @Mock private Users usersMock;
- @Mock private User userMock1;
- @Mock private User userMock2;
- @Mock private User userMock3;
-
- @Mock private Certs certsMock;
- @Mock private Cert certMock1;
- @Mock private Cert certMock2;
- @Mock private Cert certMock3;
-
- @Mock private HttpServletRequest reqMock;
- @Mock private X509Certificate x509Mock;
-
- private List<User> usersList;
- private List<Cert> certsList;
-
- private PropAccess access;
-
- private ByteArrayOutputStream outStream;
-
- private static final String USERS = "user1,user2,user3";
- private static final String ID = "id";
- private static final String FINGERPRINT = "fingerprint";
-
- private static final byte[] certBytes = "certificate".getBytes();
-
- @Before
- public void setup() throws IllegalArgumentException, IllegalAccessException, NoSuchFieldException, SecurityException {
- MockitoAnnotations.initMocks(this);
-
- certsList = new ArrayList<>();
- certsList.add(certMock1);
- certsList.add(certMock2);
- certsList.add(certMock3);
-
- usersList = new ArrayList<>();
- usersList.add(userMock1);
- usersList.add(userMock2);
- usersList.add(userMock3);
-
- outStream = new ByteArrayOutputStream();
- access = new PropAccess(new PrintStream(outStream), new String[0]);
- outStream.reset();
- access.setProperty(Config.AAF_CERT_IDS, USERS);
- setFinal(conMock, conMock.getClass().getField("usersDF"), userDFMock);
- setFinal(conMock, conMock.getClass().getField("certsDF"), certDFMock);
- setFinal(conMock, conMock.getClass().getField("access"), access);
- }
-
- @Test
- public void test() throws APIException, CadiException, CertificateException {
- doReturn(rcliMock).when(conMock).client(Config.AAF_DEFAULT_VERSION);
- when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/tguard/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock);
- when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/basicAuth/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock);
- when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/csp/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock);
-
- when(futureUsersMock.get(5000)).thenReturn(true);
- futureUsersMock.value = usersMock;
- when(usersMock.getUser()).thenReturn(usersList);
-
- when(rcliMock.read("/authn/cert/id/user1", Certs.class, conMock.certsDF)).thenReturn(futureCertsMock);
- when(rcliMock.read("/authn/cert/id/user2", Certs.class, conMock.certsDF)).thenReturn(futureCertsMock);
- when(rcliMock.read("/authn/cert/id/user3", Certs.class, conMock.certsDF)).thenReturn(futureCertsMock);
-
- when(futureCertsMock.get(5000)).thenReturn(true);
- futureCertsMock.value = certsMock;
- when(certsMock.getCert()).thenReturn(certsList);
-
- when(userMock1.getId()).thenReturn("user1");
- when(userMock2.getId()).thenReturn("user2");
- when(userMock3.getId()).thenReturn("user3");
-
- prepareCert(certMock1);
- prepareCert(certMock2);
- prepareCert(certMock3);
-
- AAFListedCertIdentity certID = new AAFListedCertIdentity(access, conMock);
-
- when(x509Mock.getEncoded()).thenReturn(certBytes);
- certID.identity(reqMock, null, null);
- certID.identity(reqMock, null, certBytes);
- certID.identity(reqMock, x509Mock, null);
- certID.identity(reqMock, x509Mock, certBytes);
-
- Set<String> hashSetOfUsers = AAFListedCertIdentity.trusted("basicAuth");
- assertThat(hashSetOfUsers.contains("user1"), is(true));
- assertThat(hashSetOfUsers.contains("user2"), is(true));
- assertThat(hashSetOfUsers.contains("user3"), is(true));
-
- }
-
- private void setFinal(Object object, Field field, Object newValue) throws IllegalArgumentException, IllegalAccessException, NoSuchFieldException, SecurityException {
- field.setAccessible(true);
-
- Field modifiersField = Field.class.getDeclaredField("modifiers");
- modifiersField.setAccessible(true);
- modifiersField.setInt(field, field.getModifiers() & Modifier.FINAL);
-
- field.set(object, newValue);
- }
-
- private void prepareCert(Cert cert) {
- Date date = new Date();
- when(cert.getExpires()).thenReturn(Chrono.timeStamp(new Date(date.getTime() + (60 * 60 * 24))));
- when(cert.getId()).thenReturn(ID);
- when(cert.getFingerprint()).thenReturn(FINGERPRINT.getBytes());
- }
+ @Mock private AAFCon<?> conMock;
+ @Mock private Rcli<Object> rcliMock;
+ @Mock private RosettaDF<Users> userDFMock;
+ @Mock private RosettaDF<Certs> certDFMock;
+ @Mock private Future<Users> futureUsersMock;
+ @Mock private Future<Certs> futureCertsMock;
+
+ @Mock private Users usersMock;
+ @Mock private User userMock1;
+ @Mock private User userMock2;
+ @Mock private User userMock3;
+
+ @Mock private Certs certsMock;
+ @Mock private Cert certMock1;
+ @Mock private Cert certMock2;
+ @Mock private Cert certMock3;
+
+ @Mock private HttpServletRequest reqMock;
+ @Mock private X509Certificate x509Mock;
+
+ private List<User> usersList;
+ private List<Cert> certsList;
+
+ private PropAccess access;
+
+ private ByteArrayOutputStream outStream;
+
+ private static final String USERS = "user1,user2,user3";
+ private static final String ID = "id";
+ private static final String FINGERPRINT = "fingerprint";
+
+ private static final byte[] certBytes = "certificate".getBytes();
+
+ @Before
+ public void setup() throws IllegalArgumentException, IllegalAccessException, NoSuchFieldException, SecurityException {
+ MockitoAnnotations.initMocks(this);
+
+ certsList = new ArrayList<>();
+ certsList.add(certMock1);
+ certsList.add(certMock2);
+ certsList.add(certMock3);
+
+ usersList = new ArrayList<>();
+ usersList.add(userMock1);
+ usersList.add(userMock2);
+ usersList.add(userMock3);
+
+ outStream = new ByteArrayOutputStream();
+ access = new PropAccess(new PrintStream(outStream), new String[0]);
+ outStream.reset();
+ access.setProperty(Config.AAF_CERT_IDS, USERS);
+ setFinal(conMock, conMock.getClass().getField("usersDF"), userDFMock);
+ setFinal(conMock, conMock.getClass().getField("certsDF"), certDFMock);
+ setFinal(conMock, conMock.getClass().getField("access"), access);
+ }
+
+ @Test
+ public void test() throws APIException, CadiException, CertificateException {
+ doReturn(rcliMock).when(conMock).client(Config.AAF_DEFAULT_VERSION);
+ when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/tguard/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock);
+ when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/basicAuth/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock);
+ when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/csp/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock);
+
+ when(futureUsersMock.get(5000)).thenReturn(true);
+ futureUsersMock.value = usersMock;
+ when(usersMock.getUser()).thenReturn(usersList);
+
+ when(rcliMock.read("/authn/cert/id/user1", Certs.class, conMock.certsDF)).thenReturn(futureCertsMock);
+ when(rcliMock.read("/authn/cert/id/user2", Certs.class, conMock.certsDF)).thenReturn(futureCertsMock);
+ when(rcliMock.read("/authn/cert/id/user3", Certs.class, conMock.certsDF)).thenReturn(futureCertsMock);
+
+ when(futureCertsMock.get(5000)).thenReturn(true);
+ futureCertsMock.value = certsMock;
+ when(certsMock.getCert()).thenReturn(certsList);
+
+ when(userMock1.getId()).thenReturn("user1");
+ when(userMock2.getId()).thenReturn("user2");
+ when(userMock3.getId()).thenReturn("user3");
+
+ prepareCert(certMock1);
+ prepareCert(certMock2);
+ prepareCert(certMock3);
+
+ AAFListedCertIdentity certID = new AAFListedCertIdentity(access, conMock);
+
+ when(x509Mock.getEncoded()).thenReturn(certBytes);
+ certID.identity(reqMock, null, null);
+ certID.identity(reqMock, null, certBytes);
+ certID.identity(reqMock, x509Mock, null);
+ certID.identity(reqMock, x509Mock, certBytes);
+
+ Set<String> hashSetOfUsers = AAFListedCertIdentity.trusted("basicAuth");
+ assertThat(hashSetOfUsers.contains("user1"), is(true));
+ assertThat(hashSetOfUsers.contains("user2"), is(true));
+ assertThat(hashSetOfUsers.contains("user3"), is(true));
+
+ }
+
+ private void setFinal(Object object, Field field, Object newValue) throws IllegalArgumentException, IllegalAccessException, NoSuchFieldException, SecurityException {
+ field.setAccessible(true);
+
+ Field modifiersField = Field.class.getDeclaredField("modifiers");
+ modifiersField.setAccessible(true);
+ modifiersField.setInt(field, field.getModifiers() & Modifier.FINAL);
+
+ field.set(object, newValue);
+ }
+
+ private void prepareCert(Cert cert) {
+ Date date = new Date();
+ when(cert.getExpires()).thenReturn(Chrono.timeStamp(new Date(date.getTime() + (60 * 60 * 24))));
+ when(cert.getId()).thenReturn(ID);
+ when(cert.getFingerprint()).thenReturn(FINGERPRINT.getBytes());
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/test/JU_ErrMessageTest.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/test/JU_ErrMessageTest.java
index bb2edfb8..995e3d49 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/test/JU_ErrMessageTest.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/client/test/JU_ErrMessageTest.java
@@ -43,92 +43,92 @@ import org.onap.aaf.misc.rosetta.env.RosettaEnv;
import aaf.v2_0.Error;
public class JU_ErrMessageTest {
-
- @Mock
- private RosettaEnv env;
-
- @Mock(answer=Answers.RETURNS_DEEP_STUBS)
- private RosettaDF<Object> errDF;
+
+ @Mock
+ private RosettaEnv env;
+
+ @Mock(answer=Answers.RETURNS_DEEP_STUBS)
+ private RosettaDF<Object> errDF;
- private ErrMessage errMessage;
+ private ErrMessage errMessage;
- private String attErrJson = "key:value";
-
- private Error error;
+ private String attErrJson = "key:value";
+
+ private Error error;
- private Future<?> future;
+ private Future<?> future;
- private ByteArrayOutputStream errStream;
-
- @Before
- public void setUp() throws Exception {
- MockitoAnnotations.initMocks(this);
-
- when(env.newDataFactory(Error.class)).thenReturn(errDF);
-
- future = new Future<Error>() {
+ private ByteArrayOutputStream errStream;
+
+ @Before
+ public void setUp() throws Exception {
+ MockitoAnnotations.initMocks(this);
+
+ when(env.newDataFactory(Error.class)).thenReturn(errDF);
+
+ future = new Future<Error>() {
- @Override
- public boolean get(int timeout) throws CadiException {
- return false;
- }
+ @Override
+ public boolean get(int timeout) throws CadiException {
+ return false;
+ }
- @Override
- public int code() {
- return 0;
- }
+ @Override
+ public int code() {
+ return 0;
+ }
- @Override
- public String body() {
- return "Body";
- }
+ @Override
+ public String body() {
+ return "Body";
+ }
- @Override
- public String header(String tag) {
- return "header";
- }
- };
-
- error = new Error();
- error.setMessageId("Error Message Id");
- error.setText("Error Text");
- errMessage = new ErrMessage(env);
-
- errStream = new ByteArrayOutputStream();
- }
+ @Override
+ public String header(String tag) {
+ return "header";
+ }
+ };
+
+ error = new Error();
+ error.setMessageId("Error Message Id");
+ error.setText("Error Text");
+ errMessage = new ErrMessage(env);
+
+ errStream = new ByteArrayOutputStream();
+ }
- @Test
- public void testPrintErrMessage() throws APIException {
- when(errDF.newData().in(TYPE.JSON).load(attErrJson).asObject()).thenReturn(error);
-
- errMessage.printErr(new PrintStream(errStream), attErrJson);
- assertEquals("Error Message Id Error Text" + System.lineSeparator(), errStream.toString());
- }
-
- @Test
- public void testToMsgJsonErrAttribute() throws APIException {
- when(errDF.newData().in(TYPE.JSON).load(attErrJson).asObject()).thenReturn(error);
-
- StringBuilder sb = new StringBuilder();
- errMessage.toMsg(sb,attErrJson);
-
- assertEquals(sb.toString(),"Error Message Id Error Text");
- }
-
- @Test
- public void testToMsgFuture() {
- StringBuilder sb = errMessage.toMsg(future);
-
- assertEquals(sb.toString(), "0: Body");
- }
+ @Test
+ public void testPrintErrMessage() throws APIException {
+ when(errDF.newData().in(TYPE.JSON).load(attErrJson).asObject()).thenReturn(error);
+
+ errMessage.printErr(new PrintStream(errStream), attErrJson);
+ assertEquals("Error Message Id Error Text" + System.lineSeparator(), errStream.toString());
+ }
+
+ @Test
+ public void testToMsgJsonErrAttribute() throws APIException {
+ when(errDF.newData().in(TYPE.JSON).load(attErrJson).asObject()).thenReturn(error);
+
+ StringBuilder sb = new StringBuilder();
+ errMessage.toMsg(sb,attErrJson);
+
+ assertEquals(sb.toString(),"Error Message Id Error Text");
+ }
+
+ @Test
+ public void testToMsgFuture() {
+ StringBuilder sb = errMessage.toMsg(future);
+
+ assertEquals(sb.toString(), "0: Body");
+ }
-
- @Test
- public void testToMsgFutureWithoutException() throws APIException {
- when(errDF.newData().in(TYPE.JSON).load(future.body()).asObject()).thenReturn(error);
-
- StringBuilder sb = errMessage.toMsg(future);
-
- assertEquals(sb.toString(), "Error Message Id Error Text");
- }
+
+ @Test
+ public void testToMsgFutureWithoutException() throws APIException {
+ when(errDF.newData().in(TYPE.JSON).load(future.body()).asObject()).thenReturn(error);
+
+ StringBuilder sb = errMessage.toMsg(future);
+
+ assertEquals(sb.toString(), "Error Message Id Error Text");
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/test/JU_CertMarshal.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/test/JU_CertMarshal.java
index 560014d1..96061aa8 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/test/JU_CertMarshal.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/test/JU_CertMarshal.java
@@ -42,58 +42,58 @@ import aaf.v2_0.Certs.Cert;
public class JU_CertMarshal {
- private static final String fingerprint = "fingerprint";
- private static final String id = "id";
- private static final String x500 = "x500";
-
- private String fingerprintAsString;
-
- private XMLGregorianCalendar expires;
-
- private ByteArrayOutputStream outStream;
-
- @Before
- public void setup() {
- expires = Chrono.timeStamp();
- outStream = new ByteArrayOutputStream();
- StringBuilder sb = new StringBuilder();
- DataWriter.HEX_BINARY.write(fingerprint.getBytes(), sb);
- fingerprintAsString = sb.toString();
- }
-
- @Test
- public void test() throws ParseException, IOException {
- Cert cert = setupCert();
- CertMarshal cm = new CertMarshal();
- OutRaw raw = new OutRaw();
-
- raw.extract(cert, new PrintStream(outStream), cm);
-
- String[] output = outStream.toString().split("\n");
-
- String[] expected = new String[] {
- "{ - ",
- ", - fingerprint : \"" + fingerprintAsString + "\"",
- ", - id : \"" + id + "\"",
- ", - x500 : \"" + x500 + "\"",
- ", - expires : \"" + Chrono.dateTime(expires) + "\"",
- "} - ",
- };
-
- assertThat(output.length, is(expected.length));
-
- for (int i = 0; i < output.length; i++) {
- assertThat(output[i], is(expected[i]));
- }
- }
-
- private Cert setupCert() {
- Cert cert = new Cert();
- cert.setId(id);
- cert.setX500(x500);
- cert.setExpires(expires);
- cert.setFingerprint(fingerprint.getBytes());
- return cert;
- }
+ private static final String fingerprint = "fingerprint";
+ private static final String id = "id";
+ private static final String x500 = "x500";
+
+ private String fingerprintAsString;
+
+ private XMLGregorianCalendar expires;
+
+ private ByteArrayOutputStream outStream;
+
+ @Before
+ public void setup() {
+ expires = Chrono.timeStamp();
+ outStream = new ByteArrayOutputStream();
+ StringBuilder sb = new StringBuilder();
+ DataWriter.HEX_BINARY.write(fingerprint.getBytes(), sb);
+ fingerprintAsString = sb.toString();
+ }
+
+ @Test
+ public void test() throws ParseException, IOException {
+ Cert cert = setupCert();
+ CertMarshal cm = new CertMarshal();
+ OutRaw raw = new OutRaw();
+
+ raw.extract(cert, new PrintStream(outStream), cm);
+
+ String[] output = outStream.toString().split("\n");
+
+ String[] expected = new String[] {
+ "{ - ",
+ ", - fingerprint : \"" + fingerprintAsString + "\"",
+ ", - id : \"" + id + "\"",
+ ", - x500 : \"" + x500 + "\"",
+ ", - expires : \"" + Chrono.dateTime(expires) + "\"",
+ "} - ",
+ };
+
+ assertThat(output.length, is(expected.length));
+
+ for (int i = 0; i < output.length; i++) {
+ assertThat(output[i], is(expected[i]));
+ }
+ }
+
+ private Cert setupCert() {
+ Cert cert = new Cert();
+ cert.setId(id);
+ cert.setX500(x500);
+ cert.setExpires(expires);
+ cert.setFingerprint(fingerprint.getBytes());
+ return cert;
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/test/JU_CertsMarshal.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/test/JU_CertsMarshal.java
index 6598fbe4..172ed758 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/test/JU_CertsMarshal.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/marshal/test/JU_CertsMarshal.java
@@ -42,77 +42,77 @@ import aaf.v2_0.Certs.Cert;
public class JU_CertsMarshal {
- private static final String fingerprint = "fingerprint";
- private static final String id = "id";
- private static final String x500 = "x500";
-
- private String fingerprintAsString;
-
- private XMLGregorianCalendar expires;
-
- private ByteArrayOutputStream outStream;
-
- @Before
- public void setup() {
- expires = Chrono.timeStamp();
- outStream = new ByteArrayOutputStream();
- StringBuilder sb = new StringBuilder();
- DataWriter.HEX_BINARY.write(fingerprint.getBytes(), sb);
- fingerprintAsString = sb.toString();
- }
-
- @Test
- public void test() throws ParseException, IOException {
- CertsStub certs = new CertsStub();
- CertsMarshal cm = new CertsMarshal();
- OutRaw raw = new OutRaw();
-
- raw.extract(certs, new PrintStream(outStream), cm);
- String[] output = outStream.toString().split("\n");
-
- String[] expected = new String[] {
- "{ - ",
- "[ - cert",
- "{ - ",
- ", - fingerprint : \"" + fingerprintAsString + "\"",
- ", - id : \"" + id + "\"",
- ", - x500 : \"" + x500 + "\"",
- ", - expires : \"" + Chrono.dateTime(expires) + "\"",
- "} - ",
- ", - ",
- "{ - ",
- ", - fingerprint : \"" + fingerprintAsString + "\"",
- ", - id : \"" + id + "\"",
- ", - x500 : \"" + x500 + "\"",
- ", - expires : \"" + Chrono.dateTime(expires) + "\"",
- "} - ",
- "] - ",
- "} - ",
- };
-
- assertThat(output.length, is(expected.length));
-
- for (int i = 0; i < output.length; i++) {
- assertThat(output[i], is(expected[i]));
- }
- }
-
- private Cert setupCert() {
- Cert cert = new Cert();
- cert.setId(id);
- cert.setX500(x500);
- cert.setExpires(expires);
- cert.setFingerprint(fingerprint.getBytes());
- return cert;
- }
-
- private class CertsStub extends Certs {
- public CertsStub() {
- cert = new ArrayList<>();
- for (int i = 0; i < 2; i++) {
- cert.add(setupCert());
- }
- }
- }
+ private static final String fingerprint = "fingerprint";
+ private static final String id = "id";
+ private static final String x500 = "x500";
+
+ private String fingerprintAsString;
+
+ private XMLGregorianCalendar expires;
+
+ private ByteArrayOutputStream outStream;
+
+ @Before
+ public void setup() {
+ expires = Chrono.timeStamp();
+ outStream = new ByteArrayOutputStream();
+ StringBuilder sb = new StringBuilder();
+ DataWriter.HEX_BINARY.write(fingerprint.getBytes(), sb);
+ fingerprintAsString = sb.toString();
+ }
+
+ @Test
+ public void test() throws ParseException, IOException {
+ CertsStub certs = new CertsStub();
+ CertsMarshal cm = new CertsMarshal();
+ OutRaw raw = new OutRaw();
+
+ raw.extract(certs, new PrintStream(outStream), cm);
+ String[] output = outStream.toString().split("\n");
+
+ String[] expected = new String[] {
+ "{ - ",
+ "[ - cert",
+ "{ - ",
+ ", - fingerprint : \"" + fingerprintAsString + "\"",
+ ", - id : \"" + id + "\"",
+ ", - x500 : \"" + x500 + "\"",
+ ", - expires : \"" + Chrono.dateTime(expires) + "\"",
+ "} - ",
+ ", - ",
+ "{ - ",
+ ", - fingerprint : \"" + fingerprintAsString + "\"",
+ ", - id : \"" + id + "\"",
+ ", - x500 : \"" + x500 + "\"",
+ ", - expires : \"" + Chrono.dateTime(expires) + "\"",
+ "} - ",
+ "] - ",
+ "} - ",
+ };
+
+ assertThat(output.length, is(expected.length));
+
+ for (int i = 0; i < output.length; i++) {
+ assertThat(output[i], is(expected[i]));
+ }
+ }
+
+ private Cert setupCert() {
+ Cert cert = new Cert();
+ cert.setId(id);
+ cert.setX500(x500);
+ cert.setExpires(expires);
+ cert.setFingerprint(fingerprint.getBytes());
+ return cert;
+ }
+
+ private class CertsStub extends Certs {
+ public CertsStub() {
+ cert = new ArrayList<>();
+ for (int i = 0; i < 2; i++) {
+ cert.add(setupCert());
+ }
+ }
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_AAFPermission.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_AAFPermission.java
index 939e9b18..0b9399ae 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_AAFPermission.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_AAFPermission.java
@@ -33,118 +33,118 @@ import org.onap.aaf.cadi.Permission;
import org.onap.aaf.cadi.aaf.AAFPermission;
public class JU_AAFPermission {
- private final static String ns = "ns";
- private final static String type = "type";
- private final static String instance = "instance";
- private final static String action = "action";
- private final static String key = ns + '|' + type + '|' + instance + '|' + action;
- private final static String role = "role";
-
- private static List<String> roles;
-
- @Before
- public void setup() {
- roles = new ArrayList<>();
- roles.add(role);
- }
-
- @Test
- public void constructor1Test() {
- AAFPermission perm = new AAFPermission(ns, type, instance, action);
- assertThat(perm.getNS(), is(ns));
- assertThat(perm.getType(), is(type));
- assertThat(perm.getInstance(), is(instance));
- assertThat(perm.getAction(), is(action));
- assertThat(perm.getKey(), is(key));
- assertThat(perm.permType(), is("AAF"));
- assertThat(perm.roles().size(), is(0));
- assertThat(perm.toString(), is("AAFPermission:" +
- "\n\tNS: " + ns +
- "\n\tType: " + type +
- "\n\tInstance: " + instance +
- "\n\tAction: " + action +
- "\n\tKey: " + key));
- }
-
- @Test
- public void constructor2Test() {
- AAFPermission perm;
-
- perm = new AAFPermission(ns, type, instance, action, null);
- assertThat(perm.getNS(), is(ns));
- assertThat(perm.getType(), is(type));
- assertThat(perm.getInstance(), is(instance));
- assertThat(perm.getAction(), is(action));
- assertThat(perm.getKey(), is(key));
- assertThat(perm.permType(), is("AAF"));
- assertThat(perm.roles().size(), is(0));
- assertThat(perm.toString(), is("AAFPermission:" +
- "\n\tNS: " + ns +
- "\n\tType: " + type +
- "\n\tInstance: " + instance +
- "\n\tAction: " + action +
- "\n\tKey: " + key));
-
- perm = new AAFPermission(ns, type, instance, action, roles);
- assertThat(perm.getNS(), is(ns));
- assertThat(perm.getType(), is(type));
- assertThat(perm.getInstance(), is(instance));
- assertThat(perm.getAction(), is(action));
- assertThat(perm.getKey(), is(key));
- assertThat(perm.permType(), is("AAF"));
- assertThat(perm.roles().size(), is(1));
- assertThat(perm.roles().get(0), is(role));
- assertThat(perm.toString(), is("AAFPermission:" +
- "\n\tNS: " + ns +
- "\n\tType: " + type +
- "\n\tInstance: " + instance +
- "\n\tAction: " + action +
- "\n\tKey: " + key));
- }
-
- @Test
- public void matchTest() {
- final AAFPermission controlPermission = new AAFPermission(ns,type, instance, action);
- PermissionStub perm;
- AAFPermission aafperm;
-
- aafperm = new AAFPermission(ns, type, instance, action);
- assertThat(controlPermission.match(aafperm), is(true));
-
- perm = new PermissionStub(key);
- assertThat(controlPermission.match(perm), is(true));
-
- // Coverage tests
- perm = new PermissionStub("not a valid key");
- assertThat(controlPermission.match(perm), is(false));
- perm = new PermissionStub("type");
- assertThat(controlPermission.match(perm), is(false));
- perm = new PermissionStub("type|instance|badAction");
- assertThat(controlPermission.match(perm), is(false));
- }
-
- @Test
- public void coverageTest() {
- AAFPermissionStub aafps = new AAFPermissionStub();
- assertThat(aafps.getNS(), is(nullValue()));
- assertThat(aafps.getType(), is(nullValue()));
- assertThat(aafps.getInstance(), is(nullValue()));
- assertThat(aafps.getAction(), is(nullValue()));
- assertThat(aafps.getKey(), is(nullValue()));
- assertThat(aafps.permType(), is("AAF"));
- assertThat(aafps.roles().size(), is(0));
- }
-
- private class PermissionStub implements Permission {
- private String key;
-
- public PermissionStub(String key) { this.key = key; }
- @Override public String permType() { return null; }
- @Override public String getKey() { return key; }
- @Override public boolean match(Permission p) { return false; }
- }
-
- private class AAFPermissionStub extends AAFPermission {
-
- }
+ private final static String ns = "ns";
+ private final static String type = "type";
+ private final static String instance = "instance";
+ private final static String action = "action";
+ private final static String key = ns + '|' + type + '|' + instance + '|' + action;
+ private final static String role = "role";
+
+ private static List<String> roles;
+
+ @Before
+ public void setup() {
+ roles = new ArrayList<>();
+ roles.add(role);
+ }
+
+ @Test
+ public void constructor1Test() {
+ AAFPermission perm = new AAFPermission(ns, type, instance, action);
+ assertThat(perm.getNS(), is(ns));
+ assertThat(perm.getType(), is(type));
+ assertThat(perm.getInstance(), is(instance));
+ assertThat(perm.getAction(), is(action));
+ assertThat(perm.getKey(), is(key));
+ assertThat(perm.permType(), is("AAF"));
+ assertThat(perm.roles().size(), is(0));
+ assertThat(perm.toString(), is("AAFPermission:" +
+ "\n\tNS: " + ns +
+ "\n\tType: " + type +
+ "\n\tInstance: " + instance +
+ "\n\tAction: " + action +
+ "\n\tKey: " + key));
+ }
+
+ @Test
+ public void constructor2Test() {
+ AAFPermission perm;
+
+ perm = new AAFPermission(ns, type, instance, action, null);
+ assertThat(perm.getNS(), is(ns));
+ assertThat(perm.getType(), is(type));
+ assertThat(perm.getInstance(), is(instance));
+ assertThat(perm.getAction(), is(action));
+ assertThat(perm.getKey(), is(key));
+ assertThat(perm.permType(), is("AAF"));
+ assertThat(perm.roles().size(), is(0));
+ assertThat(perm.toString(), is("AAFPermission:" +
+ "\n\tNS: " + ns +
+ "\n\tType: " + type +
+ "\n\tInstance: " + instance +
+ "\n\tAction: " + action +
+ "\n\tKey: " + key));
+
+ perm = new AAFPermission(ns, type, instance, action, roles);
+ assertThat(perm.getNS(), is(ns));
+ assertThat(perm.getType(), is(type));
+ assertThat(perm.getInstance(), is(instance));
+ assertThat(perm.getAction(), is(action));
+ assertThat(perm.getKey(), is(key));
+ assertThat(perm.permType(), is("AAF"));
+ assertThat(perm.roles().size(), is(1));
+ assertThat(perm.roles().get(0), is(role));
+ assertThat(perm.toString(), is("AAFPermission:" +
+ "\n\tNS: " + ns +
+ "\n\tType: " + type +
+ "\n\tInstance: " + instance +
+ "\n\tAction: " + action +
+ "\n\tKey: " + key));
+ }
+
+ @Test
+ public void matchTest() {
+ final AAFPermission controlPermission = new AAFPermission(ns,type, instance, action);
+ PermissionStub perm;
+ AAFPermission aafperm;
+
+ aafperm = new AAFPermission(ns, type, instance, action);
+ assertThat(controlPermission.match(aafperm), is(true));
+
+ perm = new PermissionStub(key);
+ assertThat(controlPermission.match(perm), is(true));
+
+ // Coverage tests
+ perm = new PermissionStub("not a valid key");
+ assertThat(controlPermission.match(perm), is(false));
+ perm = new PermissionStub("type");
+ assertThat(controlPermission.match(perm), is(false));
+ perm = new PermissionStub("type|instance|badAction");
+ assertThat(controlPermission.match(perm), is(false));
+ }
+
+ @Test
+ public void coverageTest() {
+ AAFPermissionStub aafps = new AAFPermissionStub();
+ assertThat(aafps.getNS(), is(nullValue()));
+ assertThat(aafps.getType(), is(nullValue()));
+ assertThat(aafps.getInstance(), is(nullValue()));
+ assertThat(aafps.getAction(), is(nullValue()));
+ assertThat(aafps.getKey(), is(nullValue()));
+ assertThat(aafps.permType(), is("AAF"));
+ assertThat(aafps.roles().size(), is(0));
+ }
+
+ private class PermissionStub implements Permission {
+ private String key;
+
+ public PermissionStub(String key) { this.key = key; }
+ @Override public String permType() { return null; }
+ @Override public String getKey() { return key; }
+ @Override public boolean match(Permission p) { return false; }
+ }
+
+ private class AAFPermissionStub extends AAFPermission {
+
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_PermEval.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_PermEval.java
index 9433cef1..297292d7 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_PermEval.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/JU_PermEval.java
@@ -29,185 +29,185 @@ import org.onap.aaf.cadi.aaf.PermEval;
public class JU_PermEval {
- @Test
- public void instanceNullTest() {
- assertThat(PermEval.evalInstance(null, null), is(false));
- assertThat(PermEval.evalInstance(null, "test"), is(false));
- assertThat(PermEval.evalInstance("test", null), is(false));
- }
-
- @Test
- public void instanceEmptyTest() {
- assertThat(PermEval.evalInstance("", ""), is(false));
- assertThat(PermEval.evalInstance("", "test"), is(false));
- assertThat(PermEval.evalInstance("test", ""), is(false));
- }
-
- @Test
- public void instanceAsterixTest() {
- assertThat(PermEval.evalInstance("*", "*"), is(true));
- assertTrue(PermEval.evalInstance("*","fred"));
- }
-
- @Test
- public void instanceRegexTest() {
- assertThat(PermEval.evalInstance("test", "!test"), is(true));
- assertThat(PermEval.evalInstance(",", "!"), is(true));
- assertThat(PermEval.evalInstance("test,test", "!test"), is(true));
-
- assertThat(PermEval.evalInstance("test", "!"), is(false));
- assertThat(PermEval.evalInstance("test", "!mismatch"), is(false));
- assertThat(PermEval.evalInstance("test,mismatch", "!mismatch"), is(false));
- }
-
- @Test
- public void instanceKeyTest() {
- // Reject non-keys
- assertThat(PermEval.evalInstance("fred", ":fred"), is(false));
-
- // Reject differing number of keys
- assertThat(PermEval.evalInstance(":fred:barney", ":fred"), is(false));
- assertThat(PermEval.evalInstance(":fred", ":fred:barney"), is(false));
-
- // Accept all wildcard keys
- assertThat(PermEval.evalInstance(":*", ":fred"), is(true));
-
- // Accept matching empty keys
- assertThat(PermEval.evalInstance(":", ":"), is(true));
-
- // Reject non-matching empty keys
- assertThat(PermEval.evalInstance(":fred", ":"), is(false));
-
- // Accept matches starting with a wildcard
- assertThat(PermEval.evalInstance(":!.*ed", ":fred"), is(true));
-
- // Reject non-matches starting with a wildcard
- assertThat(PermEval.evalInstance(":!.*arney", ":fred"), is(false));
-
- // Accept matches ending with a wildcard
- assertThat(PermEval.evalInstance(":fr*", ":fred"), is(true));
-
- // Reject non-matches ending with a wildcard
- assertThat(PermEval.evalInstance(":bar*", ":fred"), is(false));
-
- // Accept exact keys
- assertThat(PermEval.evalInstance(":fred", ":fred"), is(true));
-
- // Reject mismatched keys
- assertThat(PermEval.evalInstance(":fred", ":barney"), is(false));
-
- // Check using alt-start character
- assertThat(PermEval.evalInstance("/fred", "/fred"), is(true));
- assertThat(PermEval.evalInstance("/barney", "/fred"), is(false));
- }
-
- @Test
- public void instanceDirectTest() {
- assertThat(PermEval.evalInstance("fred","fred"), is(true));
- assertThat(PermEval.evalInstance("fred,wilma","fred"), is(true));
- assertThat(PermEval.evalInstance("barney,betty,fred,wilma","fred"), is(true));
- assertThat(PermEval.evalInstance("barney,betty,wilma","fred"), is(false));
-
- assertThat(PermEval.evalInstance("fr*","fred"), is(true));
- assertThat(PermEval.evalInstance("freddy*","fred"), is(false));
- assertThat(PermEval.evalInstance("ba*","fred"), is(false));
- }
-
- @Test
- public void actionTest() {
- // Accept server *
- assertThat(PermEval.evalAction("*", ""), is(true));
- assertThat(PermEval.evalAction("*", "literally anything"), is(true));
-
- // Reject empty actions
- assertThat(PermEval.evalAction("literally anything", ""), is(false));
-
- // Accept match as regex
- assertThat(PermEval.evalAction("action", "!action"), is(true));
-
- // Reject non-match as regex
- assertThat(PermEval.evalAction("action", "!nonaction"), is(false));
-
- // Accept exact match
- assertThat(PermEval.evalAction("action", "action"), is(true));
-
- // Reject non-match
- assertThat(PermEval.evalAction("action", "nonaction"), is(false));
- }
-
- @Test
- public void redundancyTest() {
- // TRUE
- assertTrue(PermEval.evalInstance(":fred:fred",":fred:fred"));
- assertTrue(PermEval.evalInstance(":fred:fred,wilma",":fred:fred"));
- assertTrue(PermEval.evalInstance(":fred:barney,betty,fred,wilma",":fred:fred"));
- assertTrue(PermEval.evalInstance(":*:fred",":fred:fred"));
- assertTrue(PermEval.evalInstance(":fred:*",":fred:fred"));
- assertTrue(PermEval.evalInstance(":!f.*:fred",":fred:fred"));
- assertTrue(PermEval.evalInstance(":fred:!f.*",":fred:fred"));
-
- // FALSE
- assertFalse(PermEval.evalInstance("fred","wilma"));
- assertFalse(PermEval.evalInstance("fred,barney,betty","wilma"));
- assertFalse(PermEval.evalInstance(":fred:fred",":fred:wilma"));
- assertFalse(PermEval.evalInstance(":fred:fred",":wilma:fred"));
- assertFalse(PermEval.evalInstance(":wilma:!f.*",":fred:fred"));
- assertFalse(PermEval.evalInstance(":!f.*:wilma",":fred:fred"));
- assertFalse(PermEval.evalInstance(":!w.*:!f.*",":fred:fred"));
- assertFalse(PermEval.evalInstance(":!f.*:!w.*",":fred:fred"));
-
- assertFalse(PermEval.evalInstance(":fred:!x.*",":fred:fred"));
-
- // MSO Tests 12/3/2015
- assertFalse(PermEval.evalInstance("/v1/services/features/*","/v1/services/features"));
- assertFalse(PermEval.evalInstance(":v1:services:features:*",":v1:services:features"));
- assertTrue(PermEval.evalInstance("/v1/services/features/*","/v1/services/features/api1"));
- assertTrue(PermEval.evalInstance(":v1:services:features:*",":v1:services:features:api2"));
- // MSO - Xue Gao
- assertTrue(PermEval.evalInstance(":v1:requests:*",":v1:requests:test0-service"));
-
-
-
- // Same tests, with Slashes
- assertTrue(PermEval.evalInstance("/fred/fred","/fred/fred"));
- assertTrue(PermEval.evalInstance("/fred/fred,wilma","/fred/fred"));
- assertTrue(PermEval.evalInstance("/fred/barney,betty,fred,wilma","/fred/fred"));
- assertTrue(PermEval.evalInstance("*","fred"));
- assertTrue(PermEval.evalInstance("/*/fred","/fred/fred"));
- assertTrue(PermEval.evalInstance("/fred/*","/fred/fred"));
- assertTrue(PermEval.evalInstance("/!f.*/fred","/fred/fred"));
- assertTrue(PermEval.evalInstance("/fred/!f.*","/fred/fred"));
-
- // FALSE
- assertFalse(PermEval.evalInstance("fred","wilma"));
- assertFalse(PermEval.evalInstance("fred,barney,betty","wilma"));
- assertFalse(PermEval.evalInstance("/fred/fred","/fred/wilma"));
- assertFalse(PermEval.evalInstance("/fred/fred","/wilma/fred"));
- assertFalse(PermEval.evalInstance("/wilma/!f.*","/fred/fred"));
- assertFalse(PermEval.evalInstance("/!f.*/wilma","/fred/fred"));
- assertFalse(PermEval.evalInstance("/!w.*/!f.*","/fred/fred"));
- assertFalse(PermEval.evalInstance("/!f.*/!w.*","/fred/fred"));
-
- assertFalse(PermEval.evalInstance("/fred/!x.*","/fred/fred"));
-
- assertTrue(PermEval.evalInstance(":!com.att.*:role:write",":com.att.temp:role:write"));
-
- // CPFSF-431 Group needed help with Wild Card
- // They tried
- assertTrue(PermEval.evalInstance(
- ":topic.com.att.ecomp_test.crm.pre*",
- ":topic.com.att.ecomp_test.crm.predemo100"
- ));
-
- // Also can be
- assertTrue(PermEval.evalInstance(
- ":!topic.com.att.ecomp_test.crm.pre.*",
- ":topic.com.att.ecomp_test.crm.predemo100"
- ));
-
- // coverage
- @SuppressWarnings("unused")
- PermEval pe = new PermEval();
- }
+ @Test
+ public void instanceNullTest() {
+ assertThat(PermEval.evalInstance(null, null), is(false));
+ assertThat(PermEval.evalInstance(null, "test"), is(false));
+ assertThat(PermEval.evalInstance("test", null), is(false));
+ }
+
+ @Test
+ public void instanceEmptyTest() {
+ assertThat(PermEval.evalInstance("", ""), is(false));
+ assertThat(PermEval.evalInstance("", "test"), is(false));
+ assertThat(PermEval.evalInstance("test", ""), is(false));
+ }
+
+ @Test
+ public void instanceAsterixTest() {
+ assertThat(PermEval.evalInstance("*", "*"), is(true));
+ assertTrue(PermEval.evalInstance("*","fred"));
+ }
+
+ @Test
+ public void instanceRegexTest() {
+ assertThat(PermEval.evalInstance("test", "!test"), is(true));
+ assertThat(PermEval.evalInstance(",", "!"), is(true));
+ assertThat(PermEval.evalInstance("test,test", "!test"), is(true));
+
+ assertThat(PermEval.evalInstance("test", "!"), is(false));
+ assertThat(PermEval.evalInstance("test", "!mismatch"), is(false));
+ assertThat(PermEval.evalInstance("test,mismatch", "!mismatch"), is(false));
+ }
+
+ @Test
+ public void instanceKeyTest() {
+ // Reject non-keys
+ assertThat(PermEval.evalInstance("fred", ":fred"), is(false));
+
+ // Reject differing number of keys
+ assertThat(PermEval.evalInstance(":fred:barney", ":fred"), is(false));
+ assertThat(PermEval.evalInstance(":fred", ":fred:barney"), is(false));
+
+ // Accept all wildcard keys
+ assertThat(PermEval.evalInstance(":*", ":fred"), is(true));
+
+ // Accept matching empty keys
+ assertThat(PermEval.evalInstance(":", ":"), is(true));
+
+ // Reject non-matching empty keys
+ assertThat(PermEval.evalInstance(":fred", ":"), is(false));
+
+ // Accept matches starting with a wildcard
+ assertThat(PermEval.evalInstance(":!.*ed", ":fred"), is(true));
+
+ // Reject non-matches starting with a wildcard
+ assertThat(PermEval.evalInstance(":!.*arney", ":fred"), is(false));
+
+ // Accept matches ending with a wildcard
+ assertThat(PermEval.evalInstance(":fr*", ":fred"), is(true));
+
+ // Reject non-matches ending with a wildcard
+ assertThat(PermEval.evalInstance(":bar*", ":fred"), is(false));
+
+ // Accept exact keys
+ assertThat(PermEval.evalInstance(":fred", ":fred"), is(true));
+
+ // Reject mismatched keys
+ assertThat(PermEval.evalInstance(":fred", ":barney"), is(false));
+
+ // Check using alt-start character
+ assertThat(PermEval.evalInstance("/fred", "/fred"), is(true));
+ assertThat(PermEval.evalInstance("/barney", "/fred"), is(false));
+ }
+
+ @Test
+ public void instanceDirectTest() {
+ assertThat(PermEval.evalInstance("fred","fred"), is(true));
+ assertThat(PermEval.evalInstance("fred,wilma","fred"), is(true));
+ assertThat(PermEval.evalInstance("barney,betty,fred,wilma","fred"), is(true));
+ assertThat(PermEval.evalInstance("barney,betty,wilma","fred"), is(false));
+
+ assertThat(PermEval.evalInstance("fr*","fred"), is(true));
+ assertThat(PermEval.evalInstance("freddy*","fred"), is(false));
+ assertThat(PermEval.evalInstance("ba*","fred"), is(false));
+ }
+
+ @Test
+ public void actionTest() {
+ // Accept server *
+ assertThat(PermEval.evalAction("*", ""), is(true));
+ assertThat(PermEval.evalAction("*", "literally anything"), is(true));
+
+ // Reject empty actions
+ assertThat(PermEval.evalAction("literally anything", ""), is(false));
+
+ // Accept match as regex
+ assertThat(PermEval.evalAction("action", "!action"), is(true));
+
+ // Reject non-match as regex
+ assertThat(PermEval.evalAction("action", "!nonaction"), is(false));
+
+ // Accept exact match
+ assertThat(PermEval.evalAction("action", "action"), is(true));
+
+ // Reject non-match
+ assertThat(PermEval.evalAction("action", "nonaction"), is(false));
+ }
+
+ @Test
+ public void redundancyTest() {
+ // TRUE
+ assertTrue(PermEval.evalInstance(":fred:fred",":fred:fred"));
+ assertTrue(PermEval.evalInstance(":fred:fred,wilma",":fred:fred"));
+ assertTrue(PermEval.evalInstance(":fred:barney,betty,fred,wilma",":fred:fred"));
+ assertTrue(PermEval.evalInstance(":*:fred",":fred:fred"));
+ assertTrue(PermEval.evalInstance(":fred:*",":fred:fred"));
+ assertTrue(PermEval.evalInstance(":!f.*:fred",":fred:fred"));
+ assertTrue(PermEval.evalInstance(":fred:!f.*",":fred:fred"));
+
+ // FALSE
+ assertFalse(PermEval.evalInstance("fred","wilma"));
+ assertFalse(PermEval.evalInstance("fred,barney,betty","wilma"));
+ assertFalse(PermEval.evalInstance(":fred:fred",":fred:wilma"));
+ assertFalse(PermEval.evalInstance(":fred:fred",":wilma:fred"));
+ assertFalse(PermEval.evalInstance(":wilma:!f.*",":fred:fred"));
+ assertFalse(PermEval.evalInstance(":!f.*:wilma",":fred:fred"));
+ assertFalse(PermEval.evalInstance(":!w.*:!f.*",":fred:fred"));
+ assertFalse(PermEval.evalInstance(":!f.*:!w.*",":fred:fred"));
+
+ assertFalse(PermEval.evalInstance(":fred:!x.*",":fred:fred"));
+
+ // MSO Tests 12/3/2015
+ assertFalse(PermEval.evalInstance("/v1/services/features/*","/v1/services/features"));
+ assertFalse(PermEval.evalInstance(":v1:services:features:*",":v1:services:features"));
+ assertTrue(PermEval.evalInstance("/v1/services/features/*","/v1/services/features/api1"));
+ assertTrue(PermEval.evalInstance(":v1:services:features:*",":v1:services:features:api2"));
+ // MSO - Xue Gao
+ assertTrue(PermEval.evalInstance(":v1:requests:*",":v1:requests:test0-service"));
+
+
+
+ // Same tests, with Slashes
+ assertTrue(PermEval.evalInstance("/fred/fred","/fred/fred"));
+ assertTrue(PermEval.evalInstance("/fred/fred,wilma","/fred/fred"));
+ assertTrue(PermEval.evalInstance("/fred/barney,betty,fred,wilma","/fred/fred"));
+ assertTrue(PermEval.evalInstance("*","fred"));
+ assertTrue(PermEval.evalInstance("/*/fred","/fred/fred"));
+ assertTrue(PermEval.evalInstance("/fred/*","/fred/fred"));
+ assertTrue(PermEval.evalInstance("/!f.*/fred","/fred/fred"));
+ assertTrue(PermEval.evalInstance("/fred/!f.*","/fred/fred"));
+
+ // FALSE
+ assertFalse(PermEval.evalInstance("fred","wilma"));
+ assertFalse(PermEval.evalInstance("fred,barney,betty","wilma"));
+ assertFalse(PermEval.evalInstance("/fred/fred","/fred/wilma"));
+ assertFalse(PermEval.evalInstance("/fred/fred","/wilma/fred"));
+ assertFalse(PermEval.evalInstance("/wilma/!f.*","/fred/fred"));
+ assertFalse(PermEval.evalInstance("/!f.*/wilma","/fred/fred"));
+ assertFalse(PermEval.evalInstance("/!w.*/!f.*","/fred/fred"));
+ assertFalse(PermEval.evalInstance("/!f.*/!w.*","/fred/fred"));
+
+ assertFalse(PermEval.evalInstance("/fred/!x.*","/fred/fred"));
+
+ assertTrue(PermEval.evalInstance(":!com.att.*:role:write",":com.att.temp:role:write"));
+
+ // CPFSF-431 Group needed help with Wild Card
+ // They tried
+ assertTrue(PermEval.evalInstance(
+ ":topic.com.att.ecomp_test.crm.pre*",
+ ":topic.com.att.ecomp_test.crm.predemo100"
+ ));
+
+ // Also can be
+ assertTrue(PermEval.evalInstance(
+ ":!topic.com.att.ecomp_test.crm.pre.*",
+ ":topic.com.att.ecomp_test.crm.predemo100"
+ ));
+
+ // coverage
+ @SuppressWarnings("unused")
+ PermEval pe = new PermEval();
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/TestHClient.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/TestHClient.java
index 2e509b0f..8cb4e906 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/TestHClient.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/TestHClient.java
@@ -40,44 +40,44 @@ import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.impl.BasicTrans;
public class TestHClient {
- public static void main(String[] args) {
- try {
- PropAccess access = new PropAccess(args);
- String aaf_url = access.getProperty(Config.AAF_URL);
- if(aaf_url == null) {
- access.log(Level.ERROR, Config.AAF_URL," is required");
- } else {
- HMangr hman = null;
- try {
- SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(access, HttpURLConnection.class);
- AbsAAFLocator<BasicTrans> loc = new AAFLocator(si,new URI(aaf_url));
- for(Item item = loc.first(); item!=null; item=loc.next(item)) {
- System.out.println(loc.get(item));
- }
-
- hman = new HMangr(access,loc);
- final String path = String.format("/authz/perms/user/%s",
- access.getProperty(Config.AAF_APPID,"xx9999@people.osaaf.org"));
- hman.best(si.defSS, new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> cli) throws APIException, CadiException {
- Future<String> ft = cli.read(path,"application/json");
- if(ft.get(10000)) {
- System.out.println("Hurray,\n"+ft.body());
- } else {
- System.out.println("not quite: " + ft.code());
- }
- return null;
- }});
- } finally {
- if(hman!=null) {
- hman.close();
- }
- }
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
-
+ public static void main(String[] args) {
+ try {
+ PropAccess access = new PropAccess(args);
+ String aaf_url = access.getProperty(Config.AAF_URL);
+ if(aaf_url == null) {
+ access.log(Level.ERROR, Config.AAF_URL," is required");
+ } else {
+ HMangr hman = null;
+ try {
+ SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(access, HttpURLConnection.class);
+ AbsAAFLocator<BasicTrans> loc = new AAFLocator(si,new URI(aaf_url));
+ for(Item item = loc.first(); item!=null; item=loc.next(item)) {
+ System.out.println(loc.get(item));
+ }
+
+ hman = new HMangr(access,loc);
+ final String path = String.format("/authz/perms/user/%s",
+ access.getProperty(Config.AAF_APPID,"xx9999@people.osaaf.org"));
+ hman.best(si.defSS, new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> cli) throws APIException, CadiException {
+ Future<String> ft = cli.read(path,"application/json");
+ if(ft.get(10000)) {
+ System.out.println("Hurray,\n"+ft.body());
+ } else {
+ System.out.println("not quite: " + ft.code());
+ }
+ return null;
+ }});
+ } finally {
+ if(hman!=null) {
+ hman.close();
+ }
+ }
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFLocator.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFLocator.java
index 4d767c9c..c76d178f 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFLocator.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFLocator.java
@@ -56,68 +56,68 @@ import locate.v1_0.Endpoint;
import locate.v1_0.Endpoints;
public class JU_AAFLocator {
-
- @Mock private HClient clientMock;
- @Mock private Future<Endpoints> futureMock;
- @Mock private Endpoints endpointsMock;
-
- private PropAccess access;
-
- private ByteArrayOutputStream errStream;
-
- private static final String uriString = "https://example.com";
+
+ @Mock private HClient clientMock;
+ @Mock private Future<Endpoints> futureMock;
+ @Mock private Endpoints endpointsMock;
+
+ private PropAccess access;
+
+ private ByteArrayOutputStream errStream;
+
+ private static final String uriString = "https://example.com";
- @Before
- public void setUp() throws Exception {
- MockitoAnnotations.initMocks(this);
-
- doReturn(futureMock).when(clientMock).futureRead((RosettaDF<?>)any(), eq(TYPE.JSON));
- when(clientMock.timeout()).thenReturn(1);
- when(clientMock.getURI()).thenReturn(new URI(uriString));
- when(futureMock.get(1)).thenReturn(true);
-
- futureMock.value = endpointsMock;
- List<Endpoint> endpoints = new ArrayList<>();
- endpoints.add(new Endpoint());
- when(endpointsMock.getEndpoint()).thenReturn(endpoints);
+ @Before
+ public void setUp() throws Exception {
+ MockitoAnnotations.initMocks(this);
+
+ doReturn(futureMock).when(clientMock).futureRead((RosettaDF<?>)any(), eq(TYPE.JSON));
+ when(clientMock.timeout()).thenReturn(1);
+ when(clientMock.getURI()).thenReturn(new URI(uriString));
+ when(futureMock.get(1)).thenReturn(true);
+
+ futureMock.value = endpointsMock;
+ List<Endpoint> endpoints = new ArrayList<>();
+ endpoints.add(new Endpoint());
+ when(endpointsMock.getEndpoint()).thenReturn(endpoints);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
-
- errStream = new ByteArrayOutputStream();
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+
+ errStream = new ByteArrayOutputStream();
- System.setErr(new PrintStream(errStream));
- }
-
- @After
- public void tearDown() {
- System.setErr(System.err);
- }
-
- @AfterClass
- public static void tearDownAfterClass() throws Exception {
- Field field = SecurityInfoC.class.getDeclaredField("sicMap");
- field.setAccessible(true);
- field.set(null, new HashMap<>());
- }
+ System.setErr(new PrintStream(errStream));
+ }
+
+ @After
+ public void tearDown() {
+ System.setErr(System.err);
+ }
+
+ @AfterClass
+ public static void tearDownAfterClass() throws Exception {
+ Field field = SecurityInfoC.class.getDeclaredField("sicMap");
+ field.setAccessible(true);
+ field.set(null, new HashMap<>());
+ }
- @Test
- public void test() throws CadiException, URISyntaxException, LocatorException {
- access.setProperty(Config.CADI_LATITUDE, "38.62"); // St Louis approx lat
- access.setProperty(Config.CADI_LONGITUDE, "90.19"); // St Louis approx lon
- SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(access, HttpURLConnection.class);
- URI locatorURI = new URI("https://somemachine.moc:10/com.att.aaf.service:2.0");
-// AbsAAFLocator<BasicTrans> al = new AAFLocator(si, locatorURI) {
-// @Override
-// protected HClient createClient(SecuritySetter<HttpURLConnection> ss, URI uri, int connectTimeout) throws LocatorException {
-// return clientMock;
-// }
-// };
- // Start over: This was originally calling a developer machine.
-// assertThat(al.refresh(), is(true));
-// when(futureMock.get(1)).thenReturn(false);
-// assertThat(al.refresh(), is(false));
-// String errorMessage = errStream.toString().split(": ", 2)[1];
-// assertThat(errorMessage, is("Error reading location information from " + uriString + ": 0 null\n \n"));
- }
+ @Test
+ public void test() throws CadiException, URISyntaxException, LocatorException {
+ access.setProperty(Config.CADI_LATITUDE, "38.62"); // St Louis approx lat
+ access.setProperty(Config.CADI_LONGITUDE, "90.19"); // St Louis approx lon
+ SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(access, HttpURLConnection.class);
+ URI locatorURI = new URI("https://somemachine.moc:10/com.att.aaf.service:2.0");
+// AbsAAFLocator<BasicTrans> al = new AAFLocator(si, locatorURI) {
+// @Override
+// protected HClient createClient(SecuritySetter<HttpURLConnection> ss, URI uri, int connectTimeout) throws LocatorException {
+// return clientMock;
+// }
+// };
+ // Start over: This was originally calling a developer machine.
+// assertThat(al.refresh(), is(true));
+// when(futureMock.get(1)).thenReturn(false);
+// assertThat(al.refresh(), is(false));
+// String errorMessage = errStream.toString().split(": ", 2)[1];
+// assertThat(errorMessage, is("Error reading location information from " + uriString + ": 0 null\n \n"));
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFTrustChecker.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFTrustChecker.java
index 1e469eca..64f4c997 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFTrustChecker.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AAFTrustChecker.java
@@ -47,84 +47,84 @@ import org.onap.aaf.misc.env.Env;
public class JU_AAFTrustChecker {
- private final static String type = "type";
- private final static String instance = "instance";
- private final static String action = "action";
- private final static String key = type + '|' + instance + '|' + action;
- private final static String name = "name";
- private final static String otherName = "otherName";
-
- private PropAccess access;
-
- @Mock private Env envMock;
- @Mock private TafResp trespMock;
- @Mock private HttpServletRequest reqMock;
- @Mock private TaggedPrincipal tpMock;
- @Mock private Lur lurMock;
- @Mock private TaggedPrincipal princMock;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- }
-
- @Test
- public void test() {
- AAFTrustChecker trustChecker;
-
- // coverage calls
- trustChecker = new AAFTrustChecker(access);
- trustChecker = new AAFTrustChecker(envMock);
-
- access.setProperty(Config.CADI_TRUST_PERM, "example");
- when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn("example");
- trustChecker = new AAFTrustChecker(access);
- trustChecker = new AAFTrustChecker(envMock);
-
- access.setProperty(Config.CADI_TRUST_PERM, key);
- when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn(key);
- trustChecker = new AAFTrustChecker(access);
- trustChecker = new AAFTrustChecker(envMock);
-
- trustChecker.setLur(lurMock);
-
- assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
-
- when(reqMock.getHeader(null)).thenReturn("comma,comma,comma");
- assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
-
- when(reqMock.getHeader(null)).thenReturn("colon:colon:colon:colon,comma,comma");
- assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
-
- when(reqMock.getHeader(null)).thenReturn("colon:colon:colon:AS,comma,comma");
- when(trespMock.getPrincipal()).thenReturn(tpMock);
- when(tpMock.getName()).thenReturn(name);
- when(lurMock.fish(princMock, null)).thenReturn(true);
- TafResp tntResp = trustChecker.mayTrust(trespMock, reqMock);
-
- assertThat(tntResp instanceof TrustNotTafResp, is(true));
- assertThat(tntResp.toString(), is("name requested trust as colon, but does not have Authorization"));
-
- when(reqMock.getHeader(null)).thenReturn(name + ":colon:colon:AS,comma,comma");
- assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
-
- when(envMock.getProperty(Config.CADI_ALIAS, null)).thenReturn(name);
- when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn(null);
- trustChecker = new AAFTrustChecker(envMock);
- trustChecker.setLur(lurMock);
-
- when(trespMock.getPrincipal()).thenReturn(princMock);
- when(princMock.getName()).thenReturn(otherName);
- when(lurMock.fish(princMock, null)).thenReturn(true);
- TafResp ttResp = trustChecker.mayTrust(trespMock, reqMock);
- assertThat(ttResp instanceof TrustTafResp, is(true));
- assertThat(ttResp.toString(), is(name + " by trust of " + name + " validated using colon by colon, null"));
-
- when(princMock.getName()).thenReturn(name);
- ttResp = trustChecker.mayTrust(trespMock, reqMock);
- assertThat(ttResp instanceof TrustTafResp, is(true));
- assertThat(ttResp.toString(), is(name + " by trust of " + name + " validated using colon by colon, null"));
- }
+ private final static String type = "type";
+ private final static String instance = "instance";
+ private final static String action = "action";
+ private final static String key = type + '|' + instance + '|' + action;
+ private final static String name = "name";
+ private final static String otherName = "otherName";
+
+ private PropAccess access;
+
+ @Mock private Env envMock;
+ @Mock private TafResp trespMock;
+ @Mock private HttpServletRequest reqMock;
+ @Mock private TaggedPrincipal tpMock;
+ @Mock private Lur lurMock;
+ @Mock private TaggedPrincipal princMock;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ }
+
+ @Test
+ public void test() {
+ AAFTrustChecker trustChecker;
+
+ // coverage calls
+ trustChecker = new AAFTrustChecker(access);
+ trustChecker = new AAFTrustChecker(envMock);
+
+ access.setProperty(Config.CADI_TRUST_PERM, "example");
+ when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn("example");
+ trustChecker = new AAFTrustChecker(access);
+ trustChecker = new AAFTrustChecker(envMock);
+
+ access.setProperty(Config.CADI_TRUST_PERM, key);
+ when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn(key);
+ trustChecker = new AAFTrustChecker(access);
+ trustChecker = new AAFTrustChecker(envMock);
+
+ trustChecker.setLur(lurMock);
+
+ assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
+
+ when(reqMock.getHeader(null)).thenReturn("comma,comma,comma");
+ assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
+
+ when(reqMock.getHeader(null)).thenReturn("colon:colon:colon:colon,comma,comma");
+ assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
+
+ when(reqMock.getHeader(null)).thenReturn("colon:colon:colon:AS,comma,comma");
+ when(trespMock.getPrincipal()).thenReturn(tpMock);
+ when(tpMock.getName()).thenReturn(name);
+ when(lurMock.fish(princMock, null)).thenReturn(true);
+ TafResp tntResp = trustChecker.mayTrust(trespMock, reqMock);
+
+ assertThat(tntResp instanceof TrustNotTafResp, is(true));
+ assertThat(tntResp.toString(), is("name requested trust as colon, but does not have Authorization"));
+
+ when(reqMock.getHeader(null)).thenReturn(name + ":colon:colon:AS,comma,comma");
+ assertThat(trustChecker.mayTrust(trespMock, reqMock), is(trespMock));
+
+ when(envMock.getProperty(Config.CADI_ALIAS, null)).thenReturn(name);
+ when(envMock.getProperty(Config.CADI_TRUST_PERM)).thenReturn(null);
+ trustChecker = new AAFTrustChecker(envMock);
+ trustChecker.setLur(lurMock);
+
+ when(trespMock.getPrincipal()).thenReturn(princMock);
+ when(princMock.getName()).thenReturn(otherName);
+ when(lurMock.fish(princMock, null)).thenReturn(true);
+ TafResp ttResp = trustChecker.mayTrust(trespMock, reqMock);
+ assertThat(ttResp instanceof TrustTafResp, is(true));
+ assertThat(ttResp.toString(), is(name + " by trust of " + name + " validated using colon by colon, null"));
+
+ when(princMock.getName()).thenReturn(name);
+ ttResp = trustChecker.mayTrust(trespMock, reqMock);
+ assertThat(ttResp instanceof TrustTafResp, is(true));
+ assertThat(ttResp.toString(), is(name + " by trust of " + name + " validated using colon by colon, null"));
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java
index e9c74cbf..825e3c91 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java
@@ -44,150 +44,150 @@ import org.onap.aaf.misc.env.impl.BasicTrans;
public class JU_AbsAAFLocator {
- @Mock private LocatorCreator locatorCreatorMock;
-
- private PropAccess access;
- private URI uri;
-
- private static final String uriString = "example.com";
-
- @Before
- public void setup() throws URISyntaxException {
- MockitoAnnotations.initMocks(this);
-
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- access.setProperty(Config.CADI_LATITUDE, "38.62"); // St Louis approx lat
- access.setProperty(Config.CADI_LONGITUDE, "90.19"); // St Louis approx lon
-
- uri = new URI(uriString);
- }
-
- @AfterClass
- public static void tearDownAfterClass() throws Exception {
- AbsAAFLocator.setCreator(null);
- }
-
- @Test
- public void test() throws LocatorException {
- AAFLocatorStub loc;
-
- // Test with http
- loc = new AAFLocatorStub(access, "httpname");
- assertThat(loc.getName(), is("httpname"));
- assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_VERSION));
- assertThat(loc.toString(), is("AAFLocator for " + "httpname" + " on " + loc.getURI()));
-
- loc = new AAFLocatorStub(access, "name");
- assertThat(loc.getName(), is("name"));
- assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_VERSION));
- loc = new AAFLocatorStub(access, "name:v2.0");
- assertThat(loc.getName(), is("name"));
- assertThat(loc.getVersion(), is("v2.0"));
- }
-
- @Test
- public void createTest() throws LocatorException {
- AbsAAFLocator.setCreator(locatorCreatorMock);
-
- assertThat(AbsAAFLocator.create("nonsense"), is(nullValue()));
- assertThat(AbsAAFLocator.create("nonsense/locate"), is(nullValue()));
- assertThat(AbsAAFLocator.create("nonsense/locate/"), is(nullValue()));
- assertThat(AbsAAFLocator.create("nonsense/locate//"), is(nullValue()));
- assertThat(AbsAAFLocator.create("nonsense/locate/name:v2.0"), is(nullValue()));
-
- assertThat(AbsAAFLocator.create("http/locate/name:v2.0"), is(nullValue()));
-
- doReturn(mock(AbsAAFLocator.class)).when(locatorCreatorMock).create(anyString(), anyString());
- assertThat(AbsAAFLocator.create("http/locate/name:v2.0/path"), is(not(nullValue())));
-
- AbsAAFLocator.setCreator(null);
- assertThat(AbsAAFLocator.create("http/locate/name:v2.0"), is(nullValue()));
-
- assertThat(AbsAAFLocator.create("http"), is(not(nullValue())));
-
- AbsAAFLocator.setCreator(locatorCreatorMock);
- assertThat(AbsAAFLocator.create("first", "second"), is(not(nullValue())));
- }
-
- @Test
- public void nameFromLocatorURITest() throws LocatorException, URISyntaxException {
- AAFLocatorStub loc = new AAFLocatorStub(access, "name:v2.0");
- assertThat(loc.getNameFromURI(new URI("example.com")), is("example.com"));
- assertThat(loc.getNameFromURI(new URI("example.com/extra/stuff")), is("example.com/extra/stuff"));
- assertThat(loc.getNameFromURI(new URI("example.com/locate/stuff")), is("stuff")); // n' stuff
- }
-
- @Test
- public void setSelfTest() throws LocatorException {
- AbsAAFLocator.setCreatorSelf("host", 8000);
- AbsAAFLocator.setCreator(null);
- AbsAAFLocator.setCreatorSelf("host", 8000);
- (new AAFLocatorStub(access, "name:v2.0")).setSelf("host", 8000); // oof
- }
-
- @Test
- public void coverage() throws LocatorException {
- AAFLocatorStub loc = new AAFLocatorStub(access, "name:v2.0");
- assertThat(loc.get(null), is(nullValue()));
-
- try {
- loc.get(mock(Item.class));
- fail("Should've thrown an exception");
- } catch (Exception e) {
- }
-
- try {
- loc.invalidate(mock(Item.class));
- fail("Should've thrown an exception");
- } catch (Exception e) {
- }
-
- try {
- loc.best();
- fail("Should've thrown an exception");
- } catch (Exception e) {
- }
-
- assertThat(loc.first(), is(nullValue()));
-
- assertThat(loc.hasItems(), is(false));
- assertThat(loc.next(null), is(nullValue()));
-
- try {
- loc.next(mock(Item.class));
- fail("Should've thrown an exception");
- } catch (Exception e) {
- }
-
- loc.destroy();
-
-
- assertThat(loc.exposeGetURI(uri), is(uri));
-
- assertThat(loc.setPathInfo("pathInfo"), is(not(nullValue())));
- assertThat(loc.setQuery("query"), is(not(nullValue())));
- assertThat(loc.setFragment("fragment"), is(not(nullValue())));
-
- assertThat(loc.exposeGetURI(uri), is(not(uri)));
- }
-
-
- @Test(expected = LocatorException.class)
- public void throwsTest() throws LocatorException {
- @SuppressWarnings("unused")
- AAFLocatorStub loc = new AAFLocatorStub(new PropAccess(), "name");
- }
-
- private class AAFLocatorStub extends AbsAAFLocator<BasicTrans> {
- public AAFLocatorStub(Access access, String name) throws LocatorException {
- super(access, name, 10000L);
- }
- @Override public boolean refresh() { return false; }
- @Override protected URI getURI() { return uri; }
- public String getName() { return name; }
- public String getVersion() { return version; }
- public String getNameFromURI(URI uri) { return nameFromLocatorURI(uri); }
- public URI exposeGetURI(URI uri) throws LocatorException { return super.getURI(uri); }
- }
+ @Mock private LocatorCreator locatorCreatorMock;
+
+ private PropAccess access;
+ private URI uri;
+
+ private static final String uriString = "example.com";
+
+ @Before
+ public void setup() throws URISyntaxException {
+ MockitoAnnotations.initMocks(this);
+
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ access.setProperty(Config.CADI_LATITUDE, "38.62"); // St Louis approx lat
+ access.setProperty(Config.CADI_LONGITUDE, "90.19"); // St Louis approx lon
+
+ uri = new URI(uriString);
+ }
+
+ @AfterClass
+ public static void tearDownAfterClass() throws Exception {
+ AbsAAFLocator.setCreator(null);
+ }
+
+ @Test
+ public void test() throws LocatorException {
+ AAFLocatorStub loc;
+
+ // Test with http
+ loc = new AAFLocatorStub(access, "httpname");
+ assertThat(loc.getName(), is("httpname"));
+ assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_VERSION));
+ assertThat(loc.toString(), is("AAFLocator for " + "httpname" + " on " + loc.getURI()));
+
+ loc = new AAFLocatorStub(access, "name");
+ assertThat(loc.getName(), is("name"));
+ assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_VERSION));
+ loc = new AAFLocatorStub(access, "name:v2.0");
+ assertThat(loc.getName(), is("name"));
+ assertThat(loc.getVersion(), is("v2.0"));
+ }
+
+ @Test
+ public void createTest() throws LocatorException {
+ AbsAAFLocator.setCreator(locatorCreatorMock);
+
+ assertThat(AbsAAFLocator.create("nonsense"), is(nullValue()));
+ assertThat(AbsAAFLocator.create("nonsense/locate"), is(nullValue()));
+ assertThat(AbsAAFLocator.create("nonsense/locate/"), is(nullValue()));
+ assertThat(AbsAAFLocator.create("nonsense/locate//"), is(nullValue()));
+ assertThat(AbsAAFLocator.create("nonsense/locate/name:v2.0"), is(nullValue()));
+
+ assertThat(AbsAAFLocator.create("http/locate/name:v2.0"), is(nullValue()));
+
+ doReturn(mock(AbsAAFLocator.class)).when(locatorCreatorMock).create(anyString(), anyString());
+ assertThat(AbsAAFLocator.create("http/locate/name:v2.0/path"), is(not(nullValue())));
+
+ AbsAAFLocator.setCreator(null);
+ assertThat(AbsAAFLocator.create("http/locate/name:v2.0"), is(nullValue()));
+
+ assertThat(AbsAAFLocator.create("http"), is(not(nullValue())));
+
+ AbsAAFLocator.setCreator(locatorCreatorMock);
+ assertThat(AbsAAFLocator.create("first", "second"), is(not(nullValue())));
+ }
+
+ @Test
+ public void nameFromLocatorURITest() throws LocatorException, URISyntaxException {
+ AAFLocatorStub loc = new AAFLocatorStub(access, "name:v2.0");
+ assertThat(loc.getNameFromURI(new URI("example.com")), is("example.com"));
+ assertThat(loc.getNameFromURI(new URI("example.com/extra/stuff")), is("example.com/extra/stuff"));
+ assertThat(loc.getNameFromURI(new URI("example.com/locate/stuff")), is("stuff")); // n' stuff
+ }
+
+ @Test
+ public void setSelfTest() throws LocatorException {
+ AbsAAFLocator.setCreatorSelf("host", 8000);
+ AbsAAFLocator.setCreator(null);
+ AbsAAFLocator.setCreatorSelf("host", 8000);
+ (new AAFLocatorStub(access, "name:v2.0")).setSelf("host", 8000); // oof
+ }
+
+ @Test
+ public void coverage() throws LocatorException {
+ AAFLocatorStub loc = new AAFLocatorStub(access, "name:v2.0");
+ assertThat(loc.get(null), is(nullValue()));
+
+ try {
+ loc.get(mock(Item.class));
+ fail("Should've thrown an exception");
+ } catch (Exception e) {
+ }
+
+ try {
+ loc.invalidate(mock(Item.class));
+ fail("Should've thrown an exception");
+ } catch (Exception e) {
+ }
+
+ try {
+ loc.best();
+ fail("Should've thrown an exception");
+ } catch (Exception e) {
+ }
+
+ assertThat(loc.first(), is(nullValue()));
+
+ assertThat(loc.hasItems(), is(false));
+ assertThat(loc.next(null), is(nullValue()));
+
+ try {
+ loc.next(mock(Item.class));
+ fail("Should've thrown an exception");
+ } catch (Exception e) {
+ }
+
+ loc.destroy();
+
+
+ assertThat(loc.exposeGetURI(uri), is(uri));
+
+ assertThat(loc.setPathInfo("pathInfo"), is(not(nullValue())));
+ assertThat(loc.setQuery("query"), is(not(nullValue())));
+ assertThat(loc.setFragment("fragment"), is(not(nullValue())));
+
+ assertThat(loc.exposeGetURI(uri), is(not(uri)));
+ }
+
+
+ @Test(expected = LocatorException.class)
+ public void throwsTest() throws LocatorException {
+ @SuppressWarnings("unused")
+ AAFLocatorStub loc = new AAFLocatorStub(new PropAccess(), "name");
+ }
+
+ private class AAFLocatorStub extends AbsAAFLocator<BasicTrans> {
+ public AAFLocatorStub(Access access, String name) throws LocatorException {
+ super(access, name, 10000L);
+ }
+ @Override public boolean refresh() { return false; }
+ @Override protected URI getURI() { return uri; }
+ public String getName() { return name; }
+ public String getVersion() { return version; }
+ public String getNameFromURI(URI uri) { return nameFromLocatorURI(uri); }
+ public URI exposeGetURI(URI uri) throws LocatorException { return super.getURI(uri); }
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_ArtifactDir.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_ArtifactDir.java
index d50b87a2..70550451 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_ArtifactDir.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_ArtifactDir.java
@@ -52,112 +52,112 @@ import certman.v1_0.CertInfo;
public class JU_ArtifactDir {
- @Mock private Trans transMock;
- @Mock private CertInfo certInfoMock;
- @Mock private Artifact artiMock;
-
- private static final String dirName = "src/test/resources/artifacts";
- private static final String nsName = "org.onap.test";
- private static final String luggagePassword = "12345"; // That's the stupidest combination I've ever heard in my life
-
- private List<String> issuers;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
-
- issuers = new ArrayList<>();
- issuers.add("issuer1");
- issuers.add("issuer2");
- }
-
- @After
- public void tearDown() {
- ArtifactDir.clear();
- }
-
- @AfterClass
- public static void tearDownOnce() {
- cleanup();
- }
-
- @Test
- public void test() throws CadiException, IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
- ArtifactDirStud artiDir = new ArtifactDirStud();
-
- try {
- artiDir.place(transMock, certInfoMock, artiMock, "machine");
- fail("Should've thrown an exception");
- } catch (CadiException e) {
- assertThat(e.getMessage(), is("File Artifacts require a path\nFile Artifacts require an AAF Namespace"));
- }
-
- when(artiMock.getDir()).thenReturn(dirName);
- try {
- artiDir.place(transMock, certInfoMock, artiMock, "machine");
- fail("Should've thrown an exception");
- } catch (CadiException e) {
- assertThat(e.getMessage(), is("File Artifacts require an AAF Namespace"));
- }
-
- when(artiMock.getNs()).thenReturn(nsName);
- when(certInfoMock.getCaIssuerDNs()).thenReturn(issuers);
- when(certInfoMock.getChallenge()).thenReturn(luggagePassword);
- artiDir.place(transMock, certInfoMock, artiMock, "machine");
-
- File writableFile = new File(dirName + '/' + nsName + "writable.txt");
- ArtifactDir.write(writableFile, Chmod.to755, "first data point", "second data point");
- try {
- ArtifactDir.write(writableFile, Chmod.to755, (String[])null);
- fail("Should've thrown an exception");
- } catch(NullPointerException e) {
- }
-
- KeyStore ks = KeyStore.getInstance(Agent.PKCS12);
- try {
- ArtifactDir.write(writableFile, Chmod.to755, ks, luggagePassword.toCharArray());
- fail("Should've thrown an exception");
- } catch(CadiException e) {
- }
-
- ks.load(null, null);
- ArtifactDir.write(writableFile, Chmod.to755, ks, luggagePassword.toCharArray());
-
- ArtifactDirStud artiDir2 = new ArtifactDirStud();
- artiDir2.place(transMock, certInfoMock, artiMock, "machine");
-
- // coverage
- artiDir.place(transMock, certInfoMock, artiMock, "machine");
-
- ArtifactDir.clear();
- artiDir.place(transMock, certInfoMock, artiMock, "machine");
-
- }
-
- @Test(expected = CadiException.class)
- public void throwsTest() throws CadiException {
- ArtifactDirStud artiDir = new ArtifactDirStud();
- when(artiMock.getDir()).thenReturn(dirName);
- when(artiMock.getNs()).thenReturn(nsName);
- artiDir.place(transMock, certInfoMock, artiMock, "machine");
- }
-
- private class ArtifactDirStud extends ArtifactDir {
- @Override
- protected boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
- // This is only here so that we have a concrete class to test
- return false;
- }
- }
-
- private static void cleanup() {
- File dir = new File(dirName);
- if (dir.exists()) {
- for (File f : dir.listFiles()) {
- f.delete();
- }
- dir.delete();
- }
- }
+ @Mock private Trans transMock;
+ @Mock private CertInfo certInfoMock;
+ @Mock private Artifact artiMock;
+
+ private static final String dirName = "src/test/resources/artifacts";
+ private static final String nsName = "org.onap.test";
+ private static final String luggagePassword = "12345"; // That's the stupidest combination I've ever heard in my life
+
+ private List<String> issuers;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+
+ issuers = new ArrayList<>();
+ issuers.add("issuer1");
+ issuers.add("issuer2");
+ }
+
+ @After
+ public void tearDown() {
+ ArtifactDir.clear();
+ }
+
+ @AfterClass
+ public static void tearDownOnce() {
+ cleanup();
+ }
+
+ @Test
+ public void test() throws CadiException, IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
+ ArtifactDirStud artiDir = new ArtifactDirStud();
+
+ try {
+ artiDir.place(transMock, certInfoMock, artiMock, "machine");
+ fail("Should've thrown an exception");
+ } catch (CadiException e) {
+ assertThat(e.getMessage(), is("File Artifacts require a path\nFile Artifacts require an AAF Namespace"));
+ }
+
+ when(artiMock.getDir()).thenReturn(dirName);
+ try {
+ artiDir.place(transMock, certInfoMock, artiMock, "machine");
+ fail("Should've thrown an exception");
+ } catch (CadiException e) {
+ assertThat(e.getMessage(), is("File Artifacts require an AAF Namespace"));
+ }
+
+ when(artiMock.getNs()).thenReturn(nsName);
+ when(certInfoMock.getCaIssuerDNs()).thenReturn(issuers);
+ when(certInfoMock.getChallenge()).thenReturn(luggagePassword);
+ artiDir.place(transMock, certInfoMock, artiMock, "machine");
+
+ File writableFile = new File(dirName + '/' + nsName + "writable.txt");
+ ArtifactDir.write(writableFile, Chmod.to755, "first data point", "second data point");
+ try {
+ ArtifactDir.write(writableFile, Chmod.to755, (String[])null);
+ fail("Should've thrown an exception");
+ } catch(NullPointerException e) {
+ }
+
+ KeyStore ks = KeyStore.getInstance(Agent.PKCS12);
+ try {
+ ArtifactDir.write(writableFile, Chmod.to755, ks, luggagePassword.toCharArray());
+ fail("Should've thrown an exception");
+ } catch(CadiException e) {
+ }
+
+ ks.load(null, null);
+ ArtifactDir.write(writableFile, Chmod.to755, ks, luggagePassword.toCharArray());
+
+ ArtifactDirStud artiDir2 = new ArtifactDirStud();
+ artiDir2.place(transMock, certInfoMock, artiMock, "machine");
+
+ // coverage
+ artiDir.place(transMock, certInfoMock, artiMock, "machine");
+
+ ArtifactDir.clear();
+ artiDir.place(transMock, certInfoMock, artiMock, "machine");
+
+ }
+
+ @Test(expected = CadiException.class)
+ public void throwsTest() throws CadiException {
+ ArtifactDirStud artiDir = new ArtifactDirStud();
+ when(artiMock.getDir()).thenReturn(dirName);
+ when(artiMock.getNs()).thenReturn(nsName);
+ artiDir.place(transMock, certInfoMock, artiMock, "machine");
+ }
+
+ private class ArtifactDirStud extends ArtifactDir {
+ @Override
+ protected boolean _place(Trans trans, CertInfo certInfo, Artifact arti) throws CadiException {
+ // This is only here so that we have a concrete class to test
+ return false;
+ }
+ }
+
+ private static void cleanup() {
+ File dir = new File(dirName);
+ if (dir.exists()) {
+ for (File f : dir.listFiles()) {
+ f.delete();
+ }
+ dir.delete();
+ }
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CertException.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CertException.java
index a973bc22..80c1f880 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CertException.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CertException.java
@@ -28,22 +28,22 @@ import org.onap.aaf.cadi.configure.CertException;
public class JU_CertException {
- private static final String message = "The message associated with the exception";
+ private static final String message = "The message associated with the exception";
- @Test(expected = CertException.class)
- public void test() throws CertException {
- CertException except;
+ @Test(expected = CertException.class)
+ public void test() throws CertException {
+ CertException except;
- except = new CertException(message);
- assertThat(except.getMessage(), is(message));
+ except = new CertException(message);
+ assertThat(except.getMessage(), is(message));
- except = new CertException(new Exception(message));
- assertThat(except.getMessage(), is("java.lang.Exception: " + message));
+ except = new CertException(new Exception(message));
+ assertThat(except.getMessage(), is("java.lang.Exception: " + message));
- except = new CertException(message, new Exception(message));
- assertThat(except.getMessage(), is(message));
+ except = new CertException(message, new Exception(message));
+ assertThat(except.getMessage(), is(message));
- throw new CertException();
- }
+ throw new CertException();
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CmAgent.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CmAgent.java
index b50c5a5e..e1c334ff 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CmAgent.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_CmAgent.java
@@ -32,99 +32,99 @@ import org.onap.aaf.cadi.configure.Agent;
public class JU_CmAgent {
- private static final String resourceDirString = "src/test/resources";
- private static final String aafDir = resourceDirString + "/aaf";
-
- private ByteArrayInputStream inStream;
-
- @Before
- public void setup() {
- System.setProperty("user.home", aafDir);
-
- // Simulate user input
- inStream = new ByteArrayInputStream("test\nhttp://example.com\nhttp://example.com".getBytes());
- System.setIn(inStream);
- }
-
- @After
- public void tearDown() {
- recursiveDelete(new File(aafDir));
- }
-
- @Test
- public void test() {
- String[] args;
- args = new String[] {
- "-login",
- "-noExit",
- };
- Agent.main(args);
-
- inStream.reset();
- args = new String[] {
- "-noExit",
- };
- Agent.main(args);
-
- inStream.reset();
- args = new String[] {
- "place",
- "-noExit",
- };
- Agent.main(args);
-
- inStream.reset();
- args = new String[] {
- "-noExit",
- "create"
- };
- Agent.main(args);
-
- inStream.reset();
- args = new String[] {
- "-noExit",
- "read"
- };
- Agent.main(args);
-
- inStream.reset();
- args = new String[] {
- "-noExit",
- "copy"
- };
- Agent.main(args);
-
- inStream.reset();
- args = new String[] {
- "-noExit",
- "update"
- };
- Agent.main(args);
-
- inStream.reset();
- args = new String[] {
- "-noExit",
- "delete"
- };
- Agent.main(args);
-
- inStream.reset();
- args = new String[] {
- "-noExit",
- "showpass"
- };
- Agent.main(args);
-
- }
-
- private void recursiveDelete(File file) {
- for (File f : file.listFiles()) {
- if (f.isDirectory()) {
- recursiveDelete(f);
- }
- f.delete();
- }
- file.delete();
- }
+ private static final String resourceDirString = "src/test/resources";
+ private static final String aafDir = resourceDirString + "/aaf";
+
+ private ByteArrayInputStream inStream;
+
+ @Before
+ public void setup() {
+ System.setProperty("user.home", aafDir);
+
+ // Simulate user input
+ inStream = new ByteArrayInputStream("test\nhttp://example.com\nhttp://example.com".getBytes());
+ System.setIn(inStream);
+ }
+
+ @After
+ public void tearDown() {
+ recursiveDelete(new File(aafDir));
+ }
+
+ @Test
+ public void test() {
+ String[] args;
+ args = new String[] {
+ "-login",
+ "-noExit",
+ };
+ Agent.main(args);
+
+ inStream.reset();
+ args = new String[] {
+ "-noExit",
+ };
+ Agent.main(args);
+
+ inStream.reset();
+ args = new String[] {
+ "place",
+ "-noExit",
+ };
+ Agent.main(args);
+
+ inStream.reset();
+ args = new String[] {
+ "-noExit",
+ "create"
+ };
+ Agent.main(args);
+
+ inStream.reset();
+ args = new String[] {
+ "-noExit",
+ "read"
+ };
+ Agent.main(args);
+
+ inStream.reset();
+ args = new String[] {
+ "-noExit",
+ "copy"
+ };
+ Agent.main(args);
+
+ inStream.reset();
+ args = new String[] {
+ "-noExit",
+ "update"
+ };
+ Agent.main(args);
+
+ inStream.reset();
+ args = new String[] {
+ "-noExit",
+ "delete"
+ };
+ Agent.main(args);
+
+ inStream.reset();
+ args = new String[] {
+ "-noExit",
+ "showpass"
+ };
+ Agent.main(args);
+
+ }
+
+ private void recursiveDelete(File file) {
+ for (File f : file.listFiles()) {
+ if (f.isDirectory()) {
+ recursiveDelete(f);
+ }
+ f.delete();
+ }
+ file.delete();
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java
index 5827e8c0..76c31b8d 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java
@@ -68,299 +68,299 @@ import org.onap.aaf.misc.env.Trans;
public class JU_Factory {
- private static final String message = "The quick brown fox jumps over the lazy dog.";
- private static final String subjectDNText = "subjectDN";
- private static final String certText = "Some text that might be included in a certificate";
- private static final String resourceDirName = "src/test/resources";
-
- private File resourceDir;
- private File publicKeyFile;
- private File privateKeyFile;
- private File certFile;
-
- @Mock private Trans transMock;
- @Mock private TimeTaken timeTakenMock;
- @Mock private LogTarget logTargetMock;
- @Mock private X509Certificate x509CertMock;
- @Mock private Certificate certMock;
- @Mock private Principal subjectDN;
-
-
- @Before
- public void setup() throws CertificateEncodingException {
- MockitoAnnotations.initMocks(this);
-
- resourceDir = new File(resourceDirName);
- resourceDir.mkdirs();
- publicKeyFile = new File(resourceDirName, "/publicKey");
- privateKeyFile = new File(resourceDirName, "/privateKey");
- publicKeyFile.delete();
- privateKeyFile.delete();
-
- certFile = new File(resourceDirName + "/exampleCertificate.cer");
-
- when(transMock.start(anyString(), anyInt())).thenReturn(timeTakenMock);
- when(transMock.debug()).thenReturn(logTargetMock);
-
- when(subjectDN.toString()).thenReturn(subjectDNText);
-
- when(x509CertMock.getSubjectDN()).thenReturn(subjectDN);
- when(x509CertMock.getEncoded()).thenReturn(certText.getBytes());
-
- when(certMock.getEncoded()).thenReturn(certText.getBytes());
- }
-
- @After
- public void tearDown() {
- publicKeyFile = new File(resourceDirName, "/publicKey");
- privateKeyFile = new File(resourceDirName, "/privateKey");
- publicKeyFile.delete();
- privateKeyFile.delete();
- }
-
- @Test
- public void generateKeyPairTest() throws Exception {
- // This instatiation isn't actually necessary, but it gets coverage
- Cipher encryptor = Factory.pkCipher();
- Cipher decryptor = Factory.pkCipher();
-
- KeyPair kp1 = Factory.generateKeyPair(transMock);
- encryptor = Factory.pkCipher(kp1.getPublic(), true);
- decryptor = Factory.pkCipher(kp1.getPrivate(), false);
- byte[] encrypedMessage1 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
- String output1 = new String(decryptor.doFinal(encrypedMessage1));
- assertThat(output1, is(message));
-
- // coverage
- when(transMock.start("Generate KeyPair", Env.SUB)).thenReturn(null);
- KeyPair kp2 = Factory.generateKeyPair(transMock);
- encryptor = Factory.pkCipher(kp2.getPublic(), true);
- decryptor = Factory.pkCipher(kp2.getPrivate(), false);
- byte[] encrypedMessage2 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
- String output2 = new String(decryptor.doFinal(encrypedMessage2));
- assertThat(output2, is(message));
-
- KeyPair kp3 = Factory.generateKeyPair(null);
- encryptor = Factory.pkCipher(kp3.getPublic(), true);
- decryptor = Factory.pkCipher(kp3.getPrivate(), false);
- byte[] encrypedMessage3 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
- String output3 = new String(decryptor.doFinal(encrypedMessage3));
- assertThat(output3, is(message));
- }
-
- @Test
- public void keyStringManipTest() throws Exception {
- KeyPair kp = Factory.generateKeyPair(transMock);
-
- String publicKeyString = Factory.toString(transMock, kp.getPublic());
- String privateKeyString = Factory.toString(transMock, kp.getPrivate());
-
- assertThat(publicKeyString.startsWith("-----BEGIN PUBLIC KEY-----"), is(true));
- assertThat(publicKeyString.endsWith("-----END PUBLIC KEY-----\n"), is(true));
-
- assertThat(privateKeyString.startsWith("-----BEGIN PRIVATE KEY-----"), is(true));
- assertThat(privateKeyString.endsWith("-----END PRIVATE KEY-----\n"), is(true));
-
- PublicKey publicKey = Factory.toPublicKey(transMock, publicKeyString);
- PrivateKey privateKey = Factory.toPrivateKey(transMock, privateKeyString);
-
- Cipher encryptor = Factory.pkCipher(publicKey, true);
- Cipher decryptor = Factory.pkCipher(privateKey, false);
- byte[] encrypedMessage = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
- String output = new String(decryptor.doFinal(encrypedMessage));
- assertThat(output, is(message));
- }
-
- @Test
- public void keyFileManipTest() throws Exception {
- KeyPair kp = Factory.generateKeyPair(transMock);
-
- String privateKeyString = Factory.toString(transMock, kp.getPrivate());
- writeToFile(privateKeyFile, privateKeyString, "Header:this line has a header");
-
- PublicKey publicKey = kp.getPublic();
- PrivateKey privateKey = Factory.toPrivateKey(transMock, privateKeyFile);
-
- Cipher encryptor = Factory.pkCipher(publicKey, true);
- Cipher decryptor = Factory.pkCipher(privateKey, false);
- byte[] encrypedMessage = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
- String output = new String(decryptor.doFinal(encrypedMessage));
- assertThat(output, is(message));
- }
-
- @Test
- public void certToStringTest() throws IOException, CertException, CertificateEncodingException {
- String certString;
- when(logTargetMock.isLoggable()).thenReturn(true);
-
- certString = Factory.toString(transMock, x509CertMock);
- assertThat(certString.startsWith("-----BEGIN CERTIFICATE-----"), is(true));
- assertThat(certString.endsWith("-----END CERTIFICATE-----\n"), is(true));
-
- certString = Factory.toString(transMock, certMock);
- assertThat(certString.startsWith("-----BEGIN CERTIFICATE-----"), is(true));
- assertThat(certString.endsWith("-----END CERTIFICATE-----\n"), is(true));
-
- try {
- certString = Factory.toString(transMock, (Certificate)null);
- fail("Should have thrown an exception");
- } catch (CertException e) {
- assertThat(e.getMessage(), is("Certificate not built"));
- }
-
- when(certMock.getEncoded()).thenThrow(new CertificateEncodingException());
- try {
- certString = Factory.toString(transMock, certMock);
- fail("Should have thrown an exception");
- } catch (CertException e) {
- }
-
- // coverage
- when(logTargetMock.isLoggable()).thenReturn(false);
- certString = Factory.toString(transMock, x509CertMock);
- }
-
- @Test
- public void toX509Test() throws CertificateException, IOException, CertException {
- String output;
- Collection<? extends Certificate> certs;
- when(logTargetMock.isLoggable()).thenReturn(true);
-
- String certString = readFromFile(certFile, false);
-
- certs = Factory.toX509Certificate(certString);
- // Contrived way of getting a Certificate out of a Collection
- output = Factory.toString(transMock, certs.toArray(new Certificate[0])[0]);
- assertThat(output, is(certString));
-
- certs = Factory.toX509Certificate(transMock, certFile);
- // Contrived way of getting a Certificate out of a Collection
- output = Factory.toString(transMock, certs.toArray(new Certificate[0])[0]);
- assertThat(output, is(certString));
-
- List<String> certStrings = new ArrayList<>();
- certStrings.add(certString);
- certStrings.add(certString);
- certs = Factory.toX509Certificate(certStrings);
- // Contrived way of getting a Certificate out of a Collection
- // it doesn't matter which one we get - they're the same
- output = Factory.toString(transMock, certs.toArray(new Certificate[0])[0]);
- assertThat(output, is(certString));
- }
-
- @Test
- public void stripperTest() throws Exception {
- KeyPair kp = Factory.generateKeyPair(transMock);
- String privateKeyString = Factory.toString(transMock, kp.getPrivate());
- writeToFile(privateKeyFile, privateKeyString, "Header:this line has a header");
-
- StripperInputStream stripper = new StripperInputStream(privateKeyFile);
-
- String expected = cleanupString(privateKeyString);
- byte[] buffer = new byte[10000];
- stripper.read(buffer);
- String output = new String(buffer, 0, expected.length());
- assertThat(output, is(expected));
- stripper.close();
-
- // coverage
- stripper = new StripperInputStream(new FileInputStream(privateKeyFile));
- stripper.close();
- stripper = new StripperInputStream(new BufferedReader(new FileReader(privateKeyFile)));
- stripper.close();
- stripper.close(); // also coverage...
- }
-
- @Test
- public void binaryTest() throws IOException {
- String output = new String(Factory.binary(certFile));
- String expected = readFromFile(certFile, true);
- assertThat(output, is(expected));
- }
-
- @Test
- public void signatureTest() throws Exception {
- KeyPair kp = Factory.generateKeyPair(transMock);
- String signedString = "Something that needs signing";
- byte[] signedBytes = Factory.sign(transMock, signedString.getBytes(), kp.getPrivate());
- String output = Factory.toSignatureString(signedBytes);
- assertThat(output.startsWith("-----BEGIN SIGNATURE-----"), is(true));
- assertThat(output.endsWith("-----END SIGNATURE-----\n"), is(true));
- assertThat(Factory.verify(transMock, signedString.getBytes(), signedBytes, kp.getPublic()), is(true));
- }
-
- @Test
- public void base64ISTest() throws Exception {
- KeyPair kp = Factory.generateKeyPair(transMock);
-
- String privateKeyString = Factory.toString(transMock, kp.getPrivate());
- String cleaned = cleanupString(privateKeyString);
- writeToFile(privateKeyFile, cleaned, null);
- Base64InputStream b64is = new Base64InputStream(privateKeyFile);
- byte[] buffer = new byte[10000];
- b64is.read(buffer);
- b64is.close();
-
- FileInputStream fis = new FileInputStream(privateKeyFile);
- b64is = new Base64InputStream(fis);
- b64is.close();
- fis.close();
- }
-
- @Test
- public void getSecurityProviderTest() throws CertException {
- String[][] params = {
- {"test", "test"},
- {"test", "test"},
- };
- assertThat(Factory.getSecurityProvider("PKCS12", params), is(nullValue()));
- }
-
- private String cleanupString(String str) {
- String[] lines = str.split("\n", 0);
- List<String> rawLines = new ArrayList<>();
- for (int i = 0; i < lines.length - 2; i++) {
- rawLines.add(lines[i + 1]);
- }
- return join("", rawLines);
- }
-
- /**
- * Note: String.join is not part of JDK 7, which is what we compile to for CADI
- */
- private String join(String delim, List<String> rawLines) {
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- for(String s : rawLines) {
- if(first) {
- first = false;
- } else {
- sb.append(delim);
- }
- sb.append(s);
- }
- return sb.toString();
- }
-
- private void writeToFile(File file, String contents, String header) throws Exception {
- PrintWriter writer = new PrintWriter(file, "UTF-8");
- if (header != null) {
- writer.println(header);
- }
- writer.println(contents);
- writer.close();
- }
-
- private String readFromFile(File file, boolean addCR) throws IOException {
- BufferedReader br = new BufferedReader(new FileReader(file));
- StringBuilder sb = new StringBuilder();
- String line;
- while ((line = br.readLine()) != null) {
- String lineEnd = (addCR) ? "\r\n" : "\n";
- sb.append(line + lineEnd);
- }
- br.close();
- return sb.toString();
- }
+ private static final String message = "The quick brown fox jumps over the lazy dog.";
+ private static final String subjectDNText = "subjectDN";
+ private static final String certText = "Some text that might be included in a certificate";
+ private static final String resourceDirName = "src/test/resources";
+
+ private File resourceDir;
+ private File publicKeyFile;
+ private File privateKeyFile;
+ private File certFile;
+
+ @Mock private Trans transMock;
+ @Mock private TimeTaken timeTakenMock;
+ @Mock private LogTarget logTargetMock;
+ @Mock private X509Certificate x509CertMock;
+ @Mock private Certificate certMock;
+ @Mock private Principal subjectDN;
+
+
+ @Before
+ public void setup() throws CertificateEncodingException {
+ MockitoAnnotations.initMocks(this);
+
+ resourceDir = new File(resourceDirName);
+ resourceDir.mkdirs();
+ publicKeyFile = new File(resourceDirName, "/publicKey");
+ privateKeyFile = new File(resourceDirName, "/privateKey");
+ publicKeyFile.delete();
+ privateKeyFile.delete();
+
+ certFile = new File(resourceDirName + "/exampleCertificate.cer");
+
+ when(transMock.start(anyString(), anyInt())).thenReturn(timeTakenMock);
+ when(transMock.debug()).thenReturn(logTargetMock);
+
+ when(subjectDN.toString()).thenReturn(subjectDNText);
+
+ when(x509CertMock.getSubjectDN()).thenReturn(subjectDN);
+ when(x509CertMock.getEncoded()).thenReturn(certText.getBytes());
+
+ when(certMock.getEncoded()).thenReturn(certText.getBytes());
+ }
+
+ @After
+ public void tearDown() {
+ publicKeyFile = new File(resourceDirName, "/publicKey");
+ privateKeyFile = new File(resourceDirName, "/privateKey");
+ publicKeyFile.delete();
+ privateKeyFile.delete();
+ }
+
+ @Test
+ public void generateKeyPairTest() throws Exception {
+ // This instatiation isn't actually necessary, but it gets coverage
+ Cipher encryptor = Factory.pkCipher();
+ Cipher decryptor = Factory.pkCipher();
+
+ KeyPair kp1 = Factory.generateKeyPair(transMock);
+ encryptor = Factory.pkCipher(kp1.getPublic(), true);
+ decryptor = Factory.pkCipher(kp1.getPrivate(), false);
+ byte[] encrypedMessage1 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
+ String output1 = new String(decryptor.doFinal(encrypedMessage1));
+ assertThat(output1, is(message));
+
+ // coverage
+ when(transMock.start("Generate KeyPair", Env.SUB)).thenReturn(null);
+ KeyPair kp2 = Factory.generateKeyPair(transMock);
+ encryptor = Factory.pkCipher(kp2.getPublic(), true);
+ decryptor = Factory.pkCipher(kp2.getPrivate(), false);
+ byte[] encrypedMessage2 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
+ String output2 = new String(decryptor.doFinal(encrypedMessage2));
+ assertThat(output2, is(message));
+
+ KeyPair kp3 = Factory.generateKeyPair(null);
+ encryptor = Factory.pkCipher(kp3.getPublic(), true);
+ decryptor = Factory.pkCipher(kp3.getPrivate(), false);
+ byte[] encrypedMessage3 = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
+ String output3 = new String(decryptor.doFinal(encrypedMessage3));
+ assertThat(output3, is(message));
+ }
+
+ @Test
+ public void keyStringManipTest() throws Exception {
+ KeyPair kp = Factory.generateKeyPair(transMock);
+
+ String publicKeyString = Factory.toString(transMock, kp.getPublic());
+ String privateKeyString = Factory.toString(transMock, kp.getPrivate());
+
+ assertThat(publicKeyString.startsWith("-----BEGIN PUBLIC KEY-----"), is(true));
+ assertThat(publicKeyString.endsWith("-----END PUBLIC KEY-----\n"), is(true));
+
+ assertThat(privateKeyString.startsWith("-----BEGIN PRIVATE KEY-----"), is(true));
+ assertThat(privateKeyString.endsWith("-----END PRIVATE KEY-----\n"), is(true));
+
+ PublicKey publicKey = Factory.toPublicKey(transMock, publicKeyString);
+ PrivateKey privateKey = Factory.toPrivateKey(transMock, privateKeyString);
+
+ Cipher encryptor = Factory.pkCipher(publicKey, true);
+ Cipher decryptor = Factory.pkCipher(privateKey, false);
+ byte[] encrypedMessage = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
+ String output = new String(decryptor.doFinal(encrypedMessage));
+ assertThat(output, is(message));
+ }
+
+ @Test
+ public void keyFileManipTest() throws Exception {
+ KeyPair kp = Factory.generateKeyPair(transMock);
+
+ String privateKeyString = Factory.toString(transMock, kp.getPrivate());
+ writeToFile(privateKeyFile, privateKeyString, "Header:this line has a header");
+
+ PublicKey publicKey = kp.getPublic();
+ PrivateKey privateKey = Factory.toPrivateKey(transMock, privateKeyFile);
+
+ Cipher encryptor = Factory.pkCipher(publicKey, true);
+ Cipher decryptor = Factory.pkCipher(privateKey, false);
+ byte[] encrypedMessage = encryptor.doFinal(message.getBytes(StandardCharsets.UTF_8));
+ String output = new String(decryptor.doFinal(encrypedMessage));
+ assertThat(output, is(message));
+ }
+
+ @Test
+ public void certToStringTest() throws IOException, CertException, CertificateEncodingException {
+ String certString;
+ when(logTargetMock.isLoggable()).thenReturn(true);
+
+ certString = Factory.toString(transMock, x509CertMock);
+ assertThat(certString.startsWith("-----BEGIN CERTIFICATE-----"), is(true));
+ assertThat(certString.endsWith("-----END CERTIFICATE-----\n"), is(true));
+
+ certString = Factory.toString(transMock, certMock);
+ assertThat(certString.startsWith("-----BEGIN CERTIFICATE-----"), is(true));
+ assertThat(certString.endsWith("-----END CERTIFICATE-----\n"), is(true));
+
+ try {
+ certString = Factory.toString(transMock, (Certificate)null);
+ fail("Should have thrown an exception");
+ } catch (CertException e) {
+ assertThat(e.getMessage(), is("Certificate not built"));
+ }
+
+ when(certMock.getEncoded()).thenThrow(new CertificateEncodingException());
+ try {
+ certString = Factory.toString(transMock, certMock);
+ fail("Should have thrown an exception");
+ } catch (CertException e) {
+ }
+
+ // coverage
+ when(logTargetMock.isLoggable()).thenReturn(false);
+ certString = Factory.toString(transMock, x509CertMock);
+ }
+
+ @Test
+ public void toX509Test() throws CertificateException, IOException, CertException {
+ String output;
+ Collection<? extends Certificate> certs;
+ when(logTargetMock.isLoggable()).thenReturn(true);
+
+ String certString = readFromFile(certFile, false);
+
+ certs = Factory.toX509Certificate(certString);
+ // Contrived way of getting a Certificate out of a Collection
+ output = Factory.toString(transMock, certs.toArray(new Certificate[0])[0]);
+ assertThat(output, is(certString));
+
+ certs = Factory.toX509Certificate(transMock, certFile);
+ // Contrived way of getting a Certificate out of a Collection
+ output = Factory.toString(transMock, certs.toArray(new Certificate[0])[0]);
+ assertThat(output, is(certString));
+
+ List<String> certStrings = new ArrayList<>();
+ certStrings.add(certString);
+ certStrings.add(certString);
+ certs = Factory.toX509Certificate(certStrings);
+ // Contrived way of getting a Certificate out of a Collection
+ // it doesn't matter which one we get - they're the same
+ output = Factory.toString(transMock, certs.toArray(new Certificate[0])[0]);
+ assertThat(output, is(certString));
+ }
+
+ @Test
+ public void stripperTest() throws Exception {
+ KeyPair kp = Factory.generateKeyPair(transMock);
+ String privateKeyString = Factory.toString(transMock, kp.getPrivate());
+ writeToFile(privateKeyFile, privateKeyString, "Header:this line has a header");
+
+ StripperInputStream stripper = new StripperInputStream(privateKeyFile);
+
+ String expected = cleanupString(privateKeyString);
+ byte[] buffer = new byte[10000];
+ stripper.read(buffer);
+ String output = new String(buffer, 0, expected.length());
+ assertThat(output, is(expected));
+ stripper.close();
+
+ // coverage
+ stripper = new StripperInputStream(new FileInputStream(privateKeyFile));
+ stripper.close();
+ stripper = new StripperInputStream(new BufferedReader(new FileReader(privateKeyFile)));
+ stripper.close();
+ stripper.close(); // also coverage...
+ }
+
+ @Test
+ public void binaryTest() throws IOException {
+ String output = new String(Factory.binary(certFile));
+ String expected = readFromFile(certFile, true);
+ assertThat(output, is(expected));
+ }
+
+ @Test
+ public void signatureTest() throws Exception {
+ KeyPair kp = Factory.generateKeyPair(transMock);
+ String signedString = "Something that needs signing";
+ byte[] signedBytes = Factory.sign(transMock, signedString.getBytes(), kp.getPrivate());
+ String output = Factory.toSignatureString(signedBytes);
+ assertThat(output.startsWith("-----BEGIN SIGNATURE-----"), is(true));
+ assertThat(output.endsWith("-----END SIGNATURE-----\n"), is(true));
+ assertThat(Factory.verify(transMock, signedString.getBytes(), signedBytes, kp.getPublic()), is(true));
+ }
+
+ @Test
+ public void base64ISTest() throws Exception {
+ KeyPair kp = Factory.generateKeyPair(transMock);
+
+ String privateKeyString = Factory.toString(transMock, kp.getPrivate());
+ String cleaned = cleanupString(privateKeyString);
+ writeToFile(privateKeyFile, cleaned, null);
+ Base64InputStream b64is = new Base64InputStream(privateKeyFile);
+ byte[] buffer = new byte[10000];
+ b64is.read(buffer);
+ b64is.close();
+
+ FileInputStream fis = new FileInputStream(privateKeyFile);
+ b64is = new Base64InputStream(fis);
+ b64is.close();
+ fis.close();
+ }
+
+ @Test
+ public void getSecurityProviderTest() throws CertException {
+ String[][] params = {
+ {"test", "test"},
+ {"test", "test"},
+ };
+ assertThat(Factory.getSecurityProvider("PKCS12", params), is(nullValue()));
+ }
+
+ private String cleanupString(String str) {
+ String[] lines = str.split("\n", 0);
+ List<String> rawLines = new ArrayList<>();
+ for (int i = 0; i < lines.length - 2; i++) {
+ rawLines.add(lines[i + 1]);
+ }
+ return join("", rawLines);
+ }
+
+ /**
+ * Note: String.join is not part of JDK 7, which is what we compile to for CADI
+ */
+ private String join(String delim, List<String> rawLines) {
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ for(String s : rawLines) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append(delim);
+ }
+ sb.append(s);
+ }
+ return sb.toString();
+ }
+
+ private void writeToFile(File file, String contents, String header) throws Exception {
+ PrintWriter writer = new PrintWriter(file, "UTF-8");
+ if (header != null) {
+ writer.println(header);
+ }
+ writer.println(contents);
+ writer.close();
+ }
+
+ private String readFromFile(File file, boolean addCR) throws IOException {
+ BufferedReader br = new BufferedReader(new FileReader(file));
+ StringBuilder sb = new StringBuilder();
+ String line;
+ while ((line = br.readLine()) != null) {
+ String lineEnd = (addCR) ? "\r\n" : "\n";
+ sb.append(line + lineEnd);
+ }
+ br.close();
+ return sb.toString();
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInFiles.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInFiles.java
index 7afb4cf4..6bb31b2f 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInFiles.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInFiles.java
@@ -40,61 +40,61 @@ import certman.v1_0.CertInfo;
public class JU_PlaceArtifactInFiles {
- @Mock private Trans transMock;
- @Mock private CertInfo certInfoMock;
- @Mock private Artifact artiMock;
-
- private static final String dirName = "src/test/resources/artifacts";
- private static final String nsName = "org.onap.test";
- private static final String luggagePassword = "12345"; // That's the stupidest combination I've ever heard in my life
-
- private List<String> certs;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
-
- certs = new ArrayList<>();
- certs.add("cert1");
- certs.add("cert2");
-
- when(certInfoMock.getChallenge()).thenReturn(luggagePassword);
- when(certInfoMock.getCerts()).thenReturn(certs);
-
- when(artiMock.getDir()).thenReturn(dirName);
- when(artiMock.getNs()).thenReturn(nsName);
- }
-
- @AfterClass
- public static void tearDownOnce() {
- cleanup();
- PlaceArtifactInFiles.clear();
- }
-
- @Test
- public void test() throws CadiException {
- PlaceArtifactInFiles placer = new PlaceArtifactInFiles();
- placer.place(transMock, certInfoMock, artiMock, "machine");
- assertThat(placer._place(transMock, certInfoMock, artiMock), is(true));
- assertThat(new File(dirName + '/' + nsName + ".crt").exists(), is(true));
- assertThat(new File(dirName + '/' + nsName + ".key").exists(), is(true));
-
- when(certInfoMock.getCerts()).thenReturn(null);
- try {
- placer._place(transMock, certInfoMock, artiMock);
- fail("Should've thrown an exception");
- } catch (Exception e) {
- }
- }
-
- private static void cleanup() {
- File dir = new File(dirName);
- if (dir.exists()) {
- for (File f : dir.listFiles()) {
- f.delete();
- }
- dir.delete();
- }
- }
+ @Mock private Trans transMock;
+ @Mock private CertInfo certInfoMock;
+ @Mock private Artifact artiMock;
+
+ private static final String dirName = "src/test/resources/artifacts";
+ private static final String nsName = "org.onap.test";
+ private static final String luggagePassword = "12345"; // That's the stupidest combination I've ever heard in my life
+
+ private List<String> certs;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+
+ certs = new ArrayList<>();
+ certs.add("cert1");
+ certs.add("cert2");
+
+ when(certInfoMock.getChallenge()).thenReturn(luggagePassword);
+ when(certInfoMock.getCerts()).thenReturn(certs);
+
+ when(artiMock.getDir()).thenReturn(dirName);
+ when(artiMock.getNs()).thenReturn(nsName);
+ }
+
+ @AfterClass
+ public static void tearDownOnce() {
+ cleanup();
+ PlaceArtifactInFiles.clear();
+ }
+
+ @Test
+ public void test() throws CadiException {
+ PlaceArtifactInFiles placer = new PlaceArtifactInFiles();
+ placer.place(transMock, certInfoMock, artiMock, "machine");
+ assertThat(placer._place(transMock, certInfoMock, artiMock), is(true));
+ assertThat(new File(dirName + '/' + nsName + ".crt").exists(), is(true));
+ assertThat(new File(dirName + '/' + nsName + ".key").exists(), is(true));
+
+ when(certInfoMock.getCerts()).thenReturn(null);
+ try {
+ placer._place(transMock, certInfoMock, artiMock);
+ fail("Should've thrown an exception");
+ } catch (Exception e) {
+ }
+ }
+
+ private static void cleanup() {
+ File dir = new File(dirName);
+ if (dir.exists()) {
+ for (File f : dir.listFiles()) {
+ f.delete();
+ }
+ dir.delete();
+ }
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInKeystore.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInKeystore.java
index d61ac499..1a653ab2 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInKeystore.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInKeystore.java
@@ -54,100 +54,100 @@ import certman.v1_0.CertInfo;
public class JU_PlaceArtifactInKeystore {
- @Mock private Trans transMock;
- @Mock private CertInfo certInfoMock;
- @Mock private Artifact artiMock;
-
- private static final String caName = "onap";
- private static final String dirName = "src/test/resources/artifacts";
- private static final String nsName = "org.onap.test";
- private static final String mechID = "m12345";
- private static final String luggagePassword = "12345"; // That's the stupidest combination I've ever heard in my life
-
- private static String privateKeyString;
- private static String x509Chain;
- private static String x509String;
-
- private List<String> certs;
-
- @Before
- public void setup() throws FileNotFoundException, IOException, CertificateException {
- MockitoAnnotations.initMocks(this);
-
- x509Chain = fromFile(new File("src/test/resources/cert.pem"));
- x509String = fromFile(new File("src/test/resources/exampleCertificate.cer"));
- privateKeyString = fromFile(new File("src/test/resources/key.pem"));
-
- certs = new ArrayList<>();
-
- when(certInfoMock.getChallenge()).thenReturn(luggagePassword);
- when(certInfoMock.getCerts()).thenReturn(certs);
-
- when(artiMock.getCa()).thenReturn(caName);
- when(artiMock.getDir()).thenReturn(dirName);
- when(artiMock.getNs()).thenReturn(nsName);
- when(artiMock.getMechid()).thenReturn(mechID);
-
- when(certInfoMock.getPrivatekey()).thenReturn(privateKeyString);
-
- when(transMock.start("Reconstitute Private Key", Env.SUB)).thenReturn(mock(TimeTaken.class));
- }
-
- @AfterClass
- public static void tearDownOnce() {
- cleanup();
- PlaceArtifactInKeystore.clear();
- }
-
- @Test
- public void test() throws CadiException {
- // Note: PKCS12 can't be tested in JDK 7 and earlier. Can't handle Trusting Certificates.
- PlaceArtifactInKeystore placer = new PlaceArtifactInKeystore(Agent.JKS);
-
- certs.add(x509String);
- certs.add(x509Chain);
- assertThat(placer.place(transMock, certInfoMock, artiMock, "machine"), is(true));
- for (String ext : new String[] {"chal", "keyfile", Agent.JKS, "trust.jks", "cred.props"}) {
- File f = new File(dirName + '/' + nsName + '.' + ext);
- assertThat(f.exists(), is(true));
- }
-
- // coverage
- assertThat(placer.place(transMock, certInfoMock, artiMock, "machine"), is(true));
-
- when(certInfoMock.getCerts()).thenReturn(null);
- try {
- placer._place(transMock, certInfoMock, artiMock);
- fail("Should've thrown an exception");
- } catch (Exception e) {
- }
-
- }
-
- private static void cleanup() {
- File dir = new File(dirName);
- if (dir.exists()) {
- for (File f : dir.listFiles()) {
- f.delete();
- }
- dir.delete();
- }
- }
-
- public String fromFile(File file) throws IOException {
- BufferedReader br = new BufferedReader(new FileReader(file));
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- String line;
- baos.write(br.readLine().getBytes());
- // Here comes the hacky part
- baos.write("\n".getBytes());
- while((line=br.readLine())!=null) {
- if(line.length()>0) {
- baos.write(line.getBytes());
- baos.write("\n".getBytes());
- }
- }
- br.close();
- return baos.toString();
- }
+ @Mock private Trans transMock;
+ @Mock private CertInfo certInfoMock;
+ @Mock private Artifact artiMock;
+
+ private static final String caName = "onap";
+ private static final String dirName = "src/test/resources/artifacts";
+ private static final String nsName = "org.onap.test";
+ private static final String mechID = "m12345";
+ private static final String luggagePassword = "12345"; // That's the stupidest combination I've ever heard in my life
+
+ private static String privateKeyString;
+ private static String x509Chain;
+ private static String x509String;
+
+ private List<String> certs;
+
+ @Before
+ public void setup() throws FileNotFoundException, IOException, CertificateException {
+ MockitoAnnotations.initMocks(this);
+
+ x509Chain = fromFile(new File("src/test/resources/cert.pem"));
+ x509String = fromFile(new File("src/test/resources/exampleCertificate.cer"));
+ privateKeyString = fromFile(new File("src/test/resources/key.pem"));
+
+ certs = new ArrayList<>();
+
+ when(certInfoMock.getChallenge()).thenReturn(luggagePassword);
+ when(certInfoMock.getCerts()).thenReturn(certs);
+
+ when(artiMock.getCa()).thenReturn(caName);
+ when(artiMock.getDir()).thenReturn(dirName);
+ when(artiMock.getNs()).thenReturn(nsName);
+ when(artiMock.getMechid()).thenReturn(mechID);
+
+ when(certInfoMock.getPrivatekey()).thenReturn(privateKeyString);
+
+ when(transMock.start("Reconstitute Private Key", Env.SUB)).thenReturn(mock(TimeTaken.class));
+ }
+
+ @AfterClass
+ public static void tearDownOnce() {
+ cleanup();
+ PlaceArtifactInKeystore.clear();
+ }
+
+ @Test
+ public void test() throws CadiException {
+ // Note: PKCS12 can't be tested in JDK 7 and earlier. Can't handle Trusting Certificates.
+ PlaceArtifactInKeystore placer = new PlaceArtifactInKeystore(Agent.JKS);
+
+ certs.add(x509String);
+ certs.add(x509Chain);
+ assertThat(placer.place(transMock, certInfoMock, artiMock, "machine"), is(true));
+ for (String ext : new String[] {"chal", "keyfile", Agent.JKS, "trust.jks", "cred.props"}) {
+ File f = new File(dirName + '/' + nsName + '.' + ext);
+ assertThat(f.exists(), is(true));
+ }
+
+ // coverage
+ assertThat(placer.place(transMock, certInfoMock, artiMock, "machine"), is(true));
+
+ when(certInfoMock.getCerts()).thenReturn(null);
+ try {
+ placer._place(transMock, certInfoMock, artiMock);
+ fail("Should've thrown an exception");
+ } catch (Exception e) {
+ }
+
+ }
+
+ private static void cleanup() {
+ File dir = new File(dirName);
+ if (dir.exists()) {
+ for (File f : dir.listFiles()) {
+ f.delete();
+ }
+ dir.delete();
+ }
+ }
+
+ public String fromFile(File file) throws IOException {
+ BufferedReader br = new BufferedReader(new FileReader(file));
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ String line;
+ baos.write(br.readLine().getBytes());
+ // Here comes the hacky part
+ baos.write("\n".getBytes());
+ while((line=br.readLine())!=null) {
+ if(line.length()>0) {
+ baos.write(line.getBytes());
+ baos.write("\n".getBytes());
+ }
+ }
+ br.close();
+ return baos.toString();
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactOnStream.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactOnStream.java
index 7f9cc765..d66546bf 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactOnStream.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactOnStream.java
@@ -41,60 +41,60 @@ import certman.v1_0.CertInfo;
public class JU_PlaceArtifactOnStream {
- @Mock private Trans transMock;
- @Mock private CertInfo certInfoMock;
- @Mock private Artifact artiMock;
-
- private static final String luggagePassword = "12345"; // That's the stupidest combination I've ever heard in my life
- private static final String privateKeyString = "I'm a private key!";
-
- private ByteArrayOutputStream outStream;
-
- private List<String> certs;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
-
- certs = new ArrayList<>();
- certs.add("cert1");
- certs.add("cert2");
-
- when(certInfoMock.getChallenge()).thenReturn(luggagePassword);
- when(certInfoMock.getCerts()).thenReturn(certs);
- when(certInfoMock.getPrivatekey()).thenReturn(privateKeyString);
-
- outStream = new ByteArrayOutputStream();
- }
-
- @Test
- public void test() {
- PlaceArtifactOnStream placer = new PlaceArtifactOnStream(new PrintStream(outStream));
- placer.place(transMock, certInfoMock, artiMock, "machine");
-
- String[] output = outStream.toString().split(System.lineSeparator(), 0);
-
- String[] expected = {
- "Challenge: " + luggagePassword,
- "PrivateKey:",
- privateKeyString,
- "Certificate Chain:",
- "cert1",
- "cert2"
- };
-
- assertThat(output.length, is(expected.length));
- for (int i = 0; i < output.length; i++) {
- assertThat(output[i], is(expected[i]));
- }
-
- // coverage
- when(certInfoMock.getNotes()).thenReturn("");
- placer.place(transMock, certInfoMock, artiMock, "machine");
-
- when(certInfoMock.getNotes()).thenReturn("Some Notes");
- when(transMock.info()).thenReturn(mock(LogTarget.class));
- placer.place(transMock, certInfoMock, artiMock, "machine");
- }
+ @Mock private Trans transMock;
+ @Mock private CertInfo certInfoMock;
+ @Mock private Artifact artiMock;
+
+ private static final String luggagePassword = "12345"; // That's the stupidest combination I've ever heard in my life
+ private static final String privateKeyString = "I'm a private key!";
+
+ private ByteArrayOutputStream outStream;
+
+ private List<String> certs;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+
+ certs = new ArrayList<>();
+ certs.add("cert1");
+ certs.add("cert2");
+
+ when(certInfoMock.getChallenge()).thenReturn(luggagePassword);
+ when(certInfoMock.getCerts()).thenReturn(certs);
+ when(certInfoMock.getPrivatekey()).thenReturn(privateKeyString);
+
+ outStream = new ByteArrayOutputStream();
+ }
+
+ @Test
+ public void test() {
+ PlaceArtifactOnStream placer = new PlaceArtifactOnStream(new PrintStream(outStream));
+ placer.place(transMock, certInfoMock, artiMock, "machine");
+
+ String[] output = outStream.toString().split(System.lineSeparator(), 0);
+
+ String[] expected = {
+ "Challenge: " + luggagePassword,
+ "PrivateKey:",
+ privateKeyString,
+ "Certificate Chain:",
+ "cert1",
+ "cert2"
+ };
+
+ assertThat(output.length, is(expected.length));
+ for (int i = 0; i < output.length; i++) {
+ assertThat(output[i], is(expected[i]));
+ }
+
+ // coverage
+ when(certInfoMock.getNotes()).thenReturn("");
+ placer.place(transMock, certInfoMock, artiMock, "machine");
+
+ when(certInfoMock.getNotes()).thenReturn("Some Notes");
+ when(transMock.info()).thenReturn(mock(LogTarget.class));
+ placer.place(transMock, certInfoMock, artiMock, "machine");
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactScripts.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactScripts.java
index 682606c0..75db53f7 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactScripts.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactScripts.java
@@ -38,55 +38,55 @@ import certman.v1_0.CertInfo;
public class JU_PlaceArtifactScripts {
- @Mock private Trans transMock;
- @Mock private CertInfo certInfoMock;
- @Mock private Artifact artiMock;
-
- private static final String dirName = "src/test/resources/artifacts";
- private static final String nsName = "org.onap.test";
- private static final String luggagePassword = "12345"; // That's the stupidest combination I've ever heard in my life
- private static final String notification = "A notification";
- private static final String osUser = "user"; // That's the stupidest combination I've ever heard in my life
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
-
- when(artiMock.getDir()).thenReturn(dirName);
- when(artiMock.getNs()).thenReturn(nsName);
- when(artiMock.getNotification()).thenReturn(notification);
- when(artiMock.getOsUser()).thenReturn(osUser);
-
- when(certInfoMock.getChallenge()).thenReturn(luggagePassword);
- }
-
- @AfterClass
- public static void tearDownOnce() {
- cleanup();
- PlaceArtifactScripts.clear();
- }
-
- @Test
- public void test() throws CadiException {
- PlaceArtifactScripts placer = new PlaceArtifactScripts();
- placer.place(transMock, certInfoMock, artiMock, "machine");
-
- assertThat(new File(dirName + '/' + nsName + ".crontab.sh").exists(), is(true));
- assertThat(new File(dirName + '/' + nsName + ".check.sh").exists(), is(true));
-
- //coverage
- when(artiMock.getNotification()).thenReturn("mailto: " + notification);
- placer.place(transMock, certInfoMock, artiMock, "machine");
- }
-
- private static void cleanup() {
- File dir = new File(dirName);
- if (dir.exists()) {
- for (File f : dir.listFiles()) {
- f.delete();
- }
- dir.delete();
- }
- }
+ @Mock private Trans transMock;
+ @Mock private CertInfo certInfoMock;
+ @Mock private Artifact artiMock;
+
+ private static final String dirName = "src/test/resources/artifacts";
+ private static final String nsName = "org.onap.test";
+ private static final String luggagePassword = "12345"; // That's the stupidest combination I've ever heard in my life
+ private static final String notification = "A notification";
+ private static final String osUser = "user"; // That's the stupidest combination I've ever heard in my life
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+
+ when(artiMock.getDir()).thenReturn(dirName);
+ when(artiMock.getNs()).thenReturn(nsName);
+ when(artiMock.getNotification()).thenReturn(notification);
+ when(artiMock.getOsUser()).thenReturn(osUser);
+
+ when(certInfoMock.getChallenge()).thenReturn(luggagePassword);
+ }
+
+ @AfterClass
+ public static void tearDownOnce() {
+ cleanup();
+ PlaceArtifactScripts.clear();
+ }
+
+ @Test
+ public void test() throws CadiException {
+ PlaceArtifactScripts placer = new PlaceArtifactScripts();
+ placer.place(transMock, certInfoMock, artiMock, "machine");
+
+ assertThat(new File(dirName + '/' + nsName + ".crontab.sh").exists(), is(true));
+ assertThat(new File(dirName + '/' + nsName + ".check.sh").exists(), is(true));
+
+ //coverage
+ when(artiMock.getNotification()).thenReturn("mailto: " + notification);
+ placer.place(transMock, certInfoMock, artiMock, "machine");
+ }
+
+ private static void cleanup() {
+ File dir = new File(dirName);
+ if (dir.exists()) {
+ for (File f : dir.listFiles()) {
+ f.delete();
+ }
+ dir.delete();
+ }
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_AAFToken.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_AAFToken.java
index 11d58ea0..537e218f 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_AAFToken.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_AAFToken.java
@@ -31,40 +31,40 @@ import org.onap.aaf.cadi.oauth.AAFToken;
public class JU_AAFToken {
- @Test
- public void testMax() throws CadiException {
- UUID uuid = new UUID(Long.MAX_VALUE,Long.MAX_VALUE);
- String token = AAFToken.toToken(uuid);
- UUID uuid2 = AAFToken.fromToken(token);
- assertEquals(uuid, uuid2);
- }
-
- @Test
- public void testMin() throws CadiException {
- UUID uuid = new UUID(Long.MIN_VALUE,Long.MIN_VALUE);
- String token = AAFToken.toToken(uuid);
- UUID uuid2 = AAFToken.fromToken(token);
- assertEquals(uuid, uuid2);
- }
+ @Test
+ public void testMax() throws CadiException {
+ UUID uuid = new UUID(Long.MAX_VALUE,Long.MAX_VALUE);
+ String token = AAFToken.toToken(uuid);
+ UUID uuid2 = AAFToken.fromToken(token);
+ assertEquals(uuid, uuid2);
+ }
+
+ @Test
+ public void testMin() throws CadiException {
+ UUID uuid = new UUID(Long.MIN_VALUE,Long.MIN_VALUE);
+ String token = AAFToken.toToken(uuid);
+ UUID uuid2 = AAFToken.fromToken(token);
+ assertEquals(uuid, uuid2);
+ }
- @Test
- public void testRandom() throws CadiException {
- for(int i=0;i<100;++i) {
- UUID uuid = UUID.randomUUID();
- String token = AAFToken.toToken(uuid);
- UUID uuid2 = AAFToken.fromToken(token);
- assertEquals(uuid, uuid2);
- }
- }
+ @Test
+ public void testRandom() throws CadiException {
+ for(int i=0;i<100;++i) {
+ UUID uuid = UUID.randomUUID();
+ String token = AAFToken.toToken(uuid);
+ UUID uuid2 = AAFToken.fromToken(token);
+ assertEquals(uuid, uuid2);
+ }
+ }
- @Test
- public void nullTest() {
- // Invalid characters
- assertNull(AAFToken.fromToken("~~invalid characters~~"));
-
- // Invalid CADI tokens
- assertNull(AAFToken.fromToken("ABCDEF"));
- assertNull(AAFToken.fromToken("12345678901234567890123456789012345678"));
- }
+ @Test
+ public void nullTest() {
+ // Invalid characters
+ assertNull(AAFToken.fromToken("~~invalid characters~~"));
+
+ // Invalid CADI tokens
+ assertNull(AAFToken.fromToken("ABCDEF"));
+ assertNull(AAFToken.fromToken("12345678901234567890123456789012345678"));
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2HttpTaf.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2HttpTaf.java
index 52b2beb4..8764c8d3 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2HttpTaf.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2HttpTaf.java
@@ -48,38 +48,38 @@ import org.onap.aaf.cadi.client.Result;
public class JU_OAuth2HttpTaf {
- private static final String authz = "Bearer John Doe";
+ private static final String authz = "Bearer John Doe";
- @Mock private TokenMgr tmgrMock;
- @Mock private HttpServletResponse respMock;
- @Mock private HttpServletRequest reqMock;
- @Mock private OAuth2Principal princMock;
+ @Mock private TokenMgr tmgrMock;
+ @Mock private HttpServletResponse respMock;
+ @Mock private HttpServletRequest reqMock;
+ @Mock private OAuth2Principal princMock;
- private PropAccess access;
+ private PropAccess access;
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- }
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ }
- @Test
- public void test() throws APIException, CadiException, LocatorException {
- OAuth2HttpTaf taf = new OAuth2HttpTaf(access, tmgrMock);
+ @Test
+ public void test() throws APIException, CadiException, LocatorException {
+ OAuth2HttpTaf taf = new OAuth2HttpTaf(access, tmgrMock);
- taf.validate(LifeForm.CBLF, reqMock, respMock);
- when(reqMock.getHeader("Authorization")).thenReturn(authz);
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
+ when(reqMock.getHeader("Authorization")).thenReturn(authz);
- doReturn(Result.ok(200, princMock)).when(tmgrMock).toPrincipal(anyString(), (byte[])any());
- taf.validate(LifeForm.CBLF, reqMock, respMock);
+ doReturn(Result.ok(200, princMock)).when(tmgrMock).toPrincipal(anyString(), (byte[])any());
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
- when(reqMock.isSecure()).thenReturn(true);
+ when(reqMock.isSecure()).thenReturn(true);
- doReturn(Result.err(404, "not found")).when(tmgrMock).toPrincipal(anyString(), (byte[])any());
- taf.validate(LifeForm.CBLF, reqMock, respMock);
+ doReturn(Result.err(404, "not found")).when(tmgrMock).toPrincipal(anyString(), (byte[])any());
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
- taf.revalidate(null, null);
- }
+ taf.revalidate(null, null);
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2HttpTafResp.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2HttpTafResp.java
index 94737b0c..2f4cd7b6 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2HttpTafResp.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2HttpTafResp.java
@@ -40,29 +40,29 @@ import org.onap.aaf.cadi.taf.TafResp.RESP;
public class JU_OAuth2HttpTafResp {
- private static final String description = "description";
+ private static final String description = "description";
- @Mock private TrustPrincipal princMock;
- @Mock private OAuth2Principal oauthMock;
- @Mock private HttpServletResponse respMock;
+ @Mock private TrustPrincipal princMock;
+ @Mock private OAuth2Principal oauthMock;
+ @Mock private HttpServletResponse respMock;
- private PropAccess access;
+ private PropAccess access;
- private RESP status;
+ private RESP status;
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- status = RESP.NO_FURTHER_PROCESSING;
- }
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ status = RESP.NO_FURTHER_PROCESSING;
+ }
- @Test
- public void test() throws IOException {
- OAuth2HttpTafResp resp = new OAuth2HttpTafResp(access, princMock, description, status, respMock);
- resp = new OAuth2HttpTafResp(access, oauthMock, description, status, respMock, true);
- assertThat(resp.isFailedAttempt(), is(true));
- assertThat(resp.isAuthenticated(), is(status));
- assertThat(resp.authenticate(), is(RESP.HTTP_REDIRECT_INVOKED));
- }
+ @Test
+ public void test() throws IOException {
+ OAuth2HttpTafResp resp = new OAuth2HttpTafResp(access, princMock, description, status, respMock);
+ resp = new OAuth2HttpTafResp(access, oauthMock, description, status, respMock, true);
+ assertThat(resp.isFailedAttempt(), is(true));
+ assertThat(resp.isAuthenticated(), is(status));
+ assertThat(resp.authenticate(), is(RESP.HTTP_REDIRECT_INVOKED));
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2Lur.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2Lur.java
index 853c4ae3..3864cc25 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2Lur.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2Lur.java
@@ -42,59 +42,59 @@ import org.onap.aaf.cadi.oauth.TokenPerm;
import org.onap.aaf.cadi.principal.BearerPrincipal;
public class JU_OAuth2Lur {
-
- private List<AAFPermission> aafPerms;
- private List<Permission> perms;
-
- @Mock private TokenMgr tmMock;
- @Mock private AAFPermission pondMock;
- @Mock private Principal princMock;
- @Mock private OAuth2Principal oauthPrincMock;
- @Mock private BearerPrincipal bearPrincMock;
- @Mock private TokenPerm tpMock;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- }
+
+ private List<AAFPermission> aafPerms;
+ private List<Permission> perms;
+
+ @Mock private TokenMgr tmMock;
+ @Mock private AAFPermission pondMock;
+ @Mock private Principal princMock;
+ @Mock private OAuth2Principal oauthPrincMock;
+ @Mock private BearerPrincipal bearPrincMock;
+ @Mock private TokenPerm tpMock;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ }
- @Test
- public void test() {
- OAuth2Lur lur = new OAuth2Lur(tmMock);
- lur.createPerm("testPerm");
- lur.createPerm("testPerm1|testPerm2|testPerm3");
+ @Test
+ public void test() {
+ OAuth2Lur lur = new OAuth2Lur(tmMock);
+ lur.createPerm("testPerm");
+ lur.createPerm("testPerm1|testPerm2|testPerm3");
- assertThat(lur.fish(princMock, pondMock), is(false));
- assertThat(lur.fish(oauthPrincMock, pondMock), is(false));
-
- when(oauthPrincMock.tokenPerm()).thenReturn(tpMock);
- assertThat(lur.fish(oauthPrincMock, pondMock), is(false));
-
- aafPerms = new ArrayList<>();
- aafPerms.add(pondMock);
- aafPerms.add(pondMock);
- when(tpMock.perms()).thenReturn(aafPerms);
- when(pondMock.match(pondMock)).thenReturn(false).thenReturn(true);
- assertThat(lur.fish(oauthPrincMock, pondMock), is(true));
+ assertThat(lur.fish(princMock, pondMock), is(false));
+ assertThat(lur.fish(oauthPrincMock, pondMock), is(false));
+
+ when(oauthPrincMock.tokenPerm()).thenReturn(tpMock);
+ assertThat(lur.fish(oauthPrincMock, pondMock), is(false));
+
+ aafPerms = new ArrayList<>();
+ aafPerms.add(pondMock);
+ aafPerms.add(pondMock);
+ when(tpMock.perms()).thenReturn(aafPerms);
+ when(pondMock.match(pondMock)).thenReturn(false).thenReturn(true);
+ assertThat(lur.fish(oauthPrincMock, pondMock), is(true));
- perms = new ArrayList<>();
- perms.add(pondMock);
- perms.add(pondMock);
- lur.fishAll(oauthPrincMock, perms);
+ perms = new ArrayList<>();
+ perms.add(pondMock);
+ perms.add(pondMock);
+ lur.fishAll(oauthPrincMock, perms);
- when(oauthPrincMock.tokenPerm()).thenReturn(null);
- lur.fishAll(oauthPrincMock, perms);
-
- assertThat(lur.handlesExclusively(pondMock), is(false));
-
- assertThat(lur.handles(null), is(false));
- assertThat(lur.handles(princMock), is(false));
- assertThat(lur.handles(bearPrincMock), is(false));
- when(bearPrincMock.getBearer()).thenReturn("not null :)");
- assertThat(lur.handles(bearPrincMock), is(true));
+ when(oauthPrincMock.tokenPerm()).thenReturn(null);
+ lur.fishAll(oauthPrincMock, perms);
+
+ assertThat(lur.handlesExclusively(pondMock), is(false));
+
+ assertThat(lur.handles(null), is(false));
+ assertThat(lur.handles(princMock), is(false));
+ assertThat(lur.handles(bearPrincMock), is(false));
+ when(bearPrincMock.getBearer()).thenReturn("not null :)");
+ assertThat(lur.handles(bearPrincMock), is(true));
- lur.destroy();
- lur.clear(null, null);
- }
+ lur.destroy();
+ lur.clear(null, null);
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2Principal.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2Principal.java
index 45736949..630adacb 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2Principal.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuth2Principal.java
@@ -34,27 +34,27 @@ import org.onap.aaf.cadi.oauth.TokenPerm;
public class JU_OAuth2Principal {
- @Mock TokenPerm tpMock;
-
-
- private static final String username = "username";
-
- private static final byte[] hash = "hashstring".getBytes();
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
-
- when(tpMock.getUsername()).thenReturn(username);
- }
+ @Mock TokenPerm tpMock;
+
+
+ private static final String username = "username";
+
+ private static final byte[] hash = "hashstring".getBytes();
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+
+ when(tpMock.getUsername()).thenReturn(username);
+ }
- @Test
- public void test() {
- OAuth2Principal princ = new OAuth2Principal(tpMock, hash);
- assertThat(princ.getName(), is(username));
- assertThat(princ.tokenPerm(), is(tpMock));
- assertThat(princ.tag(), is("OAuth"));
- assertThat(princ.personalName(), is(username));
- }
+ @Test
+ public void test() {
+ OAuth2Principal princ = new OAuth2Principal(tpMock, hash);
+ assertThat(princ.getName(), is(username));
+ assertThat(princ.tokenPerm(), is(tpMock));
+ assertThat(princ.tag(), is("OAuth"));
+ assertThat(princ.personalName(), is(username));
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuthTest.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuthTest.java
index 555eda41..ef22b792 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuthTest.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuthTest.java
@@ -56,237 +56,237 @@ import junit.framework.Assert;
public class JU_OAuthTest {
- private ByteArrayOutputStream outStream;
+ private ByteArrayOutputStream outStream;
- private static PropAccess access;
- private static TokenClientFactory tcf;
+ private static PropAccess access;
+ private static TokenClientFactory tcf;
- @BeforeClass
- public static void setUpBeforeClass() {
- ByteArrayOutputStream outStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
+ @BeforeClass
+ public static void setUpBeforeClass() {
+ ByteArrayOutputStream outStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
- access = new PropAccess();
- try {
- tcf = TokenClientFactory.instance(access);
- } catch (Exception e) {
- e.printStackTrace();
- Assert.fail();
- }
- }
+ access = new PropAccess();
+ try {
+ tcf = TokenClientFactory.instance(access);
+ } catch (Exception e) {
+ e.printStackTrace();
+ Assert.fail();
+ }
+ }
- @AfterClass
- public static void tearDownAfterClass() throws Exception {
- Field field = SecurityInfoC.class.getDeclaredField("sicMap");
- field.setAccessible(true);
- field.set(null, new HashMap<>());
- }
+ @AfterClass
+ public static void tearDownAfterClass() throws Exception {
+ Field field = SecurityInfoC.class.getDeclaredField("sicMap");
+ field.setAccessible(true);
+ field.set(null, new HashMap<>());
+ }
- @Before
- public void setUp() throws Exception {
- outStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
- }
+ @Before
+ public void setUp() throws Exception {
+ outStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
+ }
- @After
- public void tearDown() throws Exception {
- System.setOut(System.out);
- }
+ @After
+ public void tearDown() throws Exception {
+ System.setOut(System.out);
+ }
- @Test
- public void testROPCFlowHappy() {
- try {
- // AAF OAuth
- String client_id = access.getProperty(Config.AAF_APPID);
- String client_secret = access.getProperty(Config.AAF_APPPASS);
- String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL);
-// Assert.assertNotNull(tokenServiceURL);
- String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL);
- String tokenAltIntrospectURL = access.getProperty(Config.AAF_ALT_OAUTH2_INTROSPECT_URL);
-// Assert.assertNotNull(tokenIntrospectURL);
- final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL);
- String username = access.getProperty("cadi_username");
+ @Test
+ public void testROPCFlowHappy() {
+ try {
+ // AAF OAuth
+ String client_id = access.getProperty(Config.AAF_APPID);
+ String client_secret = access.getProperty(Config.AAF_APPPASS);
+ String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL);
+// Assert.assertNotNull(tokenServiceURL);
+ String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL);
+ String tokenAltIntrospectURL = access.getProperty(Config.AAF_ALT_OAUTH2_INTROSPECT_URL);
+// Assert.assertNotNull(tokenIntrospectURL);
+ final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL);
+ String username = access.getProperty("cadi_username");
- TokenClient tc;
- Result<TimedToken> rtt;
- if(true) {
- tc = tcf.newClient(tokenServiceURL, 3000);
- tc.client_creds(client_id,client_secret);
- tc.password(access.getProperty("cadi_username"),access.getProperty("cadi_password"));
- rtt = tc.getToken(Kind.BASIC_AUTH,"org.osaaf.aaf","org.osaaf.test");
- if(rtt.isOK()) {
- print(rtt.value);
- rtt = tc.refreshToken(rtt.value);
- if(rtt.isOK()) {
- print(rtt.value);
- TokenClient ic = tcf.newClient(tokenIntrospectURL,3000);
- ic.client_creds(client_id,client_secret);
+ TokenClient tc;
+ Result<TimedToken> rtt;
+ if(true) {
+ tc = tcf.newClient(tokenServiceURL, 3000);
+ tc.client_creds(client_id,client_secret);
+ tc.password(access.getProperty("cadi_username"),access.getProperty("cadi_password"));
+ rtt = tc.getToken(Kind.BASIC_AUTH,"org.osaaf.aaf","org.osaaf.test");
+ if(rtt.isOK()) {
+ print(rtt.value);
+ rtt = tc.refreshToken(rtt.value);
+ if(rtt.isOK()) {
+ print(rtt.value);
+ TokenClient ic = tcf.newClient(tokenIntrospectURL,3000);
+ ic.client_creds(client_id,client_secret);
- Result<Introspect> ri = ic.introspect(rtt.value.getAccessToken());
- if(ri.isOK()) {
- print(ri.value);
- } else {
- System.out.println(ri.code + ' ' + ri.error);
- Assert.fail(ri.code + ' ' + ri.error);
- }
- TzClient helloClient = tcf.newTzClient(endServicesURL);
- helloClient.setToken(client_id, rtt.value);
-// String rv = serviceCall(helloClient);
-// System.out.println(rv);
- // Assert.assertEquals("Hello AAF OAuth2\n",rv);
- } else {
- System.out.println(rtt.code + ' ' + rtt.error);
- Assert.fail(rtt.code + ' ' + rtt.error);
- }
- } else {
- System.out.println(rtt.code + ' ' + rtt.error);
- Assert.fail(rtt.code + ' ' + rtt.error);
- }
- }
-
- // ISAM Test
- if(true) {
- System.out.println("**** ISAM TEST ****");
- tokenServiceURL=access.getProperty(Config.AAF_ALT_OAUTH2_TOKEN_URL);
- client_id=access.getProperty(Config.AAF_ALT_CLIENT_ID);
- client_secret=access.getProperty(Config.AAF_ALT_CLIENT_SECRET);
- if(tokenServiceURL!=null) {
- tc = tcf.newClient(tokenServiceURL, 3000);
- tc.client_creds(client_id, client_secret);
- int at = username.indexOf('@');
-
- tc.password(at>=0?username.substring(0, at):username,access.getProperty("cadi_password"));
- rtt = tc.getToken("org.osaaf.aaf","org.osaaf.test");
- if(rtt.isOK()) {
- print(rtt.value);
- rtt = tc.refreshToken(rtt.value);
- if(rtt.isOK()) {
- print(rtt.value);
-
- tc = tcf.newClient(tokenAltIntrospectURL, 3000);
- tc.client_creds(client_id, client_secret);
- Result<Introspect> rti = tc.introspect(rtt.value.getAccessToken());
- if(rti.isOK()) {
- System.out.print("Normal ISAM ");
- print(rti.value);
- } else {
- System.out.println(rti.code + ' ' + rti.error);
- Assert.fail(rtt.code + ' ' + rtt.error);
- }
+ Result<Introspect> ri = ic.introspect(rtt.value.getAccessToken());
+ if(ri.isOK()) {
+ print(ri.value);
+ } else {
+ System.out.println(ri.code + ' ' + ri.error);
+ Assert.fail(ri.code + ' ' + ri.error);
+ }
+ TzClient helloClient = tcf.newTzClient(endServicesURL);
+ helloClient.setToken(client_id, rtt.value);
+// String rv = serviceCall(helloClient);
+// System.out.println(rv);
+ // Assert.assertEquals("Hello AAF OAuth2\n",rv);
+ } else {
+ System.out.println(rtt.code + ' ' + rtt.error);
+ Assert.fail(rtt.code + ' ' + rtt.error);
+ }
+ } else {
+ System.out.println(rtt.code + ' ' + rtt.error);
+ Assert.fail(rtt.code + ' ' + rtt.error);
+ }
+ }
+
+ // ISAM Test
+ if(true) {
+ System.out.println("**** ISAM TEST ****");
+ tokenServiceURL=access.getProperty(Config.AAF_ALT_OAUTH2_TOKEN_URL);
+ client_id=access.getProperty(Config.AAF_ALT_CLIENT_ID);
+ client_secret=access.getProperty(Config.AAF_ALT_CLIENT_SECRET);
+ if(tokenServiceURL!=null) {
+ tc = tcf.newClient(tokenServiceURL, 3000);
+ tc.client_creds(client_id, client_secret);
+ int at = username.indexOf('@');
+
+ tc.password(at>=0?username.substring(0, at):username,access.getProperty("cadi_password"));
+ rtt = tc.getToken("org.osaaf.aaf","org.osaaf.test");
+ if(rtt.isOK()) {
+ print(rtt.value);
+ rtt = tc.refreshToken(rtt.value);
+ if(rtt.isOK()) {
+ print(rtt.value);
+
+ tc = tcf.newClient(tokenAltIntrospectURL, 3000);
+ tc.client_creds(client_id, client_secret);
+ Result<Introspect> rti = tc.introspect(rtt.value.getAccessToken());
+ if(rti.isOK()) {
+ System.out.print("Normal ISAM ");
+ print(rti.value);
+ } else {
+ System.out.println(rti.code + ' ' + rti.error);
+ Assert.fail(rtt.code + ' ' + rtt.error);
+ }
- tc = tcf.newClient(tokenIntrospectURL, 3000);
- tc.client_creds(client_id, client_secret);
- rti = tc.introspect(rtt.value.getAccessToken());
- if(rti.isOK()) {
- System.out.print("AAF with ISAM Token ");
- print(rti.value);
- } else {
- System.out.println(rti.code + ' ' + rti.error);
- if(rti.code!=404) {
- Assert.fail(rti.code + ' ' + rti.error);
- }
- }
+ tc = tcf.newClient(tokenIntrospectURL, 3000);
+ tc.client_creds(client_id, client_secret);
+ rti = tc.introspect(rtt.value.getAccessToken());
+ if(rti.isOK()) {
+ System.out.print("AAF with ISAM Token ");
+ print(rti.value);
+ } else {
+ System.out.println(rti.code + ' ' + rti.error);
+ if(rti.code!=404) {
+ Assert.fail(rti.code + ' ' + rti.error);
+ }
+ }
- TzClient tzClient = tcf.newTzClient(endServicesURL);
- tzClient.setToken(client_id, rtt.value);
- // Note: this is AAF's "Hello" server
- String rv = serviceCall(tzClient);
- System.out.println(rv);
- // Assert.assertEquals("Hello AAF OAuth2\n",rv);
- } else {
- System.out.println(rtt.code + ' ' + rtt.error);
- Assert.fail(rtt.code + ' ' + rtt.error);
- }
- } else {
- System.out.println(rtt.code + ' ' + rtt.error);
- Assert.fail(rtt.code + ' ' + rtt.error);
- }
- } else {
- Assert.fail(Config.AAF_ALT_OAUTH2_TOKEN_URL + " is required");
- }
- }
- } catch (Exception e) {
-// Assert.fail();
- }
- }
-
-
-// private TokenClient testROPCFlow(final String url, final String client_id, final String client_secret, String user, String password, final String ... scope) throws Exception {
-// TokenClient tclient = tcf.newClient(url,3000);
-// tclient.client_creds(client_id, client_secret);
-// if(user!=null && password!=null) {
-// tclient.password(user,password);
-// }
-// Result<TimedToken> rt = tclient.getToken(scope);
-// if(rt.isOK()) {
-// print(rt.value);
-// Result<Introspect> rti = tclient.introspect(rt.value.getAccessToken());
-// if(rti.isOK()) {
-// print(rti.value);
-// } else {
-// printAndFail(rti);
-// }
-// } else {
-// printAndFail(rt);
-// }
-// return tclient;
-// }
-
- private String serviceCall(TzClient tzClient) throws Exception {
- return tzClient.best(new Retryable<String>() {
- @Override
- public String code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<String> future = client.read(null,"text/plain");
- if(future.get(3000)) {
- return future.value;
- } else {
- throw new APIException(future.code() + future.body());
- }
- }
- });
- }
-// private void printAndFail(Result<?> rt) {
-// System.out.printf("HTTP Code %d: %s\n", rt.code, rt.error);
-// Assert.fail(rt.toString());
-// }
+ TzClient tzClient = tcf.newTzClient(endServicesURL);
+ tzClient.setToken(client_id, rtt.value);
+ // Note: this is AAF's "Hello" server
+ String rv = serviceCall(tzClient);
+ System.out.println(rv);
+ // Assert.assertEquals("Hello AAF OAuth2\n",rv);
+ } else {
+ System.out.println(rtt.code + ' ' + rtt.error);
+ Assert.fail(rtt.code + ' ' + rtt.error);
+ }
+ } else {
+ System.out.println(rtt.code + ' ' + rtt.error);
+ Assert.fail(rtt.code + ' ' + rtt.error);
+ }
+ } else {
+ Assert.fail(Config.AAF_ALT_OAUTH2_TOKEN_URL + " is required");
+ }
+ }
+ } catch (Exception e) {
+// Assert.fail();
+ }
+ }
+
+
+// private TokenClient testROPCFlow(final String url, final String client_id, final String client_secret, String user, String password, final String ... scope) throws Exception {
+// TokenClient tclient = tcf.newClient(url,3000);
+// tclient.client_creds(client_id, client_secret);
+// if(user!=null && password!=null) {
+// tclient.password(user,password);
+// }
+// Result<TimedToken> rt = tclient.getToken(scope);
+// if(rt.isOK()) {
+// print(rt.value);
+// Result<Introspect> rti = tclient.introspect(rt.value.getAccessToken());
+// if(rti.isOK()) {
+// print(rti.value);
+// } else {
+// printAndFail(rti);
+// }
+// } else {
+// printAndFail(rt);
+// }
+// return tclient;
+// }
+
+ private String serviceCall(TzClient tzClient) throws Exception {
+ return tzClient.best(new Retryable<String>() {
+ @Override
+ public String code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<String> future = client.read(null,"text/plain");
+ if(future.get(3000)) {
+ return future.value;
+ } else {
+ throw new APIException(future.code() + future.body());
+ }
+ }
+ });
+ }
+// private void printAndFail(Result<?> rt) {
+// System.out.printf("HTTP Code %d: %s\n", rt.code, rt.error);
+// Assert.fail(rt.toString());
+// }
- private void print(Token t) {
- GregorianCalendar exp_date = new GregorianCalendar();
- exp_date.add(GregorianCalendar.SECOND, t.getExpiresIn());
- System.out.printf("Access Token\n\tToken:\t\t%s\n\tToken Type:\t%s\n\tExpires In:\t%d (%s)\n\tScope:\t\t%s\n\tRefresh Token:\t%s\n",
- t.getAccessToken(),
- t.getTokenType(),
- t.getExpiresIn(),
- Chrono.timeStamp(new Date(System.currentTimeMillis()+(t.getExpiresIn()*1000))),
- t.getScope(),
- t.getRefreshToken());
- }
-
- private void print(Introspect ti) {
- if(ti==null || ti.getClientId()==null) {
- System.out.println("Empty Introspect");
- return;
- }
- Date exp = new Date(ti.getExp()*1000); // seconds
- System.out.printf("Introspect\n"
- + "\tAccessToken:\t%s\n"
- + "\tClient-id:\t%s\n"
- + "\tClient Type:\t%s\n"
- + "\tActive: \t%s\n"
- + "\tUserName:\t%s\n"
- + "\tExpires: \t%d (%s)\n"
- + "\tScope:\t\t%s\n"
- + "\tContent:\t\t%s\n",
- ti.getAccessToken(),
- ti.getClientId(),
- ti.getClientType(),
- ti.isActive()?Boolean.TRUE.toString():Boolean.FALSE.toString(),
- ti.getUsername(),
- ti.getExp(),
- Chrono.timeStamp(exp),
- ti.getScope(),
- ti.getContent()==null?"":ti.getContent());
-
- System.out.println();
- }
+ private void print(Token t) {
+ GregorianCalendar exp_date = new GregorianCalendar();
+ exp_date.add(GregorianCalendar.SECOND, t.getExpiresIn());
+ System.out.printf("Access Token\n\tToken:\t\t%s\n\tToken Type:\t%s\n\tExpires In:\t%d (%s)\n\tScope:\t\t%s\n\tRefresh Token:\t%s\n",
+ t.getAccessToken(),
+ t.getTokenType(),
+ t.getExpiresIn(),
+ Chrono.timeStamp(new Date(System.currentTimeMillis()+(t.getExpiresIn()*1000))),
+ t.getScope(),
+ t.getRefreshToken());
+ }
+
+ private void print(Introspect ti) {
+ if(ti==null || ti.getClientId()==null) {
+ System.out.println("Empty Introspect");
+ return;
+ }
+ Date exp = new Date(ti.getExp()*1000); // seconds
+ System.out.printf("Introspect\n"
+ + "\tAccessToken:\t%s\n"
+ + "\tClient-id:\t%s\n"
+ + "\tClient Type:\t%s\n"
+ + "\tActive: \t%s\n"
+ + "\tUserName:\t%s\n"
+ + "\tExpires: \t%d (%s)\n"
+ + "\tScope:\t\t%s\n"
+ + "\tContent:\t\t%s\n",
+ ti.getAccessToken(),
+ ti.getClientId(),
+ ti.getClientType(),
+ ti.isActive()?Boolean.TRUE.toString():Boolean.FALSE.toString(),
+ ti.getUsername(),
+ ti.getExp(),
+ Chrono.timeStamp(exp),
+ ti.getScope(),
+ ti.getContent()==null?"":ti.getContent());
+
+ System.out.println();
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TimedToken.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TimedToken.java
index 775a0398..abfa4264 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TimedToken.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TimedToken.java
@@ -40,45 +40,45 @@ import aafoauth.v2_0.Token;
public class JU_TimedToken {
- private static final byte[] hash = "hashstring".getBytes();
+ private static final byte[] hash = "hashstring".getBytes();
- private static final int expires = 10000;
+ private static final int expires = 10000;
- private Path path;
+ private Path path;
- @Mock private Persist<Token, ?> persistMock;
- @Mock private Token tokenMock;
+ @Mock private Persist<Token, ?> persistMock;
+ @Mock private Token tokenMock;
- @Before
- public void setup() throws IOException {
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setup() throws IOException {
+ MockitoAnnotations.initMocks(this);
- when(tokenMock.getExpiresIn()).thenReturn(expires);
- path = Files.createTempFile("fake", ".txt");
- }
+ when(tokenMock.getExpiresIn()).thenReturn(expires);
+ path = Files.createTempFile("fake", ".txt");
+ }
- @Test
- public void test() {
- int actuallyExpires = ((int)(System.currentTimeMillis() / 1000)) + expires;
- TimedToken ttoken = new TimedToken(persistMock, tokenMock, hash, path);
+ @Test
+ public void test() {
+ int actuallyExpires = ((int)(System.currentTimeMillis() / 1000)) + expires;
+ TimedToken ttoken = new TimedToken(persistMock, tokenMock, hash, path);
- assertThat(ttoken.get(), is(tokenMock));
- assertThat(ttoken.checkSyncTime(), is(true));
- assertThat(ttoken.checkReloadable(), is(false));
- assertThat(ttoken.hasBeenTouched(), is(false));
- assertThat(Math.abs(ttoken.expires() - actuallyExpires) < 10, is(true));
- assertThat(ttoken.expired(), is(false));
+ assertThat(ttoken.get(), is(tokenMock));
+ assertThat(ttoken.checkSyncTime(), is(true));
+ assertThat(ttoken.checkReloadable(), is(false));
+ assertThat(ttoken.hasBeenTouched(), is(false));
+ assertThat(Math.abs(ttoken.expires() - actuallyExpires) < 10, is(true));
+ assertThat(ttoken.expired(), is(false));
- assertThat(ttoken.match(hash), is(true));
- assertThat(ttoken.getHash(), is(hash));
+ assertThat(ttoken.match(hash), is(true));
+ assertThat(ttoken.getHash(), is(hash));
- assertThat(ttoken.path(), is(path));
+ assertThat(ttoken.path(), is(path));
- assertThat(ttoken.count(), is(0));
- ttoken.inc();
- assertThat(ttoken.count(), is(1));
- ttoken.clearCount();
- assertThat(ttoken.count(), is(0));
- }
+ assertThat(ttoken.count(), is(0));
+ ttoken.inc();
+ assertThat(ttoken.count(), is(1));
+ ttoken.clearCount();
+ assertThat(ttoken.count(), is(0));
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenClientFactoryTest.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenClientFactoryTest.java
index 27a1a271..e8fbbbd5 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenClientFactoryTest.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenClientFactoryTest.java
@@ -39,37 +39,37 @@ import junit.framework.Assert;
public class JU_TokenClientFactoryTest {
- /**
- * Acceptable Locator Patterns for choosing AAFLocator over others
- */
- @Test
- public void testLocatorString() {
- /*
- PropAccess access = new PropAccess();
- access.setProperty(Config.AAF_LOCATE_URL, "https://xytz.sbbc.dd:8095/locate");
- access.setProperty(Config.CADI_LATITUDE, "39.000");
- access.setProperty(Config.CADI_LONGITUDE, "-72.000");
- TokenClientFactory tcf;
- try {
- System.out.println("one");
- tcf = TokenClientFactory.instance(access);
- System.out.println("two");
- Assert.assertEquals(true, tcf.bestLocator("https://xytz.sbbc.dd/locate/hello") instanceof AAFLocator);
- System.out.println("three");
- Assert.assertEquals(true, tcf.bestLocator("https://xytz.sbbc.dd:8234/locate/hello") instanceof AAFLocator);
- System.out.println("four");
- Assert.assertEquals(true, tcf.bestLocator("https://AAF_LOCATE_URL/hello") instanceof AAFLocator);
- System.out.println("five");
- Assert.assertEquals(true, tcf.bestLocator("https://AAF_LOCATE_URL/AAF_FS.hello/2.0") instanceof AAFLocator);
- System.out.println("six");
- Assert.assertEquals(true, tcf.bestLocator("https://xytz.sbbc.dd:8234/locate") instanceof PropertyLocator);
- System.out.println("seven");
- Assert.assertEquals(true, tcf.bestLocator("https://xytz.sbbc.dd:8234/Something") instanceof PropertyLocator);
- } catch (APIException | GeneralSecurityException | IOException | CadiException | LocatorException | URISyntaxException e) {
- e.printStackTrace();
- Assert.fail();
- }
- */
- }
+ /**
+ * Acceptable Locator Patterns for choosing AAFLocator over others
+ */
+ @Test
+ public void testLocatorString() {
+ /*
+ PropAccess access = new PropAccess();
+ access.setProperty(Config.AAF_LOCATE_URL, "https://xytz.sbbc.dd:8095/locate");
+ access.setProperty(Config.CADI_LATITUDE, "39.000");
+ access.setProperty(Config.CADI_LONGITUDE, "-72.000");
+ TokenClientFactory tcf;
+ try {
+ System.out.println("one");
+ tcf = TokenClientFactory.instance(access);
+ System.out.println("two");
+ Assert.assertEquals(true, tcf.bestLocator("https://xytz.sbbc.dd/locate/hello") instanceof AAFLocator);
+ System.out.println("three");
+ Assert.assertEquals(true, tcf.bestLocator("https://xytz.sbbc.dd:8234/locate/hello") instanceof AAFLocator);
+ System.out.println("four");
+ Assert.assertEquals(true, tcf.bestLocator("https://AAF_LOCATE_URL/hello") instanceof AAFLocator);
+ System.out.println("five");
+ Assert.assertEquals(true, tcf.bestLocator("https://AAF_LOCATE_URL/AAF_FS.hello/2.0") instanceof AAFLocator);
+ System.out.println("six");
+ Assert.assertEquals(true, tcf.bestLocator("https://xytz.sbbc.dd:8234/locate") instanceof PropertyLocator);
+ System.out.println("seven");
+ Assert.assertEquals(true, tcf.bestLocator("https://xytz.sbbc.dd:8234/Something") instanceof PropertyLocator);
+ } catch (APIException | GeneralSecurityException | IOException | CadiException | LocatorException | URISyntaxException e) {
+ e.printStackTrace();
+ Assert.fail();
+ }
+ */
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenPerm.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenPerm.java
index 356c12d5..c40e4eb5 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenPerm.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TokenPerm.java
@@ -49,148 +49,148 @@ import aafoauth.v2_0.Introspect;
public class JU_TokenPerm {
- private static final byte[] hash = "hashstring".getBytes();
-
- private static final String clientId = "clientId";
- private static final String username = "username";
- private static final String token = "token";
- private static final String scopes = "scopes";
- private static final String content = "content";
-
- private static final long expires = 10000L;
-
- private static Path path;
-
- @Mock private Persist<Introspect, ?> persistMock;
- @Mock private RosettaDF<Perms> dfMock;
- @Mock private Introspect introspectMock;
-
- @Before
- public void setup() throws IOException {
- MockitoAnnotations.initMocks(this);
-
- when(introspectMock.getExp()).thenReturn(expires);
- when(introspectMock.getClientId()).thenReturn(clientId);
- when(introspectMock.getUsername()).thenReturn(username);
- when(introspectMock.getAccessToken()).thenReturn(token);
- when(introspectMock.getScope()).thenReturn(scopes);
- when(introspectMock.getExp()).thenReturn(expires);
-
- path = Files.createTempFile("fake", ".txt");
- }
-
- @Test
- public void tokenTest() throws APIException {
- TokenPerm tokenPerm = new TokenPerm(persistMock, dfMock, introspectMock, hash, path);
- assertThat(tokenPerm.perms().size(), is(0));
- assertThat(tokenPerm.getClientId(), is(clientId));
- assertThat(tokenPerm.getUsername(), is(username));
- assertThat(tokenPerm.getToken(), is(token));
- assertThat(tokenPerm.getScopes(), is(scopes));
- assertThat(tokenPerm.getIntrospect(), is(introspectMock));
-
- when(introspectMock.getContent()).thenReturn(content);
- tokenPerm = new TokenPerm(persistMock, dfMock, introspectMock, hash, path);
- }
-
- @Test
- public void test() throws ParseException {
- String json;
- LoadPermissions lp;
- Permission p;
-
- json = "{\"perm\":[" +
- " {\"ns\":\"com\",\"type\":\"access\",\"instance\":\"*\",\"action\":\"read,approve\"}," +
- "]}";
-
- lp = new LoadPermissions(new StringReader(json));
- assertThat(lp.perms.size(), is(1));
-
- p = lp.perms.get(0);
- assertThat(p.getKey(), is("com|access|*|read,approve"));
- assertThat(p.permType(), is("AAF"));
-
- // Extra closing braces for coverage
- json = "{\"perm\":[" +
- " {\"ns\":\"com\",\"type\":\"access\",\"instance\":\"*\",\"action\":\"read,approve\"}}," +
- "]]}";
-
- lp = new LoadPermissions(new StringReader(json));
- assertThat(lp.perms.size(), is(1));
-
- p = lp.perms.get(0);
- assertThat(p.getKey(), is("com|access|*|read,approve"));
- assertThat(p.permType(), is("AAF"));
-
- // Test without a type
- json = "{\"perm\":[" +
- " {\"instance\":\"*\",\"action\":\"read,approve\"}," +
- "]}";
-
- lp = new LoadPermissions(new StringReader(json));
- assertThat(lp.perms.size(), is(0));
-
- // Test without an instance
- json = "{\"perm\":[" +
- " {\"type\":\"com.access\",\"action\":\"read,approve\"}," +
- "]}";
-
- lp = new LoadPermissions(new StringReader(json));
- assertThat(lp.perms.size(), is(0));
-
- // Test without an action
- json = "{\"perm\":[" +
- " {\"type\":\"com.access\",\"instance\":\"*\"}," +
- "]}";
-
- lp = new LoadPermissions(new StringReader(json));
- assertThat(lp.perms.size(), is(0));
- }
-
- @Test
- public void redundancyTest() {
- String json = "{\"perm\":[" +
- " {\"type\":\"com.access\",\"instance\":\"*\",\"action\":\"read,approve\"}," +
- " {\"type\":\"org.osaaf.aaf.access\",\"instance\":\"*\",\"action\":\"*\"}," +
- " {\"type\":\"org.osaaf.aaf.access\",\"instance\":\"*\",\"action\":\"read\"}," +
- " {\"type\":\"org.osaaf.aaf.attrib\",\"instance\":\":com.att.*:swm\",\"action\":\"*\"}," +
- " {\"type\":\"org.osaaf.aaf.bogus\",\"instance\":\"sample\",\"action\":\"read\"}," +
- " {\"type\":\"org.osaaf.aaf.ca\",\"instance\":\"aaf\",\"action\":\"ip\"}," +
- " {\"type\":\"org.osaaf.aaf.ca\",\"instance\":\"local\",\"action\":\"domain\"}," +
- " {\"type\":\"org.osaaf.aaf.cache\",\"instance\":\"*\",\"action\":\"clear\"}," +
- " {\"type\":\"org.osaaf.aaf.cass\",\"instance\":\":mithril\",\"action\":\"*\"}," +
- " {\"type\":\"org.osaaf.aaf.certman\",\"instance\":\"local\",\"action\":\"read,request,showpass\"}," +
- " {\"type\":\"org.osaaf.aaf.db\",\"instance\":\"pool\",\"action\":\"clear\"}," +
- " {\"type\":\"org.osaaf.aaf.deny\",\"instance\":\"com.att\",\"action\":\"*\"}," +
- " {\"type\":\"org.osaaf.aaf.jenkins\",\"instance\":\"mithrilcsp.sbc.com\",\"action\":\"admin\"}," +
- " {\"type\":\"org.osaaf.aaf.log\",\"instance\":\"com.att\",\"action\":\"id\"}," +
- " {\"type\":\"org.osaaf.aaf.myPerm\",\"instance\":\"myInstance\",\"action\":\"myAction\"}," +
- " {\"type\":\"org.osaaf.aaf.ns\",\"instance\":\":com.att.*:ns\",\"action\":\"write\"}," +
- " {\"type\":\"org.osaaf.aaf.ns\",\"instance\":\":com.att:ns\",\"action\":\"write\"}," +
- " {\"type\":\"org.osaaf.aaf.password\",\"instance\":\"com.att\",\"action\":\"extend\"}," +
- " {\"type\":\"org.osaaf.access\",\"instance\":\"*\",\"action\":\"read\"}," +
- " {\"type\":\"org.osaaf.authz.access\",\"instance\":\"*\",\"action\":\"read\"}," +
- " {\"type\":\"org.osaaf.authz.dev.access\",\"instance\":\"*\",\"action\":\"*\"}," +
- " {\"type\":\"org.osaaf.authz.swm.star\",\"instance\":\"*\",\"action\":\"*\"}," +
- " {\"type\":\"org.osaaf.cadi.access\",\"instance\":\"*\",\"action\":\"*\"}," +
- " {\"type\":\"org.osaaf.chris.access\",\"instance\":\"*\",\"action\":\"*\"}," +
- " {\"type\":\"org.osaaf.csid.lab.swm.node\",\"instance\":\"*\",\"action\":\"*\"}," +
- " {\"type\":\"org.osaaf.myapp.access\",\"instance\":\"*\",\"action\":\"*\"}," +
- " {\"type\":\"org.osaaf.myapp.access\",\"instance\":\"*\",\"action\":\"read\"}," +
- " {\"type\":\"org.osaaf.sample.access\",\"instance\":\"*\",\"action\":\"read\"}," +
- " {\"type\":\"org.osaaf.sample.swm.myPerm\",\"instance\":\"*\",\"action\":\"read\"}," +
- " {\"type\":\"org.osaaf.temp.access\",\"instance\":\"*\",\"action\":\"read\"}," +
- " {\"type\":\"org.osaaf.test.access\",\"instance\":\"*\",\"action\":\"*\"}," +
- " {\"type\":\"org.osaaf.test.access\",\"instance\":\"*\",\"action\":\"read\"}," +
- " {\"type\":\"com.test.access\",\"instance\":\"*\",\"action\":\"read\"}," +
- " {\"type\":\"com.test.access\",\"instance\":\"*\",\"action\":\"read\"}" +
- "]}";
- try {
- LoadPermissions lp = new LoadPermissions(new StringReader(json));
- assertThat(lp.perms.size(), is(34));
- } catch (ParseException e) {
- fail(e.getMessage());
- }
- }
+ private static final byte[] hash = "hashstring".getBytes();
+
+ private static final String clientId = "clientId";
+ private static final String username = "username";
+ private static final String token = "token";
+ private static final String scopes = "scopes";
+ private static final String content = "content";
+
+ private static final long expires = 10000L;
+
+ private static Path path;
+
+ @Mock private Persist<Introspect, ?> persistMock;
+ @Mock private RosettaDF<Perms> dfMock;
+ @Mock private Introspect introspectMock;
+
+ @Before
+ public void setup() throws IOException {
+ MockitoAnnotations.initMocks(this);
+
+ when(introspectMock.getExp()).thenReturn(expires);
+ when(introspectMock.getClientId()).thenReturn(clientId);
+ when(introspectMock.getUsername()).thenReturn(username);
+ when(introspectMock.getAccessToken()).thenReturn(token);
+ when(introspectMock.getScope()).thenReturn(scopes);
+ when(introspectMock.getExp()).thenReturn(expires);
+
+ path = Files.createTempFile("fake", ".txt");
+ }
+
+ @Test
+ public void tokenTest() throws APIException {
+ TokenPerm tokenPerm = new TokenPerm(persistMock, dfMock, introspectMock, hash, path);
+ assertThat(tokenPerm.perms().size(), is(0));
+ assertThat(tokenPerm.getClientId(), is(clientId));
+ assertThat(tokenPerm.getUsername(), is(username));
+ assertThat(tokenPerm.getToken(), is(token));
+ assertThat(tokenPerm.getScopes(), is(scopes));
+ assertThat(tokenPerm.getIntrospect(), is(introspectMock));
+
+ when(introspectMock.getContent()).thenReturn(content);
+ tokenPerm = new TokenPerm(persistMock, dfMock, introspectMock, hash, path);
+ }
+
+ @Test
+ public void test() throws ParseException {
+ String json;
+ LoadPermissions lp;
+ Permission p;
+
+ json = "{\"perm\":[" +
+ " {\"ns\":\"com\",\"type\":\"access\",\"instance\":\"*\",\"action\":\"read,approve\"}," +
+ "]}";
+
+ lp = new LoadPermissions(new StringReader(json));
+ assertThat(lp.perms.size(), is(1));
+
+ p = lp.perms.get(0);
+ assertThat(p.getKey(), is("com|access|*|read,approve"));
+ assertThat(p.permType(), is("AAF"));
+
+ // Extra closing braces for coverage
+ json = "{\"perm\":[" +
+ " {\"ns\":\"com\",\"type\":\"access\",\"instance\":\"*\",\"action\":\"read,approve\"}}," +
+ "]]}";
+
+ lp = new LoadPermissions(new StringReader(json));
+ assertThat(lp.perms.size(), is(1));
+
+ p = lp.perms.get(0);
+ assertThat(p.getKey(), is("com|access|*|read,approve"));
+ assertThat(p.permType(), is("AAF"));
+
+ // Test without a type
+ json = "{\"perm\":[" +
+ " {\"instance\":\"*\",\"action\":\"read,approve\"}," +
+ "]}";
+
+ lp = new LoadPermissions(new StringReader(json));
+ assertThat(lp.perms.size(), is(0));
+
+ // Test without an instance
+ json = "{\"perm\":[" +
+ " {\"type\":\"com.access\",\"action\":\"read,approve\"}," +
+ "]}";
+
+ lp = new LoadPermissions(new StringReader(json));
+ assertThat(lp.perms.size(), is(0));
+
+ // Test without an action
+ json = "{\"perm\":[" +
+ " {\"type\":\"com.access\",\"instance\":\"*\"}," +
+ "]}";
+
+ lp = new LoadPermissions(new StringReader(json));
+ assertThat(lp.perms.size(), is(0));
+ }
+
+ @Test
+ public void redundancyTest() {
+ String json = "{\"perm\":[" +
+ " {\"type\":\"com.access\",\"instance\":\"*\",\"action\":\"read,approve\"}," +
+ " {\"type\":\"org.osaaf.aaf.access\",\"instance\":\"*\",\"action\":\"*\"}," +
+ " {\"type\":\"org.osaaf.aaf.access\",\"instance\":\"*\",\"action\":\"read\"}," +
+ " {\"type\":\"org.osaaf.aaf.attrib\",\"instance\":\":com.att.*:swm\",\"action\":\"*\"}," +
+ " {\"type\":\"org.osaaf.aaf.bogus\",\"instance\":\"sample\",\"action\":\"read\"}," +
+ " {\"type\":\"org.osaaf.aaf.ca\",\"instance\":\"aaf\",\"action\":\"ip\"}," +
+ " {\"type\":\"org.osaaf.aaf.ca\",\"instance\":\"local\",\"action\":\"domain\"}," +
+ " {\"type\":\"org.osaaf.aaf.cache\",\"instance\":\"*\",\"action\":\"clear\"}," +
+ " {\"type\":\"org.osaaf.aaf.cass\",\"instance\":\":mithril\",\"action\":\"*\"}," +
+ " {\"type\":\"org.osaaf.aaf.certman\",\"instance\":\"local\",\"action\":\"read,request,showpass\"}," +
+ " {\"type\":\"org.osaaf.aaf.db\",\"instance\":\"pool\",\"action\":\"clear\"}," +
+ " {\"type\":\"org.osaaf.aaf.deny\",\"instance\":\"com.att\",\"action\":\"*\"}," +
+ " {\"type\":\"org.osaaf.aaf.jenkins\",\"instance\":\"mithrilcsp.sbc.com\",\"action\":\"admin\"}," +
+ " {\"type\":\"org.osaaf.aaf.log\",\"instance\":\"com.att\",\"action\":\"id\"}," +
+ " {\"type\":\"org.osaaf.aaf.myPerm\",\"instance\":\"myInstance\",\"action\":\"myAction\"}," +
+ " {\"type\":\"org.osaaf.aaf.ns\",\"instance\":\":com.att.*:ns\",\"action\":\"write\"}," +
+ " {\"type\":\"org.osaaf.aaf.ns\",\"instance\":\":com.att:ns\",\"action\":\"write\"}," +
+ " {\"type\":\"org.osaaf.aaf.password\",\"instance\":\"com.att\",\"action\":\"extend\"}," +
+ " {\"type\":\"org.osaaf.access\",\"instance\":\"*\",\"action\":\"read\"}," +
+ " {\"type\":\"org.osaaf.authz.access\",\"instance\":\"*\",\"action\":\"read\"}," +
+ " {\"type\":\"org.osaaf.authz.dev.access\",\"instance\":\"*\",\"action\":\"*\"}," +
+ " {\"type\":\"org.osaaf.authz.swm.star\",\"instance\":\"*\",\"action\":\"*\"}," +
+ " {\"type\":\"org.osaaf.cadi.access\",\"instance\":\"*\",\"action\":\"*\"}," +
+ " {\"type\":\"org.osaaf.chris.access\",\"instance\":\"*\",\"action\":\"*\"}," +
+ " {\"type\":\"org.osaaf.csid.lab.swm.node\",\"instance\":\"*\",\"action\":\"*\"}," +
+ " {\"type\":\"org.osaaf.myapp.access\",\"instance\":\"*\",\"action\":\"*\"}," +
+ " {\"type\":\"org.osaaf.myapp.access\",\"instance\":\"*\",\"action\":\"read\"}," +
+ " {\"type\":\"org.osaaf.sample.access\",\"instance\":\"*\",\"action\":\"read\"}," +
+ " {\"type\":\"org.osaaf.sample.swm.myPerm\",\"instance\":\"*\",\"action\":\"read\"}," +
+ " {\"type\":\"org.osaaf.temp.access\",\"instance\":\"*\",\"action\":\"read\"}," +
+ " {\"type\":\"org.osaaf.test.access\",\"instance\":\"*\",\"action\":\"*\"}," +
+ " {\"type\":\"org.osaaf.test.access\",\"instance\":\"*\",\"action\":\"read\"}," +
+ " {\"type\":\"com.test.access\",\"instance\":\"*\",\"action\":\"read\"}," +
+ " {\"type\":\"com.test.access\",\"instance\":\"*\",\"action\":\"read\"}" +
+ "]}";
+ try {
+ LoadPermissions lp = new LoadPermissions(new StringReader(json));
+ assertThat(lp.perms.size(), is(34));
+ } catch (ParseException e) {
+ fail(e.getMessage());
+ }
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java
index bd2393e4..11dce825 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_TzHClient.java
@@ -53,66 +53,66 @@ import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.cadi.config.SecurityInfoC;
public class JU_TzHClient {
-
- @Mock private Retryable<Integer> retryableMock;
- @Mock private TimedToken tokenMock;
- @Mock private SecurityInfoC<HttpURLConnection> siMock;
- @Mock private Locator<URI> locMock;
- @Mock private Item itemMock;
- @Mock private Rcli<HttpURLConnection> clientMock;
-
- private PropAccess access;
-
- private ByteArrayOutputStream errStream;
-
- private final static String client_id = "id";
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- access.setProperty(Config.CADI_LATITUDE, "38.62"); // St Louis approx lat
- access.setProperty(Config.CADI_LONGITUDE, "90.19"); // St Louis approx lon }
-
- errStream = new ByteArrayOutputStream();
- System.setErr(new PrintStream(errStream));
- }
-
- @After
- public void tearDown() {
- System.setErr(System.err);
- }
+
+ @Mock private Retryable<Integer> retryableMock;
+ @Mock private TimedToken tokenMock;
+ @Mock private SecurityInfoC<HttpURLConnection> siMock;
+ @Mock private Locator<URI> locMock;
+ @Mock private Item itemMock;
+ @Mock private Rcli<HttpURLConnection> clientMock;
+
+ private PropAccess access;
+
+ private ByteArrayOutputStream errStream;
+
+ private final static String client_id = "id";
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ access.setProperty(Config.CADI_LATITUDE, "38.62"); // St Louis approx lat
+ access.setProperty(Config.CADI_LONGITUDE, "90.19"); // St Louis approx lon }
+
+ errStream = new ByteArrayOutputStream();
+ System.setErr(new PrintStream(errStream));
+ }
+
+ @After
+ public void tearDown() {
+ System.setErr(System.err);
+ }
- @Test
- public void test() throws CadiException, LocatorException, APIException, IOException {
- TzHClient client;
- try {
- client = new TzHClient(access, "tag");
- } catch (Exception e) {
- throw e;
- }
- try {
- client.best(retryableMock);
- fail("Should've thrown an exception");
- } catch (CadiException e) {
- assertThat(e.getMessage(), is("OAuth2 Token has not been set"));
- }
- client.setToken(client_id, tokenMock);
- when(tokenMock.expired()).thenReturn(true);
- try {
- client.best(retryableMock);
- fail("Should've thrown an exception");
- } catch (CadiException e) {
- assertThat(e.getMessage(), is("Expired Token"));
- }
+ @Test
+ public void test() throws CadiException, LocatorException, APIException, IOException {
+ TzHClient client;
+ try {
+ client = new TzHClient(access, "tag");
+ } catch (Exception e) {
+ throw e;
+ }
+ try {
+ client.best(retryableMock);
+ fail("Should've thrown an exception");
+ } catch (CadiException e) {
+ assertThat(e.getMessage(), is("OAuth2 Token has not been set"));
+ }
+ client.setToken(client_id, tokenMock);
+ when(tokenMock.expired()).thenReturn(true);
+ try {
+ client.best(retryableMock);
+ fail("Should've thrown an exception");
+ } catch (CadiException e) {
+ assertThat(e.getMessage(), is("Expired Token"));
+ }
- client = new TzHClient(access, siMock, locMock);
- when(tokenMock.expired()).thenReturn(false);
- doReturn(clientMock).when(retryableMock).lastClient();
+ client = new TzHClient(access, siMock, locMock);
+ when(tokenMock.expired()).thenReturn(false);
+ doReturn(clientMock).when(retryableMock).lastClient();
- when(retryableMock.item()).thenReturn(itemMock);
- client.setToken(client_id, tokenMock);
- assertThat(client.best(retryableMock), is(nullValue()));
- }
+ when(retryableMock.item()).thenReturn(itemMock);
+ client.setToken(client_id, tokenMock);
+ assertThat(client.best(retryableMock), is(nullValue()));
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_Persist.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_Persist.java
index f8d76a95..3e03eb73 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_Persist.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_Persist.java
@@ -57,95 +57,95 @@ import org.onap.aaf.misc.rosetta.env.RosettaEnv;
public class JU_Persist {
- private static final String resourceDirString = "src/test/resources";
- private static final String tokenDirString = "tokenDir";
- private static final String key = "key";
-
- private static final int data = 5;
-
- private static final byte[] cred = "password".getBytes();
-
- private PropAccess access;
- private Result<Persistable<Integer>> result;
-
- @Mock private RosettaEnv envMock;
- @Mock private Persist<Integer, ?> persistMock;
- @Mock private RosettaDF<Integer> dfMock;
- @Mock private RosettaData<Integer> dataMock;
- @Mock private Persistable<Integer> ctMock1;
- @Mock private Persisting<Integer> ctMock2;
- @Mock private Loader<Persistable<Integer>> loaderMock;
-
- @Before
- public void setup() throws APIException, CadiException, LocatorException {
- MockitoAnnotations.initMocks(this);
-
- doReturn(dfMock).when(envMock).newDataFactory((Class<?>[]) any());
- when(dfMock.newData()).thenReturn(dataMock);
- when(dataMock.load(data)).thenReturn(dataMock);
-
-
- result = Result.ok(200, ctMock1);
- when(loaderMock.load(key)).thenReturn(result);
-
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- access.setProperty(Config.CADI_TOKEN_DIR, resourceDirString);
- }
-
- @After
- public void tearDown() {
- File dir = new File(resourceDirString + '/' + tokenDirString);
- for (File f : dir.listFiles()) {
- f.delete();
- }
- dir.delete();
- }
-
- @Test
- public void test() throws CadiException, APIException, LocatorException, InterruptedException {
- Persist<Integer, Persistable<Integer>> persist = new PersistStub(access, envMock, null, tokenDirString);
- // Second call for coverage
- persist = new PersistStub(access, envMock, null, tokenDirString);
- assertThat(persist.getDF(), is(dfMock));
- persist.put(key, ctMock2);
- Result<Persistable<Integer>> output = persist.get(key, cred, loaderMock);
- assertThat(output.code, is(200));
- assertThat(output.isOK(), is(true));
-
- when(ctMock2.checkSyncTime()).thenReturn(true);
- when(ctMock2.hasBeenTouched()).thenReturn(true);
- output = persist.get(key, cred, loaderMock);
- assertThat(output.code, is(200));
- assertThat(output.isOK(), is(true));
-
- persist.delete(key);
-
- assertThat(persist.get(null, null, null), is(nullValue()));
-
- // Uncommenting this lets us begin to test the nested Clean class, but
- // will dramatically slow down every build that runs tests - We need to
- // either refactor or find a more creative way to test Clean
-// Thread.sleep(25000);
-
- persist.close();
- }
-
- private class PersistStub extends Persist<Integer, Persistable<Integer>> {
- public PersistStub(Access access, RosettaEnv env, Class<Integer> cls, String sub_dir)
- throws CadiException, APIException { super(access, env, cls, sub_dir); }
- @Override
- protected Persistable<Integer> newCacheable(Integer t, long expires_secsFrom1970, byte[] hash, Path path)
- throws APIException, IOException { return null; }
- @Override
- public<T> Path writeDisk(final RosettaDF<T> df, final T t, final byte[] cred, final Path target, final long expires) throws CadiException {
- return null;
- }
- @SuppressWarnings("unchecked")
- @Override
- public <T> T readDisk(final RosettaDF<T> df, final byte[] cred, final String filename,final Holder<Path> hp, final Holder<Long> hl) throws CadiException {
- return (T)new Integer(data);
- }
-
- }
+ private static final String resourceDirString = "src/test/resources";
+ private static final String tokenDirString = "tokenDir";
+ private static final String key = "key";
+
+ private static final int data = 5;
+
+ private static final byte[] cred = "password".getBytes();
+
+ private PropAccess access;
+ private Result<Persistable<Integer>> result;
+
+ @Mock private RosettaEnv envMock;
+ @Mock private Persist<Integer, ?> persistMock;
+ @Mock private RosettaDF<Integer> dfMock;
+ @Mock private RosettaData<Integer> dataMock;
+ @Mock private Persistable<Integer> ctMock1;
+ @Mock private Persisting<Integer> ctMock2;
+ @Mock private Loader<Persistable<Integer>> loaderMock;
+
+ @Before
+ public void setup() throws APIException, CadiException, LocatorException {
+ MockitoAnnotations.initMocks(this);
+
+ doReturn(dfMock).when(envMock).newDataFactory((Class<?>[]) any());
+ when(dfMock.newData()).thenReturn(dataMock);
+ when(dataMock.load(data)).thenReturn(dataMock);
+
+
+ result = Result.ok(200, ctMock1);
+ when(loaderMock.load(key)).thenReturn(result);
+
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ access.setProperty(Config.CADI_TOKEN_DIR, resourceDirString);
+ }
+
+ @After
+ public void tearDown() {
+ File dir = new File(resourceDirString + '/' + tokenDirString);
+ for (File f : dir.listFiles()) {
+ f.delete();
+ }
+ dir.delete();
+ }
+
+ @Test
+ public void test() throws CadiException, APIException, LocatorException, InterruptedException {
+ Persist<Integer, Persistable<Integer>> persist = new PersistStub(access, envMock, null, tokenDirString);
+ // Second call for coverage
+ persist = new PersistStub(access, envMock, null, tokenDirString);
+ assertThat(persist.getDF(), is(dfMock));
+ persist.put(key, ctMock2);
+ Result<Persistable<Integer>> output = persist.get(key, cred, loaderMock);
+ assertThat(output.code, is(200));
+ assertThat(output.isOK(), is(true));
+
+ when(ctMock2.checkSyncTime()).thenReturn(true);
+ when(ctMock2.hasBeenTouched()).thenReturn(true);
+ output = persist.get(key, cred, loaderMock);
+ assertThat(output.code, is(200));
+ assertThat(output.isOK(), is(true));
+
+ persist.delete(key);
+
+ assertThat(persist.get(null, null, null), is(nullValue()));
+
+ // Uncommenting this lets us begin to test the nested Clean class, but
+ // will dramatically slow down every build that runs tests - We need to
+ // either refactor or find a more creative way to test Clean
+// Thread.sleep(25000);
+
+ persist.close();
+ }
+
+ private class PersistStub extends Persist<Integer, Persistable<Integer>> {
+ public PersistStub(Access access, RosettaEnv env, Class<Integer> cls, String sub_dir)
+ throws CadiException, APIException { super(access, env, cls, sub_dir); }
+ @Override
+ protected Persistable<Integer> newCacheable(Integer t, long expires_secsFrom1970, byte[] hash, Path path)
+ throws APIException, IOException { return null; }
+ @Override
+ public<T> Path writeDisk(final RosettaDF<T> df, final T t, final byte[] cred, final Path target, final long expires) throws CadiException {
+ return null;
+ }
+ @SuppressWarnings("unchecked")
+ @Override
+ public <T> T readDisk(final RosettaDF<T> df, final byte[] cred, final String filename,final Holder<Path> hp, final Holder<Long> hl) throws CadiException {
+ return (T)new Integer(data);
+ }
+
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_PersistFile.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_PersistFile.java
index cbe865eb..25d8c474 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_PersistFile.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_PersistFile.java
@@ -52,70 +52,70 @@ import org.onap.aaf.misc.rosetta.env.RosettaData;
public class JU_PersistFile {
- private static final String resourceDirString = "src/test/resources";
- private static final String tokenDirString = "tokenDir";
- private static final String tokenFileName = "token";
-
- private static final int data = 5;
- private static final long expires = 10000;
-
- private static final byte[] cred = "password".getBytes();
-
- private PropAccess access;
- private Holder<Path> hp = new Holder<Path>(null);
- private Holder<Long> hl = new Holder<Long>(null);
-
- @Mock private RosettaDF<Integer> dfMock;
- @Mock private RosettaData<Integer> dataMock;
- @Mock private Holder<Path> hpMock;
-
- @Before
- public void setup() throws APIException {
- MockitoAnnotations.initMocks(this);
-
- when(dfMock.newData()).thenReturn(dataMock);
- when(dataMock.load(data)).thenReturn(dataMock);
- when(dataMock.load((CipherInputStream)any())).thenReturn(dataMock);
-
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- access.setProperty(Config.CADI_TOKEN_DIR, resourceDirString);
- }
-
- @After
- public void tearDown() {
- File dir = new File(resourceDirString + '/' + tokenDirString);
- for (File f : dir.listFiles()) {
- f.delete();
- }
- dir.delete();
- }
-
- @Test
- public void test() throws CadiException, APIException, IOException {
- PersistFile persistFile = new PersistFile(access, tokenDirString);
- // Second call is for coverage
- persistFile = new PersistFile(access, tokenDirString);
- Path filepath = persistFile.writeDisk(dfMock, data, cred, tokenFileName, expires);
- persistFile.readDisk(dfMock, cred, tokenFileName, hp, hl);
- assertThat(persistFile.readExpiration(filepath), is(expires));
-
- FileTime ft1 = persistFile.getFileTime(tokenFileName, hp);
- FileTime ft2 = persistFile.getFileTime(tokenFileName, hpMock);
- assertThat(ft1.toMillis(), is(ft2.toMillis()));
-
- persistFile.deleteFromDisk(filepath);
- persistFile.deleteFromDisk(resourceDirString + '/' + tokenDirString + '/' + tokenFileName);
- assertThat(persistFile.readExpiration(filepath), is(0L));
-
- persistFile.getPath(resourceDirString + '/' + tokenDirString + '/' + tokenFileName);
-
- persistFile.writeDisk(dfMock, data, null, tokenFileName, expires);
- try {
- persistFile.readDisk(dfMock, cred, tokenFileName, hp, hl);
- fail("Should've thrown an exception");
- } catch (CadiException e) {
- assertThat(e.getMessage(), is(CadiException.class.getName() + ": Hash does not match in Persistence"));
- }
- }
+ private static final String resourceDirString = "src/test/resources";
+ private static final String tokenDirString = "tokenDir";
+ private static final String tokenFileName = "token";
+
+ private static final int data = 5;
+ private static final long expires = 10000;
+
+ private static final byte[] cred = "password".getBytes();
+
+ private PropAccess access;
+ private Holder<Path> hp = new Holder<Path>(null);
+ private Holder<Long> hl = new Holder<Long>(null);
+
+ @Mock private RosettaDF<Integer> dfMock;
+ @Mock private RosettaData<Integer> dataMock;
+ @Mock private Holder<Path> hpMock;
+
+ @Before
+ public void setup() throws APIException {
+ MockitoAnnotations.initMocks(this);
+
+ when(dfMock.newData()).thenReturn(dataMock);
+ when(dataMock.load(data)).thenReturn(dataMock);
+ when(dataMock.load((CipherInputStream)any())).thenReturn(dataMock);
+
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ access.setProperty(Config.CADI_TOKEN_DIR, resourceDirString);
+ }
+
+ @After
+ public void tearDown() {
+ File dir = new File(resourceDirString + '/' + tokenDirString);
+ for (File f : dir.listFiles()) {
+ f.delete();
+ }
+ dir.delete();
+ }
+
+ @Test
+ public void test() throws CadiException, APIException, IOException {
+ PersistFile persistFile = new PersistFile(access, tokenDirString);
+ // Second call is for coverage
+ persistFile = new PersistFile(access, tokenDirString);
+ Path filepath = persistFile.writeDisk(dfMock, data, cred, tokenFileName, expires);
+ persistFile.readDisk(dfMock, cred, tokenFileName, hp, hl);
+ assertThat(persistFile.readExpiration(filepath), is(expires));
+
+ FileTime ft1 = persistFile.getFileTime(tokenFileName, hp);
+ FileTime ft2 = persistFile.getFileTime(tokenFileName, hpMock);
+ assertThat(ft1.toMillis(), is(ft2.toMillis()));
+
+ persistFile.deleteFromDisk(filepath);
+ persistFile.deleteFromDisk(resourceDirString + '/' + tokenDirString + '/' + tokenFileName);
+ assertThat(persistFile.readExpiration(filepath), is(0L));
+
+ persistFile.getPath(resourceDirString + '/' + tokenDirString + '/' + tokenFileName);
+
+ persistFile.writeDisk(dfMock, data, null, tokenFileName, expires);
+ try {
+ persistFile.readDisk(dfMock, cred, tokenFileName, hp, hl);
+ fail("Should've thrown an exception");
+ } catch (CadiException e) {
+ assertThat(e.getMessage(), is(CadiException.class.getName() + ": Hash does not match in Persistence"));
+ }
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_Persisting.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_Persisting.java
index bb2b918a..9e029f3b 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_Persisting.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/persist/test/JU_Persisting.java
@@ -51,80 +51,80 @@ import org.onap.aaf.misc.rosetta.env.RosettaData;
public class JU_Persisting {
- private static final String resourceDirString = "src/test/resources";
- private static final String tokenDirString = "tokenDir";
- private static final String tokenFileName = "token";
+ private static final String resourceDirString = "src/test/resources";
+ private static final String tokenDirString = "tokenDir";
+ private static final String tokenFileName = "token";
- private static final int data = 5;
- private static final long expires = 10000;
+ private static final int data = 5;
+ private static final long expires = 10000;
- private static final byte[] cred = "password".getBytes();
+ private static final byte[] cred = "password".getBytes();
- private PropAccess access;
+ private PropAccess access;
- @Mock private Persist<Integer, ?> persistMock;
- @Mock private RosettaDF<Integer> dfMock;
- @Mock private RosettaData<Integer> dataMock;
+ @Mock private Persist<Integer, ?> persistMock;
+ @Mock private RosettaDF<Integer> dfMock;
+ @Mock private RosettaData<Integer> dataMock;
- @Before
- public void setup() throws APIException {
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setup() throws APIException {
+ MockitoAnnotations.initMocks(this);
- when(dfMock.newData()).thenReturn(dataMock);
- when(dataMock.load(data)).thenReturn(dataMock);
- when(dataMock.load((CipherInputStream)any())).thenReturn(dataMock);
+ when(dfMock.newData()).thenReturn(dataMock);
+ when(dataMock.load(data)).thenReturn(dataMock);
+ when(dataMock.load((CipherInputStream)any())).thenReturn(dataMock);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- access.setProperty(Config.CADI_TOKEN_DIR, resourceDirString);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ access.setProperty(Config.CADI_TOKEN_DIR, resourceDirString);
- persistMock.access = access;
- }
+ persistMock.access = access;
+ }
- @After
- public void tearDown() {
- File dir = new File(resourceDirString + '/' + tokenDirString);
- for (File f : dir.listFiles()) {
- f.delete();
- }
- dir.delete();
- }
+ @After
+ public void tearDown() {
+ File dir = new File(resourceDirString + '/' + tokenDirString);
+ for (File f : dir.listFiles()) {
+ f.delete();
+ }
+ dir.delete();
+ }
- @Test
- public void test() throws CadiException, APIException {
- Path tokenPath = Paths.get(resourceDirString, tokenDirString);
+ @Test
+ public void test() throws CadiException, APIException {
+ Path tokenPath = Paths.get(resourceDirString, tokenDirString);
- Persisting<Integer> persisting = new Persisting<>(persistMock, data, expires, cred, tokenPath);
- assertThat(persisting.get(), is(data));
- assertThat(persisting.expires(), is(expires));
- assertThat(persisting.expired(), is(true));
- assertThat(persisting.hasBeenTouched(), is(true));
+ Persisting<Integer> persisting = new Persisting<>(persistMock, data, expires, cred, tokenPath);
+ assertThat(persisting.get(), is(data));
+ assertThat(persisting.expires(), is(expires));
+ assertThat(persisting.expired(), is(true));
+ assertThat(persisting.hasBeenTouched(), is(true));
- PersistFile persistFile = new PersistFile(access, tokenDirString);
- tokenPath = persistFile.writeDisk(dfMock, data, cred, tokenFileName, expires);
- persisting = new Persisting<>(persistMock, data, expires, cred, tokenPath);
- assertThat(persisting.hasBeenTouched(), is(false));
+ PersistFile persistFile = new PersistFile(access, tokenDirString);
+ tokenPath = persistFile.writeDisk(dfMock, data, cred, tokenFileName, expires);
+ persisting = new Persisting<>(persistMock, data, expires, cred, tokenPath);
+ assertThat(persisting.hasBeenTouched(), is(false));
- persisting = new Persisting<>(persistMock, data, expires * (int)10e9, cred, tokenPath);
- assertThat(persisting.expired(), is(false));
+ persisting = new Persisting<>(persistMock, data, expires * (int)10e9, cred, tokenPath);
+ assertThat(persisting.expired(), is(false));
- assertThat(persisting.checkSyncTime(), is(true));
- assertThat(persisting.checkSyncTime(), is(false));
+ assertThat(persisting.checkSyncTime(), is(true));
+ assertThat(persisting.checkSyncTime(), is(false));
- assertThat(persisting.checkReloadable(), is(false));
+ assertThat(persisting.checkReloadable(), is(false));
- assertThat(persisting.getHash(), is(cred));
+ assertThat(persisting.getHash(), is(cred));
- assertThat(persisting.match(null), is(false));
- assertThat(persisting.match("random!".getBytes()), is(false));
- assertThat(persisting.match("passwrod".getBytes()), is(false));
- assertThat(persisting.match(cred), is(true));
+ assertThat(persisting.match(null), is(false));
+ assertThat(persisting.match("random!".getBytes()), is(false));
+ assertThat(persisting.match("passwrod".getBytes()), is(false));
+ assertThat(persisting.match(cred), is(true));
- persisting.clearCount();
- assertThat(persisting.count(), is(0));
- persisting.inc();
- assertThat(persisting.count(), is(1));
+ persisting.clearCount();
+ assertThat(persisting.count(), is(0));
+ persisting.inc();
+ assertThat(persisting.count(), is(1));
- assertThat(persisting.path(), is(tokenPath));
- }
+ assertThat(persisting.path(), is(tokenPath));
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/sso/test/JU_AAFSSO.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/sso/test/JU_AAFSSO.java
index 7a64f71c..368a5e29 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/sso/test/JU_AAFSSO.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/sso/test/JU_AAFSSO.java
@@ -39,82 +39,82 @@ import org.onap.aaf.cadi.sso.AAFSSO;
public class JU_AAFSSO {
- private static final String resourceDirString = "src/test/resources";
- private static final String aafDir = resourceDirString + "/aaf";
-
- private ByteArrayInputStream inStream;
-
- @Before
- public void setup() {
- System.setProperty("user.home", aafDir);
-
- // Simulate user input
- inStream = new ByteArrayInputStream("test\npassword".getBytes());
- System.setIn(inStream);
- }
-
- @After
- public void tearDown() {
- recursiveDelete(new File(aafDir));
- }
-
- @Test
- public void test() throws IOException, CadiException {
- AAFSSO sso;
- String[] args;
-
- args = new String[] {
- "-login",
- "-noexit",
- };
- sso = new AAFSSO(args);
-
- assertThat(new File(aafDir).exists(), is(true));
- assertThat(new File(aafDir + "/.aaf").exists(), is(true));
- assertThat(new File(aafDir + "/.aaf/keyfile").exists(), is(true));
- assertThat(new File(aafDir + "/.aaf/sso.out").exists(), is(true));
- assertThat(sso.loginOnly(), is(true));
+ private static final String resourceDirString = "src/test/resources";
+ private static final String aafDir = resourceDirString + "/aaf";
+
+ private ByteArrayInputStream inStream;
+
+ @Before
+ public void setup() {
+ System.setProperty("user.home", aafDir);
+
+ // Simulate user input
+ inStream = new ByteArrayInputStream("test\npassword".getBytes());
+ System.setIn(inStream);
+ }
+
+ @After
+ public void tearDown() {
+ recursiveDelete(new File(aafDir));
+ }
+
+ @Test
+ public void test() throws IOException, CadiException {
+ AAFSSO sso;
+ String[] args;
+
+ args = new String[] {
+ "-login",
+ "-noexit",
+ };
+ sso = new AAFSSO(args);
+
+ assertThat(new File(aafDir).exists(), is(true));
+ assertThat(new File(aafDir + "/.aaf").exists(), is(true));
+ assertThat(new File(aafDir + "/.aaf/keyfile").exists(), is(true));
+ assertThat(new File(aafDir + "/.aaf/sso.out").exists(), is(true));
+ assertThat(sso.loginOnly(), is(true));
// Not necessarily true
-// assertThat(new File(aafDir + "/.aaf/sso.props").exists(), is(true));
-
- sso.setLogDefault();
- sso.setStdErrDefault();
-
- inStream.reset();
- args = new String[] {
- "-logout",
- "\\*",
- "-noexit",
- };
- sso = new AAFSSO(args);
-
- assertThat(new File(aafDir).exists(), is(true));
- assertThat(new File(aafDir + "/.aaf").exists(), is(true));
- assertThat(new File(aafDir + "/.aaf/keyfile").exists(), is(false));
- assertThat(new File(aafDir + "/.aaf/sso.out").exists(), is(true));
- assertThat(sso.loginOnly(), is(false));
-
- PropAccess access = sso.access();
- assertThat(sso.enc_pass(), is(access.getProperty(Config.AAF_APPPASS)));
- assertThat(sso.user(), is(access.getProperty(Config.AAF_APPID)));
-
- sso.addProp("key", "value");
- assertThat(sso.err(), is(nullValue()));
-
- assertThat(sso.useX509(), is(false));
-
- sso.close();
- }
-
- private void recursiveDelete(File file) {
- for (File f : file.listFiles()) {
- if (f.isDirectory()) {
- recursiveDelete(f);
- }
- f.delete();
- }
- file.delete();
- }
+// assertThat(new File(aafDir + "/.aaf/sso.props").exists(), is(true));
+
+ sso.setLogDefault();
+ sso.setStdErrDefault();
+
+ inStream.reset();
+ args = new String[] {
+ "-logout",
+ "\\*",
+ "-noexit",
+ };
+ sso = new AAFSSO(args);
+
+ assertThat(new File(aafDir).exists(), is(true));
+ assertThat(new File(aafDir + "/.aaf").exists(), is(true));
+ assertThat(new File(aafDir + "/.aaf/keyfile").exists(), is(false));
+ assertThat(new File(aafDir + "/.aaf/sso.out").exists(), is(true));
+ assertThat(sso.loginOnly(), is(false));
+
+ PropAccess access = sso.access();
+ assertThat(sso.enc_pass(), is(access.getProperty(Config.AAF_APPPASS)));
+ assertThat(sso.user(), is(access.getProperty(Config.AAF_APPID)));
+
+ sso.addProp("key", "value");
+ assertThat(sso.err(), is(nullValue()));
+
+ assertThat(sso.useX509(), is(false));
+
+ sso.close();
+ }
+
+ private void recursiveDelete(File file) {
+ for (File f : file.listFiles()) {
+ if (f.isDirectory()) {
+ recursiveDelete(f);
+ }
+ f.delete();
+ }
+ file.delete();
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/client/sample/Sample.java b/cadi/aaf/src/test/java/org/onap/aaf/client/sample/Sample.java
index 6c3c6118..8881e76e 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/client/sample/Sample.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/client/sample/Sample.java
@@ -40,137 +40,137 @@ import org.onap.aaf.cadi.util.Split;
import org.onap.aaf.misc.env.APIException;
public class Sample {
- private static Sample singleton;
- final private AAFConHttp aafcon;
- final private AAFLurPerm aafLur;
- final private AAFAuthn<?> aafAuthn;
-
- /**
- * This method is to emphasize the importance of not creating the AAFObjects over and over again.
- * @return
- */
- public static Sample singleton() {
- return singleton;
- }
+ private static Sample singleton;
+ final private AAFConHttp aafcon;
+ final private AAFLurPerm aafLur;
+ final private AAFAuthn<?> aafAuthn;
+
+ /**
+ * This method is to emphasize the importance of not creating the AAFObjects over and over again.
+ * @return
+ */
+ public static Sample singleton() {
+ return singleton;
+ }
- public Sample(Access myAccess) throws APIException, CadiException, LocatorException {
- aafcon = new AAFConHttp(myAccess);
- aafLur = aafcon.newLur();
- aafAuthn = aafcon.newAuthn(aafLur);
- }
-
- /**
- * Checking credentials outside of HTTP/S presents fewer options initially. There is not, for instance,
- * the option of using 2-way TLS HTTP/S.
- *
- * However, Password Checks are still useful, and, if the Client Certificate could be obtained in other ways, the
- * Interface can be expanded in the future to include Certificates.
- * @throws CadiException
- * @throws IOException
- */
- public Principal checkUserPass(String fqi, String pass) throws IOException, CadiException {
- String ok = aafAuthn.validate(fqi, pass);
- if(ok==null) {
- System.out.println("Success!");
- /*
- UnAuthPrincipal means that it is not coming from the official Authorization chain.
- This is useful for Security Plugins which don't use Principal as the tie between
- Authentication and Authorization
-
- You can also use this if you want to check Authorization without actually Authenticating, as may
- be the case with certain Onboarding Tooling.
- */
- return new UnAuthPrincipal(fqi);
- } else {
- System.out.printf("Failure: %s\n",ok);
- return null;
- }
-
+ public Sample(Access myAccess) throws APIException, CadiException, LocatorException {
+ aafcon = new AAFConHttp(myAccess);
+ aafLur = aafcon.newLur();
+ aafAuthn = aafcon.newAuthn(aafLur);
+ }
+
+ /**
+ * Checking credentials outside of HTTP/S presents fewer options initially. There is not, for instance,
+ * the option of using 2-way TLS HTTP/S.
+ *
+ * However, Password Checks are still useful, and, if the Client Certificate could be obtained in other ways, the
+ * Interface can be expanded in the future to include Certificates.
+ * @throws CadiException
+ * @throws IOException
+ */
+ public Principal checkUserPass(String fqi, String pass) throws IOException, CadiException {
+ String ok = aafAuthn.validate(fqi, pass);
+ if(ok==null) {
+ System.out.println("Success!");
+ /*
+ UnAuthPrincipal means that it is not coming from the official Authorization chain.
+ This is useful for Security Plugins which don't use Principal as the tie between
+ Authentication and Authorization
+
+ You can also use this if you want to check Authorization without actually Authenticating, as may
+ be the case with certain Onboarding Tooling.
+ */
+ return new UnAuthPrincipal(fqi);
+ } else {
+ System.out.printf("Failure: %s\n",ok);
+ return null;
+ }
+
- }
+ }
- /**
- * An example of looking for One Permission within all the permissions user has. CADI does cache these,
- * so the call is not expensive.
- *
- * Note: If you are using "J2EE" (Servlets), CADI ties this function to the method:
- * HttpServletRequest.isUserInRole(String user)
- *
- * The J2EE user can expect that his servlet will NOT be called without a Validated Principal, and that
- * "isUserInRole()" will validate if the user has the Permission designated.
- *
- */
- public boolean oneAuthorization(Principal fqi, Permission p) {
- return aafLur.fish(fqi, p);
- }
-
- public List<Permission> allAuthorization(Principal fqi) {
- List<Permission> pond = new ArrayList<>();
- aafLur.fishAll(fqi, pond);
- return pond;
- }
-
-
- public static void main(String[] args) {
- // Note: you can pick up Properties from Command line as well as VM Properties
- // Code "user_fqi=... user_pass=..." (where user_pass can be encrypted) in the command line for this sample.
- // Also code "perm=<perm type>|<instance>|<action>" to test a specific Permission
- PropAccess myAccess = new PropAccess(args);
- try {
- /*
- * NOTE: Do NOT CREATE new aafcon, aafLur and aafAuthn each transaction. They are built to be
- * reused!
- *
- * This is why this code demonstrates "Sample" as a singleton.
- */
- singleton = new Sample(myAccess);
- String user = myAccess.getProperty("user_fqi");
- String pass= myAccess.getProperty("user_pass");
-
- if(user==null || pass==null) {
- System.err.println("This Sample class requires properties user_fqi and user_pass");
- } else {
- pass = myAccess.decrypt(pass, false); // Note, with "false", decryption will only happen if starts with "enc:"
- // See the CODE for Java Methods used
- Principal fqi = Sample.singleton().checkUserPass(user,pass);
-
- if(fqi==null) {
- System.out.println("OK, normally, you would cease processing for an "
- + "unauthenticated user, but for the purpose of Sample, we'll keep going.\n");
- fqi=new UnAuthPrincipal(user);
- }
-
- // AGAIN, NOTE: If your client fails Authentication, the right behavior 99.9%
- // of the time is to drop the transaction. We continue for sample only.
-
- // note, default String for perm
- String permS = myAccess.getProperty("perm","org.osaaf.aaf.access|*|read");
- String[] permA = Split.splitTrim('|', permS);
- if(permA.length>2) {
- final Permission perm = new AAFPermission(null, permA[0],permA[1],permA[2]);
- // See the CODE for Java Methods used
- if(singleton().oneAuthorization(fqi, perm)) {
- System.out.printf("Success: %s has %s\n",fqi.getName(),permS);
- } else {
- System.out.printf("%s does NOT have %s\n",fqi.getName(),permS);
- }
- }
-
-
- // Another form, you can get ALL permissions in a list
- // See the CODE for Java Methods used
- List<Permission> permL = singleton().allAuthorization(fqi);
- if(permL.size()==0) {
- System.out.printf("User %s has no Permissions THAT THE CALLER CAN SEE\n",fqi.getName());
- } else {
- System.out.print("Success:\n");
- for(Permission p : permL) {
- System.out.printf("\t%s has %s\n",fqi.getName(),p.getKey());
- }
- }
- }
- } catch (APIException | CadiException | LocatorException | IOException e) {
- e.printStackTrace();
- }
- }
+ /**
+ * An example of looking for One Permission within all the permissions user has. CADI does cache these,
+ * so the call is not expensive.
+ *
+ * Note: If you are using "J2EE" (Servlets), CADI ties this function to the method:
+ * HttpServletRequest.isUserInRole(String user)
+ *
+ * The J2EE user can expect that his servlet will NOT be called without a Validated Principal, and that
+ * "isUserInRole()" will validate if the user has the Permission designated.
+ *
+ */
+ public boolean oneAuthorization(Principal fqi, Permission p) {
+ return aafLur.fish(fqi, p);
+ }
+
+ public List<Permission> allAuthorization(Principal fqi) {
+ List<Permission> pond = new ArrayList<>();
+ aafLur.fishAll(fqi, pond);
+ return pond;
+ }
+
+
+ public static void main(String[] args) {
+ // Note: you can pick up Properties from Command line as well as VM Properties
+ // Code "user_fqi=... user_pass=..." (where user_pass can be encrypted) in the command line for this sample.
+ // Also code "perm=<perm type>|<instance>|<action>" to test a specific Permission
+ PropAccess myAccess = new PropAccess(args);
+ try {
+ /*
+ * NOTE: Do NOT CREATE new aafcon, aafLur and aafAuthn each transaction. They are built to be
+ * reused!
+ *
+ * This is why this code demonstrates "Sample" as a singleton.
+ */
+ singleton = new Sample(myAccess);
+ String user = myAccess.getProperty("user_fqi");
+ String pass= myAccess.getProperty("user_pass");
+
+ if(user==null || pass==null) {
+ System.err.println("This Sample class requires properties user_fqi and user_pass");
+ } else {
+ pass = myAccess.decrypt(pass, false); // Note, with "false", decryption will only happen if starts with "enc:"
+ // See the CODE for Java Methods used
+ Principal fqi = Sample.singleton().checkUserPass(user,pass);
+
+ if(fqi==null) {
+ System.out.println("OK, normally, you would cease processing for an "
+ + "unauthenticated user, but for the purpose of Sample, we'll keep going.\n");
+ fqi=new UnAuthPrincipal(user);
+ }
+
+ // AGAIN, NOTE: If your client fails Authentication, the right behavior 99.9%
+ // of the time is to drop the transaction. We continue for sample only.
+
+ // note, default String for perm
+ String permS = myAccess.getProperty("perm","org.osaaf.aaf.access|*|read");
+ String[] permA = Split.splitTrim('|', permS);
+ if(permA.length>2) {
+ final Permission perm = new AAFPermission(null, permA[0],permA[1],permA[2]);
+ // See the CODE for Java Methods used
+ if(singleton().oneAuthorization(fqi, perm)) {
+ System.out.printf("Success: %s has %s\n",fqi.getName(),permS);
+ } else {
+ System.out.printf("%s does NOT have %s\n",fqi.getName(),permS);
+ }
+ }
+
+
+ // Another form, you can get ALL permissions in a list
+ // See the CODE for Java Methods used
+ List<Permission> permL = singleton().allAuthorization(fqi);
+ if(permL.size()==0) {
+ System.out.printf("User %s has no Permissions THAT THE CALLER CAN SEE\n",fqi.getName());
+ } else {
+ System.out.print("Success:\n");
+ for(Permission p : permL) {
+ System.out.printf("\t%s has %s\n",fqi.getName(),p.getKey());
+ }
+ }
+ }
+ } catch (APIException | CadiException | LocatorException | IOException e) {
+ e.printStackTrace();
+ }
+ }
}
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/content/JU_Content.java b/cadi/aaf/src/test/java/org/onap/aaf/content/JU_Content.java
index e997378d..03dadb94 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/content/JU_Content.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/content/JU_Content.java
@@ -34,43 +34,43 @@ import aaf.v2_0.Error;
public class JU_Content {
- @Test
- public void parseErrorJSON() throws Exception {
- final String msg = "{\"messageId\":\"SVC2000\",\"text\":\"Select which cred to delete (or 0 to delete all):" +
- "1) %1" +
- "2) %2" +
- "3) %3" +
- "4) %4" +
- "Run same command again with chosen entry as last parameter\"," +
- "\"variables\":[" +
- "\"m55555@jr583u.cred.test.com 1 Wed Oct 08 11:48:08 CDT 2014\"," +
- "\"m55555@jr583u.cred.test.com 1 Thu Oct 09 12:54:46 CDT 2014\"," +
- "\"m55555@jr583u.cred.test.com 1 Tue Jan 06 05:00:00 CST 2015\"," +
- "\"m55555@jr583u.cred.test.com 1 Wed Jan 07 05:00:00 CST 2015\"]}";
-
- Error err = new Error();
- err.setText("Hello");
- err.getVariables().add("I'm a teapot");
- err.setMessageId("12");
-
-
-// System.out.println(msg);
- RosettaEnv env = new RosettaEnv();
- RosettaDF<aaf.v2_0.Error> errDF = env.newDataFactory(aaf.v2_0.Error.class);
- errDF.in(RosettaData.TYPE.JSON);
- errDF.out(RosettaData.TYPE.JSON);
- RosettaData<Error> data = errDF.newData();
- data.load(err);
-
- @SuppressWarnings("unused")
- String output = data.asString();
-// System.out.println(output);
-
- data.load(new StringReader(msg));
- err = data.asObject();
- output = err.getText();
-// System.out.println(output);
- }
-
+ @Test
+ public void parseErrorJSON() throws Exception {
+ final String msg = "{\"messageId\":\"SVC2000\",\"text\":\"Select which cred to delete (or 0 to delete all):" +
+ "1) %1" +
+ "2) %2" +
+ "3) %3" +
+ "4) %4" +
+ "Run same command again with chosen entry as last parameter\"," +
+ "\"variables\":[" +
+ "\"m55555@jr583u.cred.test.com 1 Wed Oct 08 11:48:08 CDT 2014\"," +
+ "\"m55555@jr583u.cred.test.com 1 Thu Oct 09 12:54:46 CDT 2014\"," +
+ "\"m55555@jr583u.cred.test.com 1 Tue Jan 06 05:00:00 CST 2015\"," +
+ "\"m55555@jr583u.cred.test.com 1 Wed Jan 07 05:00:00 CST 2015\"]}";
+
+ Error err = new Error();
+ err.setText("Hello");
+ err.getVariables().add("I'm a teapot");
+ err.setMessageId("12");
+
+
+// System.out.println(msg);
+ RosettaEnv env = new RosettaEnv();
+ RosettaDF<aaf.v2_0.Error> errDF = env.newDataFactory(aaf.v2_0.Error.class);
+ errDF.in(RosettaData.TYPE.JSON);
+ errDF.out(RosettaData.TYPE.JSON);
+ RosettaData<Error> data = errDF.newData();
+ data.load(err);
+
+ @SuppressWarnings("unused")
+ String output = data.asString();
+// System.out.println(output);
+
+ data.load(new StringReader(msg));
+ err = data.asObject();
+ output = err.getText();
+// System.out.println(output);
+ }
+
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsAuthentication.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsAuthentication.java
index 80e6dc40..cce7b5f3 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsAuthentication.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsAuthentication.java
@@ -41,90 +41,90 @@ import org.onap.aaf.cadi.config.SecurityInfoC;
* @param <CLIENT>
*/
public abstract class AbsAuthentication<CLIENT> implements SecuritySetter<CLIENT> {
- // HTTP Header for Authentication is "Authorization". This was from an early stage of internet where
- // Access by Credential "Authorized" you for everything on the site. Since those early days, it became
- // clear that "full access" wasn't appropriate, so the split between Authentication and Authorization
- // came into being... But the Header remains.
- public static final String AUTHORIZATION = "Authorization";
- private static final Symm symm;
+ // HTTP Header for Authentication is "Authorization". This was from an early stage of internet where
+ // Access by Credential "Authorized" you for everything on the site. Since those early days, it became
+ // clear that "full access" wasn't appropriate, so the split between Authentication and Authorization
+ // came into being... But the Header remains.
+ public static final String AUTHORIZATION = "Authorization";
+ private static final Symm symm;
- protected static final String REPEAT_OFFENDER = "This call is aborted because of repeated usage of invalid Passwords";
- private static final int MAX_TEMP_COUNT = 10;
- private static final int MAX_SPAM_COUNT = 10000;
- private static final long WAIT_TIME = 1000*60*4L;
- private final byte[] headValue;
- private String user;
- protected final SecurityInfoC<CLIENT> securityInfo;
- protected long lastMiss;
- protected int count;
-
- static {
- try {
- symm = Symm.encrypt.obtain();
- } catch (IOException e) {
- throw new RuntimeException("Cannot create critical internal encryption key",e);
- }
-
- }
+ protected static final String REPEAT_OFFENDER = "This call is aborted because of repeated usage of invalid Passwords";
+ private static final int MAX_TEMP_COUNT = 10;
+ private static final int MAX_SPAM_COUNT = 10000;
+ private static final long WAIT_TIME = 1000*60*4L;
+ private final byte[] headValue;
+ private String user;
+ protected final SecurityInfoC<CLIENT> securityInfo;
+ protected long lastMiss;
+ protected int count;
+
+ static {
+ try {
+ symm = Symm.encrypt.obtain();
+ } catch (IOException e) {
+ throw new RuntimeException("Cannot create critical internal encryption key",e);
+ }
+
+ }
- public AbsAuthentication(final SecurityInfoC<CLIENT> securityInfo, final String user, final byte[] headValue) throws IOException {
- this.headValue = headValue==null?null:symm.encode(headValue);
- this.user = user;
- this.securityInfo = securityInfo;
- lastMiss=0L;
- count=0;
- }
+ public AbsAuthentication(final SecurityInfoC<CLIENT> securityInfo, final String user, final byte[] headValue) throws IOException {
+ this.headValue = headValue==null?null:symm.encode(headValue);
+ this.user = user;
+ this.securityInfo = securityInfo;
+ lastMiss=0L;
+ count=0;
+ }
- protected String headValue() throws IOException {
- if(headValue==null) {
- return "";
- } else {
- return new String(symm.decode(headValue));
- }
- }
-
- protected void setUser(String id) {
- user = id;
- }
-
- @Override
- public String getID() {
- return user;
- }
+ protected String headValue() throws IOException {
+ if(headValue==null) {
+ return "";
+ } else {
+ return new String(symm.decode(headValue));
+ }
+ }
+
+ protected void setUser(String id) {
+ user = id;
+ }
+
+ @Override
+ public String getID() {
+ return user;
+ }
- public boolean isDenied() {
- if(lastMiss>0 && lastMiss>System.currentTimeMillis()) {
- return true;
- } else {
- lastMiss=0L;
- return false;
- }
- }
+ public boolean isDenied() {
+ if(lastMiss>0 && lastMiss>System.currentTimeMillis()) {
+ return true;
+ } else {
+ lastMiss=0L;
+ return false;
+ }
+ }
- public synchronized int setLastResponse(int httpcode) {
- if(httpcode == 401) {
- ++count;
- if(lastMiss==0L && count>MAX_TEMP_COUNT) {
- lastMiss=System.currentTimeMillis()+WAIT_TIME;
- }
- // if(count>MAX_SPAM_COUNT) {
- // System.err.printf("Your service has %d consecutive bad service logins to AAF. \nIt will now exit\n",
- // count);
- // System.exit(401);
- // }
- if(count%1000==0) {
- System.err.printf("Your service has %d consecutive bad service logins to AAF. AAF Access will be disabled after %d\n",
- count,MAX_SPAM_COUNT);
- }
+ public synchronized int setLastResponse(int httpcode) {
+ if(httpcode == 401) {
+ ++count;
+ if(lastMiss==0L && count>MAX_TEMP_COUNT) {
+ lastMiss=System.currentTimeMillis()+WAIT_TIME;
+ }
+ // if(count>MAX_SPAM_COUNT) {
+ // System.err.printf("Your service has %d consecutive bad service logins to AAF. \nIt will now exit\n",
+ // count);
+ // System.exit(401);
+ // }
+ if(count%1000==0) {
+ System.err.printf("Your service has %d consecutive bad service logins to AAF. AAF Access will be disabled after %d\n",
+ count,MAX_SPAM_COUNT);
+ }
- } else {
- lastMiss=0;
- }
- return count;
- }
+ } else {
+ lastMiss=0;
+ }
+ return count;
+ }
- public int count() {
- return count;
- }
+ public int count() {
+ return count;
+ }
} \ No newline at end of file
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java
index 3815bc67..0c38bd90 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java
@@ -38,39 +38,39 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
* @param <CLIENT>
*/
public abstract class AbsTransferSS<CLIENT> implements SecuritySetter<CLIENT> {
- protected String value;
- protected SecurityInfoC<CLIENT> securityInfo;
- protected SecuritySetter<CLIENT> defSS;
- private Principal principal;
+ protected String value;
+ protected SecurityInfoC<CLIENT> securityInfo;
+ protected SecuritySetter<CLIENT> defSS;
+ private Principal principal;
- //Format:<ID>:<APP>:<protocol>[:AS][,<ID>:<APP>:<protocol>]*
- public AbsTransferSS(TaggedPrincipal principal, String app) {
- init(principal, app);
- }
+ //Format:<ID>:<APP>:<protocol>[:AS][,<ID>:<APP>:<protocol>]*
+ public AbsTransferSS(TaggedPrincipal principal, String app) {
+ init(principal, app);
+ }
- public AbsTransferSS(TaggedPrincipal principal, String app, SecurityInfoC<CLIENT> si) {
- init(principal,app);
- securityInfo = si;
- this.defSS = si.defSS;
- }
+ public AbsTransferSS(TaggedPrincipal principal, String app, SecurityInfoC<CLIENT> si) {
+ init(principal,app);
+ securityInfo = si;
+ this.defSS = si.defSS;
+ }
- private void init(TaggedPrincipal principal, String app) {
- this.principal=principal;
- if(principal==null) {
- return;
- } else {
- value = principal.getName() + ':' +
- app + ':' +
- principal.tag() + ':' +
- "AS";
- }
- }
+ private void init(TaggedPrincipal principal, String app) {
+ this.principal=principal;
+ if(principal==null) {
+ return;
+ } else {
+ value = principal.getName() + ':' +
+ app + ':' +
+ principal.tag() + ':' +
+ "AS";
+ }
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.SecuritySetter#getID()
- */
- @Override
- public String getID() {
- return principal==null?"":principal.getName();
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.SecuritySetter#getID()
+ */
+ @Override
+ public String getID() {
+ return principal==null?"":principal.getName();
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/EClient.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/EClient.java
index d5dfebf5..9aa9cad6 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/EClient.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/EClient.java
@@ -32,20 +32,20 @@ import org.onap.aaf.misc.rosetta.env.RosettaDF;
public interface EClient<CT> {
- public void setMethod(String meth);
- public void setPathInfo(String pathinfo);
- public void setPayload(Transfer transfer);
- public void addHeader(String tag, String value);
- public void setQueryParams(String q);
- public void setFragment(String f);
- public void send() throws APIException;
- public<T> Future<T> futureCreate(Class<T> t);
- public Future<String> futureReadString();
- public<T> Future<T> futureRead(RosettaDF<T> df,Data.TYPE type);
- public<T> Future<T> future(T t);
- public Future<Void> future(HttpServletResponse resp, int expected) throws APIException;
-
- public interface Transfer {
- public void transfer(OutputStream os) throws IOException, APIException;
- }
+ public void setMethod(String meth);
+ public void setPathInfo(String pathinfo);
+ public void setPayload(Transfer transfer);
+ public void addHeader(String tag, String value);
+ public void setQueryParams(String q);
+ public void setFragment(String f);
+ public void send() throws APIException;
+ public<T> Future<T> futureCreate(Class<T> t);
+ public Future<String> futureReadString();
+ public<T> Future<T> futureRead(RosettaDF<T> df,Data.TYPE type);
+ public<T> Future<T> future(T t);
+ public Future<Void> future(HttpServletResponse resp, int expected) throws APIException;
+
+ public interface Transfer {
+ public void transfer(OutputStream os) throws IOException, APIException;
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Future.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Future.java
index 2579dc11..39f88687 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Future.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Future.java
@@ -24,10 +24,10 @@ package org.onap.aaf.cadi.client;
import org.onap.aaf.cadi.CadiException;
public abstract class Future<T> {
- public T value;
- public abstract boolean get(int timeout) throws CadiException;
-
- public abstract int code();
- public abstract String body();
- public abstract String header(String tag);
+ public T value;
+ public abstract boolean get(int timeout) throws CadiException;
+
+ public abstract int code();
+ public abstract String body();
+ public abstract String header(String tag);
} \ No newline at end of file
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Holder.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Holder.java
index c13afc25..af97c465 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Holder.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Holder.java
@@ -28,19 +28,19 @@ package org.onap.aaf.cadi.client;
* @param <T>
*/
public class Holder<T> {
- private T value;
- public Holder(T t) {
- value = t;
- }
- public T set(T t) {
- value = t;
- return t;
- }
-
- public T get() {
- return value;
- }
- public String toString() {
- return value.toString();
- }
+ private T value;
+ public Holder(T t) {
+ value = t;
+ }
+ public T set(T t) {
+ value = t;
+ return t;
+ }
+
+ public T get() {
+ return value;
+ }
+ public String toString() {
+ return value.toString();
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java
index 04075f29..b414487b 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java
@@ -41,729 +41,729 @@ import org.onap.aaf.misc.env.util.Pool.Pooled;
import org.onap.aaf.misc.rosetta.env.RosettaDF;
public abstract class Rcli<CT> {
- public static final String FORM_ENCODED = "application/x-www-form-urlencoded";
- public static final String APPL_JSON = "application/json";
- public static final String APPL_XML = "application/xml";
- public static final String BLANK = "";
- public static final String CONTENT_TYPE = "Content-Type";
- public static final String ACCEPT = "Accept";
-
- protected static final String POST = "POST";
- protected static final String GET = "GET";
- protected static final String PUT = "PUT";
- protected static final String DELETE = "DELETE";
- protected TYPE type;
- protected String apiVersion;
- protected int readTimeout = 5000;
- protected int connectionTimeout = 3000;
- protected URI uri;
- private String oneCallQueryParams;
- public static Pool<byte[]> buffPool = new Pool<byte[]>(new Pool.Creator<byte[]>() {
- @Override
- public byte[] create() throws APIException {
- return new byte[1024];
- }
-
- @Override
- public void destroy(byte[] t) {
- }
-
- @Override
- public boolean isValid(byte[] t) {
- return true;
- }
-
- @Override
- public void reuse(byte[] t) {
- }
- });
-
-
- public Rcli() {
- super();
- }
-
- public abstract void setSecuritySetter(SecuritySetter<CT> ss);
- public abstract SecuritySetter<CT> getSecuritySetter();
-
-
- public Rcli<CT> forUser(SecuritySetter<CT> ss) {
- Rcli<CT> rv = clone(uri==null?this.uri:uri,ss);
- setSecuritySetter(ss);
- rv.type = type;
- rv.apiVersion = apiVersion;
- return rv;
- }
-
- protected abstract Rcli<CT> clone(URI uri, SecuritySetter<CT> ss);
-
- public abstract void invalidate() throws CadiException;
-
- public Rcli<CT> readTimeout(int millis) {
- readTimeout = millis;
- return this;
- }
-
- public Rcli<CT> connectionTimeout(int millis) {
- connectionTimeout = millis;
- return this;
- }
-
- public Rcli<CT> type(TYPE type) {
- this.type=type;
- return this;
- }
-
- public Rcli<CT> apiVersion(String apiVersion) {
- this.apiVersion = apiVersion;
- return this;
- }
-
- public boolean isApiVersion(String prospective) {
- return apiVersion.equals(prospective);
- }
-
-
- public String typeString(Class<?> cls) {
- return "application/"+cls.getSimpleName()+"+"+type.name().toLowerCase()+
- (apiVersion==null?BLANK:";version="+apiVersion);
- }
-
- protected abstract EClient<CT> client() throws CadiException;
-
-
- public<T> Future<T> create(final String pathinfo, final String contentType, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,contentType);
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- return client.futureCreate(df.getTypeClass());
- }
-
- public<T> Future<T> create(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,typeString(df.getTypeClass()));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- return client.futureCreate(df.getTypeClass());
- }
-
- public<T> Future<T> create(String pathinfo, Class<?> cls, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,typeString(cls));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- return client.futureCreate(df.getTypeClass());
- }
-
- public<T> Future<T> create(String pathinfo, Class<T> cls) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,typeString(cls));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(null);
- client.send();
- return client.futureCreate(cls);
- }
-
- public Future<Void> create(String pathinfo, String contentType) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,contentType);
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(null);
- client.send();
- return client.futureCreate(Void.class);
- }
-
- public Future<Void> create(String pathinfo, String contentType, EClient.Transfer content) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,contentType);
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(content);
- client.send();
- return client.futureCreate(Void.class);
- }
-
-
- /**
- * Post Data in WWW expected format, with the format tag1=value1&tag2=value2, etc
- * Note Shortcut:
- * Because typically, you will want to have a variable as value, you can type, as long as tag ends with "="
- * postForm(..., "tag1=value1","tag2=",var2);
- * @param pathinfo
- * @param df
- * @param cls
- * @param formParam
- * @return
- * @throws APIException
- * @throws CadiException
- */
- public <T> Future<T> postForm(String pathinfo, final RosettaDF<T> df, final String ... formParam) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,FORM_ENCODED);
- switch(type) {
- case JSON:
- client.addHeader(ACCEPT, APPL_JSON);
- break;
- case XML:
- client.addHeader(ACCEPT, APPL_XML);
- break;
- default:
- break;
- }
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(new Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- PrintStream ps;
- if(os instanceof PrintStream) {
- ps = (PrintStream)os;
- } else {
- ps = new PrintStream(os);
- }
- boolean first = true;
- for(String fp : formParam) {
- if(fp!=null) {
- if(first) {
- first = false;
- } else {
- ps.print('&');
- }
- if(fp.endsWith("=")) {
- first = true;
- }
- ps.print(fp);
- }
- }
- }});
- client.send();
- return client.futureRead(df,TYPE.JSON);
- }
-
- /**
- * Read String, using POST for keyInfo
- *
- * @param pathinfo
- * @param df
- * @param t
- * @param resp
- * @return
- * @throws APIException
- * @throws CadiException
- */
- public<T> Future<String> readPost(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,typeString(df.getTypeClass()));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- return client.futureReadString();
- }
-
- /**
- * Read using POST for keyInfo, responding with marshaled Objects
- *
- * @param pathinfo
- * @param df
- * @param t
- * @param resp
- * @return
- * @throws APIException
- * @throws CadiException
- */
- public<T,R> Future<R> readPost(String pathinfo, final RosettaDF<T> df, final T t, final RosettaDF<R> resp) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,typeString(df.getTypeClass()));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- return client.futureRead(resp,resp.getOutType());
- }
-
- public Future<String> readPost(String pathinfo, String contentType, String ... headers) throws CadiException, APIException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(POST);
- client.addHeader(CONTENT_TYPE,contentType);
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- }});
- client.send();
- return client.futureReadString();
- }
-
- public Future<String> read(String pathinfo, String accept, String ... headers) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(GET);
- client.addHeader(ACCEPT, accept);
-
- for(int i=1;i<headers.length;i=i+2) {
- client.addHeader(headers[i-1],headers[i]);
- }
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(null);
- client.send();
- return client.futureReadString();
- }
-
- public<T> Future<T> read(String pathinfo, String accept, RosettaDF<T> df, String ... headers) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(GET);
- client.addHeader(ACCEPT, accept);
- for(int i=1;i<headers.length;i=i+2) {
- client.addHeader(headers[i-1],headers[i]);
- }
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(null);
- client.send();
- return client.futureRead(df,type);
- }
-
- public<T> Future<T> read(String pathinfo, RosettaDF<T> df,String ... headers) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(GET);
- client.addHeader(ACCEPT, typeString(df.getTypeClass()));
- for(int i=1;i<headers.length;i=i+2) {
- client.addHeader(headers[i-1],headers[i]);
- }
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
-
- client.setPayload(null);
- client.send();
- return client.futureRead(df,type);
- }
-
- public<T> Future<T> read(String pathinfo, Class<?> cls, RosettaDF<T> df) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(GET);
- client.addHeader(ACCEPT, typeString(cls));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
-
- client.setPayload(null);
- client.send();
- return client.futureRead(df,type);
- }
-
- public<T> Future<T> update(String pathinfo, String contentType, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(PUT);
- client.addHeader(CONTENT_TYPE,contentType);
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- return client.future(t);
- }
-
- public<T> Future<String> updateRespondString(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(PUT);
- client.addHeader(CONTENT_TYPE, typeString(df.getTypeClass()));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
-
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- //String s = df.newData().out(type).load(t).asString();
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- return client.futureReadString();
- }
-
- public Future<String> update(String pathinfo, String contentType, EClient.Transfer content) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(PUT);
- client.addHeader(CONTENT_TYPE,contentType);
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(content);
- client.send();
- return client.futureReadString();
- }
-
-
-
-
- public<T> Future<T> update(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(PUT);
- client.addHeader(CONTENT_TYPE, typeString(df.getTypeClass()));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
-
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- return client.future(t);
- }
-
- public<T> Future<T> update(String pathinfo, Class<?> cls, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(PUT);
- client.addHeader(CONTENT_TYPE, typeString(cls));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
-
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- return client.future(t);
- }
-
-
-
- /**
- * A method to update with a VOID
- * @param pathinfo
- * @param resp
- * @param expected
- * @return
- * @throws APIException
- * @throws CadiException
- */
- public<T> Future<Void> update(String pathinfo) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(PUT);
- client.addHeader(CONTENT_TYPE, typeString(Void.class));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
-
-// client.setPayload(new EClient.Transfer() {
-// @Override
-// public void transfer(OutputStream os) throws IOException, APIException {
-// }
-// });
- client.send();
- return client.future(null);
- }
-
-
- public<T> Future<T> delete(String pathinfo, String contentType, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(DELETE);
- client.addHeader(CONTENT_TYPE, contentType);
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
-
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- return client.future(t);
- }
-
- public<T> Future<T> delete(String pathinfo, Class<?> cls, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(DELETE);
- client.addHeader(CONTENT_TYPE, typeString(cls));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
- client.send();
- return client.future(t);
- }
-
- public<T> Future<T> delete(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(DELETE);
- client.addHeader(CONTENT_TYPE, typeString(df.getTypeClass()));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- df.newData().out(type).direct(t,os);
- }
- });
-
- client.send();
- return client.future(t);
- }
-
-
- public<T> Future<T> delete(String pathinfo, Class<T> cls) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(DELETE);
- client.addHeader(CONTENT_TYPE, typeString(cls));
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
-
- client.setPayload(null);
- client.send();
- return client.future((T)null);
- }
-
- public Future<Void> delete(String pathinfo, String contentType) throws APIException, CadiException {
- final ParsePath pp = new ParsePath(pathinfo);
-
- EClient<CT> client = client();
- client.setMethod(DELETE);
- client.addHeader(CONTENT_TYPE, contentType);
- client.setPathInfo(pp.path());
- client.setQueryParams(pp.query());
- client.setFragment(pp.frag());
-
- client.setPayload(null);
- client.send();
- return client.future(null);
- }
-
- public Future<Void> transfer(final HttpServletRequest req, final HttpServletResponse resp, final String pathParam, final int expected) throws CadiException, APIException {
- EClient<CT> client = client();
- URI uri;
- try {
- uri = new URI(req.getRequestURI());
- } catch (Exception e) {
- throw new CadiException("Invalid incoming URI",e);
- }
- String name;
- for(Enumeration<String> en = req.getHeaderNames();en.hasMoreElements();) {
- name = en.nextElement();
- client.addHeader(name,req.getHeader(name));
- }
- client.setQueryParams(req.getQueryString());
- client.setFragment(uri.getFragment());
- client.setPathInfo(pathParam);
- String meth = req.getMethod();
- client.setMethod(meth);
- if(!"GET".equals(meth)) {
- client.setPayload(new EClient.Transfer() {
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- final ServletInputStream is = req.getInputStream();
- int read;
- // reuse Buffers
- Pooled<byte[]> pbuff = buffPool.get();
- try {
- while((read=is.read(pbuff.content))>=0) {
- os.write(pbuff.content,0,read);
- }
- } finally {
- pbuff.done();
- }
- }
- });
- }
- client.send();
- return client.future(resp, expected);
- }
-
- private class ParsePath {
- private final String path;
- private final int query;
- private final int queryEnd;
- private final int pound;
- private final String queryParams;
-
- public ParsePath(final String origPath) {
- path = origPath;
- if(origPath==null) {
- query=queryEnd=pound=-1;
- queryParams=null;
- } else {
- query = origPath.indexOf('?');
- pound = origPath.indexOf('#');
- queryEnd = pound>=0?pound:path.length();
- if(oneCallQueryParams==null) {
- if(query>=0) {
- queryParams = path.substring(query+1,queryEnd);
- } else {
- queryParams=null;
- }
- } else {
- if(query>=0) {
- queryParams = oneCallQueryParams + '&' + path.substring(query+1,queryEnd);
- } else {
- queryParams = oneCallQueryParams;
- }
- oneCallQueryParams = null;
- }
- }
- }
-
- public String path() {
- if(query>=0) {
- if(pound>=0) {
- return path.substring(pound+1);
- }
- return path.substring(0,query);
- } else if(pound>=0) {
- return path.substring(0,pound);
- } else {
- return path;
- }
- }
-
- public String query() {
- return queryParams;
- }
-
- public String frag() {
- if(pound>=0) {
- return path.substring(pound+1);
- } else {
- return null;
- }
- }
- }
-
- public String toString() {
- return uri.toString();
- }
-
- public URI getURI() {
- return uri;
- }
-
- public void setQueryParams(final String queryParams) {
- oneCallQueryParams=queryParams;
- }
+ public static final String FORM_ENCODED = "application/x-www-form-urlencoded";
+ public static final String APPL_JSON = "application/json";
+ public static final String APPL_XML = "application/xml";
+ public static final String BLANK = "";
+ public static final String CONTENT_TYPE = "Content-Type";
+ public static final String ACCEPT = "Accept";
+
+ protected static final String POST = "POST";
+ protected static final String GET = "GET";
+ protected static final String PUT = "PUT";
+ protected static final String DELETE = "DELETE";
+ protected TYPE type;
+ protected String apiVersion;
+ protected int readTimeout = 5000;
+ protected int connectionTimeout = 3000;
+ protected URI uri;
+ private String oneCallQueryParams;
+ public static Pool<byte[]> buffPool = new Pool<byte[]>(new Pool.Creator<byte[]>() {
+ @Override
+ public byte[] create() throws APIException {
+ return new byte[1024];
+ }
+
+ @Override
+ public void destroy(byte[] t) {
+ }
+
+ @Override
+ public boolean isValid(byte[] t) {
+ return true;
+ }
+
+ @Override
+ public void reuse(byte[] t) {
+ }
+ });
+
+
+ public Rcli() {
+ super();
+ }
+
+ public abstract void setSecuritySetter(SecuritySetter<CT> ss);
+ public abstract SecuritySetter<CT> getSecuritySetter();
+
+
+ public Rcli<CT> forUser(SecuritySetter<CT> ss) {
+ Rcli<CT> rv = clone(uri==null?this.uri:uri,ss);
+ setSecuritySetter(ss);
+ rv.type = type;
+ rv.apiVersion = apiVersion;
+ return rv;
+ }
+
+ protected abstract Rcli<CT> clone(URI uri, SecuritySetter<CT> ss);
+
+ public abstract void invalidate() throws CadiException;
+
+ public Rcli<CT> readTimeout(int millis) {
+ readTimeout = millis;
+ return this;
+ }
+
+ public Rcli<CT> connectionTimeout(int millis) {
+ connectionTimeout = millis;
+ return this;
+ }
+
+ public Rcli<CT> type(TYPE type) {
+ this.type=type;
+ return this;
+ }
+
+ public Rcli<CT> apiVersion(String apiVersion) {
+ this.apiVersion = apiVersion;
+ return this;
+ }
+
+ public boolean isApiVersion(String prospective) {
+ return apiVersion.equals(prospective);
+ }
+
+
+ public String typeString(Class<?> cls) {
+ return "application/"+cls.getSimpleName()+"+"+type.name().toLowerCase()+
+ (apiVersion==null?BLANK:";version="+apiVersion);
+ }
+
+ protected abstract EClient<CT> client() throws CadiException;
+
+
+ public<T> Future<T> create(final String pathinfo, final String contentType, final RosettaDF<T> df, final T t) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(POST);
+ client.addHeader(CONTENT_TYPE,contentType);
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ df.newData().out(type).direct(t,os);
+ }
+ });
+ client.send();
+ return client.futureCreate(df.getTypeClass());
+ }
+
+ public<T> Future<T> create(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(POST);
+ client.addHeader(CONTENT_TYPE,typeString(df.getTypeClass()));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ df.newData().out(type).direct(t,os);
+ }
+ });
+ client.send();
+ return client.futureCreate(df.getTypeClass());
+ }
+
+ public<T> Future<T> create(String pathinfo, Class<?> cls, final RosettaDF<T> df, final T t) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(POST);
+ client.addHeader(CONTENT_TYPE,typeString(cls));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ df.newData().out(type).direct(t,os);
+ }
+ });
+ client.send();
+ return client.futureCreate(df.getTypeClass());
+ }
+
+ public<T> Future<T> create(String pathinfo, Class<T> cls) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(POST);
+ client.addHeader(CONTENT_TYPE,typeString(cls));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(null);
+ client.send();
+ return client.futureCreate(cls);
+ }
+
+ public Future<Void> create(String pathinfo, String contentType) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(POST);
+ client.addHeader(CONTENT_TYPE,contentType);
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(null);
+ client.send();
+ return client.futureCreate(Void.class);
+ }
+
+ public Future<Void> create(String pathinfo, String contentType, EClient.Transfer content) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(POST);
+ client.addHeader(CONTENT_TYPE,contentType);
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(content);
+ client.send();
+ return client.futureCreate(Void.class);
+ }
+
+
+ /**
+ * Post Data in WWW expected format, with the format tag1=value1&tag2=value2, etc
+ * Note Shortcut:
+ * Because typically, you will want to have a variable as value, you can type, as long as tag ends with "="
+ * postForm(..., "tag1=value1","tag2=",var2);
+ * @param pathinfo
+ * @param df
+ * @param cls
+ * @param formParam
+ * @return
+ * @throws APIException
+ * @throws CadiException
+ */
+ public <T> Future<T> postForm(String pathinfo, final RosettaDF<T> df, final String ... formParam) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(POST);
+ client.addHeader(CONTENT_TYPE,FORM_ENCODED);
+ switch(type) {
+ case JSON:
+ client.addHeader(ACCEPT, APPL_JSON);
+ break;
+ case XML:
+ client.addHeader(ACCEPT, APPL_XML);
+ break;
+ default:
+ break;
+ }
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(new Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ PrintStream ps;
+ if(os instanceof PrintStream) {
+ ps = (PrintStream)os;
+ } else {
+ ps = new PrintStream(os);
+ }
+ boolean first = true;
+ for(String fp : formParam) {
+ if(fp!=null) {
+ if(first) {
+ first = false;
+ } else {
+ ps.print('&');
+ }
+ if(fp.endsWith("=")) {
+ first = true;
+ }
+ ps.print(fp);
+ }
+ }
+ }});
+ client.send();
+ return client.futureRead(df,TYPE.JSON);
+ }
+
+ /**
+ * Read String, using POST for keyInfo
+ *
+ * @param pathinfo
+ * @param df
+ * @param t
+ * @param resp
+ * @return
+ * @throws APIException
+ * @throws CadiException
+ */
+ public<T> Future<String> readPost(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(POST);
+ client.addHeader(CONTENT_TYPE,typeString(df.getTypeClass()));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ df.newData().out(type).direct(t,os);
+ }
+ });
+ client.send();
+ return client.futureReadString();
+ }
+
+ /**
+ * Read using POST for keyInfo, responding with marshaled Objects
+ *
+ * @param pathinfo
+ * @param df
+ * @param t
+ * @param resp
+ * @return
+ * @throws APIException
+ * @throws CadiException
+ */
+ public<T,R> Future<R> readPost(String pathinfo, final RosettaDF<T> df, final T t, final RosettaDF<R> resp) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(POST);
+ client.addHeader(CONTENT_TYPE,typeString(df.getTypeClass()));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ df.newData().out(type).direct(t,os);
+ }
+ });
+ client.send();
+ return client.futureRead(resp,resp.getOutType());
+ }
+
+ public Future<String> readPost(String pathinfo, String contentType, String ... headers) throws CadiException, APIException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(POST);
+ client.addHeader(CONTENT_TYPE,contentType);
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ }});
+ client.send();
+ return client.futureReadString();
+ }
+
+ public Future<String> read(String pathinfo, String accept, String ... headers) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(GET);
+ client.addHeader(ACCEPT, accept);
+
+ for(int i=1;i<headers.length;i=i+2) {
+ client.addHeader(headers[i-1],headers[i]);
+ }
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(null);
+ client.send();
+ return client.futureReadString();
+ }
+
+ public<T> Future<T> read(String pathinfo, String accept, RosettaDF<T> df, String ... headers) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(GET);
+ client.addHeader(ACCEPT, accept);
+ for(int i=1;i<headers.length;i=i+2) {
+ client.addHeader(headers[i-1],headers[i]);
+ }
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(null);
+ client.send();
+ return client.futureRead(df,type);
+ }
+
+ public<T> Future<T> read(String pathinfo, RosettaDF<T> df,String ... headers) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(GET);
+ client.addHeader(ACCEPT, typeString(df.getTypeClass()));
+ for(int i=1;i<headers.length;i=i+2) {
+ client.addHeader(headers[i-1],headers[i]);
+ }
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+
+ client.setPayload(null);
+ client.send();
+ return client.futureRead(df,type);
+ }
+
+ public<T> Future<T> read(String pathinfo, Class<?> cls, RosettaDF<T> df) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(GET);
+ client.addHeader(ACCEPT, typeString(cls));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+
+ client.setPayload(null);
+ client.send();
+ return client.futureRead(df,type);
+ }
+
+ public<T> Future<T> update(String pathinfo, String contentType, final RosettaDF<T> df, final T t) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(PUT);
+ client.addHeader(CONTENT_TYPE,contentType);
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ df.newData().out(type).direct(t,os);
+ }
+ });
+ client.send();
+ return client.future(t);
+ }
+
+ public<T> Future<String> updateRespondString(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(PUT);
+ client.addHeader(CONTENT_TYPE, typeString(df.getTypeClass()));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ //String s = df.newData().out(type).load(t).asString();
+ df.newData().out(type).direct(t,os);
+ }
+ });
+ client.send();
+ return client.futureReadString();
+ }
+
+ public Future<String> update(String pathinfo, String contentType, EClient.Transfer content) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(PUT);
+ client.addHeader(CONTENT_TYPE,contentType);
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(content);
+ client.send();
+ return client.futureReadString();
+ }
+
+
+
+
+ public<T> Future<T> update(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(PUT);
+ client.addHeader(CONTENT_TYPE, typeString(df.getTypeClass()));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ df.newData().out(type).direct(t,os);
+ }
+ });
+ client.send();
+ return client.future(t);
+ }
+
+ public<T> Future<T> update(String pathinfo, Class<?> cls, final RosettaDF<T> df, final T t) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(PUT);
+ client.addHeader(CONTENT_TYPE, typeString(cls));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ df.newData().out(type).direct(t,os);
+ }
+ });
+ client.send();
+ return client.future(t);
+ }
+
+
+
+ /**
+ * A method to update with a VOID
+ * @param pathinfo
+ * @param resp
+ * @param expected
+ * @return
+ * @throws APIException
+ * @throws CadiException
+ */
+ public<T> Future<Void> update(String pathinfo) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(PUT);
+ client.addHeader(CONTENT_TYPE, typeString(Void.class));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+
+// client.setPayload(new EClient.Transfer() {
+// @Override
+// public void transfer(OutputStream os) throws IOException, APIException {
+// }
+// });
+ client.send();
+ return client.future(null);
+ }
+
+
+ public<T> Future<T> delete(String pathinfo, String contentType, final RosettaDF<T> df, final T t) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(DELETE);
+ client.addHeader(CONTENT_TYPE, contentType);
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ df.newData().out(type).direct(t,os);
+ }
+ });
+ client.send();
+ return client.future(t);
+ }
+
+ public<T> Future<T> delete(String pathinfo, Class<?> cls, final RosettaDF<T> df, final T t) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(DELETE);
+ client.addHeader(CONTENT_TYPE, typeString(cls));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ df.newData().out(type).direct(t,os);
+ }
+ });
+ client.send();
+ return client.future(t);
+ }
+
+ public<T> Future<T> delete(String pathinfo, final RosettaDF<T> df, final T t) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(DELETE);
+ client.addHeader(CONTENT_TYPE, typeString(df.getTypeClass()));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ df.newData().out(type).direct(t,os);
+ }
+ });
+
+ client.send();
+ return client.future(t);
+ }
+
+
+ public<T> Future<T> delete(String pathinfo, Class<T> cls) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(DELETE);
+ client.addHeader(CONTENT_TYPE, typeString(cls));
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+
+ client.setPayload(null);
+ client.send();
+ return client.future((T)null);
+ }
+
+ public Future<Void> delete(String pathinfo, String contentType) throws APIException, CadiException {
+ final ParsePath pp = new ParsePath(pathinfo);
+
+ EClient<CT> client = client();
+ client.setMethod(DELETE);
+ client.addHeader(CONTENT_TYPE, contentType);
+ client.setPathInfo(pp.path());
+ client.setQueryParams(pp.query());
+ client.setFragment(pp.frag());
+
+ client.setPayload(null);
+ client.send();
+ return client.future(null);
+ }
+
+ public Future<Void> transfer(final HttpServletRequest req, final HttpServletResponse resp, final String pathParam, final int expected) throws CadiException, APIException {
+ EClient<CT> client = client();
+ URI uri;
+ try {
+ uri = new URI(req.getRequestURI());
+ } catch (Exception e) {
+ throw new CadiException("Invalid incoming URI",e);
+ }
+ String name;
+ for(Enumeration<String> en = req.getHeaderNames();en.hasMoreElements();) {
+ name = en.nextElement();
+ client.addHeader(name,req.getHeader(name));
+ }
+ client.setQueryParams(req.getQueryString());
+ client.setFragment(uri.getFragment());
+ client.setPathInfo(pathParam);
+ String meth = req.getMethod();
+ client.setMethod(meth);
+ if(!"GET".equals(meth)) {
+ client.setPayload(new EClient.Transfer() {
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ final ServletInputStream is = req.getInputStream();
+ int read;
+ // reuse Buffers
+ Pooled<byte[]> pbuff = buffPool.get();
+ try {
+ while((read=is.read(pbuff.content))>=0) {
+ os.write(pbuff.content,0,read);
+ }
+ } finally {
+ pbuff.done();
+ }
+ }
+ });
+ }
+ client.send();
+ return client.future(resp, expected);
+ }
+
+ private class ParsePath {
+ private final String path;
+ private final int query;
+ private final int queryEnd;
+ private final int pound;
+ private final String queryParams;
+
+ public ParsePath(final String origPath) {
+ path = origPath;
+ if(origPath==null) {
+ query=queryEnd=pound=-1;
+ queryParams=null;
+ } else {
+ query = origPath.indexOf('?');
+ pound = origPath.indexOf('#');
+ queryEnd = pound>=0?pound:path.length();
+ if(oneCallQueryParams==null) {
+ if(query>=0) {
+ queryParams = path.substring(query+1,queryEnd);
+ } else {
+ queryParams=null;
+ }
+ } else {
+ if(query>=0) {
+ queryParams = oneCallQueryParams + '&' + path.substring(query+1,queryEnd);
+ } else {
+ queryParams = oneCallQueryParams;
+ }
+ oneCallQueryParams = null;
+ }
+ }
+ }
+
+ public String path() {
+ if(query>=0) {
+ if(pound>=0) {
+ return path.substring(pound+1);
+ }
+ return path.substring(0,query);
+ } else if(pound>=0) {
+ return path.substring(0,pound);
+ } else {
+ return path;
+ }
+ }
+
+ public String query() {
+ return queryParams;
+ }
+
+ public String frag() {
+ if(pound>=0) {
+ return path.substring(pound+1);
+ } else {
+ return null;
+ }
+ }
+ }
+
+ public String toString() {
+ return uri.toString();
+ }
+
+ public URI getURI() {
+ return uri;
+ }
+
+ public void setQueryParams(final String queryParams) {
+ oneCallQueryParams=queryParams;
+ }
} \ No newline at end of file
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Result.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Result.java
index fecb847b..e9de27e7 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Result.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Result.java
@@ -22,39 +22,39 @@
package org.onap.aaf.cadi.client;
public class Result<T> {
- public final int code;
- public final T value;
- public final String error;
+ public final int code;
+ public final T value;
+ public final String error;
- private Result(int code, T value, String error) {
- this.code = code;
- this.value = value;
- this.error = error;
- }
+ private Result(int code, T value, String error) {
+ this.code = code;
+ this.value = value;
+ this.error = error;
+ }
- public static<T> Result<T> ok(int code,T t) {
- return new Result<T>(code,t,null);
- }
-
- public static<T> Result<T> err(int code,String body) {
- return new Result<T>(code,null,body);
- }
+ public static<T> Result<T> ok(int code,T t) {
+ return new Result<T>(code,t,null);
+ }
+
+ public static<T> Result<T> err(int code,String body) {
+ return new Result<T>(code,null,body);
+ }
- public static<T> Result<T> err(Result<?> r) {
- return new Result<T>(r.code,null,r.error);
- }
+ public static<T> Result<T> err(Result<?> r) {
+ return new Result<T>(r.code,null,r.error);
+ }
- public boolean isOK() {
- return error==null;
- }
-
- public String toString() {
- StringBuilder sb = new StringBuilder("Code: ");
- sb.append(code);
- if(error!=null) {
- sb.append(" = ");
- sb.append(error);
- }
- return sb.toString();
- }
+ public boolean isOK() {
+ return error==null;
+ }
+
+ public String toString() {
+ StringBuilder sb = new StringBuilder("Code: ");
+ sb.append(code);
+ if(error!=null) {
+ sb.append(" = ");
+ sb.append(error);
+ }
+ return sb.toString();
+ }
} \ No newline at end of file
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Retryable.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Retryable.java
index 8208efe1..58e7718d 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Retryable.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Retryable.java
@@ -35,37 +35,37 @@ import org.onap.aaf.misc.env.APIException;
* @param <RET>
*/
public abstract class Retryable<RET> {
- // be able to hold state for consistent Connections. Not required for all connection types.
- public Rcli<?> lastClient;
- private Locator.Item item;
-
- public Retryable() {
- lastClient = null;
- item = null;
- }
+ // be able to hold state for consistent Connections. Not required for all connection types.
+ public Rcli<?> lastClient;
+ private Locator.Item item;
+
+ public Retryable() {
+ lastClient = null;
+ item = null;
+ }
- public Retryable(Retryable<?> ret) {
- lastClient = ret.lastClient;
- item = ret.item;
- }
+ public Retryable(Retryable<?> ret) {
+ lastClient = ret.lastClient;
+ item = ret.item;
+ }
- public Locator.Item item(Locator.Item item) {
- lastClient = null;
- this.item = item;
- return item;
- }
- public Locator.Item item() {
- return item;
- }
-
- public abstract RET code(Rcli<?> client) throws CadiException, ConnectException, APIException;
+ public Locator.Item item(Locator.Item item) {
+ lastClient = null;
+ this.item = item;
+ return item;
+ }
+ public Locator.Item item() {
+ return item;
+ }
+
+ public abstract RET code(Rcli<?> client) throws CadiException, ConnectException, APIException;
- /**
- * Note, Retryable is tightly coupled to the Client Utilizing. It will not be the wrong type.
- * @return
- */
- @SuppressWarnings("unchecked")
- public <CLIENT> Rcli<CLIENT> lastClient() {
- return (Rcli<CLIENT>)lastClient;
- }
+ /**
+ * Note, Retryable is tightly coupled to the Client Utilizing. It will not be the wrong type.
+ * @return
+ */
+ @SuppressWarnings("unchecked")
+ public <CLIENT> Rcli<CLIENT> lastClient() {
+ return (Rcli<CLIENT>)lastClient;
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HAuthorizationHeader.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HAuthorizationHeader.java
index 787c5c29..3c38ff8d 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HAuthorizationHeader.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HAuthorizationHeader.java
@@ -31,24 +31,24 @@ import org.onap.aaf.cadi.client.AbsAuthentication;
import org.onap.aaf.cadi.config.SecurityInfoC;
public class HAuthorizationHeader extends AbsAuthentication<HttpURLConnection> {
-
- public HAuthorizationHeader(SecurityInfoC<HttpURLConnection> si, String user, String headValue) throws IOException {
- super(si,user,headValue==null?null:headValue.getBytes());
- }
+
+ public HAuthorizationHeader(SecurityInfoC<HttpURLConnection> si, String user, String headValue) throws IOException {
+ super(si,user,headValue==null?null:headValue.getBytes());
+ }
- @Override
- public void setSecurity(HttpURLConnection huc) throws CadiException {
- if(isDenied()) {
- throw new CadiException(REPEAT_OFFENDER);
- }
- try {
- huc.addRequestProperty(AUTHORIZATION , headValue());
- } catch (IOException e) {
- throw new CadiException(e);
- }
- if(securityInfo!=null && huc instanceof HttpsURLConnection) {
- securityInfo.setSocketFactoryOn((HttpsURLConnection)huc);
- }
- }
+ @Override
+ public void setSecurity(HttpURLConnection huc) throws CadiException {
+ if(isDenied()) {
+ throw new CadiException(REPEAT_OFFENDER);
+ }
+ try {
+ huc.addRequestProperty(AUTHORIZATION , headValue());
+ } catch (IOException e) {
+ throw new CadiException(e);
+ }
+ if(securityInfo!=null && huc instanceof HttpsURLConnection) {
+ securityInfo.setSocketFactoryOn((HttpsURLConnection)huc);
+ }
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java
index 9e86c7fb..e4ab6d72 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java
@@ -31,38 +31,38 @@ import org.onap.aaf.cadi.config.SecurityInfoC;
import org.onap.aaf.cadi.principal.BasicPrincipal;
public class HBasicAuthSS extends HAuthorizationHeader implements BasicAuth {
- public HBasicAuthSS(SecurityInfoC<HttpURLConnection> si, String user, String password) throws IOException {
- super(si, user, "Basic " + Symm.base64noSplit.encode(user + ':' + password));
- }
+ public HBasicAuthSS(SecurityInfoC<HttpURLConnection> si, String user, String password) throws IOException {
+ super(si, user, "Basic " + Symm.base64noSplit.encode(user + ':' + password));
+ }
- public HBasicAuthSS(SecurityInfoC<HttpURLConnection> si) throws IOException {
- this(si,si.access.getProperty(Config.AAF_APPID, null),
- si.access.decrypt(si.access.getProperty(Config.AAF_APPPASS, null), false));
- }
-
- public HBasicAuthSS(SecurityInfoC<HttpURLConnection> si, boolean setDefault) throws IOException {
- this(si,si.access.getProperty(Config.AAF_APPID, null),
- si.access.decrypt(si.access.getProperty(Config.AAF_APPPASS, null), false),setDefault);
- }
-
+ public HBasicAuthSS(SecurityInfoC<HttpURLConnection> si) throws IOException {
+ this(si,si.access.getProperty(Config.AAF_APPID, null),
+ si.access.decrypt(si.access.getProperty(Config.AAF_APPPASS, null), false));
+ }
+
+ public HBasicAuthSS(SecurityInfoC<HttpURLConnection> si, boolean setDefault) throws IOException {
+ this(si,si.access.getProperty(Config.AAF_APPID, null),
+ si.access.decrypt(si.access.getProperty(Config.AAF_APPPASS, null), false),setDefault);
+ }
+
- public HBasicAuthSS(SecurityInfoC<HttpURLConnection> si, String user, String pass, boolean asDefault) throws IOException {
- this(si, user,pass);
- if(asDefault) {
- si.set(this);
- }
- }
-
- public HBasicAuthSS(BasicPrincipal bp, SecurityInfoC<HttpURLConnection> si) throws IOException {
- this(si, bp.getName(),new String(bp.getCred()));
- }
-
- public HBasicAuthSS(BasicPrincipal bp, SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws IOException {
- this(si, bp.getName(),new String(bp.getCred()));
- if(asDefault) {
- si.set(this);
- }
- }
+ public HBasicAuthSS(SecurityInfoC<HttpURLConnection> si, String user, String pass, boolean asDefault) throws IOException {
+ this(si, user,pass);
+ if(asDefault) {
+ si.set(this);
+ }
+ }
+
+ public HBasicAuthSS(BasicPrincipal bp, SecurityInfoC<HttpURLConnection> si) throws IOException {
+ this(si, bp.getName(),new String(bp.getCred()));
+ }
+
+ public HBasicAuthSS(BasicPrincipal bp, SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws IOException {
+ this(si, bp.getName(),new String(bp.getCred()));
+ if(asDefault) {
+ si.set(this);
+ }
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java
index a3dac7da..1d3d9547 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java
@@ -54,388 +54,388 @@ import org.onap.aaf.misc.rosetta.env.RosettaDF;
*
*/
public class HClient implements EClient<HttpURLConnection> {
- private URI uri;
- private ArrayList<Header> headers;
- private String meth;
- private String pathinfo;
- private String query;
- private String fragment;
- private Transfer transfer;
- private SecuritySetter<HttpURLConnection> ss;
- private HttpURLConnection huc;
- private int connectTimeout;
+ private URI uri;
+ private ArrayList<Header> headers;
+ private String meth;
+ private String pathinfo;
+ private String query;
+ private String fragment;
+ private Transfer transfer;
+ private SecuritySetter<HttpURLConnection> ss;
+ private HttpURLConnection huc;
+ private int connectTimeout;
- public HClient(SecuritySetter<HttpURLConnection> ss, URI uri,int connectTimeout) throws LocatorException {
- if (uri == null) {
- throw new LocatorException("No Service available to call");
- }
- this.uri = uri;
- this.ss = ss;
- this.connectTimeout = connectTimeout;
- pathinfo = query = fragment = null;
- }
+ public HClient(SecuritySetter<HttpURLConnection> ss, URI uri,int connectTimeout) throws LocatorException {
+ if (uri == null) {
+ throw new LocatorException("No Service available to call");
+ }
+ this.uri = uri;
+ this.ss = ss;
+ this.connectTimeout = connectTimeout;
+ pathinfo = query = fragment = null;
+ }
- @Override
- public void setMethod(String meth) {
- this.meth = meth;
- }
+ @Override
+ public void setMethod(String meth) {
+ this.meth = meth;
+ }
- @Override
- public void setPathInfo(String pathinfo) {
- this.pathinfo = pathinfo;
- }
+ @Override
+ public void setPathInfo(String pathinfo) {
+ this.pathinfo = pathinfo;
+ }
- @Override
- public void setPayload(Transfer transfer) {
- this.transfer = transfer;
- }
-
- @Override
- public void addHeader(String tag, String value) {
- if (headers == null)
- headers = new ArrayList<>();
- headers.add(new Header(tag, value));
- }
+ @Override
+ public void setPayload(Transfer transfer) {
+ this.transfer = transfer;
+ }
+
+ @Override
+ public void addHeader(String tag, String value) {
+ if (headers == null)
+ headers = new ArrayList<>();
+ headers.add(new Header(tag, value));
+ }
- @Override
- public void setQueryParams(String q) {
- query = q;
- }
+ @Override
+ public void setQueryParams(String q) {
+ query = q;
+ }
- @Override
- public void setFragment(String f) {
- fragment = f;
- }
+ @Override
+ public void setFragment(String f) {
+ fragment = f;
+ }
- @Override
- public void send() throws APIException {
- try {
- // Build URL from given URI plus current Settings
- if(uri.getPath()==null) {
- throw new APIException("Invalid URL entered for HClient");
- }
- StringBuilder pi=null;
- if(pathinfo!=null) { // additional pathinfo
- pi = new StringBuilder(uri.getPath());
- if(!pathinfo.startsWith("/")) {
- pi.append('/');
- }
- pi.append(pathinfo);
- }
- URI sendURI = new URI(
- uri.getScheme(),
- uri.getUserInfo(),
- uri.getHost(),
- uri.getPort(),
- pi==null?uri.getPath():pi.toString(),
- query==null?uri.getQuery():query,
- fragment==null?uri.getFragment():fragment
- );
- huc = getConnection(sendURI, pi);
- huc.setRequestMethod(meth);
- if(ss!=null) {
- ss.setSecurity(huc);
- }
- if (headers != null)
- for (Header d : headers) {
- huc.addRequestProperty(d.tag, d.value);
- }
- huc.setDoInput(true);
- huc.setDoOutput(true);
- huc.setUseCaches(false);
- huc.setConnectTimeout(connectTimeout);
- huc.connect();
- if (transfer != null) {
- transfer.transfer(huc.getOutputStream());
- }
- // TODO other settings? There's a bunch here.
- } catch (Exception e) {
- throw new APIException(e);
- } finally { // ensure all these are reset after sends
- meth=pathinfo=null;
- if(headers!=null) {
- headers.clear();
- }
- pathinfo = query = fragment = "";
- }
- }
-
- public URI getURI() {
- return uri;
- }
+ @Override
+ public void send() throws APIException {
+ try {
+ // Build URL from given URI plus current Settings
+ if(uri.getPath()==null) {
+ throw new APIException("Invalid URL entered for HClient");
+ }
+ StringBuilder pi=null;
+ if(pathinfo!=null) { // additional pathinfo
+ pi = new StringBuilder(uri.getPath());
+ if(!pathinfo.startsWith("/")) {
+ pi.append('/');
+ }
+ pi.append(pathinfo);
+ }
+ URI sendURI = new URI(
+ uri.getScheme(),
+ uri.getUserInfo(),
+ uri.getHost(),
+ uri.getPort(),
+ pi==null?uri.getPath():pi.toString(),
+ query==null?uri.getQuery():query,
+ fragment==null?uri.getFragment():fragment
+ );
+ huc = getConnection(sendURI, pi);
+ huc.setRequestMethod(meth);
+ if(ss!=null) {
+ ss.setSecurity(huc);
+ }
+ if (headers != null)
+ for (Header d : headers) {
+ huc.addRequestProperty(d.tag, d.value);
+ }
+ huc.setDoInput(true);
+ huc.setDoOutput(true);
+ huc.setUseCaches(false);
+ huc.setConnectTimeout(connectTimeout);
+ huc.connect();
+ if (transfer != null) {
+ transfer.transfer(huc.getOutputStream());
+ }
+ // TODO other settings? There's a bunch here.
+ } catch (Exception e) {
+ throw new APIException(e);
+ } finally { // ensure all these are reset after sends
+ meth=pathinfo=null;
+ if(headers!=null) {
+ headers.clear();
+ }
+ pathinfo = query = fragment = "";
+ }
+ }
+
+ public URI getURI() {
+ return uri;
+ }
- public int timeout() {
- return connectTimeout;
- }
-
- protected HttpURLConnection getConnection(URI uri, StringBuilder pi) throws IOException, URISyntaxException {
- URL url = new URI(
- uri.getScheme(),
- uri.getUserInfo(),
- uri.getHost(),
- uri.getPort(),
- pi==null?uri.getPath():pi.toString(),
- query,
- fragment).toURL();
- return (HttpURLConnection) url.openConnection();
- }
-
- public abstract class HFuture<T> extends Future<T> {
- protected HttpURLConnection huc;
- protected int respCode;
- protected IOException exception;
- protected StringBuilder errContent;
-
- public HFuture(final HttpURLConnection huc) {
- this.huc = huc;
- }
-
- protected boolean evalInfo(HttpURLConnection huc) throws APIException, IOException{
- return respCode == 200;
- };
-
- @Override
- public final boolean get(int timeout) throws CadiException {
- try {
- huc.setReadTimeout(timeout);
- respCode = huc.getResponseCode();
- ss.setLastResponse(respCode);
- if(evalInfo(huc)) {
- return true;
- } else {
- extractError();
- return false;
- }
- } catch (IOException | APIException e) {
- throw new CadiException(e);
- } finally {
- close();
- }
- }
-
- private void extractError() {
- InputStream is = huc.getErrorStream();
- try {
- if(is==null) {
- is = huc.getInputStream();
- }
- if(is!=null) {
- errContent = new StringBuilder();
- int c;
- while((c=is.read())>=0) {
- errContent.append((char)c);
- }
- }
- } catch (IOException e) {
- exception = e;
- }
- }
-
- // Typically only used by Read
- public StringBuilder inputStreamToString(InputStream is) {
- // Avoids Carriage returns, and is reasonably efficient, given
- // the buffer reads.
- try {
- StringBuilder sb = new StringBuilder();
- Reader rdr = new InputStreamReader(is);
- try {
- char[] buf = new char[256];
- int read;
- while ((read = rdr.read(buf)) >= 0) {
- sb.append(buf, 0, read);
- }
- } finally {
- rdr.close();
- }
- return sb;
- } catch (IOException e) {
- exception = e;
- return null;
- }
- }
-
-
- @Override
- public int code() {
- return respCode;
- }
-
- public HttpURLConnection huc() {
- return huc;
- }
-
- public IOException exception() {
- return exception;
- }
-
- @Override
- public String header(String tag) {
- return huc.getHeaderField(tag);
- }
-
- public void close() {
- if(huc!=null) {
- huc.disconnect();
- }
- }
- }
+ public int timeout() {
+ return connectTimeout;
+ }
+
+ protected HttpURLConnection getConnection(URI uri, StringBuilder pi) throws IOException, URISyntaxException {
+ URL url = new URI(
+ uri.getScheme(),
+ uri.getUserInfo(),
+ uri.getHost(),
+ uri.getPort(),
+ pi==null?uri.getPath():pi.toString(),
+ query,
+ fragment).toURL();
+ return (HttpURLConnection) url.openConnection();
+ }
+
+ public abstract class HFuture<T> extends Future<T> {
+ protected HttpURLConnection huc;
+ protected int respCode;
+ protected IOException exception;
+ protected StringBuilder errContent;
+
+ public HFuture(final HttpURLConnection huc) {
+ this.huc = huc;
+ }
+
+ protected boolean evalInfo(HttpURLConnection huc) throws APIException, IOException{
+ return respCode == 200;
+ };
+
+ @Override
+ public final boolean get(int timeout) throws CadiException {
+ try {
+ huc.setReadTimeout(timeout);
+ respCode = huc.getResponseCode();
+ ss.setLastResponse(respCode);
+ if(evalInfo(huc)) {
+ return true;
+ } else {
+ extractError();
+ return false;
+ }
+ } catch (IOException | APIException e) {
+ throw new CadiException(e);
+ } finally {
+ close();
+ }
+ }
+
+ private void extractError() {
+ InputStream is = huc.getErrorStream();
+ try {
+ if(is==null) {
+ is = huc.getInputStream();
+ }
+ if(is!=null) {
+ errContent = new StringBuilder();
+ int c;
+ while((c=is.read())>=0) {
+ errContent.append((char)c);
+ }
+ }
+ } catch (IOException e) {
+ exception = e;
+ }
+ }
+
+ // Typically only used by Read
+ public StringBuilder inputStreamToString(InputStream is) {
+ // Avoids Carriage returns, and is reasonably efficient, given
+ // the buffer reads.
+ try {
+ StringBuilder sb = new StringBuilder();
+ Reader rdr = new InputStreamReader(is);
+ try {
+ char[] buf = new char[256];
+ int read;
+ while ((read = rdr.read(buf)) >= 0) {
+ sb.append(buf, 0, read);
+ }
+ } finally {
+ rdr.close();
+ }
+ return sb;
+ } catch (IOException e) {
+ exception = e;
+ return null;
+ }
+ }
+
+
+ @Override
+ public int code() {
+ return respCode;
+ }
+
+ public HttpURLConnection huc() {
+ return huc;
+ }
+
+ public IOException exception() {
+ return exception;
+ }
+
+ @Override
+ public String header(String tag) {
+ return huc.getHeaderField(tag);
+ }
+
+ public void close() {
+ if(huc!=null) {
+ huc.disconnect();
+ }
+ }
+ }
- @Override
- public <T> Future<T> futureCreate(Class<T> t) {
- return new HFuture<T>(huc) {
- public boolean evalInfo(HttpURLConnection huc) {
- return respCode==201;
- }
+ @Override
+ public <T> Future<T> futureCreate(Class<T> t) {
+ return new HFuture<T>(huc) {
+ public boolean evalInfo(HttpURLConnection huc) {
+ return respCode==201;
+ }
- @Override
- public String body() {
- if (errContent != null) {
- return errContent.toString();
- }
- return "";
- }
- };
- }
+ @Override
+ public String body() {
+ if (errContent != null) {
+ return errContent.toString();
+ }
+ return "";
+ }
+ };
+ }
- @Override
- public Future<String> futureReadString() {
- return new HFuture<String>(huc) {
- public boolean evalInfo(HttpURLConnection huc) throws IOException {
- if (respCode == 200) {
- StringBuilder sb = inputStreamToString(huc.getInputStream());
- if (sb != null) {
- value = sb.toString();
- }
- return true;
- }
- return false;
- }
+ @Override
+ public Future<String> futureReadString() {
+ return new HFuture<String>(huc) {
+ public boolean evalInfo(HttpURLConnection huc) throws IOException {
+ if (respCode == 200) {
+ StringBuilder sb = inputStreamToString(huc.getInputStream());
+ if (sb != null) {
+ value = sb.toString();
+ }
+ return true;
+ }
+ return false;
+ }
- @Override
- public String body() {
- if (value != null) {
- return value;
- } else if (errContent != null) {
- return errContent.toString();
- }
- return "";
- }
+ @Override
+ public String body() {
+ if (value != null) {
+ return value;
+ } else if (errContent != null) {
+ return errContent.toString();
+ }
+ return "";
+ }
- };
- }
+ };
+ }
- @Override
- public <T> Future<T> futureRead(final RosettaDF<T> df, final TYPE type) {
- return new HFuture<T>(huc) {
- private Data<T> data;
+ @Override
+ public <T> Future<T> futureRead(final RosettaDF<T> df, final TYPE type) {
+ return new HFuture<T>(huc) {
+ private Data<T> data;
- public boolean evalInfo(HttpURLConnection huc) throws APIException, IOException {
- if (respCode == 200) {
- data = df.newData().in(type).load(huc.getInputStream());
- value = data.asObject();
- return true;
- }
- return false;
- }
+ public boolean evalInfo(HttpURLConnection huc) throws APIException, IOException {
+ if (respCode == 200) {
+ data = df.newData().in(type).load(huc.getInputStream());
+ value = data.asObject();
+ return true;
+ }
+ return false;
+ }
- @Override
- public String body() {
- if (data != null) {
- try {
- return data.asString();
- } catch (APIException e) {
- }
- } else if (errContent != null) {
- return errContent.toString();
- }
- return "";
- }
- };
- }
+ @Override
+ public String body() {
+ if (data != null) {
+ try {
+ return data.asString();
+ } catch (APIException e) {
+ }
+ } else if (errContent != null) {
+ return errContent.toString();
+ }
+ return "";
+ }
+ };
+ }
- @Override
- public <T> Future<T> future(final T t) {
- return new HFuture<T>(huc) {
- public boolean evalInfo(HttpURLConnection huc) {
- if (respCode == 200) {
- value = t;
- return true;
- }
- return false;
- }
+ @Override
+ public <T> Future<T> future(final T t) {
+ return new HFuture<T>(huc) {
+ public boolean evalInfo(HttpURLConnection huc) {
+ if (respCode == 200) {
+ value = t;
+ return true;
+ }
+ return false;
+ }
- @Override
- public String body() {
- if (errContent != null) {
- return errContent.toString();
- }
- return Integer.toString(respCode);
- }
- };
- }
+ @Override
+ public String body() {
+ if (errContent != null) {
+ return errContent.toString();
+ }
+ return Integer.toString(respCode);
+ }
+ };
+ }
- @Override
- public Future<Void> future(final HttpServletResponse resp, final int expected) throws APIException {
- return new HFuture<Void>(huc) {
- public boolean evalInfo(HttpURLConnection huc) throws IOException, APIException {
- resp.setStatus(respCode);
- int read;
- InputStream is;
- OutputStream os = resp.getOutputStream();
- if(respCode==expected) {
- is = huc.getInputStream();
- // reuse Buffers
- Pooled<byte[]> pbuff = Rcli.buffPool.get();
- try {
- while((read=is.read(pbuff.content))>=0) {
- os.write(pbuff.content,0,read);
- }
- } finally {
- pbuff.done();
- }
- return true;
- } else {
- is = huc.getErrorStream();
- if(is==null) {
- is = huc.getInputStream();
- }
- if(is!=null) {
- errContent = new StringBuilder();
- Pooled<byte[]> pbuff = Rcli.buffPool.get();
- try {
- while((read=is.read(pbuff.content))>=0) {
- os.write(pbuff.content,0,read);
- }
- } finally {
- pbuff.done();
- }
- }
- }
- return false;
- }
+ @Override
+ public Future<Void> future(final HttpServletResponse resp, final int expected) throws APIException {
+ return new HFuture<Void>(huc) {
+ public boolean evalInfo(HttpURLConnection huc) throws IOException, APIException {
+ resp.setStatus(respCode);
+ int read;
+ InputStream is;
+ OutputStream os = resp.getOutputStream();
+ if(respCode==expected) {
+ is = huc.getInputStream();
+ // reuse Buffers
+ Pooled<byte[]> pbuff = Rcli.buffPool.get();
+ try {
+ while((read=is.read(pbuff.content))>=0) {
+ os.write(pbuff.content,0,read);
+ }
+ } finally {
+ pbuff.done();
+ }
+ return true;
+ } else {
+ is = huc.getErrorStream();
+ if(is==null) {
+ is = huc.getInputStream();
+ }
+ if(is!=null) {
+ errContent = new StringBuilder();
+ Pooled<byte[]> pbuff = Rcli.buffPool.get();
+ try {
+ while((read=is.read(pbuff.content))>=0) {
+ os.write(pbuff.content,0,read);
+ }
+ } finally {
+ pbuff.done();
+ }
+ }
+ }
+ return false;
+ }
- @Override
- public String body() {
- return errContent==null?null:errContent.toString();
- }
- };
- }
+ @Override
+ public String body() {
+ return errContent==null?null:errContent.toString();
+ }
+ };
+ }
- private static class Header {
- public final String tag;
- public final String value;
+ private static class Header {
+ public final String tag;
+ public final String value;
- public Header(String t, String v) {
- this.tag = t;
- this.value = v;
- }
-
- public String toString() {
- return tag + '=' + value;
- }
- }
-
- public String toString() {
- return "HttpURLConnection Client configured to " + uri.toString();
- }
+ public Header(String t, String v) {
+ this.tag = t;
+ this.value = v;
+ }
+
+ public String toString() {
+ return tag + '=' + value;
+ }
+ }
+
+ public String toString() {
+ return "HttpURLConnection Client configured to " + uri.toString();
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java
index 772a499c..da349efc 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java
@@ -41,202 +41,202 @@ import org.onap.aaf.cadi.client.Retryable;
import org.onap.aaf.misc.env.APIException;
public class HMangr {
- private String apiVersion;
- private int readTimeout, connectionTimeout;
- public final Locator<URI> loc;
- private Access access;
-
- public HMangr(Access access, Locator<URI> loc) throws LocatorException {
- readTimeout = 10000;
- connectionTimeout=3000;
- if(loc == null) {
- throw new LocatorException("Null Locator passed");
- }
- this.loc = loc;
- this.access = access;
- }
+ private String apiVersion;
+ private int readTimeout, connectionTimeout;
+ public final Locator<URI> loc;
+ private Access access;
+
+ public HMangr(Access access, Locator<URI> loc) throws LocatorException {
+ readTimeout = 10000;
+ connectionTimeout=3000;
+ if(loc == null) {
+ throw new LocatorException("Null Locator passed");
+ }
+ this.loc = loc;
+ this.access = access;
+ }
- /**
- * Reuse the same service. This is helpful for multiple calls that change service side cached data so that
- * there is not a speed issue.
- *
- * If the service goes down, another service will be substituted, if available.
- *
- * @param access
- * @param loc
- * @param ss
- * @param item
- * @param retryable
- * @return
- * @throws URISyntaxException
- * @throws Exception
- */
- public<RET> RET same(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) throws APIException, CadiException, LocatorException {
- RET ret = null;
- boolean retry = true;
- Rcli<HttpURLConnection> client = retryable.lastClient();
- try {
- do {
- Item item;
- // if no previous state, get the best
- if(retryable.item()==null) {
- item = loc.best();
- if(item==null) {
- throw new LocatorException("No Services Found for " + loc);
- }
- retryable.item(item);
- retryable.lastClient = null;
- }
- if(client==null) {
- item = retryable.item();
- URI uri=loc.get(item);
- if(uri==null) {
- loc.invalidate(retryable.item());
- if(loc.hasItems()) {
- retryable.item(loc.next(retryable.item()));
- continue;
- } else {
- throw new LocatorException("No clients available for " + loc.toString());
- }
- }
- client = new HRcli(this, uri,item,ss)
- .connectionTimeout(connectionTimeout)
- .readTimeout(readTimeout)
- .apiVersion(apiVersion);
- } else {
- client.setSecuritySetter(ss);
- }
-
- retry = false;
- try {
- ret = retryable.code(client);
- } catch (APIException | CadiException e) {
- item = retryable.item();
- loc.invalidate(item);
- retryable.item(loc.next(item));
- try {
- Throwable ec = e.getCause();
- if(ec instanceof java.net.ConnectException) {
- if(client!=null && loc.hasItems()) {
- access.log(Level.WARN,"Connection refused, trying next available service");
- retry = true;
- } else {
- throw new CadiException("Connection refused, no more services to try");
- }
- } else if(ec instanceof java.net.SocketException) {
- if(client!=null && loc.hasItems()) {
- access.log(Level.WARN,"Socket prematurely closed, trying next available service");
- retry = true;
- } else {
- throw new CadiException("Socket prematurely closed, no more services to try");
- }
- } else if(ec instanceof SocketException) {
- if("java.net.SocketException: Connection reset".equals(ec.getMessage())) {
- access.log(Level.ERROR, ec.getMessage(), " can mean Certificate Expiration or TLS Protocol issues");
- }
- retryable.item(null);
- throw e;
- } else {
- retryable.item(null);
- throw e;
- }
- } finally {
- client = null;
- }
- } catch (ConnectException e) {
- item = retryable.item();
- loc.invalidate(item);
- retryable.item(loc.next(item));
- }
- } while(retry);
- } finally {
- retryable.lastClient = client;
- }
- return ret;
- }
-
-
- public<RET> RET best(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
- retryable.item(loc.best());
- return same(ss,retryable);
- }
- public<RET> RET all(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
- return oneOf(ss,retryable,true,null);
- }
+ /**
+ * Reuse the same service. This is helpful for multiple calls that change service side cached data so that
+ * there is not a speed issue.
+ *
+ * If the service goes down, another service will be substituted, if available.
+ *
+ * @param access
+ * @param loc
+ * @param ss
+ * @param item
+ * @param retryable
+ * @return
+ * @throws URISyntaxException
+ * @throws Exception
+ */
+ public<RET> RET same(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) throws APIException, CadiException, LocatorException {
+ RET ret = null;
+ boolean retry = true;
+ Rcli<HttpURLConnection> client = retryable.lastClient();
+ try {
+ do {
+ Item item;
+ // if no previous state, get the best
+ if(retryable.item()==null) {
+ item = loc.best();
+ if(item==null) {
+ throw new LocatorException("No Services Found for " + loc);
+ }
+ retryable.item(item);
+ retryable.lastClient = null;
+ }
+ if(client==null) {
+ item = retryable.item();
+ URI uri=loc.get(item);
+ if(uri==null) {
+ loc.invalidate(retryable.item());
+ if(loc.hasItems()) {
+ retryable.item(loc.next(retryable.item()));
+ continue;
+ } else {
+ throw new LocatorException("No clients available for " + loc.toString());
+ }
+ }
+ client = new HRcli(this, uri,item,ss)
+ .connectionTimeout(connectionTimeout)
+ .readTimeout(readTimeout)
+ .apiVersion(apiVersion);
+ } else {
+ client.setSecuritySetter(ss);
+ }
+
+ retry = false;
+ try {
+ ret = retryable.code(client);
+ } catch (APIException | CadiException e) {
+ item = retryable.item();
+ loc.invalidate(item);
+ retryable.item(loc.next(item));
+ try {
+ Throwable ec = e.getCause();
+ if(ec instanceof java.net.ConnectException) {
+ if(client!=null && loc.hasItems()) {
+ access.log(Level.WARN,"Connection refused, trying next available service");
+ retry = true;
+ } else {
+ throw new CadiException("Connection refused, no more services to try");
+ }
+ } else if(ec instanceof java.net.SocketException) {
+ if(client!=null && loc.hasItems()) {
+ access.log(Level.WARN,"Socket prematurely closed, trying next available service");
+ retry = true;
+ } else {
+ throw new CadiException("Socket prematurely closed, no more services to try");
+ }
+ } else if(ec instanceof SocketException) {
+ if("java.net.SocketException: Connection reset".equals(ec.getMessage())) {
+ access.log(Level.ERROR, ec.getMessage(), " can mean Certificate Expiration or TLS Protocol issues");
+ }
+ retryable.item(null);
+ throw e;
+ } else {
+ retryable.item(null);
+ throw e;
+ }
+ } finally {
+ client = null;
+ }
+ } catch (ConnectException e) {
+ item = retryable.item();
+ loc.invalidate(item);
+ retryable.item(loc.next(item));
+ }
+ } while(retry);
+ } finally {
+ retryable.lastClient = client;
+ }
+ return ret;
+ }
+
+
+ public<RET> RET best(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
+ retryable.item(loc.best());
+ return same(ss,retryable);
+ }
+ public<RET> RET all(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) throws LocatorException, CadiException, APIException {
+ return oneOf(ss,retryable,true,null);
+ }
- public<RET> RET all(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable,boolean notify) throws LocatorException, CadiException, APIException {
- return oneOf(ss,retryable,notify,null);
- }
-
- public<RET> RET oneOf(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable,boolean notify,String host) throws LocatorException, CadiException, APIException {
- RET ret = null;
- // make sure we have all current references:
- loc.refresh();
- for(Item li=loc.first();li!=null;li=loc.next(li)) {
- URI uri=loc.get(li);
- if(host!=null && !host.equals(uri.getHost())) {
- break;
- }
- try {
- ret = retryable.code(new HRcli(this,uri,li,ss));
- access.log(Level.DEBUG,"Success calling",uri,"during call to all services");
- } catch (APIException | CadiException e) {
- Throwable t = e.getCause();
- if(t!=null && t instanceof ConnectException) {
- loc.invalidate(li);
- access.log(Level.ERROR,"Connection to",uri,"refused during call to all services");
- } else if(t instanceof SSLHandshakeException) {
- access.log(Level.ERROR,t.getMessage());
- loc.invalidate(li);
- } else if(t instanceof SocketException) {
- if("java.net.SocketException: Connection reset".equals(t.getMessage())) {
- access.log(Level.ERROR, t.getMessage(), " can mean Certificate Expiration or TLS Protocol issues");
- }
- retryable.item(null);
- throw e;
- } else {
- throw e;
- }
- } catch (ConnectException e) {
- loc.invalidate(li);
- access.log(Level.ERROR,"Connection to",uri,"refused during call to all services");
- }
- }
-
- if(ret == null && notify)
- throw new LocatorException("No available clients to call");
- return ret;
- }
-
+ public<RET> RET all(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable,boolean notify) throws LocatorException, CadiException, APIException {
+ return oneOf(ss,retryable,notify,null);
+ }
+
+ public<RET> RET oneOf(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable,boolean notify,String host) throws LocatorException, CadiException, APIException {
+ RET ret = null;
+ // make sure we have all current references:
+ loc.refresh();
+ for(Item li=loc.first();li!=null;li=loc.next(li)) {
+ URI uri=loc.get(li);
+ if(host!=null && !host.equals(uri.getHost())) {
+ break;
+ }
+ try {
+ ret = retryable.code(new HRcli(this,uri,li,ss));
+ access.log(Level.DEBUG,"Success calling",uri,"during call to all services");
+ } catch (APIException | CadiException e) {
+ Throwable t = e.getCause();
+ if(t!=null && t instanceof ConnectException) {
+ loc.invalidate(li);
+ access.log(Level.ERROR,"Connection to",uri,"refused during call to all services");
+ } else if(t instanceof SSLHandshakeException) {
+ access.log(Level.ERROR,t.getMessage());
+ loc.invalidate(li);
+ } else if(t instanceof SocketException) {
+ if("java.net.SocketException: Connection reset".equals(t.getMessage())) {
+ access.log(Level.ERROR, t.getMessage(), " can mean Certificate Expiration or TLS Protocol issues");
+ }
+ retryable.item(null);
+ throw e;
+ } else {
+ throw e;
+ }
+ } catch (ConnectException e) {
+ loc.invalidate(li);
+ access.log(Level.ERROR,"Connection to",uri,"refused during call to all services");
+ }
+ }
+
+ if(ret == null && notify)
+ throw new LocatorException("No available clients to call");
+ return ret;
+ }
+
- public void close() {
- // TODO Anything here?
- }
+ public void close() {
+ // TODO Anything here?
+ }
- public HMangr readTimeout(int timeout) {
- this.readTimeout = timeout;
- return this;
- }
+ public HMangr readTimeout(int timeout) {
+ this.readTimeout = timeout;
+ return this;
+ }
- public int readTimeout() {
- return readTimeout;
- }
-
- public void connectionTimeout(int t) {
- connectionTimeout = t;
- }
+ public int readTimeout() {
+ return readTimeout;
+ }
+
+ public void connectionTimeout(int t) {
+ connectionTimeout = t;
+ }
- public int connectionTimeout() {
- return connectionTimeout;
- }
+ public int connectionTimeout() {
+ return connectionTimeout;
+ }
- public HMangr apiVersion(String version) {
- apiVersion = version;
- return this;
- }
+ public HMangr apiVersion(String version) {
+ apiVersion = version;
+ return this;
+ }
- public String apiVersion() {
- return apiVersion;
- }
+ public String apiVersion() {
+ return apiVersion;
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HNoAuthSS.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HNoAuthSS.java
index b857f3ad..0f1c8b41 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HNoAuthSS.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HNoAuthSS.java
@@ -31,15 +31,15 @@ import org.onap.aaf.cadi.client.AbsAuthentication;
import org.onap.aaf.cadi.config.SecurityInfoC;
public class HNoAuthSS extends AbsAuthentication<HttpURLConnection> {
- public HNoAuthSS(SecurityInfoC<HttpURLConnection> si) throws IOException {
- super(si,"noauth",null);
- }
+ public HNoAuthSS(SecurityInfoC<HttpURLConnection> si) throws IOException {
+ super(si,"noauth",null);
+ }
- @Override
- public void setSecurity(HttpURLConnection client) throws CadiException {
- if(securityInfo!=null && client instanceof HttpsURLConnection) {
- securityInfo.setSocketFactoryOn((HttpsURLConnection)client);
- }
- }
+ @Override
+ public void setSecurity(HttpURLConnection client) throws CadiException {
+ if(securityInfo!=null && client instanceof HttpsURLConnection) {
+ securityInfo.setSocketFactoryOn((HttpsURLConnection)client);
+ }
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java
index 908b895b..674936d7 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java
@@ -44,87 +44,87 @@ import org.onap.aaf.misc.env.Data.TYPE;
* @param <T>
*/
public class HRcli extends Rcli<HttpURLConnection> {
- private HMangr hman;
- private Item item;
- private SecuritySetter<HttpURLConnection> ss;
+ private HMangr hman;
+ private Item item;
+ private SecuritySetter<HttpURLConnection> ss;
- public HRcli(HMangr hman, Item locItem, SecuritySetter<HttpURLConnection> secSet) throws URISyntaxException, LocatorException {
- item=locItem;
- uri=hman.loc.get(locItem);
- this.hman = hman;
- ss=secSet;
- type = TYPE.JSON;
- apiVersion = hman.apiVersion();
- }
+ public HRcli(HMangr hman, Item locItem, SecuritySetter<HttpURLConnection> secSet) throws URISyntaxException, LocatorException {
+ item=locItem;
+ uri=hman.loc.get(locItem);
+ this.hman = hman;
+ ss=secSet;
+ type = TYPE.JSON;
+ apiVersion = hman.apiVersion();
+ }
- public HRcli(HMangr hman, URI uri, Item locItem, SecuritySetter<HttpURLConnection> secSet) {
- item=locItem;
- this.uri = uri;
- this.hman = hman;
- ss=secSet;
- type = TYPE.JSON;
- apiVersion = hman.apiVersion();
- }
+ public HRcli(HMangr hman, URI uri, Item locItem, SecuritySetter<HttpURLConnection> secSet) {
+ item=locItem;
+ this.uri = uri;
+ this.hman = hman;
+ ss=secSet;
+ type = TYPE.JSON;
+ apiVersion = hman.apiVersion();
+ }
- @Override
- protected HRcli clone(URI uri, SecuritySetter<HttpURLConnection> ss) {
- return new HRcli(hman,uri,item,ss);
- }
+ @Override
+ protected HRcli clone(URI uri, SecuritySetter<HttpURLConnection> ss) {
+ return new HRcli(hman,uri,item,ss);
+ }
- /**
- *
- * @return
- * @throws APIException
- * @throws DME2Exception
- */
- protected EClient<HttpURLConnection> client() throws CadiException {
- try {
- if(uri==null) {
- Item item = hman.loc.best();
- if(item==null) {
- throw new CadiException("No service available for " + hman.loc.toString());
- }
- uri = hman.loc.get(item);
- }
- return new HClient(ss,uri,connectionTimeout);
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.client.Rcli#setSecuritySetter(org.onap.aaf.cadi.SecuritySetter)
- */
- @Override
- public void setSecuritySetter(SecuritySetter<HttpURLConnection> ss) {
- this.ss = ss;
- }
+ /**
+ *
+ * @return
+ * @throws APIException
+ * @throws DME2Exception
+ */
+ protected EClient<HttpURLConnection> client() throws CadiException {
+ try {
+ if(uri==null) {
+ Item item = hman.loc.best();
+ if(item==null) {
+ throw new CadiException("No service available for " + hman.loc.toString());
+ }
+ uri = hman.loc.get(item);
+ }
+ return new HClient(ss,uri,connectionTimeout);
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.client.Rcli#setSecuritySetter(org.onap.aaf.cadi.SecuritySetter)
+ */
+ @Override
+ public void setSecuritySetter(SecuritySetter<HttpURLConnection> ss) {
+ this.ss = ss;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.client.Rcli#getSecuritySetter()
- */
- @Override
- public SecuritySetter<HttpURLConnection> getSecuritySetter() {
- return ss;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.client.Rcli#getSecuritySetter()
+ */
+ @Override
+ public SecuritySetter<HttpURLConnection> getSecuritySetter() {
+ return ss;
+ }
- public void invalidate() throws CadiException {
- try {
- hman.loc.invalidate(item);
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
-
- public HRcli setManager(HMangr hman) {
- this.hman = hman;
- return this;
- }
+ public void invalidate() throws CadiException {
+ try {
+ hman.loc.invalidate(item);
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ }
+
+ public HRcli setManager(HMangr hman) {
+ this.hman = hman;
+ return this;
+ }
- public String toString() {
- return uri.toString();
- }
-
+ public String toString() {
+ return uri.toString();
+ }
+
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HSecurityInfoInit.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HSecurityInfoInit.java
index 8eb2dec3..d792be49 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HSecurityInfoInit.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HSecurityInfoInit.java
@@ -38,19 +38,19 @@ import org.onap.aaf.misc.env.APIException;
*/
public class HSecurityInfoInit implements SecurityInfoInit<HttpURLConnection> {
- @Override
- public SecuritySetter<HttpURLConnection> bestDefault(SecurityInfoC<HttpURLConnection> si) throws CadiException {
- try {
- if(si.defaultAlias!=null) {
- si.set(new HX509SS(si));
- } else if(si.access.getProperty(Config.AAF_APPID, null)!=null &&
- si.access.getProperty(Config.AAF_APPPASS, null)!=null) {
- si.set(new HBasicAuthSS(si));
- }
- } catch (APIException | IOException e) {
- throw new CadiException(e);
- }
- return si.defSS;
- }
+ @Override
+ public SecuritySetter<HttpURLConnection> bestDefault(SecurityInfoC<HttpURLConnection> si) throws CadiException {
+ try {
+ if(si.defaultAlias!=null) {
+ si.set(new HX509SS(si));
+ } else if(si.access.getProperty(Config.AAF_APPID, null)!=null &&
+ si.access.getProperty(Config.AAF_APPPASS, null)!=null) {
+ si.set(new HBasicAuthSS(si));
+ }
+ } catch (APIException | IOException e) {
+ throw new CadiException(e);
+ }
+ return si.defSS;
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTokenSS.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTokenSS.java
index 873e0fe7..cd20585f 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTokenSS.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTokenSS.java
@@ -27,8 +27,8 @@ import java.net.HttpURLConnection;
import org.onap.aaf.cadi.config.SecurityInfoC;
public class HTokenSS extends HAuthorizationHeader {
- public HTokenSS(final SecurityInfoC<HttpURLConnection> si, final String client_id, final String token) throws IOException {
- super(si, client_id,"Bearer " + token);
- }
+ public HTokenSS(final SecurityInfoC<HttpURLConnection> si, final String client_id, final String token) throws IOException {
+ super(si, client_id,"Bearer " + token);
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java
index d19c42e9..c527ed02 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java
@@ -34,31 +34,31 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
public class HTransferSS extends AbsTransferSS<HttpURLConnection> {
- public HTransferSS(TaggedPrincipal principal, String app) throws IOException {
- super(principal, app);
- }
-
- public HTransferSS(TaggedPrincipal principal, String app, SecurityInfoC<HttpURLConnection> si) {
- super(principal, app, si);
- }
+ public HTransferSS(TaggedPrincipal principal, String app) throws IOException {
+ super(principal, app);
+ }
+
+ public HTransferSS(TaggedPrincipal principal, String app, SecurityInfoC<HttpURLConnection> si) {
+ super(principal, app, si);
+ }
- @Override
- public void setSecurity(HttpURLConnection huc) throws CadiException {
- if(defSS==null) {
- throw new CadiException("Need App Credentials to send message");
- }
- defSS.setSecurity(huc);
- if(value!=null) {
- huc.addRequestProperty(Config.CADI_USER_CHAIN, value);
- }
- if(securityInfo!=null) {
- securityInfo.setSocketFactoryOn((HttpsURLConnection)huc);
- }
- }
-
- @Override
- public int setLastResponse(int respCode) {
- return 0;
- }
+ @Override
+ public void setSecurity(HttpURLConnection huc) throws CadiException {
+ if(defSS==null) {
+ throw new CadiException("Need App Credentials to send message");
+ }
+ defSS.setSecurity(huc);
+ if(value!=null) {
+ huc.addRequestProperty(Config.CADI_USER_CHAIN, value);
+ }
+ if(securityInfo!=null) {
+ securityInfo.setSocketFactoryOn((HttpsURLConnection)huc);
+ }
+ }
+
+ @Override
+ public int setLastResponse(int respCode) {
+ return 0;
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java
index c9ff59db..cb8e6ce0 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java
@@ -45,108 +45,108 @@ import org.onap.aaf.misc.env.util.Chrono;
public class HX509SS implements SecuritySetter<HttpURLConnection> {
- private static final byte[] X509 = "x509 ".getBytes();
- private PrivateKey priv;
- private byte[] pub;
- private String cert;
- private SecurityInfoC<HttpURLConnection> securityInfo;
- private String algo;
- private String alias;
- private static int count = new SecureRandom().nextInt();
+ private static final byte[] X509 = "x509 ".getBytes();
+ private PrivateKey priv;
+ private byte[] pub;
+ private String cert;
+ private SecurityInfoC<HttpURLConnection> securityInfo;
+ private String algo;
+ private String alias;
+ private static int count = new SecureRandom().nextInt();
- public HX509SS(SecurityInfoC<HttpURLConnection> si) throws APIException, CadiException {
- this(null,si,false);
- }
-
- public HX509SS(SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws APIException, CadiException {
- this(null,si,asDefault);
- }
-
- public HX509SS(final String sendAlias, SecurityInfoC<HttpURLConnection> si) throws APIException, CadiException {
- this(sendAlias, si, false);
- }
+ public HX509SS(SecurityInfoC<HttpURLConnection> si) throws APIException, CadiException {
+ this(null,si,false);
+ }
+
+ public HX509SS(SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws APIException, CadiException {
+ this(null,si,asDefault);
+ }
+
+ public HX509SS(final String sendAlias, SecurityInfoC<HttpURLConnection> si) throws APIException, CadiException {
+ this(sendAlias, si, false);
+ }
- public HX509SS(final String sendAlias, SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws APIException, CadiException {
- securityInfo = si;
- if((alias=sendAlias) == null) {
- if(si.defaultAlias == null) {
- throw new APIException("JKS Alias is required to use X509SS Security. Use " + Config.CADI_ALIAS +" to set default alias");
- } else {
- alias = si.defaultAlias;
- }
- }
-
- priv=null;
- X509KeyManager[] xkms = si.getKeyManagers();
- if(xkms==null || xkms.length==0) {
- throw new APIException("There are no valid keys available in given Keystores. Wrong Keypass? Expired?");
- }
- for(int i=0;priv==null&&i<xkms.length;++i) {
- priv = xkms[i].getPrivateKey(alias);
- }
- try {
- for(int i=0;cert==null&&i<xkms.length;++i) {
- X509Certificate[] chain = xkms[i].getCertificateChain(alias);
- if(chain!=null&&chain.length>0) {
- algo = chain[0].getSigAlgName();
- pub = chain[0].getEncoded();
- ByteArrayOutputStream baos = new ByteArrayOutputStream(pub.length*2);
- ByteArrayInputStream bais = new ByteArrayInputStream(pub);
- Symm.base64noSplit.encode(bais,baos,X509);
- cert = baos.toString();
- }
- }
- } catch (CertificateEncodingException | IOException e) {
- throw new CadiException(e);
- }
- if(algo==null) {
- throw new APIException("X509 Security Setter not configured");
- }
- }
+ public HX509SS(final String sendAlias, SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws APIException, CadiException {
+ securityInfo = si;
+ if((alias=sendAlias) == null) {
+ if(si.defaultAlias == null) {
+ throw new APIException("JKS Alias is required to use X509SS Security. Use " + Config.CADI_ALIAS +" to set default alias");
+ } else {
+ alias = si.defaultAlias;
+ }
+ }
+
+ priv=null;
+ X509KeyManager[] xkms = si.getKeyManagers();
+ if(xkms==null || xkms.length==0) {
+ throw new APIException("There are no valid keys available in given Keystores. Wrong Keypass? Expired?");
+ }
+ for(int i=0;priv==null&&i<xkms.length;++i) {
+ priv = xkms[i].getPrivateKey(alias);
+ }
+ try {
+ for(int i=0;cert==null&&i<xkms.length;++i) {
+ X509Certificate[] chain = xkms[i].getCertificateChain(alias);
+ if(chain!=null&&chain.length>0) {
+ algo = chain[0].getSigAlgName();
+ pub = chain[0].getEncoded();
+ ByteArrayOutputStream baos = new ByteArrayOutputStream(pub.length*2);
+ ByteArrayInputStream bais = new ByteArrayInputStream(pub);
+ Symm.base64noSplit.encode(bais,baos,X509);
+ cert = baos.toString();
+ }
+ }
+ } catch (CertificateEncodingException | IOException e) {
+ throw new CadiException(e);
+ }
+ if(algo==null) {
+ throw new APIException("X509 Security Setter not configured");
+ }
+ }
- @Override
- public void setSecurity(HttpURLConnection huc) throws CadiException {
- if(huc instanceof HttpsURLConnection) {
- securityInfo.setSocketFactoryOn((HttpsURLConnection)huc);
- }
- if(alias==null) { // must be a one-way
- huc.setRequestProperty(AbsAuthentication.AUTHORIZATION, cert);
-
- // Test Signed content
- try {
- String data = "SignedContent["+ inc() + ']' + Chrono.dateTime();
- huc.setRequestProperty("Data", data);
-
- Signature sig = Signature.getInstance(algo);
- sig.initSign(priv);
- sig.update(data.getBytes());
- byte[] signature = sig.sign();
-
- ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(signature.length*1.3));
- ByteArrayInputStream bais = new ByteArrayInputStream(signature);
- Symm.base64noSplit.encode(bais, baos);
- huc.setRequestProperty("Signature", new String(baos.toByteArray()));
-
- } catch (Exception e) {
- throw new CadiException(e);
- }
- }
- }
-
- private synchronized int inc() {
- return ++count;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.SecuritySetter#getID()
- */
- @Override
- public String getID() {
- return alias;
- }
-
- @Override
- public int setLastResponse(int respCode) {
- return 0;
- }
+ @Override
+ public void setSecurity(HttpURLConnection huc) throws CadiException {
+ if(huc instanceof HttpsURLConnection) {
+ securityInfo.setSocketFactoryOn((HttpsURLConnection)huc);
+ }
+ if(alias==null) { // must be a one-way
+ huc.setRequestProperty(AbsAuthentication.AUTHORIZATION, cert);
+
+ // Test Signed content
+ try {
+ String data = "SignedContent["+ inc() + ']' + Chrono.dateTime();
+ huc.setRequestProperty("Data", data);
+
+ Signature sig = Signature.getInstance(algo);
+ sig.initSign(priv);
+ sig.update(data.getBytes());
+ byte[] signature = sig.sign();
+
+ ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(signature.length*1.3));
+ ByteArrayInputStream bais = new ByteArrayInputStream(signature);
+ Symm.base64noSplit.encode(bais, baos);
+ huc.setRequestProperty("Signature", new String(baos.toByteArray()));
+
+ } catch (Exception e) {
+ throw new CadiException(e);
+ }
+ }
+ }
+
+ private synchronized int inc() {
+ return ++count;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.SecuritySetter#getID()
+ */
+ @Override
+ public String getID() {
+ return alias;
+ }
+
+ @Override
+ public int setLastResponse(int respCode) {
+ return 0;
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java
index ed60b877..1fc4b83e 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java
@@ -32,192 +32,192 @@ import org.onap.aaf.cadi.LocatorException;
import org.onap.aaf.cadi.Access.Level;
public class DNSLocator implements Locator<URI> {
- private static enum Status {UNTRIED, OK, INVALID, SLOW};
- private static final int CHECK_TIME = 3000;
-
- private String host, protocol;
- private Access access;
- private Host[] hosts;
- private int startPort, endPort;
- private String suffix;
-
- public DNSLocator(Access access, String protocol, String host, String range) {
- this.host = host;
- this.protocol = protocol;
- this.access = access;
- int dash = range.indexOf('-');
- if(dash<0) {
- startPort = endPort = Integer.parseInt(range);
- } else {
- startPort = Integer.parseInt(range.substring(0,dash));
- endPort = Integer.parseInt(range.substring(dash + 1));
- }
- refresh();
- }
+ private static enum Status {UNTRIED, OK, INVALID, SLOW};
+ private static final int CHECK_TIME = 3000;
+
+ private String host, protocol;
+ private Access access;
+ private Host[] hosts;
+ private int startPort, endPort;
+ private String suffix;
+
+ public DNSLocator(Access access, String protocol, String host, String range) {
+ this.host = host;
+ this.protocol = protocol;
+ this.access = access;
+ int dash = range.indexOf('-');
+ if(dash<0) {
+ startPort = endPort = Integer.parseInt(range);
+ } else {
+ startPort = Integer.parseInt(range.substring(0,dash));
+ endPort = Integer.parseInt(range.substring(dash + 1));
+ }
+ refresh();
+ }
- public DNSLocator(Access access, String aaf_locate) throws LocatorException {
- this.access = access;
- if(aaf_locate==null) {
- throw new LocatorException("Null passed into DNSLocator constructor");
- }
- int start, port;
- if(aaf_locate.startsWith("https:")) {
- protocol = "https:";
- start = 9; // https://
- port = 443;
- } else if(aaf_locate.startsWith("http:")) {
- protocol = "http:";
- start = 8; // http://
- port = 80;
- } else {
- throw new LocatorException("DNSLocator accepts only https or http protocols. (requested URL " + aaf_locate + ')');
- }
-
- parsePorts(aaf_locate.substring(start), port);
- }
+ public DNSLocator(Access access, String aaf_locate) throws LocatorException {
+ this.access = access;
+ if(aaf_locate==null) {
+ throw new LocatorException("Null passed into DNSLocator constructor");
+ }
+ int start, port;
+ if(aaf_locate.startsWith("https:")) {
+ protocol = "https:";
+ start = 9; // https://
+ port = 443;
+ } else if(aaf_locate.startsWith("http:")) {
+ protocol = "http:";
+ start = 8; // http://
+ port = 80;
+ } else {
+ throw new LocatorException("DNSLocator accepts only https or http protocols. (requested URL " + aaf_locate + ')');
+ }
+
+ parsePorts(aaf_locate.substring(start), port);
+ }
- @Override
- public URI get(Item item) throws LocatorException {
- return hosts[((DLItem)item).cnt].uri;
- }
+ @Override
+ public URI get(Item item) throws LocatorException {
+ return hosts[((DLItem)item).cnt].uri;
+ }
- @Override
- public boolean hasItems() {
- for(Host h : hosts) {
- if(h.status==Status.OK) {
- return true;
- }
- }
- return false;
- }
+ @Override
+ public boolean hasItems() {
+ for(Host h : hosts) {
+ if(h.status==Status.OK) {
+ return true;
+ }
+ }
+ return false;
+ }
- @Override
- public void invalidate(Item item) {
- DLItem di = (DLItem)item;
- hosts[di.cnt].status = Status.INVALID;
- }
+ @Override
+ public void invalidate(Item item) {
+ DLItem di = (DLItem)item;
+ hosts[di.cnt].status = Status.INVALID;
+ }
- @Override
- public Item best() throws LocatorException {
- // not a good "best"
- for(int i=0;i<hosts.length;++i) {
- switch(hosts[i].status) {
- case OK:
- return new DLItem(i);
- case INVALID:
- break;
- case SLOW:
- break;
- case UNTRIED:
- try {
- if(hosts[i].ia.isReachable(CHECK_TIME)) {
- hosts[i].status = Status.OK;
- return new DLItem(i);
- }
- } catch (IOException e) {
- throw new LocatorException(e);
- }
- break;
- default:
- break;
- }
- }
- throw new LocatorException("No Available URIs for " + host);
- }
+ @Override
+ public Item best() throws LocatorException {
+ // not a good "best"
+ for(int i=0;i<hosts.length;++i) {
+ switch(hosts[i].status) {
+ case OK:
+ return new DLItem(i);
+ case INVALID:
+ break;
+ case SLOW:
+ break;
+ case UNTRIED:
+ try {
+ if(hosts[i].ia.isReachable(CHECK_TIME)) {
+ hosts[i].status = Status.OK;
+ return new DLItem(i);
+ }
+ } catch (IOException e) {
+ throw new LocatorException(e);
+ }
+ break;
+ default:
+ break;
+ }
+ }
+ throw new LocatorException("No Available URIs for " + host);
+ }
- @Override
- public Item first() throws LocatorException {
- return new DLItem(0);
- }
+ @Override
+ public Item first() throws LocatorException {
+ return new DLItem(0);
+ }
- @Override
- public Item next(Item item) throws LocatorException {
- DLItem di = (DLItem)item;
- if(++di.cnt<hosts.length) {
- return di;
- } else {
- return null;
- }
- }
+ @Override
+ public Item next(Item item) throws LocatorException {
+ DLItem di = (DLItem)item;
+ if(++di.cnt<hosts.length) {
+ return di;
+ } else {
+ return null;
+ }
+ }
- @Override
- public boolean refresh() {
- try {
- InetAddress[] ias = InetAddress.getAllByName(host);
- Host[] temp = new Host[ias.length * (1 + endPort - startPort)];
- int cnt = -1;
- for(int j=startPort; j<=endPort; ++j) {
- for(int i=0;i<ias.length;++i) {
- temp[++cnt] = new Host(ias[i], j, suffix);
- }
- }
- hosts = temp;
- return true;
- } catch (Exception e) {
- access.log(Level.ERROR, e);
- }
- return false;
- }
-
- private void parsePorts(String aaf_locate, int defaultPort) throws LocatorException {
- int slash, start;
- int colon = aaf_locate.indexOf(':');
- if(colon > 0) {
- start = colon + 1;
- int left = aaf_locate.indexOf('[', start);
- if(left > 0) {
- int right = aaf_locate.indexOf(']', left + 1);
- if (right < 0) {
- throw new LocatorException("Missing closing bracket in DNSLocator constructor. (requested URL " + aaf_locate + ')');
- } else if (right == (left + 1)) {
- throw new LocatorException("Missing ports in brackets in DNSLocator constructor. (requested URL " + aaf_locate + ')');
- }
- int dash = aaf_locate.indexOf('-', left + 1);
- if (dash == (right - 1) || dash == (left + 1)) {
- throw new LocatorException("Missing ports in brackets in DNSLocator constructor. (requested URL " + aaf_locate + ')');
- }
- if(dash < 0) {
- startPort = endPort = Integer.parseInt(aaf_locate.substring(left + 1, right));
- } else {
- startPort = Integer.parseInt(aaf_locate.substring(left + 1, dash));
- endPort = Integer.parseInt(aaf_locate.substring(dash + 1, right));
- }
-
- } else {
- slash = aaf_locate.indexOf('/', start);
- if (slash == start) {
- throw new LocatorException("Missing port before '/' in DNSLocator constructor. (requested URL " + aaf_locate + ')');
- }
- if(slash < 0) {
- startPort = endPort = Integer.parseInt(aaf_locate.substring(start));
- } else {
- startPort = endPort = Integer.parseInt(aaf_locate.substring(start, slash));
- }
- }
- } else {
- startPort = endPort = defaultPort;
- }
- }
+ @Override
+ public boolean refresh() {
+ try {
+ InetAddress[] ias = InetAddress.getAllByName(host);
+ Host[] temp = new Host[ias.length * (1 + endPort - startPort)];
+ int cnt = -1;
+ for(int j=startPort; j<=endPort; ++j) {
+ for(int i=0;i<ias.length;++i) {
+ temp[++cnt] = new Host(ias[i], j, suffix);
+ }
+ }
+ hosts = temp;
+ return true;
+ } catch (Exception e) {
+ access.log(Level.ERROR, e);
+ }
+ return false;
+ }
+
+ private void parsePorts(String aaf_locate, int defaultPort) throws LocatorException {
+ int slash, start;
+ int colon = aaf_locate.indexOf(':');
+ if(colon > 0) {
+ start = colon + 1;
+ int left = aaf_locate.indexOf('[', start);
+ if(left > 0) {
+ int right = aaf_locate.indexOf(']', left + 1);
+ if (right < 0) {
+ throw new LocatorException("Missing closing bracket in DNSLocator constructor. (requested URL " + aaf_locate + ')');
+ } else if (right == (left + 1)) {
+ throw new LocatorException("Missing ports in brackets in DNSLocator constructor. (requested URL " + aaf_locate + ')');
+ }
+ int dash = aaf_locate.indexOf('-', left + 1);
+ if (dash == (right - 1) || dash == (left + 1)) {
+ throw new LocatorException("Missing ports in brackets in DNSLocator constructor. (requested URL " + aaf_locate + ')');
+ }
+ if(dash < 0) {
+ startPort = endPort = Integer.parseInt(aaf_locate.substring(left + 1, right));
+ } else {
+ startPort = Integer.parseInt(aaf_locate.substring(left + 1, dash));
+ endPort = Integer.parseInt(aaf_locate.substring(dash + 1, right));
+ }
+
+ } else {
+ slash = aaf_locate.indexOf('/', start);
+ if (slash == start) {
+ throw new LocatorException("Missing port before '/' in DNSLocator constructor. (requested URL " + aaf_locate + ')');
+ }
+ if(slash < 0) {
+ startPort = endPort = Integer.parseInt(aaf_locate.substring(start));
+ } else {
+ startPort = endPort = Integer.parseInt(aaf_locate.substring(start, slash));
+ }
+ }
+ } else {
+ startPort = endPort = defaultPort;
+ }
+ }
- private class Host {
- private URI uri;
- private InetAddress ia;
- private Status status;
-
- public Host(InetAddress inetAddress, int port, String suffix) throws URISyntaxException {
- ia = inetAddress;
- uri = new URI(protocol,null,inetAddress.getHostAddress(),port,suffix,null,null);
- status = Status.UNTRIED;
- }
- }
-
- private class DLItem implements Item {
- public DLItem(int i) {
- cnt = i;
- }
+ private class Host {
+ private URI uri;
+ private InetAddress ia;
+ private Status status;
+
+ public Host(InetAddress inetAddress, int port, String suffix) throws URISyntaxException {
+ ia = inetAddress;
+ uri = new URI(protocol,null,inetAddress.getHostAddress(),port,suffix,null,null);
+ status = Status.UNTRIED;
+ }
+ }
+
+ private class DLItem implements Item {
+ public DLItem(int i) {
+ cnt = i;
+ }
- private int cnt;
- }
-
- public void destroy() {}
+ private int cnt;
+ }
+
+ public void destroy() {}
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HClientHotPeerLocator.java b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HClientHotPeerLocator.java
index b97768a6..488d35d5 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HClientHotPeerLocator.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HClientHotPeerLocator.java
@@ -30,31 +30,31 @@ import org.onap.aaf.cadi.http.HClient;
import org.onap.aaf.cadi.http.HX509SS;
public class HClientHotPeerLocator extends HotPeerLocator<HClient> {
- private final HX509SS ss;
-
- public HClientHotPeerLocator(Access access, String urlstr, long invalidateTime, String localLatitude,
- String localLongitude, HX509SS ss) throws LocatorException {
- super(access, urlstr, invalidateTime, localLatitude, localLongitude);
-
- this.ss = ss;
- }
-
- @Override
- protected HClient _newClient(String clientInfo) throws LocatorException {
- try {
- int idx = clientInfo.indexOf('/');
- return new HClient(ss,new URI("https://"+(idx<0?clientInfo:clientInfo.substring(0, idx))),3000);
- } catch (URISyntaxException e) {
- throw new LocatorException(e);
- }
- }
-
- @Override
- protected HClient _invalidate(HClient client) {
- return null;
- }
-
- @Override
- protected void _destroy(HClient client) {
- }
+ private final HX509SS ss;
+
+ public HClientHotPeerLocator(Access access, String urlstr, long invalidateTime, String localLatitude,
+ String localLongitude, HX509SS ss) throws LocatorException {
+ super(access, urlstr, invalidateTime, localLatitude, localLongitude);
+
+ this.ss = ss;
+ }
+
+ @Override
+ protected HClient _newClient(String clientInfo) throws LocatorException {
+ try {
+ int idx = clientInfo.indexOf('/');
+ return new HClient(ss,new URI("https://"+(idx<0?clientInfo:clientInfo.substring(0, idx))),3000);
+ } catch (URISyntaxException e) {
+ throw new LocatorException(e);
+ }
+ }
+
+ @Override
+ protected HClient _invalidate(HClient client) {
+ return null;
+ }
+
+ @Override
+ protected void _destroy(HClient client) {
+ }
} \ No newline at end of file
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HotPeerLocator.java b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HotPeerLocator.java
index fd8e99dc..26b8817b 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HotPeerLocator.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HotPeerLocator.java
@@ -30,8 +30,8 @@ import org.onap.aaf.misc.env.util.Split;
/**
* This Locator is to handle Hot Peer load protection, when the Servers are
- * 1) Static
- * 2) Well known client URL
+ * 1) Static
+ * 2) Well known client URL
*
* The intention is to change traffic over to the Hot Peer, if a server goes down, and reinstate
* when it is back up.
@@ -43,259 +43,259 @@ import org.onap.aaf.misc.env.util.Split;
* @param <CLIENT>
*/
public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> {
- private final String[] urlstrs;
- private final CLIENT[] clients;
- private final long[] failures;
- private final double[] distances;
- private int preferred;
- private long invalidateTime;
- private Thread refreshThread;
- protected Access access;
+ private final String[] urlstrs;
+ private final CLIENT[] clients;
+ private final long[] failures;
+ private final double[] distances;
+ private int preferred;
+ private long invalidateTime;
+ private Thread refreshThread;
+ protected Access access;
- /**
- * Construct: Expect one or more Strings in the form:
- * 192.555.112.223:39/38.88087/-77.30122
- * separated by commas
- *
- * @param trans
- * @param urlstr
- * @param invalidateTime
- * @param localLatitude
- * @param localLongitude
- * @throws LocatorException
- */
- @SuppressWarnings("unchecked")
- protected HotPeerLocator(Access access, final String urlstr, final long invalidateTime, final String localLatitude, final String localLongitude) throws LocatorException {
- this.access = access;
- urlstrs = Split.split(',', urlstr);
- clients = (CLIENT[])new Object[urlstrs.length];
- failures = new long[urlstrs.length];
- distances= new double[urlstrs.length];
- this.invalidateTime = invalidateTime;
+ /**
+ * Construct: Expect one or more Strings in the form:
+ * 192.555.112.223:39/38.88087/-77.30122
+ * separated by commas
+ *
+ * @param trans
+ * @param urlstr
+ * @param invalidateTime
+ * @param localLatitude
+ * @param localLongitude
+ * @throws LocatorException
+ */
+ @SuppressWarnings("unchecked")
+ protected HotPeerLocator(Access access, final String urlstr, final long invalidateTime, final String localLatitude, final String localLongitude) throws LocatorException {
+ this.access = access;
+ urlstrs = Split.split(',', urlstr);
+ clients = (CLIENT[])new Object[urlstrs.length];
+ failures = new long[urlstrs.length];
+ distances= new double[urlstrs.length];
+ this.invalidateTime = invalidateTime;
- double distance = Double.MAX_VALUE;
- for(int i=0;i<urlstrs.length;++i) {
- String[] info = Split.split('/', urlstrs[i]);
- if(info.length<3) {
- throw new LocatorException("Configuration needs LAT and LONG, i.e. ip:port/lat/long");
- }
- try {
- clients[i] = _newClient(urlstrs[i]);
- failures[i] = 0L;
- } catch(LocatorException le) {
- failures[i] = System.currentTimeMillis()+invalidateTime;
- }
+ double distance = Double.MAX_VALUE;
+ for(int i=0;i<urlstrs.length;++i) {
+ String[] info = Split.split('/', urlstrs[i]);
+ if(info.length<3) {
+ throw new LocatorException("Configuration needs LAT and LONG, i.e. ip:port/lat/long");
+ }
+ try {
+ clients[i] = _newClient(urlstrs[i]);
+ failures[i] = 0L;
+ } catch(LocatorException le) {
+ failures[i] = System.currentTimeMillis()+invalidateTime;
+ }
- double d = GreatCircle.calc(info[1],info[2],localLatitude,localLongitude);
- distances[i]=d;
+ double d = GreatCircle.calc(info[1],info[2],localLatitude,localLongitude);
+ distances[i]=d;
- // find preferred server
- if(d<distance) {
- preferred = i;
- distance=d;
- }
- }
+ // find preferred server
+ if(d<distance) {
+ preferred = i;
+ distance=d;
+ }
+ }
- access.printf(Level.INIT,"Preferred Client is %s",urlstrs[preferred]);
- for(int i=0;i<urlstrs.length;++i) {
- if(i!=preferred) {
- access.printf(Level.INIT,"Alternate Client is %s",urlstrs[i]);
- }
- }
- }
+ access.printf(Level.INIT,"Preferred Client is %s",urlstrs[preferred]);
+ for(int i=0;i<urlstrs.length;++i) {
+ if(i!=preferred) {
+ access.printf(Level.INIT,"Alternate Client is %s",urlstrs[i]);
+ }
+ }
+ }
- protected abstract CLIENT _newClient(String hostInfo) throws LocatorException;
- /**
- * If client can reconnect, then return. Otherwise, destroy and return null;
- * @param client
- * @return
- * @throws LocatorException
- */
- protected abstract CLIENT _invalidate(CLIENT client);
+ protected abstract CLIENT _newClient(String hostInfo) throws LocatorException;
+ /**
+ * If client can reconnect, then return. Otherwise, destroy and return null;
+ * @param client
+ * @return
+ * @throws LocatorException
+ */
+ protected abstract CLIENT _invalidate(CLIENT client);
- protected abstract void _destroy(CLIENT client);
+ protected abstract void _destroy(CLIENT client);
- @Override
- public Item best() throws LocatorException {
- if(failures[preferred]==0L) {
- return new HPItem(preferred);
- } else {
- long now = System.currentTimeMillis();
- double d = Double.MAX_VALUE;
- int best = -1;
- boolean tickle = false;
- // try for best existing client
- for(int i=0;i<urlstrs.length;++i) {
- if(failures[i]<now && distances[i]<d) {
- if(clients[i]!=null) {
- best = i;
- break;
- } else {
- tickle = true; // There's some failed clients which can be restored
- }
- }
- }
- if(best<0 && tickle) {
- tickle=false;
- if(refresh()) {
- // try again
- for(int i=0;i<urlstrs.length;++i) {
- if(failures[i]==0L && distances[i]<d) {
- if(clients[i]!=null) {
- best = i;
- break;
- }
- }
- }
- }
- }
+ @Override
+ public Item best() throws LocatorException {
+ if(failures[preferred]==0L) {
+ return new HPItem(preferred);
+ } else {
+ long now = System.currentTimeMillis();
+ double d = Double.MAX_VALUE;
+ int best = -1;
+ boolean tickle = false;
+ // try for best existing client
+ for(int i=0;i<urlstrs.length;++i) {
+ if(failures[i]<now && distances[i]<d) {
+ if(clients[i]!=null) {
+ best = i;
+ break;
+ } else {
+ tickle = true; // There's some failed clients which can be restored
+ }
+ }
+ }
+ if(best<0 && tickle) {
+ tickle=false;
+ if(refresh()) {
+ // try again
+ for(int i=0;i<urlstrs.length;++i) {
+ if(failures[i]==0L && distances[i]<d) {
+ if(clients[i]!=null) {
+ best = i;
+ break;
+ }
+ }
+ }
+ }
+ }
- /*
- * If a valid client is available, but there are some that can refresh, return the client immediately
- * but start a Thread to do the background Client setup.
- */
- if(tickle) {
- synchronized(clients) {
- if(refreshThread==null) {
- refreshThread = new Thread(new Runnable(){
- @Override
- public void run() {
- refresh();
- refreshThread = null;
- }
- });
- refreshThread.setDaemon(true);
- refreshThread.start();
- }
- }
- }
+ /*
+ * If a valid client is available, but there are some that can refresh, return the client immediately
+ * but start a Thread to do the background Client setup.
+ */
+ if(tickle) {
+ synchronized(clients) {
+ if(refreshThread==null) {
+ refreshThread = new Thread(new Runnable(){
+ @Override
+ public void run() {
+ refresh();
+ refreshThread = null;
+ }
+ });
+ refreshThread.setDaemon(true);
+ refreshThread.start();
+ }
+ }
+ }
- if(best<0) {
- throw new LocatorException("No Clients available");
- }
+ if(best<0) {
+ throw new LocatorException("No Clients available");
+ }
- return new HPItem(best);
- }
- }
+ return new HPItem(best);
+ }
+ }
- @Override
- public CLIENT get(Item item) throws LocatorException {
- HPItem hpi = (HPItem)item;
- CLIENT c = clients[hpi.idx];
- if(c==null) {
- if(failures[hpi.idx]>System.currentTimeMillis()) {
- throw new LocatorException("Client requested is invalid");
- } else {
- synchronized(clients) {
- c = _newClient(urlstrs[hpi.idx]);
- failures[hpi.idx]=0L;
- }
- }
- } else if(failures[hpi.idx]>0){
- throw new LocatorException("Client requested is invalid");
- }
- return c;
- }
+ @Override
+ public CLIENT get(Item item) throws LocatorException {
+ HPItem hpi = (HPItem)item;
+ CLIENT c = clients[hpi.idx];
+ if(c==null) {
+ if(failures[hpi.idx]>System.currentTimeMillis()) {
+ throw new LocatorException("Client requested is invalid");
+ } else {
+ synchronized(clients) {
+ c = _newClient(urlstrs[hpi.idx]);
+ failures[hpi.idx]=0L;
+ }
+ }
+ } else if(failures[hpi.idx]>0){
+ throw new LocatorException("Client requested is invalid");
+ }
+ return c;
+ }
- public String info(Item item) {
- HPItem hpi = (HPItem)item;
- if(hpi!=null && hpi.idx<urlstrs.length) {
- return urlstrs[hpi.idx];
- } else {
- return "Invalid Item";
- }
- }
+ public String info(Item item) {
+ HPItem hpi = (HPItem)item;
+ if(hpi!=null && hpi.idx<urlstrs.length) {
+ return urlstrs[hpi.idx];
+ } else {
+ return "Invalid Item";
+ }
+ }
- @Override
- public boolean hasItems() {
- for(int i=0;i<clients.length;++i) {
- if(clients[i]!=null && failures[i]==0L) {
- return true;
- }
- }
- return false;
- }
+ @Override
+ public boolean hasItems() {
+ for(int i=0;i<clients.length;++i) {
+ if(clients[i]!=null && failures[i]==0L) {
+ return true;
+ }
+ }
+ return false;
+ }
- @Override
- public synchronized void invalidate(Item item) throws LocatorException {
- HPItem hpi = (HPItem)item;
- failures[hpi.idx] = System.currentTimeMillis() + invalidateTime;
- CLIENT c = clients[hpi.idx];
- clients[hpi.idx] = _invalidate(c);
- }
+ @Override
+ public synchronized void invalidate(Item item) throws LocatorException {
+ HPItem hpi = (HPItem)item;
+ failures[hpi.idx] = System.currentTimeMillis() + invalidateTime;
+ CLIENT c = clients[hpi.idx];
+ clients[hpi.idx] = _invalidate(c);
+ }
- @Override
- public Item first() throws LocatorException {
- return new HPItem(0);
- }
+ @Override
+ public Item first() throws LocatorException {
+ return new HPItem(0);
+ }
- @Override
- public Item next(Item item) throws LocatorException {
- HPItem hpi = (HPItem)item;
- if(++hpi.idx>=clients.length) {
- return null;
- }
- return hpi;
- }
+ @Override
+ public Item next(Item item) throws LocatorException {
+ HPItem hpi = (HPItem)item;
+ if(++hpi.idx>=clients.length) {
+ return null;
+ }
+ return hpi;
+ }
- @Override
- public boolean refresh() {
- boolean force = !hasItems(); // If no Items at all, reset
- boolean rv = true;
- long now = System.currentTimeMillis();
- for(int i=0;i<clients.length;++i) {
- if(failures[i]>0L && (failures[i]<now || force)) { // retry
- try {
- synchronized(clients) {
- if(clients[i]==null) {
- clients[i]=_newClient(urlstrs[i]);
- }
- failures[i]=0L;
- }
- } catch (LocatorException e) {
- failures[i]=now+invalidateTime;
- rv = false;
- }
- }
- }
- return rv;
- }
+ @Override
+ public boolean refresh() {
+ boolean force = !hasItems(); // If no Items at all, reset
+ boolean rv = true;
+ long now = System.currentTimeMillis();
+ for(int i=0;i<clients.length;++i) {
+ if(failures[i]>0L && (failures[i]<now || force)) { // retry
+ try {
+ synchronized(clients) {
+ if(clients[i]==null) {
+ clients[i]=_newClient(urlstrs[i]);
+ }
+ failures[i]=0L;
+ }
+ } catch (LocatorException e) {
+ failures[i]=now+invalidateTime;
+ rv = false;
+ }
+ }
+ }
+ return rv;
+ }
- @Override
- public void destroy() {
- for(int i=0;i<clients.length;++i) {
- if(clients[i]!=null) {
- _destroy(clients[i]);
- clients[i] = null;
- }
- }
- }
+ @Override
+ public void destroy() {
+ for(int i=0;i<clients.length;++i) {
+ if(clients[i]!=null) {
+ _destroy(clients[i]);
+ clients[i] = null;
+ }
+ }
+ }
- private static class HPItem implements Item {
- private int idx;
+ private static class HPItem implements Item {
+ private int idx;
- public HPItem(int i) {
- idx = i;
- }
- }
+ public HPItem(int i) {
+ idx = i;
+ }
+ }
- /*
- * Convenience Functions
- */
- public CLIENT bestClient() throws LocatorException {
- return get(best());
- }
+ /*
+ * Convenience Functions
+ */
+ public CLIENT bestClient() throws LocatorException {
+ return get(best());
+ }
- public boolean invalidate(CLIENT client) throws LocatorException {
- for(int i=0;i<clients.length;++i) {
- if(clients[i]==client) { // yes, "==" is appropriate here.. Comparing Java Object Reference
- invalidate(new HPItem(i));
- return true;
- }
- }
- return false;
- }
+ public boolean invalidate(CLIENT client) throws LocatorException {
+ for(int i=0;i<clients.length;++i) {
+ if(clients[i]==client) { // yes, "==" is appropriate here.. Comparing Java Object Reference
+ invalidate(new HPItem(i));
+ return true;
+ }
+ }
+ return false;
+ }
} \ No newline at end of file
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/PropertyLocator.java b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/PropertyLocator.java
index b75e8bc2..c1073315 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/PropertyLocator.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/PropertyLocator.java
@@ -39,260 +39,260 @@ import org.onap.aaf.cadi.LocatorException;
import org.onap.aaf.misc.env.util.Split;
public class PropertyLocator implements Locator<URI> {
- private final URI [] orig;
- private PLItem[] current;
- private int end;
- private final SecureRandom random;
- private URI[] resolved;
- private long lastRefreshed;
- private long minRefresh;
- private long backgroundRefresh;
+ private final URI [] orig;
+ private PLItem[] current;
+ private int end;
+ private final SecureRandom random;
+ private URI[] resolved;
+ private long lastRefreshed;
+ private long minRefresh;
+ private long backgroundRefresh;
- public PropertyLocator(String locList) throws LocatorException {
- this(locList,10000L, 1000*60*20L); // defaults, do not refresh more than once in 10 seconds, Refresh Locator every 20 mins.
- }
- /**
- * comma delimited root url list
- *
- * @param locList
- * @throws LocatorException
- */
- public PropertyLocator(String locList, long minRefreshMillis, long backgroundRefreshMillis) throws LocatorException {
- minRefresh = minRefreshMillis;
- backgroundRefresh = backgroundRefreshMillis;
- lastRefreshed=0L;
- if(locList==null) {
- throw new LocatorException("No Location List given for PropertyLocator");
- }
- String[] locarray = Split.split(',',locList);
- List<URI> uriList = new ArrayList<>();
-
- random = new SecureRandom();
-
- for(int i=0;i<locarray.length;++i) {
- try {
- int range = locarray[i].indexOf(":[");
- if(range<0) {
- uriList.add(new URI(locarray[i]));
- } else {
- String mach_colon = locarray[i].substring(0, range+1);
- int dash = locarray[i].indexOf('-',range+2);
- int brac = locarray[i].indexOf(']',dash+1);
- int slash = locarray[i].indexOf('/',brac);
- int start = Integer.parseInt(locarray[i].substring(range+2, dash));
- int end = Integer.parseInt(locarray[i].substring(dash+1, brac));
- for(int port=start;port<=end;++port) {
- uriList.add(new URI(mach_colon+port + (slash>=0?locarray[i].substring(slash):"")));
- }
- }
- } catch (NumberFormatException nf) {
- throw new LocatorException("Invalid URI format: " + locarray[i]);
- } catch (URISyntaxException e) {
- throw new LocatorException(e);
- }
- }
- orig = new URI[uriList.size()];
- uriList.toArray(orig);
+ public PropertyLocator(String locList) throws LocatorException {
+ this(locList,10000L, 1000*60*20L); // defaults, do not refresh more than once in 10 seconds, Refresh Locator every 20 mins.
+ }
+ /**
+ * comma delimited root url list
+ *
+ * @param locList
+ * @throws LocatorException
+ */
+ public PropertyLocator(String locList, long minRefreshMillis, long backgroundRefreshMillis) throws LocatorException {
+ minRefresh = minRefreshMillis;
+ backgroundRefresh = backgroundRefreshMillis;
+ lastRefreshed=0L;
+ if(locList==null) {
+ throw new LocatorException("No Location List given for PropertyLocator");
+ }
+ String[] locarray = Split.split(',',locList);
+ List<URI> uriList = new ArrayList<>();
+
+ random = new SecureRandom();
+
+ for(int i=0;i<locarray.length;++i) {
+ try {
+ int range = locarray[i].indexOf(":[");
+ if(range<0) {
+ uriList.add(new URI(locarray[i]));
+ } else {
+ String mach_colon = locarray[i].substring(0, range+1);
+ int dash = locarray[i].indexOf('-',range+2);
+ int brac = locarray[i].indexOf(']',dash+1);
+ int slash = locarray[i].indexOf('/',brac);
+ int start = Integer.parseInt(locarray[i].substring(range+2, dash));
+ int end = Integer.parseInt(locarray[i].substring(dash+1, brac));
+ for(int port=start;port<=end;++port) {
+ uriList.add(new URI(mach_colon+port + (slash>=0?locarray[i].substring(slash):"")));
+ }
+ }
+ } catch (NumberFormatException nf) {
+ throw new LocatorException("Invalid URI format: " + locarray[i]);
+ } catch (URISyntaxException e) {
+ throw new LocatorException(e);
+ }
+ }
+ orig = new URI[uriList.size()];
+ uriList.toArray(orig);
- refresh();
- new Timer("PropertyLocator Refresh Timer",true).scheduleAtFixedRate(new TimerTask() {
- @Override
- public void run() {
- refresh();
- }
- }, backgroundRefresh,backgroundRefresh);
- }
+ refresh();
+ new Timer("PropertyLocator Refresh Timer",true).scheduleAtFixedRate(new TimerTask() {
+ @Override
+ public void run() {
+ refresh();
+ }
+ }, backgroundRefresh,backgroundRefresh);
+ }
- @Override
- public URI get(Item item) throws LocatorException {
- synchronized(orig) {
- if(item==null) {
- return null;
- } else {
- return resolved[((PLItem)item).idx];
- }
- }
- }
+ @Override
+ public URI get(Item item) throws LocatorException {
+ synchronized(orig) {
+ if(item==null) {
+ return null;
+ } else {
+ return resolved[((PLItem)item).idx];
+ }
+ }
+ }
- @Override
- public Item first() throws LocatorException {
- return end>0?current[0]:null;
- }
+ @Override
+ public Item first() throws LocatorException {
+ return end>0?current[0]:null;
+ }
- @Override
- public boolean hasItems() {
- return end>0;
- }
+ @Override
+ public boolean hasItems() {
+ return end>0;
+ }
- @Override
- public Item next(Item item) throws LocatorException {
- if(item==null) {
- return null;
- } else {
- int spot;
- if((spot=(((PLItem)item).order+1))>=end)return null;
- return current[spot];
- }
- }
+ @Override
+ public Item next(Item item) throws LocatorException {
+ if(item==null) {
+ return null;
+ } else {
+ int spot;
+ if((spot=(((PLItem)item).order+1))>=end)return null;
+ return current[spot];
+ }
+ }
- @Override
- public synchronized void invalidate(Item item) throws LocatorException {
- if(--end<0) {
- refresh();
- return;
- }
- if(item==null) {
- return;
- }
- PLItem pli = (PLItem)item;
- int i,order;
- for(i=0;i<end;++i) {
- if(pli==current[i])break;
- }
- order = current[i].order;
- for(;i<end;++i) {
- current[i]=current[i+1];
- current[i].order=order++;
- }
- current[end]=pli;
- }
+ @Override
+ public synchronized void invalidate(Item item) throws LocatorException {
+ if(--end<0) {
+ refresh();
+ return;
+ }
+ if(item==null) {
+ return;
+ }
+ PLItem pli = (PLItem)item;
+ int i,order;
+ for(i=0;i<end;++i) {
+ if(pli==current[i])break;
+ }
+ order = current[i].order;
+ for(;i<end;++i) {
+ current[i]=current[i+1];
+ current[i].order=order++;
+ }
+ current[end]=pli;
+ }
- @Override
- public Item best() throws LocatorException {
- if(current.length==0) {
- refresh();
- }
- switch(current.length) {
- case 0:
- return null;
- case 1:
- return current[0];
- default:
- int rand = random.nextInt(); // sonar driven syntax
- return current[Math.abs(rand)%current.length];
- }
- }
+ @Override
+ public Item best() throws LocatorException {
+ if(current.length==0) {
+ refresh();
+ }
+ switch(current.length) {
+ case 0:
+ return null;
+ case 1:
+ return current[0];
+ default:
+ int rand = random.nextInt(); // sonar driven syntax
+ return current[Math.abs(rand)%current.length];
+ }
+ }
- @Override
- public synchronized boolean refresh() {
- if(System.currentTimeMillis()>lastRefreshed) {
- // Build up list
- List<URI> resolve = new ArrayList<>();
- String realname;
- for(int i = 0; i < orig.length ; ++i) {
- try {
- InetAddress ia[] = InetAddress.getAllByName(orig[i].getHost());
+ @Override
+ public synchronized boolean refresh() {
+ if(System.currentTimeMillis()>lastRefreshed) {
+ // Build up list
+ List<URI> resolve = new ArrayList<>();
+ String realname;
+ for(int i = 0; i < orig.length ; ++i) {
+ try {
+ InetAddress ia[] = InetAddress.getAllByName(orig[i].getHost());
- URI o,n;
- for(int j=0;j<ia.length;++j) {
- o = orig[i];
- Socket socket = createSocket();
- try {
- realname=ia[j].getHostAddress().equals(ia[j].getHostName())?ia[j].getCanonicalHostName():ia[j].getHostName();
- int port = o.getPort();
- if(port<0) { // default
- port = "https".equalsIgnoreCase(o.getScheme())?443:80;
- }
- socket.connect(new InetSocketAddress(realname,port),3000);
- try {
- if(socket.isConnected()) {
- n = new URI(
- o.getScheme(),
- o.getUserInfo(),
- realname,
- o.getPort(),
- o.getPath(),
- o.getQuery(),
- o.getFragment()
- );
- resolve.add(n);
- }
- } finally {
- socket.close();
- }
- } catch (IOException e) {
- } finally {
- if(!socket.isClosed()) {
- try {
- socket.close();
- } catch (IOException e) {
- // nothing to do.
- }
- }
- }
- }
- } catch (UnknownHostException | URISyntaxException e) {
- // Note: Orig Name already known as valid, based on constructor
- }
- }
- end=resolve.size();
- PLItem[] newCurrent;
- if(current==null || current.length!=end) {
- newCurrent = new PLItem[end];
- } else {
- newCurrent = current;
- }
-
- for(int i=0; i< end; ++i) {
- if(newCurrent[i]==null){
- newCurrent[i]=new PLItem(i);
- } else {
- newCurrent[i].idx=newCurrent[i].order=i;
- }
- }
- synchronized(orig) {
- resolved = new URI[end];
- resolve.toArray(resolved);
- current = newCurrent;
- }
- lastRefreshed = System.currentTimeMillis()+minRefresh;
- return !resolve.isEmpty();
- } else {
- return false;
- }
- }
+ URI o,n;
+ for(int j=0;j<ia.length;++j) {
+ o = orig[i];
+ Socket socket = createSocket();
+ try {
+ realname=ia[j].getHostAddress().equals(ia[j].getHostName())?ia[j].getCanonicalHostName():ia[j].getHostName();
+ int port = o.getPort();
+ if(port<0) { // default
+ port = "https".equalsIgnoreCase(o.getScheme())?443:80;
+ }
+ socket.connect(new InetSocketAddress(realname,port),3000);
+ try {
+ if(socket.isConnected()) {
+ n = new URI(
+ o.getScheme(),
+ o.getUserInfo(),
+ realname,
+ o.getPort(),
+ o.getPath(),
+ o.getQuery(),
+ o.getFragment()
+ );
+ resolve.add(n);
+ }
+ } finally {
+ socket.close();
+ }
+ } catch (IOException e) {
+ } finally {
+ if(!socket.isClosed()) {
+ try {
+ socket.close();
+ } catch (IOException e) {
+ // nothing to do.
+ }
+ }
+ }
+ }
+ } catch (UnknownHostException | URISyntaxException e) {
+ // Note: Orig Name already known as valid, based on constructor
+ }
+ }
+ end=resolve.size();
+ PLItem[] newCurrent;
+ if(current==null || current.length!=end) {
+ newCurrent = new PLItem[end];
+ } else {
+ newCurrent = current;
+ }
+
+ for(int i=0; i< end; ++i) {
+ if(newCurrent[i]==null){
+ newCurrent[i]=new PLItem(i);
+ } else {
+ newCurrent[i].idx=newCurrent[i].order=i;
+ }
+ }
+ synchronized(orig) {
+ resolved = new URI[end];
+ resolve.toArray(resolved);
+ current = newCurrent;
+ }
+ lastRefreshed = System.currentTimeMillis()+minRefresh;
+ return !resolve.isEmpty();
+ } else {
+ return false;
+ }
+ }
- protected Socket createSocket() {
- return new Socket();
- }
-
- private class PLItem implements Item {
- public int idx,order;
-
- public PLItem(int i) {
- idx = order =i;
- }
-
- public String toString() {
- return "Item: " + idx + " order: " + order;
- }
- }
+ protected Socket createSocket() {
+ return new Socket();
+ }
+
+ private class PLItem implements Item {
+ public int idx,order;
+
+ public PLItem(int i) {
+ idx = order =i;
+ }
+
+ public String toString() {
+ return "Item: " + idx + " order: " + order;
+ }
+ }
- public String toString() {
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- for(URI uri : orig) {
- boolean isResolved=false;
- if(uri!=null) {
- if(first) {
- first = false;
- } else {
- sb.append(", ");
- }
- sb.append(uri.toString());
- sb.append(" [");
- for(URI u2 : resolved) {
- if(uri.equals(u2)) {
- isResolved = true;
- break;
- }
- }
- sb.append(isResolved?"X]\n":" ]");
- }
- }
- return sb.toString();
- }
-
- public void destroy() {
- }
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ for(URI uri : orig) {
+ boolean isResolved=false;
+ if(uri!=null) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append(", ");
+ }
+ sb.append(uri.toString());
+ sb.append(" [");
+ for(URI u2 : resolved) {
+ if(uri.equals(u2)) {
+ isResolved = true;
+ break;
+ }
+ }
+ sb.append(isResolved?"X]\n":" ]");
+ }
+ }
+ return sb.toString();
+ }
+
+ public void destroy() {
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java
index 23bcd4ad..816dec82 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java
@@ -28,65 +28,65 @@ import org.onap.aaf.cadi.Locator;
import org.onap.aaf.cadi.LocatorException;
public class SingleEndpointLocator implements Locator<URI> {
- private final URI uri;
- private final static Item item = new Item() {};
- private Date noRetryUntil;
-
- public SingleEndpointLocator(final URI uri) {
- this.uri = uri;
- }
-
- public SingleEndpointLocator(final String endpoint) throws URISyntaxException {
- this.uri = new URI(endpoint);
- }
+ private final URI uri;
+ private final static Item item = new Item() {};
+ private Date noRetryUntil;
+
+ public SingleEndpointLocator(final URI uri) {
+ this.uri = uri;
+ }
+
+ public SingleEndpointLocator(final String endpoint) throws URISyntaxException {
+ this.uri = new URI(endpoint);
+ }
- @Override
- public URI get(Item item) throws LocatorException {
- return uri;
- }
+ @Override
+ public URI get(Item item) throws LocatorException {
+ return uri;
+ }
- @Override
- public boolean hasItems() {
- if(noRetryUntil!=null) {
- if(new Date().after(noRetryUntil)) {
- noRetryUntil = null;
- } else {
- return false;
- }
- }
- return true;
- }
+ @Override
+ public boolean hasItems() {
+ if(noRetryUntil!=null) {
+ if(new Date().after(noRetryUntil)) {
+ noRetryUntil = null;
+ } else {
+ return false;
+ }
+ }
+ return true;
+ }
- @Override
- public void invalidate(Item item) throws LocatorException {
- // one minute timeout, because there is no other item
- noRetryUntil = new Date(System.currentTimeMillis()+60000);
- }
+ @Override
+ public void invalidate(Item item) throws LocatorException {
+ // one minute timeout, because there is no other item
+ noRetryUntil = new Date(System.currentTimeMillis()+60000);
+ }
- @Override
- public Item best() throws LocatorException {
- return item;
- }
+ @Override
+ public Item best() throws LocatorException {
+ return item;
+ }
- @Override
- public Item first() throws LocatorException {
- return item;
- }
+ @Override
+ public Item first() throws LocatorException {
+ return item;
+ }
- @Override
- public Item next(Item inItem) throws LocatorException {
- // only one item
- return null;
- }
+ @Override
+ public Item next(Item inItem) throws LocatorException {
+ // only one item
+ return null;
+ }
- @Override
- public boolean refresh() {
- // Never refreshed
- return true;
- }
+ @Override
+ public boolean refresh() {
+ // Never refreshed
+ return true;
+ }
- @Override
- public void destroy() {
- // Nothing to do here
- }
+ @Override
+ public void destroy() {
+ // Nothing to do here
+ }
}
diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/routing/GreatCircle.java b/cadi/client/src/main/java/org/onap/aaf/cadi/routing/GreatCircle.java
index 36906188..3bce5245 100644
--- a/cadi/client/src/main/java/org/onap/aaf/cadi/routing/GreatCircle.java
+++ b/cadi/client/src/main/java/org/onap/aaf/cadi/routing/GreatCircle.java
@@ -24,101 +24,101 @@ package org.onap.aaf.cadi.routing;
import org.onap.aaf.misc.env.util.Split;
public class GreatCircle {
- // Note: multiplying by this constant is faster than calling Math equivalent function
- private static final double DEGREES_2_RADIANS = Math.PI/180.0;
-
- public static final double DEGREES_2_NM = 60;
- public static final double DEGREES_2_KM = DEGREES_2_NM * 1.852; // 1.852 is exact ratio per 1929 Standard Treaty, adopted US 1954
- public static final double DEGREES_2_MI = DEGREES_2_NM * 1.1507795;
-
- /**
- *
- * Calculate the length of an arc on a perfect sphere based on Latitude and Longitudes of two points
- * Parameters are in Degrees (i.e. the coordinate system you get from GPS, Mapping WebSites, Phones, etc)
- *
- * L1 = Latitude of point A
- * G1 = Longitude of point A
- * L2 = Latitude of point B
- * G2 = Longitude of point B
- *
- * d = acos (sin(L1)*sin(L2) + cos(L1)*cos(L2)*cos(G1 - G2))
- *
- * Returns answer in Degrees
- *
- * Since there are 60 degrees per nautical miles, you can convert to NM by multiplying by 60
- *
- * Essential formula from a Princeton website, the "Law of Cosines" method.
- *
- * Refactored cleaned up for speed Jonathan 3/8/2013
- *
- * @param latA
- * @param lonA
- * @param latB
- * @param lonB
- * @return
- */
- public static double calc(double latA, double lonA, double latB, double lonB) {
- // Formula requires Radians. Expect Params to be Coordinates (Degrees)
- // Simple ratio, quicker than calling Math.toRadians()
- latA *= DEGREES_2_RADIANS;
- lonA *= DEGREES_2_RADIANS;
- latB *= DEGREES_2_RADIANS;
- lonB *= DEGREES_2_RADIANS;
+ // Note: multiplying by this constant is faster than calling Math equivalent function
+ private static final double DEGREES_2_RADIANS = Math.PI/180.0;
+
+ public static final double DEGREES_2_NM = 60;
+ public static final double DEGREES_2_KM = DEGREES_2_NM * 1.852; // 1.852 is exact ratio per 1929 Standard Treaty, adopted US 1954
+ public static final double DEGREES_2_MI = DEGREES_2_NM * 1.1507795;
+
+ /**
+ *
+ * Calculate the length of an arc on a perfect sphere based on Latitude and Longitudes of two points
+ * Parameters are in Degrees (i.e. the coordinate system you get from GPS, Mapping WebSites, Phones, etc)
+ *
+ * L1 = Latitude of point A
+ * G1 = Longitude of point A
+ * L2 = Latitude of point B
+ * G2 = Longitude of point B
+ *
+ * d = acos (sin(L1)*sin(L2) + cos(L1)*cos(L2)*cos(G1 - G2))
+ *
+ * Returns answer in Degrees
+ *
+ * Since there are 60 degrees per nautical miles, you can convert to NM by multiplying by 60
+ *
+ * Essential formula from a Princeton website, the "Law of Cosines" method.
+ *
+ * Refactored cleaned up for speed Jonathan 3/8/2013
+ *
+ * @param latA
+ * @param lonA
+ * @param latB
+ * @param lonB
+ * @return
+ */
+ public static double calc(double latA, double lonA, double latB, double lonB) {
+ // Formula requires Radians. Expect Params to be Coordinates (Degrees)
+ // Simple ratio, quicker than calling Math.toRadians()
+ latA *= DEGREES_2_RADIANS;
+ lonA *= DEGREES_2_RADIANS;
+ latB *= DEGREES_2_RADIANS;
+ lonB *= DEGREES_2_RADIANS;
- return Math.acos(
- Math.sin(latA) * Math.sin(latB) +
- Math.cos(latA) * Math.cos(latB) * Math.cos(lonA-lonB)
- )
- / DEGREES_2_RADIANS;
- }
-
- /**
- * Convert from "Lat,Long Lat,Long" String format
- * "Lat,Long,Lat,Long" Format
- * or all four entries "Lat Long Lat Long"
- *
- * (Convenience function)
- *
- * Since Distance is positive, a "-1" indicates an error in String formatting
- */
- public static double calc(String ... coords) {
- try {
- String [] array;
- switch(coords.length) {
- case 1:
- array = Split.split(',',coords[0]);
- if(array.length!=4)return -1;
- return calc(
- Double.parseDouble(array[0]),
- Double.parseDouble(array[1]),
- Double.parseDouble(array[2]),
- Double.parseDouble(array[3])
- );
- case 2:
- array = Split.split(',',coords[0]);
- String [] array2 = Split.split(',',coords[1]);
- if(array.length!=2 || array2.length!=2)return -1;
- return calc(
- Double.parseDouble(array[0]),
- Double.parseDouble(array[1]),
- Double.parseDouble(array2[0]),
- Double.parseDouble(array2[1])
- );
- case 4:
- return calc(
- Double.parseDouble(coords[0]),
- Double.parseDouble(coords[1]),
- Double.parseDouble(coords[2]),
- Double.parseDouble(coords[3])
- );
-
- default:
- return -1;
- }
- } catch (NumberFormatException e) {
- return -1;
- }
- }
+ return Math.acos(
+ Math.sin(latA) * Math.sin(latB) +
+ Math.cos(latA) * Math.cos(latB) * Math.cos(lonA-lonB)
+ )
+ / DEGREES_2_RADIANS;
+ }
+
+ /**
+ * Convert from "Lat,Long Lat,Long" String format
+ * "Lat,Long,Lat,Long" Format
+ * or all four entries "Lat Long Lat Long"
+ *
+ * (Convenience function)
+ *
+ * Since Distance is positive, a "-1" indicates an error in String formatting
+ */
+ public static double calc(String ... coords) {
+ try {
+ String [] array;
+ switch(coords.length) {
+ case 1:
+ array = Split.split(',',coords[0]);
+ if(array.length!=4)return -1;
+ return calc(
+ Double.parseDouble(array[0]),
+ Double.parseDouble(array[1]),
+ Double.parseDouble(array[2]),
+ Double.parseDouble(array[3])
+ );
+ case 2:
+ array = Split.split(',',coords[0]);
+ String [] array2 = Split.split(',',coords[1]);
+ if(array.length!=2 || array2.length!=2)return -1;
+ return calc(
+ Double.parseDouble(array[0]),
+ Double.parseDouble(array[1]),
+ Double.parseDouble(array2[0]),
+ Double.parseDouble(array2[1])
+ );
+ case 4:
+ return calc(
+ Double.parseDouble(coords[0]),
+ Double.parseDouble(coords[1]),
+ Double.parseDouble(coords[2]),
+ Double.parseDouble(coords[3])
+ );
+
+ default:
+ return -1;
+ }
+ } catch (NumberFormatException e) {
+ return -1;
+ }
+ }
}
@@ -132,30 +132,30 @@ public class GreatCircle {
//* @return
//*/
//public static double calc3(double alat, double alon, double blat, double blon) {
-// alat *= DEGREES_2_RADIANS;
-// alon *= DEGREES_2_RADIANS;
-// blat *= DEGREES_2_RADIANS;
-// blon *= DEGREES_2_RADIANS;
-// return 2 * Math.asin(
-// Math.min(1, Math.sqrt(
-// Math.pow(Math.sin((blat-alat)/2), 2) +
-// (Math.cos(alat)*Math.cos(blat)*
-// Math.pow(
-// Math.sin((blon-alon)/2),2)
-// )
-// )
-// )
-// )
-// / DEGREES_2_RADIANS;
+// alat *= DEGREES_2_RADIANS;
+// alon *= DEGREES_2_RADIANS;
+// blat *= DEGREES_2_RADIANS;
+// blon *= DEGREES_2_RADIANS;
+// return 2 * Math.asin(
+// Math.min(1, Math.sqrt(
+// Math.pow(Math.sin((blat-alat)/2), 2) +
+// (Math.cos(alat)*Math.cos(blat)*
+// Math.pow(
+// Math.sin((blon-alon)/2),2)
+// )
+// )
+// )
+// )
+// / DEGREES_2_RADIANS;
//}
//
//This is a MEAN radius. The Earth is not perfectly spherical
-// public static final double EARTH_RADIUS_KM = 6371.0;
-// public static final double EARTH_RADIUS_NM = 3440.07;
-// public static final double KM_2_MILES_RATIO = 0.621371192;
+// public static final double EARTH_RADIUS_KM = 6371.0;
+// public static final double EARTH_RADIUS_NM = 3440.07;
+// public static final double KM_2_MILES_RATIO = 0.621371192;
///**
//* Code on Internet based on Unknown book. Lat/Long is in Degrees
//* @param alat
@@ -165,20 +165,20 @@ public class GreatCircle {
//* @return
//*/
//public static double calc1(double alat, double alon, double blat, double blon) {
-// alat *= DEGREES_2_RADIANS;
-// alon *= DEGREES_2_RADIANS;
-// blat *= DEGREES_2_RADIANS;
-// blon *= DEGREES_2_RADIANS;
-//
-// // Reused values
-// double cosAlat,cosBlat;
-//
-// return Math.acos(
-// ((cosAlat=Math.cos(alat))*Math.cos(alon)*(cosBlat=Math.cos(blat))*Math.cos(blon)) +
-// (cosAlat*Math.sin(alon)*cosBlat*Math.sin(blon)) +
-// (Math.sin(alat)*Math.sin(blat))
-// )/DEGREES_2_RADIANS;
-//
+// alat *= DEGREES_2_RADIANS;
+// alon *= DEGREES_2_RADIANS;
+// blat *= DEGREES_2_RADIANS;
+// blon *= DEGREES_2_RADIANS;
+//
+// // Reused values
+// double cosAlat,cosBlat;
+//
+// return Math.acos(
+// ((cosAlat=Math.cos(alat))*Math.cos(alon)*(cosBlat=Math.cos(blat))*Math.cos(blon)) +
+// (cosAlat*Math.sin(alon)*cosBlat*Math.sin(blon)) +
+// (Math.sin(alat)*Math.sin(blat))
+// )/DEGREES_2_RADIANS;
+//
//}
/*
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_AbsAuthentication.java b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_AbsAuthentication.java
index cc67946e..65daa7b6 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_AbsAuthentication.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_AbsAuthentication.java
@@ -34,70 +34,70 @@ import java.io.PrintStream;
import java.net.HttpURLConnection;
public class JU_AbsAuthentication {
-
- private final static String ID = "id";
- private final static String PASSWORD = "password";
- private final static String WARNING = "Your service has 1000 consecutive bad service " +
- "logins to AAF. AAF Access will be disabled after 10000\n";
-
- private static ByteArrayOutputStream errStream;
-
- @Before
- public void setup() {
- errStream = new ByteArrayOutputStream();
- System.setErr(new PrintStream(errStream));
- }
-
- @After
- public void tearDown() {
- System.setErr(System.err);
- }
+
+ private final static String ID = "id";
+ private final static String PASSWORD = "password";
+ private final static String WARNING = "Your service has 1000 consecutive bad service " +
+ "logins to AAF. AAF Access will be disabled after 10000\n";
+
+ private static ByteArrayOutputStream errStream;
+
+ @Before
+ public void setup() {
+ errStream = new ByteArrayOutputStream();
+ System.setErr(new PrintStream(errStream));
+ }
+
+ @After
+ public void tearDown() {
+ System.setErr(System.err);
+ }
- @Test
- public void test() throws IOException, InterruptedException {
- AuthStub stub = new AuthStub(null, null, null);
- assertThat(stub.getID(), is(nullValue()));
- assertThat(stub.headValue(), is(""));
- assertThat(stub.count(), is(0));
-
- stub.setUser(ID);
- assertThat(stub.getID(), is(ID));
+ @Test
+ public void test() throws IOException, InterruptedException {
+ AuthStub stub = new AuthStub(null, null, null);
+ assertThat(stub.getID(), is(nullValue()));
+ assertThat(stub.headValue(), is(""));
+ assertThat(stub.count(), is(0));
+
+ stub.setUser(ID);
+ assertThat(stub.getID(), is(ID));
- stub = new AuthStub(null, ID, PASSWORD.getBytes());
- assertThat(stub.getID(), is(ID));
- assertThat(stub.headValue(), is(PASSWORD));
- assertThat(stub.count(), is(0));
-
- assertThat(stub.setLastResponse(200), is(0));
- assertThat(stub.isDenied(), is(false));
+ stub = new AuthStub(null, ID, PASSWORD.getBytes());
+ assertThat(stub.getID(), is(ID));
+ assertThat(stub.headValue(), is(PASSWORD));
+ assertThat(stub.count(), is(0));
+
+ assertThat(stub.setLastResponse(200), is(0));
+ assertThat(stub.isDenied(), is(false));
- for (int i = 1; i <= 10; i++) {
- assertThat(stub.setLastResponse(401), is(i));
- assertThat(stub.isDenied(), is(false));
- }
- assertThat(stub.setLastResponse(401), is(11));
- assertThat(stub.isDenied(), is(true));
+ for (int i = 1; i <= 10; i++) {
+ assertThat(stub.setLastResponse(401), is(i));
+ assertThat(stub.isDenied(), is(false));
+ }
+ assertThat(stub.setLastResponse(401), is(11));
+ assertThat(stub.isDenied(), is(true));
- stub.setCount(999);
- assertThat(stub.setLastResponse(401), is(1000));
- assertThat(errStream.toString(), is(WARNING));
-
- // coverage...
- stub.setLastMiss(1);
- assertThat(stub.isDenied(), is(false));
- }
-
- private class AuthStub extends AbsAuthentication<HttpURLConnection> {
+ stub.setCount(999);
+ assertThat(stub.setLastResponse(401), is(1000));
+ assertThat(errStream.toString(), is(WARNING));
+
+ // coverage...
+ stub.setLastMiss(1);
+ assertThat(stub.isDenied(), is(false));
+ }
+
+ private class AuthStub extends AbsAuthentication<HttpURLConnection> {
- public AuthStub(SecurityInfoC<HttpURLConnection> securityInfo, String user, byte[] headValue)
- throws IOException { super(securityInfo, user, headValue); }
+ public AuthStub(SecurityInfoC<HttpURLConnection> securityInfo, String user, byte[] headValue)
+ throws IOException { super(securityInfo, user, headValue); }
- @Override public void setSecurity(HttpURLConnection client) throws CadiException { }
- @Override public void setUser(String id) { super.setUser(id); }
- @Override public String headValue() throws IOException { return super.headValue(); }
-
- public void setLastMiss(long lastMiss) { this.lastMiss = lastMiss; }
- public void setCount(int count) { this.count = count; }
- }
+ @Override public void setSecurity(HttpURLConnection client) throws CadiException { }
+ @Override public void setUser(String id) { super.setUser(id); }
+ @Override public String headValue() throws IOException { return super.headValue(); }
+
+ public void setLastMiss(long lastMiss) { this.lastMiss = lastMiss; }
+ public void setCount(int count) { this.count = count; }
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_AbsTransferSS.java b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_AbsTransferSS.java
index 507f90f4..c7720775 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_AbsTransferSS.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_AbsTransferSS.java
@@ -34,39 +34,39 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
import java.net.HttpURLConnection;
public class JU_AbsTransferSS {
-
- @Mock TaggedPrincipal princMock;
- @Mock SecurityInfoC<HttpURLConnection> siMock;
-
- private static final String princName = "name";
- private static final String princTag = "tag";
- private static final String app = "app";
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
-
- when(princMock.getName()).thenReturn(princName);
- when(princMock.tag()).thenReturn(princTag);
- }
+
+ @Mock TaggedPrincipal princMock;
+ @Mock SecurityInfoC<HttpURLConnection> siMock;
+
+ private static final String princName = "name";
+ private static final String princTag = "tag";
+ private static final String app = "app";
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+
+ when(princMock.getName()).thenReturn(princName);
+ when(princMock.tag()).thenReturn(princTag);
+ }
- @Test
- public void test() {
- TransferSSStub stub = new TransferSSStub(princMock, app);
- assertThat(stub.getID(), is(princName));
- assertThat(stub.getValue(), is(princName + ':' + app + ':' + princTag + ':' + "AS"));
-
- stub = new TransferSSStub(null, app, siMock);
- assertThat(stub.getID(), is(""));
- assertThat(stub.getValue(), is(nullValue()));
- }
-
- private class TransferSSStub extends AbsTransferSS<HttpURLConnection> {
- public TransferSSStub(TaggedPrincipal principal, String app) { super(principal, app); }
- public TransferSSStub(TaggedPrincipal principal, String app, SecurityInfoC<HttpURLConnection> si) { super(principal, app, si); }
- @Override public void setSecurity(HttpURLConnection client) throws CadiException { }
- @Override public int setLastResponse(int respCode) { return 0; }
- public String getValue() { return value; }
- }
+ @Test
+ public void test() {
+ TransferSSStub stub = new TransferSSStub(princMock, app);
+ assertThat(stub.getID(), is(princName));
+ assertThat(stub.getValue(), is(princName + ':' + app + ':' + princTag + ':' + "AS"));
+
+ stub = new TransferSSStub(null, app, siMock);
+ assertThat(stub.getID(), is(""));
+ assertThat(stub.getValue(), is(nullValue()));
+ }
+
+ private class TransferSSStub extends AbsTransferSS<HttpURLConnection> {
+ public TransferSSStub(TaggedPrincipal principal, String app) { super(principal, app); }
+ public TransferSSStub(TaggedPrincipal principal, String app, SecurityInfoC<HttpURLConnection> si) { super(principal, app, si); }
+ @Override public void setSecurity(HttpURLConnection client) throws CadiException { }
+ @Override public int setLastResponse(int respCode) { return 0; }
+ public String getValue() { return value; }
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Future.java b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Future.java
index ad0bd535..97fa9d21 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Future.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Future.java
@@ -29,17 +29,17 @@ import org.onap.aaf.cadi.client.Future;
public class JU_Future {
- @Test
- public void test() {
- @SuppressWarnings("unused")
- Future<Integer> f = new FutureStub();
- }
-
- private class FutureStub extends Future<Integer> {
- @Override public boolean get(int timeout) throws CadiException { return false; }
- @Override public int code() { return 0; }
- @Override public String body() { return null; }
- @Override public String header(String tag) { return null; }
- }
+ @Test
+ public void test() {
+ @SuppressWarnings("unused")
+ Future<Integer> f = new FutureStub();
+ }
+
+ private class FutureStub extends Future<Integer> {
+ @Override public boolean get(int timeout) throws CadiException { return false; }
+ @Override public int code() { return 0; }
+ @Override public String body() { return null; }
+ @Override public String header(String tag) { return null; }
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Holder.java b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Holder.java
index 079951f5..dd9b0539 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Holder.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Holder.java
@@ -29,17 +29,17 @@ import org.onap.aaf.cadi.client.Holder;
public class JU_Holder {
- @Test
- public void test() {
- String str1 = "a string";
- String str2 = "another string";
- Holder<String> holder = new Holder<String>(str1);
- assertThat(holder.get(), is(str1));
- assertThat(holder.toString(), is(str1));
-
- holder.set(str2);
- assertThat(holder.get(), is(str2));
- assertThat(holder.toString(), is(str2));
- }
+ @Test
+ public void test() {
+ String str1 = "a string";
+ String str2 = "another string";
+ Holder<String> holder = new Holder<String>(str1);
+ assertThat(holder.get(), is(str1));
+ assertThat(holder.toString(), is(str1));
+
+ holder.set(str2);
+ assertThat(holder.get(), is(str2));
+ assertThat(holder.toString(), is(str2));
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Rcli.java b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Rcli.java
index 886c5d84..d33811e3 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Rcli.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Rcli.java
@@ -55,228 +55,228 @@ import org.onap.aaf.misc.rosetta.env.RosettaData;
public class JU_Rcli {
- @Mock RosettaDF<HttpURLConnection> dfMock;
- @Mock RosettaData<HttpURLConnection> dataMock;
- @Mock HttpURLConnection conMock;
- @Mock HttpServletRequest reqMock;
- @Mock HttpServletResponse respMock;
- @Mock ServletInputStream isMock;
-
- private final static String uriString = "example.com";
- private final static String apiVersion = "v1.0";
- private final static String contentType = "contentType";
-
- private static URI uri;
- private static Enumeration<String> enumeration;
-
- private Client client;
-
- @Before
- public void setup() throws URISyntaxException, IOException {
- MockitoAnnotations.initMocks(this);
-
- when(dfMock.getTypeClass()).thenReturn(HttpURLConnection.class);
- when(dfMock.newData()).thenReturn(dataMock);
- when(dataMock.out((TYPE) any())).thenReturn(dataMock);
-
- when(reqMock.getInputStream()).thenReturn(isMock);
- when(isMock.read((byte[]) any())).thenReturn(-1);
-
- uri = new URI(uriString);
- enumeration = new CustomEnumeration();
- client = new Client();
- }
-
- @Test
- public void createTest() throws APIException, CadiException {
- RcliStub rcli = new RcliStub(uri);
- rcli.type(Data.TYPE.XML);
-
- rcli.create(null, contentType, dfMock, conMock);
- rcli.create("No question mark", contentType, dfMock, conMock);
- rcli.create("question?mark", contentType, dfMock, conMock);
-
- rcli.create(null, dfMock, conMock);
- rcli.create("No question mark", dfMock, conMock);
- rcli.create("question?mark", dfMock, conMock);
-
- rcli.create(null, HttpURLConnection.class, dfMock, conMock);
- rcli.create("No question mark", HttpURLConnection.class, dfMock, conMock);
- rcli.create("question?mark", HttpURLConnection.class, dfMock, conMock);
-
- rcli.create(null, HttpURLConnection.class);
- rcli.create("No question mark", HttpURLConnection.class);
- rcli.create("question?mark", HttpURLConnection.class);
-
- rcli.create(null, contentType);
- rcli.create("No question mark", contentType);
- rcli.create("question?mark", contentType);
- }
-
- @Test
- public void postFormTest() throws APIException, CadiException {
- RcliStub rcli = new RcliStub(uri);
-
- rcli.type(Data.TYPE.DEFAULT);
- rcli.postForm(null, dfMock);
- rcli.postForm("No question mark", dfMock);
- rcli.postForm("question?mark", dfMock);
-
- rcli.type(Data.TYPE.JSON);
- rcli.postForm("question?mark", dfMock);
-
- rcli.type(Data.TYPE.XML);
- rcli.postForm("question?mark", dfMock);
-
- }
-
- @Test
- public void readPostTest() throws APIException, CadiException {
- RcliStub rcli = new RcliStub(uri);
- rcli.type(Data.TYPE.DEFAULT);
-
- rcli.readPost(null, dfMock, conMock);
- rcli.readPost("No question mark", dfMock, conMock);
- rcli.readPost("question?mark", dfMock, conMock);
-
- rcli.readPost(null, dfMock, conMock, dfMock);
- rcli.readPost("No question mark", dfMock, conMock, dfMock);
- rcli.readPost("question?mark", dfMock, conMock, dfMock);
-
- rcli.readPost("First string", "Second string");
- }
-
- @Test
- public void readTest() throws APIException, CadiException {
- RcliStub rcli = new RcliStub(uri);
- rcli.type(Data.TYPE.DEFAULT);
-
- rcli.read("First string", "Second string", "Third string", "Fourth string");
- rcli.read("First string", "Second string", dfMock, "Third string", "Fourth string");
- rcli.read("First string", dfMock, "Third string", "Fourth string");
- rcli.read("First string", HttpURLConnection.class ,dfMock);
- }
-
- @Test
- public void updateTest() throws APIException, CadiException {
- RcliStub rcli = new RcliStub(uri);
- rcli.type(Data.TYPE.DEFAULT);
-
- rcli.update("First string", "Second string", dfMock, conMock);
- rcli.update("First string", dfMock, conMock);
- rcli.update("First string", HttpURLConnection.class, dfMock, conMock);
- rcli.update("First string");
- rcli.updateRespondString("First string", dfMock, conMock);
- }
-
- @Test
- public void deleteTest() throws APIException, CadiException {
- RcliStub rcli = new RcliStub(uri);
- rcli.type(Data.TYPE.DEFAULT);
-
- rcli.delete("First string", "Second string", dfMock, conMock);
- rcli.delete("First string", dfMock, conMock);
- rcli.delete("First string", HttpURLConnection.class, dfMock, conMock);
- rcli.delete("First string", HttpURLConnection.class);
- rcli.delete("First string", "Second string");
- }
-
- @Test
- public void transferTest() throws APIException, CadiException {
- RcliStub rcli = new RcliStub(uri);
- rcli.type(Data.TYPE.DEFAULT);
-
- when(reqMock.getRequestURI()).thenReturn(uriString);
- when(reqMock.getHeaderNames()).thenReturn(enumeration);
- rcli.transfer(reqMock, respMock, "string", 200);
-
- // coverage...
- when(reqMock.getMethod()).thenReturn("GET");
- rcli.transfer(reqMock, respMock, "string", 200);
- }
-
- @Test(expected = CadiException.class)
- public void transferThrowsTest() throws APIException, CadiException {
- RcliStub rcli = new RcliStub(uri);
- rcli.type(Data.TYPE.DEFAULT);
-
- rcli.transfer(reqMock, respMock, "string", 200);
- }
-
- @Test
- public void accessorMutatorTest() throws URISyntaxException {
- RcliStub rcli = new RcliStub();
- Rcli<?> rcliClone = rcli.forUser(null);
-
- rcli = new RcliStub(uri);
- assertThat(rcli.toString(), is(uriString));
- assertThat(rcli.getURI(), is(uri));
- assertThat(rcli.getReadTimeout(), is(5000));
- assertThat(rcli.getConnectionTimeout(), is(3000));
-
- rcli.connectionTimeout(3001);
- assertThat(rcli.getConnectionTimeout(), is(3001));
- rcli.readTimeout(5001);
- assertThat(rcli.getReadTimeout(), is(5001));
- rcli.apiVersion(apiVersion);
- assertThat(rcli.isApiVersion(apiVersion), is(true));
- rcli.type(Data.TYPE.XML);
- assertThat(rcli.typeString(HttpURLConnection.class), is("application/HttpURLConnection+xml;version=" + apiVersion));
- rcli.apiVersion(null);
- assertThat(rcli.typeString(HttpURLConnection.class), is("application/HttpURLConnection+xml"));
-
- rcliClone = rcli.forUser(null);
- assertThat(rcliClone.toString(), is(uriString));
- }
-
- private class RcliStub extends Rcli<HttpURLConnection> {
- public RcliStub() { super(); }
- public RcliStub(URI uri) { this.uri = uri; }
- @Override public void setSecuritySetter(SecuritySetter<HttpURLConnection> ss) { }
- @Override public SecuritySetter<HttpURLConnection> getSecuritySetter() { return null; }
- @Override protected Rcli<HttpURLConnection> clone(URI uri, SecuritySetter<HttpURLConnection> ss) { return this; }
- @Override public void invalidate() throws CadiException { }
- @Override protected EClient<HttpURLConnection> client() throws CadiException { return client; }
- public int getReadTimeout() { return readTimeout; }
- public int getConnectionTimeout() { return connectionTimeout; }
- }
-
- private class CustomEnumeration implements Enumeration<String> {
- private int idx = 0;
- private final String[] elements = {"This", "is", "a", "test"};
- @Override
- public String nextElement() {
- return idx >= elements.length ? null : elements[idx++];
- }
- @Override
- public boolean hasMoreElements() {
- return idx < elements.length;
- }
- }
-
- private class Client implements EClient<HttpURLConnection> {
- private Transfer transfer;
- @Override public void setPayload(Transfer transfer) { this.transfer = transfer; }
- @Override public void setMethod(String meth) { }
- @Override public void setPathInfo(String pathinfo) { }
- @Override public void addHeader(String tag, String value) { }
- @Override public void setQueryParams(String q) { }
- @Override public void setFragment(String f) { }
- @Override public void send() throws APIException {
- try {
- if (transfer != null) {
- transfer.transfer(new PrintStream(new ByteArrayOutputStream()));
- }
- } catch (IOException e) {
- }
- }
- @Override public <T> Future<T> futureCreate(Class<T> t) { return null; }
- @Override public Future<String> futureReadString() { return null; }
- @Override public <T> Future<T> futureRead(RosettaDF<T> df, TYPE type) { return null; }
- @Override public <T> Future<T> future(T t) { return null; }
- @Override public Future<Void> future(HttpServletResponse resp, int expected) throws APIException { return null; }
- }
-
- //private class FutureStub implements Future<String> {
- //}
+ @Mock RosettaDF<HttpURLConnection> dfMock;
+ @Mock RosettaData<HttpURLConnection> dataMock;
+ @Mock HttpURLConnection conMock;
+ @Mock HttpServletRequest reqMock;
+ @Mock HttpServletResponse respMock;
+ @Mock ServletInputStream isMock;
+
+ private final static String uriString = "example.com";
+ private final static String apiVersion = "v1.0";
+ private final static String contentType = "contentType";
+
+ private static URI uri;
+ private static Enumeration<String> enumeration;
+
+ private Client client;
+
+ @Before
+ public void setup() throws URISyntaxException, IOException {
+ MockitoAnnotations.initMocks(this);
+
+ when(dfMock.getTypeClass()).thenReturn(HttpURLConnection.class);
+ when(dfMock.newData()).thenReturn(dataMock);
+ when(dataMock.out((TYPE) any())).thenReturn(dataMock);
+
+ when(reqMock.getInputStream()).thenReturn(isMock);
+ when(isMock.read((byte[]) any())).thenReturn(-1);
+
+ uri = new URI(uriString);
+ enumeration = new CustomEnumeration();
+ client = new Client();
+ }
+
+ @Test
+ public void createTest() throws APIException, CadiException {
+ RcliStub rcli = new RcliStub(uri);
+ rcli.type(Data.TYPE.XML);
+
+ rcli.create(null, contentType, dfMock, conMock);
+ rcli.create("No question mark", contentType, dfMock, conMock);
+ rcli.create("question?mark", contentType, dfMock, conMock);
+
+ rcli.create(null, dfMock, conMock);
+ rcli.create("No question mark", dfMock, conMock);
+ rcli.create("question?mark", dfMock, conMock);
+
+ rcli.create(null, HttpURLConnection.class, dfMock, conMock);
+ rcli.create("No question mark", HttpURLConnection.class, dfMock, conMock);
+ rcli.create("question?mark", HttpURLConnection.class, dfMock, conMock);
+
+ rcli.create(null, HttpURLConnection.class);
+ rcli.create("No question mark", HttpURLConnection.class);
+ rcli.create("question?mark", HttpURLConnection.class);
+
+ rcli.create(null, contentType);
+ rcli.create("No question mark", contentType);
+ rcli.create("question?mark", contentType);
+ }
+
+ @Test
+ public void postFormTest() throws APIException, CadiException {
+ RcliStub rcli = new RcliStub(uri);
+
+ rcli.type(Data.TYPE.DEFAULT);
+ rcli.postForm(null, dfMock);
+ rcli.postForm("No question mark", dfMock);
+ rcli.postForm("question?mark", dfMock);
+
+ rcli.type(Data.TYPE.JSON);
+ rcli.postForm("question?mark", dfMock);
+
+ rcli.type(Data.TYPE.XML);
+ rcli.postForm("question?mark", dfMock);
+
+ }
+
+ @Test
+ public void readPostTest() throws APIException, CadiException {
+ RcliStub rcli = new RcliStub(uri);
+ rcli.type(Data.TYPE.DEFAULT);
+
+ rcli.readPost(null, dfMock, conMock);
+ rcli.readPost("No question mark", dfMock, conMock);
+ rcli.readPost("question?mark", dfMock, conMock);
+
+ rcli.readPost(null, dfMock, conMock, dfMock);
+ rcli.readPost("No question mark", dfMock, conMock, dfMock);
+ rcli.readPost("question?mark", dfMock, conMock, dfMock);
+
+ rcli.readPost("First string", "Second string");
+ }
+
+ @Test
+ public void readTest() throws APIException, CadiException {
+ RcliStub rcli = new RcliStub(uri);
+ rcli.type(Data.TYPE.DEFAULT);
+
+ rcli.read("First string", "Second string", "Third string", "Fourth string");
+ rcli.read("First string", "Second string", dfMock, "Third string", "Fourth string");
+ rcli.read("First string", dfMock, "Third string", "Fourth string");
+ rcli.read("First string", HttpURLConnection.class ,dfMock);
+ }
+
+ @Test
+ public void updateTest() throws APIException, CadiException {
+ RcliStub rcli = new RcliStub(uri);
+ rcli.type(Data.TYPE.DEFAULT);
+
+ rcli.update("First string", "Second string", dfMock, conMock);
+ rcli.update("First string", dfMock, conMock);
+ rcli.update("First string", HttpURLConnection.class, dfMock, conMock);
+ rcli.update("First string");
+ rcli.updateRespondString("First string", dfMock, conMock);
+ }
+
+ @Test
+ public void deleteTest() throws APIException, CadiException {
+ RcliStub rcli = new RcliStub(uri);
+ rcli.type(Data.TYPE.DEFAULT);
+
+ rcli.delete("First string", "Second string", dfMock, conMock);
+ rcli.delete("First string", dfMock, conMock);
+ rcli.delete("First string", HttpURLConnection.class, dfMock, conMock);
+ rcli.delete("First string", HttpURLConnection.class);
+ rcli.delete("First string", "Second string");
+ }
+
+ @Test
+ public void transferTest() throws APIException, CadiException {
+ RcliStub rcli = new RcliStub(uri);
+ rcli.type(Data.TYPE.DEFAULT);
+
+ when(reqMock.getRequestURI()).thenReturn(uriString);
+ when(reqMock.getHeaderNames()).thenReturn(enumeration);
+ rcli.transfer(reqMock, respMock, "string", 200);
+
+ // coverage...
+ when(reqMock.getMethod()).thenReturn("GET");
+ rcli.transfer(reqMock, respMock, "string", 200);
+ }
+
+ @Test(expected = CadiException.class)
+ public void transferThrowsTest() throws APIException, CadiException {
+ RcliStub rcli = new RcliStub(uri);
+ rcli.type(Data.TYPE.DEFAULT);
+
+ rcli.transfer(reqMock, respMock, "string", 200);
+ }
+
+ @Test
+ public void accessorMutatorTest() throws URISyntaxException {
+ RcliStub rcli = new RcliStub();
+ Rcli<?> rcliClone = rcli.forUser(null);
+
+ rcli = new RcliStub(uri);
+ assertThat(rcli.toString(), is(uriString));
+ assertThat(rcli.getURI(), is(uri));
+ assertThat(rcli.getReadTimeout(), is(5000));
+ assertThat(rcli.getConnectionTimeout(), is(3000));
+
+ rcli.connectionTimeout(3001);
+ assertThat(rcli.getConnectionTimeout(), is(3001));
+ rcli.readTimeout(5001);
+ assertThat(rcli.getReadTimeout(), is(5001));
+ rcli.apiVersion(apiVersion);
+ assertThat(rcli.isApiVersion(apiVersion), is(true));
+ rcli.type(Data.TYPE.XML);
+ assertThat(rcli.typeString(HttpURLConnection.class), is("application/HttpURLConnection+xml;version=" + apiVersion));
+ rcli.apiVersion(null);
+ assertThat(rcli.typeString(HttpURLConnection.class), is("application/HttpURLConnection+xml"));
+
+ rcliClone = rcli.forUser(null);
+ assertThat(rcliClone.toString(), is(uriString));
+ }
+
+ private class RcliStub extends Rcli<HttpURLConnection> {
+ public RcliStub() { super(); }
+ public RcliStub(URI uri) { this.uri = uri; }
+ @Override public void setSecuritySetter(SecuritySetter<HttpURLConnection> ss) { }
+ @Override public SecuritySetter<HttpURLConnection> getSecuritySetter() { return null; }
+ @Override protected Rcli<HttpURLConnection> clone(URI uri, SecuritySetter<HttpURLConnection> ss) { return this; }
+ @Override public void invalidate() throws CadiException { }
+ @Override protected EClient<HttpURLConnection> client() throws CadiException { return client; }
+ public int getReadTimeout() { return readTimeout; }
+ public int getConnectionTimeout() { return connectionTimeout; }
+ }
+
+ private class CustomEnumeration implements Enumeration<String> {
+ private int idx = 0;
+ private final String[] elements = {"This", "is", "a", "test"};
+ @Override
+ public String nextElement() {
+ return idx >= elements.length ? null : elements[idx++];
+ }
+ @Override
+ public boolean hasMoreElements() {
+ return idx < elements.length;
+ }
+ }
+
+ private class Client implements EClient<HttpURLConnection> {
+ private Transfer transfer;
+ @Override public void setPayload(Transfer transfer) { this.transfer = transfer; }
+ @Override public void setMethod(String meth) { }
+ @Override public void setPathInfo(String pathinfo) { }
+ @Override public void addHeader(String tag, String value) { }
+ @Override public void setQueryParams(String q) { }
+ @Override public void setFragment(String f) { }
+ @Override public void send() throws APIException {
+ try {
+ if (transfer != null) {
+ transfer.transfer(new PrintStream(new ByteArrayOutputStream()));
+ }
+ } catch (IOException e) {
+ }
+ }
+ @Override public <T> Future<T> futureCreate(Class<T> t) { return null; }
+ @Override public Future<String> futureReadString() { return null; }
+ @Override public <T> Future<T> futureRead(RosettaDF<T> df, TYPE type) { return null; }
+ @Override public <T> Future<T> future(T t) { return null; }
+ @Override public Future<Void> future(HttpServletResponse resp, int expected) throws APIException { return null; }
+ }
+
+ //private class FutureStub implements Future<String> {
+ //}
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Result.java b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Result.java
index 05ca27f3..41570980 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Result.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Result.java
@@ -28,24 +28,24 @@ import org.junit.*;
import org.onap.aaf.cadi.client.Result;
public class JU_Result {
-
- private static final int OK = 200;
- private static final int NOT_FOUND = 404;
+
+ private static final int OK = 200;
+ private static final int NOT_FOUND = 404;
- @Test
- public void test() {
- Result<Integer> result;
- result = Result.ok(OK, 10);
- assertThat(result.toString(), is("Code: 200"));
- assertThat(result.isOK(), is(true));
-
- result = Result.err(NOT_FOUND, "File not found");
- assertThat(result.toString(), is("Code: 404 = File not found"));
- assertThat(result.isOK(), is(false));
+ @Test
+ public void test() {
+ Result<Integer> result;
+ result = Result.ok(OK, 10);
+ assertThat(result.toString(), is("Code: 200"));
+ assertThat(result.isOK(), is(true));
+
+ result = Result.err(NOT_FOUND, "File not found");
+ assertThat(result.toString(), is("Code: 404 = File not found"));
+ assertThat(result.isOK(), is(false));
- result = Result.err(result);
- assertThat(result.toString(), is("Code: 404 = File not found"));
- assertThat(result.isOK(), is(false));
- }
-
+ result = Result.err(result);
+ assertThat(result.toString(), is("Code: 404 = File not found"));
+ assertThat(result.isOK(), is(false));
+ }
+
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Retryable.java b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Retryable.java
index 84863744..200b393d 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Retryable.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/client/test/JU_Retryable.java
@@ -35,25 +35,25 @@ import org.onap.aaf.misc.env.APIException;
public class JU_Retryable {
- @Test
- public void test() {
- RetryableStub retry = new RetryableStub();
- assertThat(retry.item(), is(nullValue()));
- assertThat(retry.lastClient(), is(nullValue()));
-
- Locator.Item item = null;
- assertThat(retry.item(item), is(item));
-
- retry = new RetryableStub(retry);
- assertThat(retry.item(), is(nullValue()));
- assertThat(retry.lastClient(), is(nullValue()));
- assertThat(retry.item(item), is(item));
- }
-
- private class RetryableStub extends Retryable<Integer> {
- public RetryableStub() { super(); }
- public RetryableStub(Retryable<?> ret) { super(ret); }
- @Override public Integer code(Rcli<?> client) throws CadiException, ConnectException, APIException { return null; }
- }
+ @Test
+ public void test() {
+ RetryableStub retry = new RetryableStub();
+ assertThat(retry.item(), is(nullValue()));
+ assertThat(retry.lastClient(), is(nullValue()));
+
+ Locator.Item item = null;
+ assertThat(retry.item(item), is(item));
+
+ retry = new RetryableStub(retry);
+ assertThat(retry.item(), is(nullValue()));
+ assertThat(retry.lastClient(), is(nullValue()));
+ assertThat(retry.item(item), is(item));
+ }
+
+ private class RetryableStub extends Retryable<Integer> {
+ public RetryableStub() { super(); }
+ public RetryableStub(Retryable<?> ret) { super(ret); }
+ @Override public Integer code(Rcli<?> client) throws CadiException, ConnectException, APIException { return null; }
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HAuthorizationHeader.java b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HAuthorizationHeader.java
index be12e7ac..4bb44e10 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HAuthorizationHeader.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HAuthorizationHeader.java
@@ -36,44 +36,44 @@ import org.onap.aaf.cadi.http.HAuthorizationHeader;
public class JU_HAuthorizationHeader {
- @Mock
- SecurityInfoC<HttpURLConnection> siMock;
+ @Mock
+ SecurityInfoC<HttpURLConnection> siMock;
- @Mock
- HttpsURLConnection hucsMock;
-
- @Mock
- HttpURLConnection hucMock;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- }
+ @Mock
+ HttpsURLConnection hucsMock;
+
+ @Mock
+ HttpURLConnection hucMock;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ }
- @Test
- public void test() throws IOException, CadiException {
- HAuthorizationHeader header = new HAuthorizationHeader(siMock, null, null);
- header.setSecurity(hucsMock);
- header.setSecurity(hucMock);
+ @Test
+ public void test() throws IOException, CadiException {
+ HAuthorizationHeader header = new HAuthorizationHeader(siMock, null, null);
+ header.setSecurity(hucsMock);
+ header.setSecurity(hucMock);
- header = new HAuthorizationHeader(null, null, null);
- header.setSecurity(hucsMock);
- }
-
- @Test(expected = CadiException.class)
- public void throwsWhenDeniedTest() throws CadiException, IOException {
- HAuthorizationHeader header = new HAuthorizationHeader(siMock, "string1", "string2") {
- @Override public boolean isDenied() { return true; }
- };
- header.setSecurity(null);
- }
+ header = new HAuthorizationHeader(null, null, null);
+ header.setSecurity(hucsMock);
+ }
+
+ @Test(expected = CadiException.class)
+ public void throwsWhenDeniedTest() throws CadiException, IOException {
+ HAuthorizationHeader header = new HAuthorizationHeader(siMock, "string1", "string2") {
+ @Override public boolean isDenied() { return true; }
+ };
+ header.setSecurity(null);
+ }
- @Test(expected = CadiException.class)
- public void throwsTest() throws CadiException, IOException {
- HAuthorizationHeader header = new HAuthorizationHeader(siMock, "string1", "string2") {
- @Override public String headValue() throws IOException { throw new IOException(); }
- };
- header.setSecurity(null);
- }
+ @Test(expected = CadiException.class)
+ public void throwsTest() throws CadiException, IOException {
+ HAuthorizationHeader header = new HAuthorizationHeader(siMock, "string1", "string2") {
+ @Override public String headValue() throws IOException { throw new IOException(); }
+ };
+ header.setSecurity(null);
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HBasicAuthSS.java b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HBasicAuthSS.java
index fa0a673f..d0655979 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HBasicAuthSS.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HBasicAuthSS.java
@@ -39,57 +39,57 @@ import org.onap.aaf.cadi.http.HSecurityInfoInit;
import org.onap.aaf.cadi.principal.BasicPrincipal;
public class JU_HBasicAuthSS {
-
- @Mock
- BasicPrincipal bpMock;
-
- private SecurityInfoC<HttpURLConnection> si;
- private PropAccess access;
-
- private final static String id = "id";
- private final static String password = "password";
-
- @Before
- public void setup() throws CadiException, IOException {
- MockitoAnnotations.initMocks(this);
-
- when(bpMock.getName()).thenReturn(id);
- when(bpMock.getCred()).thenReturn(password.getBytes());
-
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- access.setProperty(Config.AAF_APPID, id);
- access.setProperty(Config.AAF_APPPASS, access.encrypt(password));
+
+ @Mock
+ BasicPrincipal bpMock;
+
+ private SecurityInfoC<HttpURLConnection> si;
+ private PropAccess access;
+
+ private final static String id = "id";
+ private final static String password = "password";
+
+ @Before
+ public void setup() throws CadiException, IOException {
+ MockitoAnnotations.initMocks(this);
+
+ when(bpMock.getName()).thenReturn(id);
+ when(bpMock.getCred()).thenReturn(password.getBytes());
+
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ access.setProperty(Config.AAF_APPID, id);
+ access.setProperty(Config.AAF_APPPASS, access.encrypt(password));
- si = SecurityInfoC.instance(access, HttpURLConnection.class);
- }
+ si = SecurityInfoC.instance(access, HttpURLConnection.class);
+ }
- @Test
- public void test() throws IOException {
- // All the constructors accomplish the same thing
- @SuppressWarnings("unused")
- HBasicAuthSS auth = new HBasicAuthSS(si);
-
- // TODO: While these test _should_ pass, and they _do_ pass on my local machine, they won't
- // pass when then onap jobbuilder runs them. Good luck!
-// assertThat(auth.getID(), is(id));
+ @Test
+ public void test() throws IOException {
+ // All the constructors accomplish the same thing
+ @SuppressWarnings("unused")
+ HBasicAuthSS auth = new HBasicAuthSS(si);
+
+ // TODO: While these test _should_ pass, and they _do_ pass on my local machine, they won't
+ // pass when then onap jobbuilder runs them. Good luck!
+// assertThat(auth.getID(), is(id));
- auth = new HBasicAuthSS(si, false);
-// assertThat(auth.getID(), is(id));
+ auth = new HBasicAuthSS(si, false);
+// assertThat(auth.getID(), is(id));
- auth = new HBasicAuthSS(si, id, password, false);
-// assertThat(auth.getID(), is(id));
+ auth = new HBasicAuthSS(si, id, password, false);
+// assertThat(auth.getID(), is(id));
- auth = new HBasicAuthSS(si, id, password, true);
-// assertThat(auth.getID(), is(id));
+ auth = new HBasicAuthSS(si, id, password, true);
+// assertThat(auth.getID(), is(id));
- auth = new HBasicAuthSS(bpMock, si);
-// assertThat(auth.getID(), is(id));
-
- auth = new HBasicAuthSS(bpMock, si, false);
-// assertThat(auth.getID(), is(id));
-
- auth = new HBasicAuthSS(bpMock, si, true);
-// assertThat(auth.getID(), is(id));
- }
+ auth = new HBasicAuthSS(bpMock, si);
+// assertThat(auth.getID(), is(id));
+
+ auth = new HBasicAuthSS(bpMock, si, false);
+// assertThat(auth.getID(), is(id));
+
+ auth = new HBasicAuthSS(bpMock, si, true);
+// assertThat(auth.getID(), is(id));
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HClient.java b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HClient.java
index 646d63fa..c32abe43 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HClient.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HClient.java
@@ -51,270 +51,270 @@ import org.onap.aaf.misc.rosetta.env.RosettaData;
public class JU_HClient {
- @Mock private SecuritySetter<HttpURLConnection> ssMock;
- @Mock private Transfer transferMock;
- @Mock private HttpURLConnection hucMock;
- @Mock private HttpServletResponse respMock;
- @Mock private RosettaDF<HttpURLConnection> dfMock;
- @Mock private RosettaData<HttpURLConnection> dataMock;
-
- private static final String uriString = "http://example.com:8080/path/to/a/file.txt";
- private static final String fragment = "fragment";
- private static final String method = "method";
- private static final String pathinfo = "pathinfo";
- private static final String queryParams = "queryParams";
-
- private static final String errorString = "error string";
- private static final String successString = "success string";
-
- private static final String tag1 = "tag1";
- private static final String tag2 = "tag2";
- private static final String value1 = "value1";
- private static final String value2 = "value2";
-
- private URI uri;
-
- @Before
- public void setup() throws URISyntaxException {
- MockitoAnnotations.initMocks(this);
-
- uri = new URI(uriString);
- }
-
- @Test
- public void accessorsMutatorsTest() throws LocatorException {
- HClient client = new HClient(ssMock, uri, 0);
- client.setFragment(fragment);
- client.setMethod(method);
- client.setPathInfo(pathinfo);
- client.setPayload(transferMock);
- client.setQueryParams(queryParams);
- assertThat(client.getURI(), is(uri));
- assertThat(client.timeout(), is(0));
- assertThat(client.toString(), is("HttpURLConnection Client configured to " + uri.toString()));
- }
-
- @Test
- public void sendTest() throws LocatorException, APIException, URISyntaxException {
- HClientStub client;
- client = new HClientStub(ssMock, uri, 0, null);
- client.send();
-
- client.setPathInfo("/pathinfo");
- client.send();
-
- client.setPathInfo("pathinfo");
- client.send();
-
- client = new HClientStub(null, uri, 0, null);
- client.send();
-
- client.addHeader(tag1, value1);
- client.addHeader(tag2, value2);
- client.send();
-
- client.setPayload(transferMock);
- client.send();
- }
-
- @Test(expected = APIException.class)
- public void sendThrows1Test() throws APIException, LocatorException, URISyntaxException {
- HClientStub client = new HClientStub(ssMock, new URI("mailto:me@domain.com"), 0, null);
- client.send();
- }
-
- @Test(expected = APIException.class)
- public void sendThrows2Test() throws APIException, LocatorException, URISyntaxException {
- HClientStub client = new HClientStub(ssMock, new URI("mailto:me@domain.com"), 0, null);
- client.addHeader(tag1, value1);
- client.addHeader(tag2, value2);
- client.send();
- }
-
- @Test
- public void futureCreateTest() throws LocatorException, CadiException, IOException {
- HClient client = new HClientStub(ssMock, uri, 0, hucMock);
- HFuture<HttpURLConnection> future = (HFuture<HttpURLConnection>) client.futureCreate(HttpURLConnection.class);
-
- // Test a bad response code (default 0) without output
- assertThat(future.get(0), is(false));
- assertThat(future.body().length(), is(0));
-
- // Test a bad response code (default 0) with output
- ByteArrayInputStream bais = new ByteArrayInputStream(errorString.getBytes());
- when(hucMock.getInputStream()).thenReturn(bais);
- assertThat(future.get(0), is(false));
- assertThat(future.body(), is(errorString));
-
- // Test a good response code
- when(hucMock.getResponseCode()).thenReturn(201);
- assertThat(future.get(0), is(true));
- }
-
- @Test
- public void futureReadStringTest() throws LocatorException, CadiException, IOException {
- HClient client = new HClientStub(ssMock, uri, 0, hucMock);
- Future<String> future = client.futureReadString();
-
- // Test a bad response code (default 0) without output
- assertThat(future.get(0), is(false));
- assertThat(future.body().length(), is(0));
-
- // Test a bad response code (default 0) with output
- when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(errorString.getBytes()));
- assertThat(future.get(0), is(false));
- assertThat(future.body(), is(errorString));
-
- // Test a good response code
- when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(successString.getBytes()));
- when(hucMock.getResponseCode()).thenReturn(200);
- assertThat(future.get(0), is(true));
- assertThat(future.body(), is(successString));
- }
-
- @Test
- public void futureReadTest() throws LocatorException, CadiException, IOException, APIException {
- HClient client = new HClientStub(ssMock, uri, 0, hucMock);
- Future<HttpURLConnection> future = client.futureRead(dfMock, null);
-
- // Test a bad response code (default 0) without output
- assertThat(future.get(0), is(false));
- assertThat(future.body().length(), is(0));
-
- // Test a bad response code (default 0) with output
- when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(errorString.getBytes()));
- assertThat(future.get(0), is(false));
- assertThat(future.body(), is(errorString));
-
- // Test a good response code
- when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(successString.getBytes()));
- when(dfMock.newData()).thenReturn(dataMock);
- when(dataMock.in(null)).thenReturn(dataMock);
- when(dataMock.load((InputStream)any())).thenReturn(dataMock);
- when(dataMock.asObject()).thenReturn(hucMock);
- when(dataMock.asString()).thenReturn(successString);
- when(hucMock.getResponseCode()).thenReturn(200);
- assertThat(future.get(0), is(true));
- assertThat(future.body(), is(successString));
- }
-
- @Test
- public void future1Test() throws LocatorException, CadiException, IOException, APIException {
- HClient client = new HClientStub(ssMock, uri, 0, hucMock);
- Future<HttpURLConnection> future = client.future(hucMock);
-
- // Test a good response code
- when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(successString.getBytes()));
- when(hucMock.getResponseCode()).thenReturn(200);
- assertThat(future.get(0), is(true));
- assertThat(future.body(), is("200"));
-
- // Test a bad response code
- when(hucMock.getResponseCode()).thenReturn(0);
- when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(errorString.getBytes()));
- assertThat(future.get(0), is(false));
- assertThat(future.body(), is(errorString));
- }
-
- @Test
- public void future2Test() throws LocatorException, CadiException, IOException, APIException {
- HClient client = new HClientStub(ssMock, uri, 0, hucMock);
- Future<Void> future = client.future(respMock, 200);
-
- ServletOutputStream sos = new ServletOutputStream() {
- @Override public void write(int arg0) throws IOException { }
- };
- when(respMock.getOutputStream()).thenReturn(sos);
-
- // Test a good response code
- when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(successString.getBytes()));
- when(hucMock.getResponseCode()).thenReturn(200);
- assertThat(future.get(0), is(true));
- assertThat(future.body(), is(nullValue()));
-
- // Test a bad response code
- when(hucMock.getResponseCode()).thenReturn(0);
- when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(errorString.getBytes()));
- assertThat(future.get(0), is(false));
- assertThat(future.body(), is(""));
- }
-
- @Test
- public void hfutureTest() throws CadiException, IOException, LocatorException {
- HClient client = new HClientStub(ssMock, uri, 0, hucMock);
- HFutureStub future = new HFutureStub(client, hucMock);
- assertThat(future.get(0), is(false));
-
- // Test a bad response code (default 0) with output
- when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(errorString.getBytes()));
- assertThat(future.get(0), is(false));
-
- assertThat(future.get(0), is(false));
-
- when(hucMock.getResponseCode()).thenReturn(200);
- assertThat(future.get(0), is(true));
-
- StringBuilder sb = future.inputStreamToString(new ByteArrayInputStream(errorString.getBytes()));
- assertThat(sb.toString(), is(errorString));
-
- assertThat(future.code(), is(200));
- assertThat(future.huc(), is(hucMock));
-
- assertThat(future.exception(), is(nullValue()));
- assertThat(future.header("string"), is(nullValue()));
-
- // coverage...
- future.setHuc(null);
- future.close();
- }
-
- @Test
- public void headerTest() throws LocatorException {
- HClient client = new HClientStub(ssMock, uri, 0, hucMock);
- String tag1 = "tag1";
- String tag2 = "tag2";
- String value1 = "value1";
- String value2 = "value2";
- client.addHeader(tag1, value1);
- client.addHeader(tag2, value2);
- }
-
- @Test(expected = LocatorException.class)
- public void throws1Test() throws LocatorException {
- @SuppressWarnings("unused")
- HClient client = new HClient(ssMock, null, 0);
- }
-
- private class HClientStub extends HClient {
- public HClientStub(SecuritySetter<HttpURLConnection> ss, URI uri, int connectTimeout, HttpURLConnection huc) throws LocatorException {
- super(ss, uri, connectTimeout);
- setHuc(huc);
- }
- public void setHuc(HttpURLConnection huc) {
- Field field;
- try {
- field = HClient.class.getDeclaredField("huc");
- field.setAccessible(true);
- field.set(this, huc);
- field.setAccessible(false);
- } catch (NoSuchFieldException | SecurityException | IllegalArgumentException | IllegalAccessException e) {
- e.printStackTrace();
- fail("Caught an exception: " + e.getMessage());
- }
- }
- @Override
- public HttpURLConnection getConnection(URI uri, StringBuilder pi) throws IOException {
- return hucMock;
- }
- }
-
- private class HFutureStub extends HFuture<HttpURLConnection> {
- public HFutureStub(HClient hClient, HttpURLConnection huc) {
- hClient.super(huc);
- }
-
- @Override public String body() { return null; }
- public void setHuc(HttpURLConnection huc) { this.huc = huc; }
- }
+ @Mock private SecuritySetter<HttpURLConnection> ssMock;
+ @Mock private Transfer transferMock;
+ @Mock private HttpURLConnection hucMock;
+ @Mock private HttpServletResponse respMock;
+ @Mock private RosettaDF<HttpURLConnection> dfMock;
+ @Mock private RosettaData<HttpURLConnection> dataMock;
+
+ private static final String uriString = "http://example.com:8080/path/to/a/file.txt";
+ private static final String fragment = "fragment";
+ private static final String method = "method";
+ private static final String pathinfo = "pathinfo";
+ private static final String queryParams = "queryParams";
+
+ private static final String errorString = "error string";
+ private static final String successString = "success string";
+
+ private static final String tag1 = "tag1";
+ private static final String tag2 = "tag2";
+ private static final String value1 = "value1";
+ private static final String value2 = "value2";
+
+ private URI uri;
+
+ @Before
+ public void setup() throws URISyntaxException {
+ MockitoAnnotations.initMocks(this);
+
+ uri = new URI(uriString);
+ }
+
+ @Test
+ public void accessorsMutatorsTest() throws LocatorException {
+ HClient client = new HClient(ssMock, uri, 0);
+ client.setFragment(fragment);
+ client.setMethod(method);
+ client.setPathInfo(pathinfo);
+ client.setPayload(transferMock);
+ client.setQueryParams(queryParams);
+ assertThat(client.getURI(), is(uri));
+ assertThat(client.timeout(), is(0));
+ assertThat(client.toString(), is("HttpURLConnection Client configured to " + uri.toString()));
+ }
+
+ @Test
+ public void sendTest() throws LocatorException, APIException, URISyntaxException {
+ HClientStub client;
+ client = new HClientStub(ssMock, uri, 0, null);
+ client.send();
+
+ client.setPathInfo("/pathinfo");
+ client.send();
+
+ client.setPathInfo("pathinfo");
+ client.send();
+
+ client = new HClientStub(null, uri, 0, null);
+ client.send();
+
+ client.addHeader(tag1, value1);
+ client.addHeader(tag2, value2);
+ client.send();
+
+ client.setPayload(transferMock);
+ client.send();
+ }
+
+ @Test(expected = APIException.class)
+ public void sendThrows1Test() throws APIException, LocatorException, URISyntaxException {
+ HClientStub client = new HClientStub(ssMock, new URI("mailto:me@domain.com"), 0, null);
+ client.send();
+ }
+
+ @Test(expected = APIException.class)
+ public void sendThrows2Test() throws APIException, LocatorException, URISyntaxException {
+ HClientStub client = new HClientStub(ssMock, new URI("mailto:me@domain.com"), 0, null);
+ client.addHeader(tag1, value1);
+ client.addHeader(tag2, value2);
+ client.send();
+ }
+
+ @Test
+ public void futureCreateTest() throws LocatorException, CadiException, IOException {
+ HClient client = new HClientStub(ssMock, uri, 0, hucMock);
+ HFuture<HttpURLConnection> future = (HFuture<HttpURLConnection>) client.futureCreate(HttpURLConnection.class);
+
+ // Test a bad response code (default 0) without output
+ assertThat(future.get(0), is(false));
+ assertThat(future.body().length(), is(0));
+
+ // Test a bad response code (default 0) with output
+ ByteArrayInputStream bais = new ByteArrayInputStream(errorString.getBytes());
+ when(hucMock.getInputStream()).thenReturn(bais);
+ assertThat(future.get(0), is(false));
+ assertThat(future.body(), is(errorString));
+
+ // Test a good response code
+ when(hucMock.getResponseCode()).thenReturn(201);
+ assertThat(future.get(0), is(true));
+ }
+
+ @Test
+ public void futureReadStringTest() throws LocatorException, CadiException, IOException {
+ HClient client = new HClientStub(ssMock, uri, 0, hucMock);
+ Future<String> future = client.futureReadString();
+
+ // Test a bad response code (default 0) without output
+ assertThat(future.get(0), is(false));
+ assertThat(future.body().length(), is(0));
+
+ // Test a bad response code (default 0) with output
+ when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(errorString.getBytes()));
+ assertThat(future.get(0), is(false));
+ assertThat(future.body(), is(errorString));
+
+ // Test a good response code
+ when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(successString.getBytes()));
+ when(hucMock.getResponseCode()).thenReturn(200);
+ assertThat(future.get(0), is(true));
+ assertThat(future.body(), is(successString));
+ }
+
+ @Test
+ public void futureReadTest() throws LocatorException, CadiException, IOException, APIException {
+ HClient client = new HClientStub(ssMock, uri, 0, hucMock);
+ Future<HttpURLConnection> future = client.futureRead(dfMock, null);
+
+ // Test a bad response code (default 0) without output
+ assertThat(future.get(0), is(false));
+ assertThat(future.body().length(), is(0));
+
+ // Test a bad response code (default 0) with output
+ when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(errorString.getBytes()));
+ assertThat(future.get(0), is(false));
+ assertThat(future.body(), is(errorString));
+
+ // Test a good response code
+ when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(successString.getBytes()));
+ when(dfMock.newData()).thenReturn(dataMock);
+ when(dataMock.in(null)).thenReturn(dataMock);
+ when(dataMock.load((InputStream)any())).thenReturn(dataMock);
+ when(dataMock.asObject()).thenReturn(hucMock);
+ when(dataMock.asString()).thenReturn(successString);
+ when(hucMock.getResponseCode()).thenReturn(200);
+ assertThat(future.get(0), is(true));
+ assertThat(future.body(), is(successString));
+ }
+
+ @Test
+ public void future1Test() throws LocatorException, CadiException, IOException, APIException {
+ HClient client = new HClientStub(ssMock, uri, 0, hucMock);
+ Future<HttpURLConnection> future = client.future(hucMock);
+
+ // Test a good response code
+ when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(successString.getBytes()));
+ when(hucMock.getResponseCode()).thenReturn(200);
+ assertThat(future.get(0), is(true));
+ assertThat(future.body(), is("200"));
+
+ // Test a bad response code
+ when(hucMock.getResponseCode()).thenReturn(0);
+ when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(errorString.getBytes()));
+ assertThat(future.get(0), is(false));
+ assertThat(future.body(), is(errorString));
+ }
+
+ @Test
+ public void future2Test() throws LocatorException, CadiException, IOException, APIException {
+ HClient client = new HClientStub(ssMock, uri, 0, hucMock);
+ Future<Void> future = client.future(respMock, 200);
+
+ ServletOutputStream sos = new ServletOutputStream() {
+ @Override public void write(int arg0) throws IOException { }
+ };
+ when(respMock.getOutputStream()).thenReturn(sos);
+
+ // Test a good response code
+ when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(successString.getBytes()));
+ when(hucMock.getResponseCode()).thenReturn(200);
+ assertThat(future.get(0), is(true));
+ assertThat(future.body(), is(nullValue()));
+
+ // Test a bad response code
+ when(hucMock.getResponseCode()).thenReturn(0);
+ when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(errorString.getBytes()));
+ assertThat(future.get(0), is(false));
+ assertThat(future.body(), is(""));
+ }
+
+ @Test
+ public void hfutureTest() throws CadiException, IOException, LocatorException {
+ HClient client = new HClientStub(ssMock, uri, 0, hucMock);
+ HFutureStub future = new HFutureStub(client, hucMock);
+ assertThat(future.get(0), is(false));
+
+ // Test a bad response code (default 0) with output
+ when(hucMock.getInputStream()).thenReturn(new ByteArrayInputStream(errorString.getBytes()));
+ assertThat(future.get(0), is(false));
+
+ assertThat(future.get(0), is(false));
+
+ when(hucMock.getResponseCode()).thenReturn(200);
+ assertThat(future.get(0), is(true));
+
+ StringBuilder sb = future.inputStreamToString(new ByteArrayInputStream(errorString.getBytes()));
+ assertThat(sb.toString(), is(errorString));
+
+ assertThat(future.code(), is(200));
+ assertThat(future.huc(), is(hucMock));
+
+ assertThat(future.exception(), is(nullValue()));
+ assertThat(future.header("string"), is(nullValue()));
+
+ // coverage...
+ future.setHuc(null);
+ future.close();
+ }
+
+ @Test
+ public void headerTest() throws LocatorException {
+ HClient client = new HClientStub(ssMock, uri, 0, hucMock);
+ String tag1 = "tag1";
+ String tag2 = "tag2";
+ String value1 = "value1";
+ String value2 = "value2";
+ client.addHeader(tag1, value1);
+ client.addHeader(tag2, value2);
+ }
+
+ @Test(expected = LocatorException.class)
+ public void throws1Test() throws LocatorException {
+ @SuppressWarnings("unused")
+ HClient client = new HClient(ssMock, null, 0);
+ }
+
+ private class HClientStub extends HClient {
+ public HClientStub(SecuritySetter<HttpURLConnection> ss, URI uri, int connectTimeout, HttpURLConnection huc) throws LocatorException {
+ super(ss, uri, connectTimeout);
+ setHuc(huc);
+ }
+ public void setHuc(HttpURLConnection huc) {
+ Field field;
+ try {
+ field = HClient.class.getDeclaredField("huc");
+ field.setAccessible(true);
+ field.set(this, huc);
+ field.setAccessible(false);
+ } catch (NoSuchFieldException | SecurityException | IllegalArgumentException | IllegalAccessException e) {
+ e.printStackTrace();
+ fail("Caught an exception: " + e.getMessage());
+ }
+ }
+ @Override
+ public HttpURLConnection getConnection(URI uri, StringBuilder pi) throws IOException {
+ return hucMock;
+ }
+ }
+
+ private class HFutureStub extends HFuture<HttpURLConnection> {
+ public HFutureStub(HClient hClient, HttpURLConnection huc) {
+ hClient.super(huc);
+ }
+
+ @Override public String body() { return null; }
+ public void setHuc(HttpURLConnection huc) { this.huc = huc; }
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HMangr.java b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HMangr.java
index b7415a52..9d87d699 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HMangr.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HMangr.java
@@ -50,216 +50,216 @@ import org.onap.aaf.cadi.http.HMangr;
import org.onap.aaf.misc.env.APIException;
public class JU_HMangr {
-
- @Mock Locator<URI> locMock;
- @Mock SecuritySetter<HttpURLConnection> ssMock;
- @Mock Retryable<Void> retryableMock;
- @Mock Retryable<Integer> goodRetry;
- @Mock Locator.Item itemMock;
- @Mock Rcli<Object> clientMock;
-
- private PropAccess access;
- private URI uri;
- private final static String uriString = "http://example.com";
-
- @Before
- public void setup() throws URISyntaxException {
- MockitoAnnotations.initMocks(this);
-
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- uri = new URI(uriString);
- }
-
- @Test
- public void sameTest() throws LocatorException, APIException, CadiException, ConnectException {
- HMangr hman = new HMangr(access, locMock);
- when(retryableMock.item()).thenReturn(itemMock);
- when(locMock.get(itemMock)).thenReturn(uri);
- assertThat(hman.same(ssMock, retryableMock), is(nullValue()));
-
- //coverage...
- when(retryableMock.lastClient()).thenReturn(clientMock);
- assertThat(hman.same(ssMock, retryableMock), is(nullValue()));
-
- CadiException cadiException;
-
- ConnectException connectException = new ConnectException();
- cadiException = new CadiException(connectException);
- doThrow(cadiException).when(retryableMock).code(clientMock);
- when(locMock.hasItems()).thenReturn(true).thenReturn(false);
- assertThat(hman.same(ssMock, retryableMock), is(nullValue()));
-
- SocketException socketException = new SocketException();
- cadiException = new CadiException(socketException);
- doThrow(cadiException).when(retryableMock).code(clientMock);
- when(locMock.hasItems()).thenReturn(true).thenReturn(false);
- assertThat(hman.same(ssMock, retryableMock), is(nullValue()));
-
- doThrow(connectException).when(retryableMock).code(clientMock);
- assertThat(hman.same(ssMock, retryableMock), is(nullValue()));
-
- }
-
- @Test(expected = LocatorException.class)
- public void throwsLocatorException1Test() throws LocatorException {
- @SuppressWarnings("unused")
- HMangr hman = new HMangr(access, null);
- }
-
- @Test(expected = LocatorException.class)
- public void throwsLocatorException2Test() throws LocatorException, APIException, CadiException {
- HMangr hman = new HMangr(access, locMock);
- hman.same(ssMock, retryableMock);
- }
-
- @Test(expected = LocatorException.class)
- public void throwsLocatorException3Test() throws LocatorException, APIException, CadiException {
- HMangr hman = new HMangr(access, locMock);
- when(locMock.best()).thenReturn(itemMock);
- when(locMock.hasItems()).thenReturn(true).thenReturn(false);
- hman.same(ssMock, retryableMock);
- }
-
- @SuppressWarnings("unchecked")
- @Test(expected = CadiException.class)
- public void throwsCadiException1Test() throws LocatorException, APIException, CadiException, ConnectException {
- HMangr hman = new HMangr(access, locMock);
- when(retryableMock.item()).thenReturn(itemMock);
- when(locMock.get(itemMock)).thenReturn(uri);
- when(retryableMock.lastClient()).thenReturn(clientMock);
- when(retryableMock.code(clientMock)).thenThrow(CadiException.class);
- hman.same(ssMock, retryableMock);
- }
-
- @Test(expected = CadiException.class)
- public void throwsCadiException2Test() throws LocatorException, APIException, CadiException, ConnectException {
- HMangr hman = new HMangr(access, locMock);
- when(retryableMock.item()).thenReturn(itemMock);
- when(locMock.get(itemMock)).thenReturn(uri);
- when(retryableMock.lastClient()).thenReturn(clientMock);
-
- ConnectException connectException = new ConnectException();
- CadiException cadiException = new CadiException(connectException);
- doThrow(cadiException).when(retryableMock).code(clientMock);
- hman.same(ssMock, retryableMock);
- }
-
- @Test(expected = CadiException.class)
- public void throwsCadiException3Test() throws LocatorException, APIException, CadiException, ConnectException {
- HMangr hman = new HMangr(access, locMock);
- when(retryableMock.item()).thenReturn(itemMock);
- when(locMock.get(itemMock)).thenReturn(uri);
- when(retryableMock.lastClient()).thenReturn(clientMock);
-
- SocketException socketException = new SocketException();
- CadiException cadiException = new CadiException(socketException);
- doThrow(cadiException).when(retryableMock).code(clientMock);
- hman.same(ssMock, retryableMock);
- }
-
- @Test(expected = CadiException.class)
- public void throwsCadiException4Test() throws LocatorException, APIException, CadiException, ConnectException {
- HMangr hman = new HMangr(access, locMock);
- when(retryableMock.item()).thenReturn(itemMock);
- when(locMock.get(itemMock)).thenReturn(uri);
- when(retryableMock.lastClient()).thenReturn(clientMock);
-
- Exception e = new Exception();
- CadiException cadiException = new CadiException(e);
- doThrow(cadiException).when(retryableMock).code(clientMock);
- hman.same(ssMock, retryableMock);
- }
-
- @Test
- public void allTest() throws LocatorException, CadiException, APIException {
- HManagerStub hman = new HManagerStub(access, locMock);
- assertThat(hman.best(ssMock, retryableMock), is(nullValue()));
- assertThat(hman.all(ssMock, retryableMock), is(nullValue()));
- assertThat(hman.all(ssMock, retryableMock, true), is(nullValue()));
- }
-
- @Test
- public void oneOfTest() throws LocatorException, CadiException, APIException, ConnectException {
- HMangr hman = new HMangr(access, locMock);
- assertThat(hman.oneOf(ssMock, retryableMock, false, "host"), is(nullValue()));
-
- try {
- hman.oneOf(ssMock, retryableMock, true, "host");
- fail("Should've thrown an exception");
- } catch (LocatorException e) {
- }
-
- when(locMock.first()).thenReturn(itemMock);
- when(locMock.get(itemMock)).thenReturn(uri);
-
- // Branching coverage...
- assertThat(hman.oneOf(ssMock, retryableMock, false, null), is(nullValue()));
- assertThat(hman.oneOf(ssMock, retryableMock, false, "host"), is(nullValue()));
-
- assertThat(hman.oneOf(ssMock, retryableMock, false, uriString.substring(7)), is(nullValue()));
-
- CadiException cadiException;
-
- cadiException = new CadiException(new ConnectException());
- doThrow(cadiException).when(retryableMock).code((Rcli<?>) any());
- assertThat(hman.oneOf(ssMock, retryableMock, false, uriString.substring(7)), is(nullValue()));
-
- cadiException = new CadiException(new SSLHandshakeException(null));
- doThrow(cadiException).when(retryableMock).code((Rcli<?>) any());
- assertThat(hman.oneOf(ssMock, retryableMock, false, uriString.substring(7)), is(nullValue()));
-
- cadiException = new CadiException(new SocketException());
- doThrow(cadiException).when(retryableMock).code((Rcli<?>) any());
- try {
- hman.oneOf(ssMock, retryableMock, false, uriString.substring(7));
- fail("Should've thrown an exception");
- } catch (CadiException e) {
- }
-
- cadiException = new CadiException(new SocketException("java.net.SocketException: Connection reset"));
- doThrow(cadiException).when(retryableMock).code((Rcli<?>) any());
- try {
- hman.oneOf(ssMock, retryableMock, false, uriString.substring(7));
- fail("Should've thrown an exception");
- } catch (CadiException e) {
- }
-
- cadiException = new CadiException();
- doThrow(cadiException).when(retryableMock).code((Rcli<?>) any());
- try {
- hman.oneOf(ssMock, retryableMock, false, uriString.substring(7));
- fail("Should've thrown an exception");
- } catch (CadiException e) {
- }
-
- doThrow(new ConnectException()).when(retryableMock).code((Rcli<?>) any());
- assertThat(hman.oneOf(ssMock, retryableMock, false, uriString.substring(7)), is(nullValue()));
-
- when(goodRetry.code((Rcli<?>) any())).thenReturn(5);
- assertThat(hman.oneOf(ssMock, goodRetry, false, uriString.substring(7)), is(5));
- }
-
- @Test
- public void coverageTest() throws LocatorException {
- HMangr hman = new HMangr(access, locMock);
- hman.readTimeout(5);
- assertThat(hman.readTimeout(), is(5));
- hman.connectionTimeout(5);
- assertThat(hman.connectionTimeout(), is(5));
- hman.apiVersion("v1.0");
- assertThat(hman.apiVersion(), is("v1.0"));
- hman.close();
-
- }
-
- private class HManagerStub extends HMangr {
- public HManagerStub(Access access, Locator<URI> loc) throws LocatorException { super(access, loc); }
- @Override public<RET> RET same(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) {
- return null;
- }
- @Override public<RET> RET oneOf(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable, boolean notify, String host) {
- return null;
- }
- }
-
+
+ @Mock Locator<URI> locMock;
+ @Mock SecuritySetter<HttpURLConnection> ssMock;
+ @Mock Retryable<Void> retryableMock;
+ @Mock Retryable<Integer> goodRetry;
+ @Mock Locator.Item itemMock;
+ @Mock Rcli<Object> clientMock;
+
+ private PropAccess access;
+ private URI uri;
+ private final static String uriString = "http://example.com";
+
+ @Before
+ public void setup() throws URISyntaxException {
+ MockitoAnnotations.initMocks(this);
+
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ uri = new URI(uriString);
+ }
+
+ @Test
+ public void sameTest() throws LocatorException, APIException, CadiException, ConnectException {
+ HMangr hman = new HMangr(access, locMock);
+ when(retryableMock.item()).thenReturn(itemMock);
+ when(locMock.get(itemMock)).thenReturn(uri);
+ assertThat(hman.same(ssMock, retryableMock), is(nullValue()));
+
+ //coverage...
+ when(retryableMock.lastClient()).thenReturn(clientMock);
+ assertThat(hman.same(ssMock, retryableMock), is(nullValue()));
+
+ CadiException cadiException;
+
+ ConnectException connectException = new ConnectException();
+ cadiException = new CadiException(connectException);
+ doThrow(cadiException).when(retryableMock).code(clientMock);
+ when(locMock.hasItems()).thenReturn(true).thenReturn(false);
+ assertThat(hman.same(ssMock, retryableMock), is(nullValue()));
+
+ SocketException socketException = new SocketException();
+ cadiException = new CadiException(socketException);
+ doThrow(cadiException).when(retryableMock).code(clientMock);
+ when(locMock.hasItems()).thenReturn(true).thenReturn(false);
+ assertThat(hman.same(ssMock, retryableMock), is(nullValue()));
+
+ doThrow(connectException).when(retryableMock).code(clientMock);
+ assertThat(hman.same(ssMock, retryableMock), is(nullValue()));
+
+ }
+
+ @Test(expected = LocatorException.class)
+ public void throwsLocatorException1Test() throws LocatorException {
+ @SuppressWarnings("unused")
+ HMangr hman = new HMangr(access, null);
+ }
+
+ @Test(expected = LocatorException.class)
+ public void throwsLocatorException2Test() throws LocatorException, APIException, CadiException {
+ HMangr hman = new HMangr(access, locMock);
+ hman.same(ssMock, retryableMock);
+ }
+
+ @Test(expected = LocatorException.class)
+ public void throwsLocatorException3Test() throws LocatorException, APIException, CadiException {
+ HMangr hman = new HMangr(access, locMock);
+ when(locMock.best()).thenReturn(itemMock);
+ when(locMock.hasItems()).thenReturn(true).thenReturn(false);
+ hman.same(ssMock, retryableMock);
+ }
+
+ @SuppressWarnings("unchecked")
+ @Test(expected = CadiException.class)
+ public void throwsCadiException1Test() throws LocatorException, APIException, CadiException, ConnectException {
+ HMangr hman = new HMangr(access, locMock);
+ when(retryableMock.item()).thenReturn(itemMock);
+ when(locMock.get(itemMock)).thenReturn(uri);
+ when(retryableMock.lastClient()).thenReturn(clientMock);
+ when(retryableMock.code(clientMock)).thenThrow(CadiException.class);
+ hman.same(ssMock, retryableMock);
+ }
+
+ @Test(expected = CadiException.class)
+ public void throwsCadiException2Test() throws LocatorException, APIException, CadiException, ConnectException {
+ HMangr hman = new HMangr(access, locMock);
+ when(retryableMock.item()).thenReturn(itemMock);
+ when(locMock.get(itemMock)).thenReturn(uri);
+ when(retryableMock.lastClient()).thenReturn(clientMock);
+
+ ConnectException connectException = new ConnectException();
+ CadiException cadiException = new CadiException(connectException);
+ doThrow(cadiException).when(retryableMock).code(clientMock);
+ hman.same(ssMock, retryableMock);
+ }
+
+ @Test(expected = CadiException.class)
+ public void throwsCadiException3Test() throws LocatorException, APIException, CadiException, ConnectException {
+ HMangr hman = new HMangr(access, locMock);
+ when(retryableMock.item()).thenReturn(itemMock);
+ when(locMock.get(itemMock)).thenReturn(uri);
+ when(retryableMock.lastClient()).thenReturn(clientMock);
+
+ SocketException socketException = new SocketException();
+ CadiException cadiException = new CadiException(socketException);
+ doThrow(cadiException).when(retryableMock).code(clientMock);
+ hman.same(ssMock, retryableMock);
+ }
+
+ @Test(expected = CadiException.class)
+ public void throwsCadiException4Test() throws LocatorException, APIException, CadiException, ConnectException {
+ HMangr hman = new HMangr(access, locMock);
+ when(retryableMock.item()).thenReturn(itemMock);
+ when(locMock.get(itemMock)).thenReturn(uri);
+ when(retryableMock.lastClient()).thenReturn(clientMock);
+
+ Exception e = new Exception();
+ CadiException cadiException = new CadiException(e);
+ doThrow(cadiException).when(retryableMock).code(clientMock);
+ hman.same(ssMock, retryableMock);
+ }
+
+ @Test
+ public void allTest() throws LocatorException, CadiException, APIException {
+ HManagerStub hman = new HManagerStub(access, locMock);
+ assertThat(hman.best(ssMock, retryableMock), is(nullValue()));
+ assertThat(hman.all(ssMock, retryableMock), is(nullValue()));
+ assertThat(hman.all(ssMock, retryableMock, true), is(nullValue()));
+ }
+
+ @Test
+ public void oneOfTest() throws LocatorException, CadiException, APIException, ConnectException {
+ HMangr hman = new HMangr(access, locMock);
+ assertThat(hman.oneOf(ssMock, retryableMock, false, "host"), is(nullValue()));
+
+ try {
+ hman.oneOf(ssMock, retryableMock, true, "host");
+ fail("Should've thrown an exception");
+ } catch (LocatorException e) {
+ }
+
+ when(locMock.first()).thenReturn(itemMock);
+ when(locMock.get(itemMock)).thenReturn(uri);
+
+ // Branching coverage...
+ assertThat(hman.oneOf(ssMock, retryableMock, false, null), is(nullValue()));
+ assertThat(hman.oneOf(ssMock, retryableMock, false, "host"), is(nullValue()));
+
+ assertThat(hman.oneOf(ssMock, retryableMock, false, uriString.substring(7)), is(nullValue()));
+
+ CadiException cadiException;
+
+ cadiException = new CadiException(new ConnectException());
+ doThrow(cadiException).when(retryableMock).code((Rcli<?>) any());
+ assertThat(hman.oneOf(ssMock, retryableMock, false, uriString.substring(7)), is(nullValue()));
+
+ cadiException = new CadiException(new SSLHandshakeException(null));
+ doThrow(cadiException).when(retryableMock).code((Rcli<?>) any());
+ assertThat(hman.oneOf(ssMock, retryableMock, false, uriString.substring(7)), is(nullValue()));
+
+ cadiException = new CadiException(new SocketException());
+ doThrow(cadiException).when(retryableMock).code((Rcli<?>) any());
+ try {
+ hman.oneOf(ssMock, retryableMock, false, uriString.substring(7));
+ fail("Should've thrown an exception");
+ } catch (CadiException e) {
+ }
+
+ cadiException = new CadiException(new SocketException("java.net.SocketException: Connection reset"));
+ doThrow(cadiException).when(retryableMock).code((Rcli<?>) any());
+ try {
+ hman.oneOf(ssMock, retryableMock, false, uriString.substring(7));
+ fail("Should've thrown an exception");
+ } catch (CadiException e) {
+ }
+
+ cadiException = new CadiException();
+ doThrow(cadiException).when(retryableMock).code((Rcli<?>) any());
+ try {
+ hman.oneOf(ssMock, retryableMock, false, uriString.substring(7));
+ fail("Should've thrown an exception");
+ } catch (CadiException e) {
+ }
+
+ doThrow(new ConnectException()).when(retryableMock).code((Rcli<?>) any());
+ assertThat(hman.oneOf(ssMock, retryableMock, false, uriString.substring(7)), is(nullValue()));
+
+ when(goodRetry.code((Rcli<?>) any())).thenReturn(5);
+ assertThat(hman.oneOf(ssMock, goodRetry, false, uriString.substring(7)), is(5));
+ }
+
+ @Test
+ public void coverageTest() throws LocatorException {
+ HMangr hman = new HMangr(access, locMock);
+ hman.readTimeout(5);
+ assertThat(hman.readTimeout(), is(5));
+ hman.connectionTimeout(5);
+ assertThat(hman.connectionTimeout(), is(5));
+ hman.apiVersion("v1.0");
+ assertThat(hman.apiVersion(), is("v1.0"));
+ hman.close();
+
+ }
+
+ private class HManagerStub extends HMangr {
+ public HManagerStub(Access access, Locator<URI> loc) throws LocatorException { super(access, loc); }
+ @Override public<RET> RET same(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) {
+ return null;
+ }
+ @Override public<RET> RET oneOf(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable, boolean notify, String host) {
+ return null;
+ }
+ }
+
} \ No newline at end of file
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HNoAuthSS.java b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HNoAuthSS.java
index 9179aa36..923dd1a0 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HNoAuthSS.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HNoAuthSS.java
@@ -33,28 +33,28 @@ import org.onap.aaf.cadi.config.SecurityInfoC;
import org.onap.aaf.cadi.http.HNoAuthSS;
public class JU_HNoAuthSS {
-
- @Mock
- SecurityInfoC<HttpURLConnection> siMock;
-
- @Mock
- HttpURLConnection httpMock;
+
+ @Mock
+ SecurityInfoC<HttpURLConnection> siMock;
+
+ @Mock
+ HttpURLConnection httpMock;
- @Mock
- HttpsURLConnection httpsMock;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- }
-
- @Test
- public void test() throws IOException, CadiException {
- HNoAuthSS noAuth = new HNoAuthSS(null);
- noAuth.setSecurity(httpMock);
- noAuth = new HNoAuthSS(siMock);
- noAuth.setSecurity(httpMock);
- noAuth.setSecurity(httpsMock);
- }
+ @Mock
+ HttpsURLConnection httpsMock;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ }
+
+ @Test
+ public void test() throws IOException, CadiException {
+ HNoAuthSS noAuth = new HNoAuthSS(null);
+ noAuth.setSecurity(httpMock);
+ noAuth = new HNoAuthSS(siMock);
+ noAuth.setSecurity(httpMock);
+ noAuth.setSecurity(httpsMock);
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HRcli.java b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HRcli.java
index 06055ad6..ab6a39c0 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HRcli.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HRcli.java
@@ -44,78 +44,78 @@ import org.onap.aaf.cadi.http.HMangr;
import org.onap.aaf.cadi.http.HRcli;
public class JU_HRcli {
-
- @Mock
- SecuritySetter<HttpURLConnection> ssMock;
-
- @Mock
- Locator<URI> locMock;
-
- @Mock
- Locator.Item itemMock;
-
- private HMangr hman;
- private PropAccess access;
- private static URI uri;
-
- private static final String uriString = "example.com";
-
- @Before
- public void setup() throws LocatorException, URISyntaxException {
- MockitoAnnotations.initMocks(this);
+
+ @Mock
+ SecuritySetter<HttpURLConnection> ssMock;
+
+ @Mock
+ Locator<URI> locMock;
+
+ @Mock
+ Locator.Item itemMock;
+
+ private HMangr hman;
+ private PropAccess access;
+ private static URI uri;
+
+ private static final String uriString = "example.com";
+
+ @Before
+ public void setup() throws LocatorException, URISyntaxException {
+ MockitoAnnotations.initMocks(this);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- hman = new HMangr(access, locMock);
- uri = new URI(uriString);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ hman = new HMangr(access, locMock);
+ uri = new URI(uriString);
- when(locMock.get(itemMock)).thenReturn(uri);
- }
+ when(locMock.get(itemMock)).thenReturn(uri);
+ }
- @Test(expected = CadiException.class)
- public void publicInterfaceTest() throws URISyntaxException, LocatorException, CadiException {
- HRcli hrcli = new HRcli(hman, itemMock, ssMock);
- assertThat(hrcli.setManager(hman), is(hrcli));
- assertThat(hrcli.toString(), is(uriString));
+ @Test(expected = CadiException.class)
+ public void publicInterfaceTest() throws URISyntaxException, LocatorException, CadiException {
+ HRcli hrcli = new HRcli(hman, itemMock, ssMock);
+ assertThat(hrcli.setManager(hman), is(hrcli));
+ assertThat(hrcli.toString(), is(uriString));
- hrcli.setSecuritySetter(ssMock);
- assertThat(hrcli.getSecuritySetter(), is(ssMock));
-
- // No throw
- hrcli.invalidate();
- // Throw
- doThrow(CadiException.class).when(locMock).invalidate(itemMock);
- hrcli.invalidate();
- }
-
- @Test(expected = CadiException.class)
- public void protectedInterfaceTest() throws CadiException, LocatorException {
- HRcliStub hrcli = new HRcliStub(hman, uri, itemMock, ssMock);
- HRcli clone = hrcli.clone(uri, ssMock);
- assertThat(clone.toString(), is(hrcli.toString()));
-
- EClient<HttpURLConnection> eclient = hrcli.client();
- assertThat(eclient, is(not(nullValue())));
+ hrcli.setSecuritySetter(ssMock);
+ assertThat(hrcli.getSecuritySetter(), is(ssMock));
+
+ // No throw
+ hrcli.invalidate();
+ // Throw
+ doThrow(CadiException.class).when(locMock).invalidate(itemMock);
+ hrcli.invalidate();
+ }
+
+ @Test(expected = CadiException.class)
+ public void protectedInterfaceTest() throws CadiException, LocatorException {
+ HRcliStub hrcli = new HRcliStub(hman, uri, itemMock, ssMock);
+ HRcli clone = hrcli.clone(uri, ssMock);
+ assertThat(clone.toString(), is(hrcli.toString()));
+
+ EClient<HttpURLConnection> eclient = hrcli.client();
+ assertThat(eclient, is(not(nullValue())));
- hrcli = new HRcliStub(hman, null, itemMock, ssMock);
- when(locMock.best()).thenReturn(itemMock);
- eclient = hrcli.client();
- assertThat(eclient, is(not(nullValue())));
+ hrcli = new HRcliStub(hman, null, itemMock, ssMock);
+ when(locMock.best()).thenReturn(itemMock);
+ eclient = hrcli.client();
+ assertThat(eclient, is(not(nullValue())));
- hrcli = new HRcliStub(hman, null, itemMock, ssMock);
- when(locMock.best()).thenReturn(null);
- eclient = hrcli.client();
- }
-
- private class HRcliStub extends HRcli {
- public HRcliStub(HMangr hman, URI uri, Item locItem, SecuritySetter<HttpURLConnection> secSet) {
- super(hman, uri, locItem, secSet);
- }
- public HRcli clone(URI uri, SecuritySetter<HttpURLConnection> ss) {
- return super.clone(uri, ss);
- }
- public EClient<HttpURLConnection> client() throws CadiException {
- return super.client();
- }
- }
+ hrcli = new HRcliStub(hman, null, itemMock, ssMock);
+ when(locMock.best()).thenReturn(null);
+ eclient = hrcli.client();
+ }
+
+ private class HRcliStub extends HRcli {
+ public HRcliStub(HMangr hman, URI uri, Item locItem, SecuritySetter<HttpURLConnection> secSet) {
+ super(hman, uri, locItem, secSet);
+ }
+ public HRcli clone(URI uri, SecuritySetter<HttpURLConnection> ss) {
+ return super.clone(uri, ss);
+ }
+ public EClient<HttpURLConnection> client() throws CadiException {
+ return super.client();
+ }
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HTokenSS.java b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HTokenSS.java
index 0fb695ec..9f2c9a71 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HTokenSS.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HTokenSS.java
@@ -34,18 +34,18 @@ import org.onap.aaf.cadi.http.HTokenSS;
public class JU_HTokenSS {
- @Mock
- SecurityInfoC<HttpURLConnection> siMock;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- }
-
- @Test
- public void test() throws IOException {
- HTokenSS token = new HTokenSS(siMock, "string1", "string2");
- assertThat(token, is(not(nullValue())));
- }
+ @Mock
+ SecurityInfoC<HttpURLConnection> siMock;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ }
+
+ @Test
+ public void test() throws IOException {
+ HTokenSS token = new HTokenSS(siMock, "string1", "string2");
+ assertThat(token, is(not(nullValue())));
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HTransferSS.java b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HTransferSS.java
index fcb25d4e..77fac567 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HTransferSS.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HTransferSS.java
@@ -41,52 +41,52 @@ import org.onap.aaf.cadi.http.HTransferSS;
import org.onap.aaf.cadi.principal.TaggedPrincipal;
public class JU_HTransferSS {
-
- @Mock
- TaggedPrincipal princMock;
-
- @Mock
- HttpURLConnection hucMock;
+
+ @Mock
+ TaggedPrincipal princMock;
+
+ @Mock
+ HttpURLConnection hucMock;
- @Mock
- HttpsURLConnection hucsMock;
+ @Mock
+ HttpsURLConnection hucsMock;
- @Mock
- SecurityInfoC<HttpURLConnection> siMock;
-
- @Mock
- SecurityInfoC<HttpURLConnection> siMockNoDefSS;
+ @Mock
+ SecurityInfoC<HttpURLConnection> siMock;
+
+ @Mock
+ SecurityInfoC<HttpURLConnection> siMockNoDefSS;
- @Mock
- SecuritySetter<HttpURLConnection> ssMock;
-
- private static final String princName = "name";
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- when(princMock.getName()).thenReturn(princName);
- siMock.defSS = ssMock;
- }
+ @Mock
+ SecuritySetter<HttpURLConnection> ssMock;
+
+ private static final String princName = "name";
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ when(princMock.getName()).thenReturn(princName);
+ siMock.defSS = ssMock;
+ }
- @Test
- public void test() throws IOException, CadiException {
- HTransferSS transfer = new HTransferSS(princMock, "string1");
- assertThat(transfer.setLastResponse(0), is(0));
-
- transfer = new HTransferSS(princMock, "string1", siMock);
- transfer.setSecurity(hucsMock);
- assertThat(transfer.getID(), is(princName));
+ @Test
+ public void test() throws IOException, CadiException {
+ HTransferSS transfer = new HTransferSS(princMock, "string1");
+ assertThat(transfer.setLastResponse(0), is(0));
+
+ transfer = new HTransferSS(princMock, "string1", siMock);
+ transfer.setSecurity(hucsMock);
+ assertThat(transfer.getID(), is(princName));
- transfer = new HTransferSS(null, "string1", siMock);
- transfer.setSecurity(hucsMock);
- assertThat(transfer.getID(), is(""));
- }
+ transfer = new HTransferSS(null, "string1", siMock);
+ transfer.setSecurity(hucsMock);
+ assertThat(transfer.getID(), is(""));
+ }
- @Test(expected = CadiException.class)
- public void testThrows() throws CadiException {
- HTransferSS transfer = new HTransferSS(princMock, "string1", siMockNoDefSS);
- transfer.setSecurity(hucMock);
- }
+ @Test(expected = CadiException.class)
+ public void testThrows() throws CadiException {
+ HTransferSS transfer = new HTransferSS(princMock, "string1", siMockNoDefSS);
+ transfer.setSecurity(hucMock);
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HX509SS.java b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HX509SS.java
index b57f29e0..fd102a95 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HX509SS.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/http/test/JU_HX509SS.java
@@ -48,70 +48,70 @@ import org.onap.aaf.cadi.http.HX509SS;
import org.onap.aaf.misc.env.APIException;
public class JU_HX509SS {
-
- @Mock X509Certificate x509Mock;
- @Mock X509KeyManager keyManagerMock;
- @Mock PrivateKey privateKeyMock;
- @Mock SecurityInfoC<HttpURLConnection> siMock;
- @Mock HttpURLConnection hucMock;
- @Mock HttpsURLConnection hucsMock;
-
- private final static String alias = "Some alias";
- private final static String algName = "Some algName";
- private final static byte[] publicKeyBytes = "a public key".getBytes();
-
- private PropAccess access;
- private SecurityInfoC<HttpURLConnection> si;
-
- @Before
- public void setup() throws IOException, CadiException, CertificateEncodingException {
- MockitoAnnotations.initMocks(this);
-
- when(x509Mock.getSigAlgName()).thenReturn(algName);
- when(x509Mock.getEncoded()).thenReturn(publicKeyBytes);
-
- when(keyManagerMock.getCertificateChain(alias)).thenReturn(new X509Certificate[] {x509Mock});
- when(keyManagerMock.getPrivateKey(alias)).thenReturn(privateKeyMock);
+
+ @Mock X509Certificate x509Mock;
+ @Mock X509KeyManager keyManagerMock;
+ @Mock PrivateKey privateKeyMock;
+ @Mock SecurityInfoC<HttpURLConnection> siMock;
+ @Mock HttpURLConnection hucMock;
+ @Mock HttpsURLConnection hucsMock;
+
+ private final static String alias = "Some alias";
+ private final static String algName = "Some algName";
+ private final static byte[] publicKeyBytes = "a public key".getBytes();
+
+ private PropAccess access;
+ private SecurityInfoC<HttpURLConnection> si;
+
+ @Before
+ public void setup() throws IOException, CadiException, CertificateEncodingException {
+ MockitoAnnotations.initMocks(this);
+
+ when(x509Mock.getSigAlgName()).thenReturn(algName);
+ when(x509Mock.getEncoded()).thenReturn(publicKeyBytes);
+
+ when(keyManagerMock.getCertificateChain(alias)).thenReturn(new X509Certificate[] {x509Mock});
+ when(keyManagerMock.getPrivateKey(alias)).thenReturn(privateKeyMock);
- when(siMock.getKeyManagers()).thenReturn(new X509KeyManager[] {keyManagerMock});
-
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- access.setProperty(Config.CADI_ALIAS, alias);
- // si = SecurityInfoC.instance(access, HttpURLConnectionStub.class);
- }
+ when(siMock.getKeyManagers()).thenReturn(new X509KeyManager[] {keyManagerMock});
+
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ access.setProperty(Config.CADI_ALIAS, alias);
+ // si = SecurityInfoC.instance(access, HttpURLConnectionStub.class);
+ }
- @Test
- public void test() throws APIException, CadiException {
- HX509SS x509 = new HX509SS(alias, siMock);
- assertThat(x509.getID(), is(alias));
- assertThat(x509.setLastResponse(0), is(0));
- assertThat(x509.setLastResponse(1), is(0));
- assertThat(x509.setLastResponse(2), is(0));
-
- // coverage...
- x509.setSecurity(hucMock);
- x509.setSecurity(hucsMock);
- }
-
- // TODO: Test the setSecurity method - Ian
- // @Test
- // public void test2() throws APIException, CadiException {
- // HX509SS x509 = new HX509SS(si, false);
- // x509.setSecurity(hucMock);
- // x509.setSecurity(hucsMock);
- // }
-
- @Test(expected = APIException.class)
- public void throws1Test() throws APIException, CadiException {
- @SuppressWarnings("unused")
- HX509SS x509 = new HX509SS(siMock);
- }
+ @Test
+ public void test() throws APIException, CadiException {
+ HX509SS x509 = new HX509SS(alias, siMock);
+ assertThat(x509.getID(), is(alias));
+ assertThat(x509.setLastResponse(0), is(0));
+ assertThat(x509.setLastResponse(1), is(0));
+ assertThat(x509.setLastResponse(2), is(0));
+
+ // coverage...
+ x509.setSecurity(hucMock);
+ x509.setSecurity(hucsMock);
+ }
+
+ // TODO: Test the setSecurity method - Ian
+ // @Test
+ // public void test2() throws APIException, CadiException {
+ // HX509SS x509 = new HX509SS(si, false);
+ // x509.setSecurity(hucMock);
+ // x509.setSecurity(hucsMock);
+ // }
+
+ @Test(expected = APIException.class)
+ public void throws1Test() throws APIException, CadiException {
+ @SuppressWarnings("unused")
+ HX509SS x509 = new HX509SS(siMock);
+ }
- @Test(expected = APIException.class)
- public void throws3Test() throws APIException, CadiException {
- when(keyManagerMock.getCertificateChain(alias)).thenReturn(new X509Certificate[0]);
- @SuppressWarnings("unused")
- HX509SS x509 = new HX509SS(alias, siMock);
- }
-
+ @Test(expected = APIException.class)
+ public void throws3Test() throws APIException, CadiException {
+ when(keyManagerMock.getCertificateChain(alias)).thenReturn(new X509Certificate[0]);
+ @SuppressWarnings("unused")
+ HX509SS x509 = new HX509SS(alias, siMock);
+ }
+
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java
index a80e52f7..9b5bbafe 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_DNSLocator.java
@@ -35,91 +35,91 @@ import org.onap.aaf.cadi.Locator.Item;
import org.onap.aaf.cadi.locator.DNSLocator;
public class JU_DNSLocator {
-
- private PropAccess access;
-
- @Before
- public void setup() {
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- }
-
- @Test
- public void test() throws LocatorException {
- DNSLocator dl;
- Item item;
- URI uri;
-
- dl = new DNSLocator(access, "https", "localhost", "8100-8101");
-
- item = dl.best();
- uri = dl.get(item);
- assertThat(uri.toString(), is("https://127.0.0.1:8100"));
- item = dl.best();
- assertThat(uri.toString(), is("https://127.0.0.1:8100"));
-
- assertThat(dl.hasItems(), is(true));
- for (item = dl.first(); item != null; item = dl.next(item)) {
- dl.invalidate(item);
- }
- assertThat(dl.hasItems(), is(false));
-
- // This doesn't actually do anything besides increase coverage
- dl.destroy();
- }
-
- @Test
- public void constructorTest() throws LocatorException {
- // For coverage
- new DNSLocator(access, "https", "localhost", "8100");
- new DNSLocator(access, "https", "localhost", "8100-8101");
-
- new DNSLocator(access, "http:localhost");
- new DNSLocator(access, "https:localhost");
- new DNSLocator(access, "https:localhost:8100");
- new DNSLocator(access, "https:localhost:[8100]");
- new DNSLocator(access, "https:localhost:[8100-8101]");
- new DNSLocator(access, "https:localhost:8000/");
- }
-
- @Test
- public void refreshTest() throws LocatorException {
- DNSLocator dl = new DNSLocator(access, "https", "bogushost", "8100-8101");
- assertThat(dl.refresh(), is(false));
- }
-
- @Test(expected = LocatorException.class)
- public void throws1Test() throws LocatorException {
- new DNSLocator(access, null);
- }
-
- @Test(expected = LocatorException.class)
- public void throws2Test() throws LocatorException {
- new DNSLocator(access, "ftp:invalid");
- }
-
- @Test(expected = LocatorException.class)
- public void throws3Test() throws LocatorException {
- new DNSLocator(access, "https:localhost:[8100");
- }
-
- @Test(expected = LocatorException.class)
- public void throws4Test() throws LocatorException {
- new DNSLocator(access, "https:localhost:[]");
- }
-
- @Test(expected = LocatorException.class)
- public void throws5Test() throws LocatorException {
- new DNSLocator(access, "https:localhost:[8100-]");
- }
-
- @Test(expected = LocatorException.class)
- public void throws6Test() throws LocatorException {
- new DNSLocator(access, "https:localhost:[-8101]");
- }
-
- @Test(expected = LocatorException.class)
- public void throws7Test() throws LocatorException {
- new DNSLocator(access, "https:localhost:/");
- }
+
+ private PropAccess access;
+
+ @Before
+ public void setup() {
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ }
+
+ @Test
+ public void test() throws LocatorException {
+ DNSLocator dl;
+ Item item;
+ URI uri;
+
+ dl = new DNSLocator(access, "https", "localhost", "8100-8101");
+
+ item = dl.best();
+ uri = dl.get(item);
+ assertThat(uri.toString(), is("https://127.0.0.1:8100"));
+ item = dl.best();
+ assertThat(uri.toString(), is("https://127.0.0.1:8100"));
+
+ assertThat(dl.hasItems(), is(true));
+ for (item = dl.first(); item != null; item = dl.next(item)) {
+ dl.invalidate(item);
+ }
+ assertThat(dl.hasItems(), is(false));
+
+ // This doesn't actually do anything besides increase coverage
+ dl.destroy();
+ }
+
+ @Test
+ public void constructorTest() throws LocatorException {
+ // For coverage
+ new DNSLocator(access, "https", "localhost", "8100");
+ new DNSLocator(access, "https", "localhost", "8100-8101");
+
+ new DNSLocator(access, "http:localhost");
+ new DNSLocator(access, "https:localhost");
+ new DNSLocator(access, "https:localhost:8100");
+ new DNSLocator(access, "https:localhost:[8100]");
+ new DNSLocator(access, "https:localhost:[8100-8101]");
+ new DNSLocator(access, "https:localhost:8000/");
+ }
+
+ @Test
+ public void refreshTest() throws LocatorException {
+ DNSLocator dl = new DNSLocator(access, "https", "bogushost", "8100-8101");
+ assertThat(dl.refresh(), is(false));
+ }
+
+ @Test(expected = LocatorException.class)
+ public void throws1Test() throws LocatorException {
+ new DNSLocator(access, null);
+ }
+
+ @Test(expected = LocatorException.class)
+ public void throws2Test() throws LocatorException {
+ new DNSLocator(access, "ftp:invalid");
+ }
+
+ @Test(expected = LocatorException.class)
+ public void throws3Test() throws LocatorException {
+ new DNSLocator(access, "https:localhost:[8100");
+ }
+
+ @Test(expected = LocatorException.class)
+ public void throws4Test() throws LocatorException {
+ new DNSLocator(access, "https:localhost:[]");
+ }
+
+ @Test(expected = LocatorException.class)
+ public void throws5Test() throws LocatorException {
+ new DNSLocator(access, "https:localhost:[8100-]");
+ }
+
+ @Test(expected = LocatorException.class)
+ public void throws6Test() throws LocatorException {
+ new DNSLocator(access, "https:localhost:[-8101]");
+ }
+
+ @Test(expected = LocatorException.class)
+ public void throws7Test() throws LocatorException {
+ new DNSLocator(access, "https:localhost:/");
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_HClientHotPeerLocator.java b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_HClientHotPeerLocator.java
index 81140d23..e40ecb6e 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_HClientHotPeerLocator.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_HClientHotPeerLocator.java
@@ -39,112 +39,112 @@ import org.onap.aaf.cadi.locator.HClientHotPeerLocator;
public class JU_HClientHotPeerLocator {
- @Mock private HX509SS ssMock;
-
- private PropAccess access;
- private ByteArrayOutputStream outStream;
-
- // Note: - The IP and port are irrelevant for these tests
- private static final String goodURL1 = "fakeIP1:fakePort1/38/-90"; // Approx St Louis
- private static final String goodURL2 = "fakeIP2:fakePort2/33/-96"; // Approx Dallas
- private static final String badURL = "~%$!@#$//";
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
-
- outStream = new ByteArrayOutputStream();
- access = new PropAccess(new PrintStream(outStream), new String[0]);
- }
-
- @Test
- public void test() throws LocatorException {
- HClientHotPeerLocator loc;
- String urlStr = goodURL1 + ',' + goodURL2;
- loc = new HClientHotPeerLocator(access, urlStr, 0, "38.627", "-90.199", ssMock);
- assertThat(loc.hasItems(), is(true));
-
- String[] messages = outStream.toString().split(System.lineSeparator());
- String preffered = messages[0].split(" ", 4)[3];
- String alternate = messages[1].split(" ", 4)[3];
- assertThat(preffered, is("Preferred Client is " + goodURL1));
- assertThat(alternate, is("Alternate Client is " + goodURL2));
-
- HClient firstClient = loc.get(loc.first());
- HClient bestClient = loc.bestClient();
- assertThat(bestClient, is(firstClient));
-
- Locator.Item item = loc.first();
- assertThat(loc.info(item), is(goodURL1));
-
- item = loc.next(item);
- assertThat(loc.info(item), is(goodURL2));
-
- item = loc.next(item);
- assertThat(item, is(nullValue()));
- assertThat(loc.info(item), is("Invalid Item"));
-
- item = loc.first();
- loc.invalidate(item);
-
- loc.invalidate(loc.bestClient());
- loc.invalidate(loc.get(loc.next(item)));
- loc.destroy();
- }
-
- @Test(expected = LocatorException.class)
- public void failuresTest() throws LocatorException {
- HClientHotPeerLocator loc;
- String urlStr = goodURL1 + ',' + goodURL2 + ',' + badURL;
- loc = new HClientHotPeerLocator(access, urlStr, 1000000, "38.627", "-90.199", ssMock);
- String[] messages = outStream.toString().split(System.lineSeparator());
- String preffered = messages[0].split(" ", 4)[3];
- String alternate1 = messages[1].split(" ", 4)[3];
- String alternate2 = messages[2].split(" ", 4)[3];
- assertThat(preffered, is("Preferred Client is " + badURL));
- assertThat(alternate1, is("Alternate Client is " + goodURL1));
- assertThat(alternate2, is("Alternate Client is " + goodURL2));
-
- outStream.reset();
-
- loc.invalidate(loc.first());
-
- loc.destroy();
- loc.best();
- }
-
- @Test
- public void hasNoItemTest() throws LocatorException {
- HClientHotPeerLocator loc;
- loc = new HClientHotPeerLocator(access, badURL, 0, "38.627", "-90.199", ssMock);
- assertThat(loc.hasItems(), is(false));
- loc.invalidate(loc.first());
- }
-
- @Test(expected = LocatorException.class)
- public void invalidClientTest() throws LocatorException {
- @SuppressWarnings("unused")
- HClientHotPeerLocator loc = new HClientHotPeerLocator(access, "InvalidClient", 0, "38.627", "-90.199", ssMock);
- }
-
- @Test(expected = LocatorException.class)
- public void coverageTest() throws LocatorException {
- CoverageLocator loc;
- String urlStr = goodURL1 + ',' + goodURL2;
- loc = new CoverageLocator(access, urlStr, 0, "38.627", "-90.199", ssMock);
- assertThat(loc._invalidate(null), is(nullValue()));
- loc._destroy(null);
-
- loc._newClient("bad string");
- }
-
- private class CoverageLocator extends HClientHotPeerLocator {
- public CoverageLocator(Access access, String urlstr, long invalidateTime, String localLatitude,
- String localLongitude, HX509SS ss) throws LocatorException {
- super(access, urlstr, invalidateTime, localLatitude, localLongitude, ss);
- }
- public HClient _newClient(String clientInfo) throws LocatorException { return super._newClient(clientInfo); }
- public HClient _invalidate(HClient client) { return super._invalidate(client); }
- public void _destroy(HClient client) { super._destroy(client); }
- }
+ @Mock private HX509SS ssMock;
+
+ private PropAccess access;
+ private ByteArrayOutputStream outStream;
+
+ // Note: - The IP and port are irrelevant for these tests
+ private static final String goodURL1 = "fakeIP1:fakePort1/38/-90"; // Approx St Louis
+ private static final String goodURL2 = "fakeIP2:fakePort2/33/-96"; // Approx Dallas
+ private static final String badURL = "~%$!@#$//";
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+
+ outStream = new ByteArrayOutputStream();
+ access = new PropAccess(new PrintStream(outStream), new String[0]);
+ }
+
+ @Test
+ public void test() throws LocatorException {
+ HClientHotPeerLocator loc;
+ String urlStr = goodURL1 + ',' + goodURL2;
+ loc = new HClientHotPeerLocator(access, urlStr, 0, "38.627", "-90.199", ssMock);
+ assertThat(loc.hasItems(), is(true));
+
+ String[] messages = outStream.toString().split(System.lineSeparator());
+ String preffered = messages[0].split(" ", 4)[3];
+ String alternate = messages[1].split(" ", 4)[3];
+ assertThat(preffered, is("Preferred Client is " + goodURL1));
+ assertThat(alternate, is("Alternate Client is " + goodURL2));
+
+ HClient firstClient = loc.get(loc.first());
+ HClient bestClient = loc.bestClient();
+ assertThat(bestClient, is(firstClient));
+
+ Locator.Item item = loc.first();
+ assertThat(loc.info(item), is(goodURL1));
+
+ item = loc.next(item);
+ assertThat(loc.info(item), is(goodURL2));
+
+ item = loc.next(item);
+ assertThat(item, is(nullValue()));
+ assertThat(loc.info(item), is("Invalid Item"));
+
+ item = loc.first();
+ loc.invalidate(item);
+
+ loc.invalidate(loc.bestClient());
+ loc.invalidate(loc.get(loc.next(item)));
+ loc.destroy();
+ }
+
+ @Test(expected = LocatorException.class)
+ public void failuresTest() throws LocatorException {
+ HClientHotPeerLocator loc;
+ String urlStr = goodURL1 + ',' + goodURL2 + ',' + badURL;
+ loc = new HClientHotPeerLocator(access, urlStr, 1000000, "38.627", "-90.199", ssMock);
+ String[] messages = outStream.toString().split(System.lineSeparator());
+ String preffered = messages[0].split(" ", 4)[3];
+ String alternate1 = messages[1].split(" ", 4)[3];
+ String alternate2 = messages[2].split(" ", 4)[3];
+ assertThat(preffered, is("Preferred Client is " + badURL));
+ assertThat(alternate1, is("Alternate Client is " + goodURL1));
+ assertThat(alternate2, is("Alternate Client is " + goodURL2));
+
+ outStream.reset();
+
+ loc.invalidate(loc.first());
+
+ loc.destroy();
+ loc.best();
+ }
+
+ @Test
+ public void hasNoItemTest() throws LocatorException {
+ HClientHotPeerLocator loc;
+ loc = new HClientHotPeerLocator(access, badURL, 0, "38.627", "-90.199", ssMock);
+ assertThat(loc.hasItems(), is(false));
+ loc.invalidate(loc.first());
+ }
+
+ @Test(expected = LocatorException.class)
+ public void invalidClientTest() throws LocatorException {
+ @SuppressWarnings("unused")
+ HClientHotPeerLocator loc = new HClientHotPeerLocator(access, "InvalidClient", 0, "38.627", "-90.199", ssMock);
+ }
+
+ @Test(expected = LocatorException.class)
+ public void coverageTest() throws LocatorException {
+ CoverageLocator loc;
+ String urlStr = goodURL1 + ',' + goodURL2;
+ loc = new CoverageLocator(access, urlStr, 0, "38.627", "-90.199", ssMock);
+ assertThat(loc._invalidate(null), is(nullValue()));
+ loc._destroy(null);
+
+ loc._newClient("bad string");
+ }
+
+ private class CoverageLocator extends HClientHotPeerLocator {
+ public CoverageLocator(Access access, String urlstr, long invalidateTime, String localLatitude,
+ String localLongitude, HX509SS ss) throws LocatorException {
+ super(access, urlstr, invalidateTime, localLatitude, localLongitude, ss);
+ }
+ public HClient _newClient(String clientInfo) throws LocatorException { return super._newClient(clientInfo); }
+ public HClient _invalidate(HClient client) { return super._invalidate(client); }
+ public void _destroy(HClient client) { super._destroy(client); }
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_PropertyLocator.java b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_PropertyLocator.java
index 024deff7..7b61e398 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_PropertyLocator.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_PropertyLocator.java
@@ -36,81 +36,81 @@ import org.onap.aaf.cadi.locator.PropertyLocator;
public class JU_PropertyLocator {
- @Mock
- Socket socketMock;
+ @Mock
+ Socket socketMock;
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
- when(socketMock.isConnected()).thenReturn(true);
- when(socketMock.isClosed()).thenReturn(true).thenReturn(false);
- }
+ when(socketMock.isConnected()).thenReturn(true);
+ when(socketMock.isClosed()).thenReturn(true).thenReturn(false);
+ }
- @Test
- public void test() throws Exception {
- String uris = "https://fred.wilma.com:26444,https://tom.jerry.com:[534-535]";
- PropertyLocator pl = new PropertyLocator(uris, 0L, 1000*60*20L) {
- @Override protected Socket createSocket() { return socketMock; }
- };
- String str = pl.toString();
- assertThat(str.contains("https://fred.wilma.com:26444"), is(true));
- assertThat(str.contains("https://tom.jerry.com:534"), is(true));
- assertThat(str.contains("https://tom.jerry.com:535"), is(true));
+ @Test
+ public void test() throws Exception {
+ String uris = "https://fred.wilma.com:26444,https://tom.jerry.com:[534-535]";
+ PropertyLocator pl = new PropertyLocator(uris, 0L, 1000*60*20L) {
+ @Override protected Socket createSocket() { return socketMock; }
+ };
+ String str = pl.toString();
+ assertThat(str.contains("https://fred.wilma.com:26444"), is(true));
+ assertThat(str.contains("https://tom.jerry.com:534"), is(true));
+ assertThat(str.contains("https://tom.jerry.com:535"), is(true));
- Item item = pl.first();
- assertThat(item.toString(), is("Item: 0 order: 0"));
+ Item item = pl.first();
+ assertThat(item.toString(), is("Item: 0 order: 0"));
- URI uri = pl.get(item);
- assertThat(uri.toString(), is("https://fred.wilma.com:26444"));
+ URI uri = pl.get(item);
+ assertThat(uri.toString(), is("https://fred.wilma.com:26444"));
- assertThat(pl.get(null), is(nullValue()));
+ assertThat(pl.get(null), is(nullValue()));
- assertThat(pl.hasItems(), is(true));
+ assertThat(pl.hasItems(), is(true));
- assertThat(countItems(pl), is(3));
- pl.invalidate(pl.best());
+ assertThat(countItems(pl), is(3));
+ pl.invalidate(pl.best());
- assertThat(countItems(pl), is(2));
- pl.invalidate(pl.best());
+ assertThat(countItems(pl), is(2));
+ pl.invalidate(pl.best());
- assertThat(countItems(pl), is(1));
+ assertThat(countItems(pl), is(1));
- pl.invalidate(pl.best());
+ pl.invalidate(pl.best());
- assertThat(pl.hasItems(), is(false));
- assertThat(countItems(pl), is(0));
+ assertThat(pl.hasItems(), is(false));
+ assertThat(countItems(pl), is(0));
- Thread.sleep(20L); // PL checks same milli...
- pl.refresh();
+ Thread.sleep(20L); // PL checks same milli...
+ pl.refresh();
- assertThat(pl.hasItems(), is(true));
-
- assertThat(pl.next(null), is(nullValue()));
+ assertThat(pl.hasItems(), is(true));
+
+ assertThat(pl.next(null), is(nullValue()));
- // coverage...
- pl.invalidate(null);
- pl.invalidate(null);
- pl.invalidate(null);
- pl.invalidate(null);
+ // coverage...
+ pl.invalidate(null);
+ pl.invalidate(null);
+ pl.invalidate(null);
+ pl.invalidate(null);
- pl.destroy();
+ pl.destroy();
- pl = new PropertyLocator(uris);
-
- }
+ pl = new PropertyLocator(uris);
+
+ }
- @Test(expected=LocatorException.class)
- public void exceptionTest() throws LocatorException {
- new PropertyLocator(null);
- }
+ @Test(expected=LocatorException.class)
+ public void exceptionTest() throws LocatorException {
+ new PropertyLocator(null);
+ }
- private int countItems(PropertyLocator pl) throws LocatorException {
- int count = 0;
- for(Item i = pl.first(); i != null; i = pl.next(i)) {
- ++count;
- }
- return count;
- }
+ private int countItems(PropertyLocator pl) throws LocatorException {
+ int count = 0;
+ for(Item i = pl.first(); i != null; i = pl.next(i)) {
+ ++count;
+ }
+ return count;
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/routing/test/JU_GreatCircle.java b/cadi/client/src/test/java/org/onap/aaf/cadi/routing/test/JU_GreatCircle.java
index f492d4a2..31fda501 100644
--- a/cadi/client/src/test/java/org/onap/aaf/cadi/routing/test/JU_GreatCircle.java
+++ b/cadi/client/src/test/java/org/onap/aaf/cadi/routing/test/JU_GreatCircle.java
@@ -28,52 +28,52 @@ import org.onap.aaf.cadi.routing.GreatCircle;
public class JU_GreatCircle {
- @BeforeClass
- public static void setUpBeforeClass() throws Exception {
- }
+ @BeforeClass
+ public static void setUpBeforeClass() throws Exception {
+ }
- @AfterClass
- public static void tearDownAfterClass() throws Exception {
- }
+ @AfterClass
+ public static void tearDownAfterClass() throws Exception {
+ }
- @Before
- public void setUp() throws Exception {
- }
+ @Before
+ public void setUp() throws Exception {
+ }
- @After
- public void tearDown() throws Exception {
- }
+ @After
+ public void tearDown() throws Exception {
+ }
- @Test
- public void calc1Test() {
- assertEquals(7.803062505568182, GreatCircle.calc(38.627345, -90.193774, 35.252234, -81.384929), 0.000000001);
- assertEquals(0.0, GreatCircle.calc(38.627345, -90.193774, 38.627345, -90.193774), 0.000000001);
- assertEquals(7.803062505568182, GreatCircle.calc(35.252234, -81.384929, 38.627345, -90.193774), 0.000000001);
- assertEquals(7.803062505568182, GreatCircle.calc(38.627345, -90.193774, 35.252234, -81.384929), 0.000000001);
- assertEquals(7.803062505568182, GreatCircle.calc(-38.627345, 90.193774, -35.252234, 81.384929), 0.000000001);
- assertEquals(105.71060033936052, GreatCircle.calc(-38.627345, 90.193774, -35.252234, -81.384929), 0.000000001);
- assertEquals(105.71060033936052, GreatCircle.calc(38.627345, -90.193774, 35.252234, 81.384929), 0.000000001);
- assertEquals(74.32786874922931, GreatCircle.calc(-38.627345, 90.193774, 35.252234, 81.384929), 0.000000001);
- }
+ @Test
+ public void calc1Test() {
+ assertEquals(7.803062505568182, GreatCircle.calc(38.627345, -90.193774, 35.252234, -81.384929), 0.000000001);
+ assertEquals(0.0, GreatCircle.calc(38.627345, -90.193774, 38.627345, -90.193774), 0.000000001);
+ assertEquals(7.803062505568182, GreatCircle.calc(35.252234, -81.384929, 38.627345, -90.193774), 0.000000001);
+ assertEquals(7.803062505568182, GreatCircle.calc(38.627345, -90.193774, 35.252234, -81.384929), 0.000000001);
+ assertEquals(7.803062505568182, GreatCircle.calc(-38.627345, 90.193774, -35.252234, 81.384929), 0.000000001);
+ assertEquals(105.71060033936052, GreatCircle.calc(-38.627345, 90.193774, -35.252234, -81.384929), 0.000000001);
+ assertEquals(105.71060033936052, GreatCircle.calc(38.627345, -90.193774, 35.252234, 81.384929), 0.000000001);
+ assertEquals(74.32786874922931, GreatCircle.calc(-38.627345, 90.193774, 35.252234, 81.384929), 0.000000001);
+ }
- @Test
- public void calc2Test() {
- assertEquals(7.803062505568182, GreatCircle.calc(new String[] {"38.627345", "-90.193774", "35.252234", "-81.384929"}), 0.000000001);
- assertEquals(7.803062505568182, GreatCircle.calc(new String[] {"38.627345,-90.193774", "35.252234,-81.384929"}), 0.000000001);
- assertEquals(7.803062505568182, GreatCircle.calc(new String[] {"38.627345,-90.193774,35.252234,-81.384929"}), 0.000000001);
+ @Test
+ public void calc2Test() {
+ assertEquals(7.803062505568182, GreatCircle.calc(new String[] {"38.627345", "-90.193774", "35.252234", "-81.384929"}), 0.000000001);
+ assertEquals(7.803062505568182, GreatCircle.calc(new String[] {"38.627345,-90.193774", "35.252234,-81.384929"}), 0.000000001);
+ assertEquals(7.803062505568182, GreatCircle.calc(new String[] {"38.627345,-90.193774,35.252234,-81.384929"}), 0.000000001);
- assertEquals(-1, GreatCircle.calc(new String[0]), 0.000000001);
- assertEquals(-1, GreatCircle.calc(new String[] {"38.627345;-90.193774", "35.252234,-81.384929"}), 0.000000001);
- assertEquals(-1, GreatCircle.calc(new String[] {"38.627345,-90.193774", "35.252234;-81.384929"}), 0.000000001);
- assertEquals(-1, GreatCircle.calc(new String[] {"38.627345,-90.193774;35.252234,-81.384929"}), 0.000000001);
+ assertEquals(-1, GreatCircle.calc(new String[0]), 0.000000001);
+ assertEquals(-1, GreatCircle.calc(new String[] {"38.627345;-90.193774", "35.252234,-81.384929"}), 0.000000001);
+ assertEquals(-1, GreatCircle.calc(new String[] {"38.627345,-90.193774", "35.252234;-81.384929"}), 0.000000001);
+ assertEquals(-1, GreatCircle.calc(new String[] {"38.627345,-90.193774;35.252234,-81.384929"}), 0.000000001);
- assertEquals(-1, GreatCircle.calc(new String[] {"Invalid input", "Invalid input", "Invalid input", "Invalid input"}), 0.000000001);
- }
+ assertEquals(-1, GreatCircle.calc(new String[] {"Invalid input", "Invalid input", "Invalid input", "Invalid input"}), 0.000000001);
+ }
- @Test
- public void coverageTest() {
- @SuppressWarnings("unused")
- GreatCircle gc = new GreatCircle();
- }
+ @Test
+ public void coverageTest() {
+ @SuppressWarnings("unused")
+ GreatCircle gc = new GreatCircle();
+ }
}
diff --git a/cadi/client/src/test/java/org/onap/aaf/client/test/JU_ResultTest.java b/cadi/client/src/test/java/org/onap/aaf/client/test/JU_ResultTest.java
index b0ac5a0c..5b47faab 100644
--- a/cadi/client/src/test/java/org/onap/aaf/client/test/JU_ResultTest.java
+++ b/cadi/client/src/test/java/org/onap/aaf/client/test/JU_ResultTest.java
@@ -30,79 +30,79 @@ import org.onap.aaf.cadi.client.Result;
public class JU_ResultTest {
- @Before
- public void setUp() throws Exception {
- }
+ @Before
+ public void setUp() throws Exception {
+ }
- @Test
- public void testOk() {
- Result<String> t = Result.ok(1, "Ok");
- assertNotNull(t);
- assertThat(t.code, is(1));
- assertTrue(t.isOK());
- assertThat(t.toString(), is("Code: 1"));
- }
+ @Test
+ public void testOk() {
+ Result<String> t = Result.ok(1, "Ok");
+ assertNotNull(t);
+ assertThat(t.code, is(1));
+ assertTrue(t.isOK());
+ assertThat(t.toString(), is("Code: 1"));
+ }
- @Test
- public void testErr() {
- Result<String> t = Result.err(1, "Error Body");
- assertNotNull(t);
- assertThat(t.error, is("Error Body"));
- assertFalse(t.isOK());
- assertThat(t.toString(), is("Code: 1 = Error Body"));
- }
-
- @Test
- public void testOk1() {
- Result<String> t = Result.ok(1, "Ok");
- assertNotNull(t);
- assertThat(t.code, is(1));
- assertTrue(t.isOK());
- assertThat(t.toString(), is("Code: 1"));
- }
+ @Test
+ public void testErr() {
+ Result<String> t = Result.err(1, "Error Body");
+ assertNotNull(t);
+ assertThat(t.error, is("Error Body"));
+ assertFalse(t.isOK());
+ assertThat(t.toString(), is("Code: 1 = Error Body"));
+ }
+
+ @Test
+ public void testOk1() {
+ Result<String> t = Result.ok(1, "Ok");
+ assertNotNull(t);
+ assertThat(t.code, is(1));
+ assertTrue(t.isOK());
+ assertThat(t.toString(), is("Code: 1"));
+ }
- @Test
- public void testErr1() {
- Result<String> t = Result.err(1, "Error Body");
- assertNotNull(t);
- assertThat(t.error, is("Error Body"));
- assertFalse(t.isOK());
- assertThat(t.toString(), is("Code: 1 = Error Body"));
- }
-
- @Test
- public void testOk2() {
- Result<String> t = Result.ok(1, "Ok");
- assertNotNull(t);
- assertThat(t.code, is(1));
- assertTrue(t.isOK());
- assertThat(t.toString(), is("Code: 1"));
- }
+ @Test
+ public void testErr1() {
+ Result<String> t = Result.err(1, "Error Body");
+ assertNotNull(t);
+ assertThat(t.error, is("Error Body"));
+ assertFalse(t.isOK());
+ assertThat(t.toString(), is("Code: 1 = Error Body"));
+ }
+
+ @Test
+ public void testOk2() {
+ Result<String> t = Result.ok(1, "Ok");
+ assertNotNull(t);
+ assertThat(t.code, is(1));
+ assertTrue(t.isOK());
+ assertThat(t.toString(), is("Code: 1"));
+ }
- @Test
- public void testErr2() {
- Result<String> t = Result.err(1, "Error Body");
- assertNotNull(t);
- assertThat(t.error, is("Error Body"));
- assertFalse(t.isOK());
- assertThat(t.toString(), is("Code: 1 = Error Body"));
- }
-
- @Test
- public void testOk3() {
- Result<String> t = Result.ok(1, "Ok");
- assertNotNull(t);
- assertThat(t.code, is(1));
- assertTrue(t.isOK());
- assertThat(t.toString(), is("Code: 1"));
- }
+ @Test
+ public void testErr2() {
+ Result<String> t = Result.err(1, "Error Body");
+ assertNotNull(t);
+ assertThat(t.error, is("Error Body"));
+ assertFalse(t.isOK());
+ assertThat(t.toString(), is("Code: 1 = Error Body"));
+ }
+
+ @Test
+ public void testOk3() {
+ Result<String> t = Result.ok(1, "Ok");
+ assertNotNull(t);
+ assertThat(t.code, is(1));
+ assertTrue(t.isOK());
+ assertThat(t.toString(), is("Code: 1"));
+ }
- @Test
- public void testErr3() {
- Result<String> t = Result.err(1, "Error Body");
- assertNotNull(t);
- assertThat(t.error, is("Error Body"));
- assertFalse(t.isOK());
- assertThat(t.toString(), is("Code: 1 = Error Body"));
- }
+ @Test
+ public void testErr3() {
+ Result<String> t = Result.err(1, "Error Body");
+ assertNotNull(t);
+ assertThat(t.error, is("Error Body"));
+ assertFalse(t.isOK());
+ assertThat(t.toString(), is("Code: 1 = Error Body"));
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java
index 3ef3355a..142dde26 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java
@@ -52,80 +52,80 @@ import org.onap.aaf.cadi.util.Chmod;
*
*/
public class AES implements Encryption {
- public static final String AES = AES.class.getSimpleName();
- public static final int AES_KEY_SIZE = 128; // 256 isn't supported on all JDKs.
-
- private SecretKeySpec aeskeySpec;
+ public static final String AES = AES.class.getSimpleName();
+ public static final int AES_KEY_SIZE = 128; // 256 isn't supported on all JDKs.
+
+ private SecretKeySpec aeskeySpec;
- public static SecretKey newKey() throws NoSuchAlgorithmException {
- KeyGenerator kgen = KeyGenerator.getInstance(AES);
- kgen.init(AES_KEY_SIZE);
- return kgen.generateKey();
- }
+ public static SecretKey newKey() throws NoSuchAlgorithmException {
+ KeyGenerator kgen = KeyGenerator.getInstance(AES);
+ kgen.init(AES_KEY_SIZE);
+ return kgen.generateKey();
+ }
- public AES(byte[] aeskey, int offset, int len) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException {
- aeskeySpec = new SecretKeySpec(aeskey,offset,len,AES);
- }
-
- public byte[] encrypt(byte[] in) throws CadiException {
- try {
- Cipher c = Cipher.getInstance(AES);
- c.init(Cipher.ENCRYPT_MODE,aeskeySpec);
- return c.doFinal(in);
- } catch (InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException | NoSuchPaddingException e) {
- throw new CadiException(e);
- }
- }
-
- public byte[] decrypt(byte[] in) throws CadiException {
- try {
- Cipher c = Cipher.getInstance(AES);
- c.init(Cipher.DECRYPT_MODE,aeskeySpec);
- return c.doFinal(in);
- } catch (InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException | NoSuchPaddingException e) {
- throw new CadiException(e);
- }
- }
-
- public void save(File keyfile) throws IOException {
- FileOutputStream fis = new FileOutputStream(keyfile);
- try {
- fis.write(aeskeySpec.getEncoded());
- } finally {
- fis.close();
- }
- Chmod.to400.chmod(keyfile);
- }
+ public AES(byte[] aeskey, int offset, int len) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException {
+ aeskeySpec = new SecretKeySpec(aeskey,offset,len,AES);
+ }
+
+ public byte[] encrypt(byte[] in) throws CadiException {
+ try {
+ Cipher c = Cipher.getInstance(AES);
+ c.init(Cipher.ENCRYPT_MODE,aeskeySpec);
+ return c.doFinal(in);
+ } catch (InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException | NoSuchPaddingException e) {
+ throw new CadiException(e);
+ }
+ }
+
+ public byte[] decrypt(byte[] in) throws CadiException {
+ try {
+ Cipher c = Cipher.getInstance(AES);
+ c.init(Cipher.DECRYPT_MODE,aeskeySpec);
+ return c.doFinal(in);
+ } catch (InvalidKeyException | IllegalBlockSizeException | BadPaddingException | NoSuchAlgorithmException | NoSuchPaddingException e) {
+ throw new CadiException(e);
+ }
+ }
+
+ public void save(File keyfile) throws IOException {
+ FileOutputStream fis = new FileOutputStream(keyfile);
+ try {
+ fis.write(aeskeySpec.getEncoded());
+ } finally {
+ fis.close();
+ }
+ Chmod.to400.chmod(keyfile);
+ }
- public CipherOutputStream outputStream(OutputStream os, boolean encrypt) {
- try {
- Cipher c = Cipher.getInstance(AES);
- if(encrypt) {
- c.init(Cipher.ENCRYPT_MODE,aeskeySpec);
- } else {
- c.init(Cipher.DECRYPT_MODE,aeskeySpec);
- }
- return new CipherOutputStream(os,c);
- } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
- // Cannot add Exception to this API. throw Runtime
- System.err.println("Error creating Aes CipherOutputStream");
- return null; // should never get here.
- }
- }
-
- public CipherInputStream inputStream(InputStream is, boolean encrypt) {
- try {
- Cipher c = Cipher.getInstance(AES);
- if(encrypt) {
- c.init(Cipher.ENCRYPT_MODE,aeskeySpec);
- } else {
- c.init(Cipher.DECRYPT_MODE,aeskeySpec);
- }
- return new CipherInputStream(is,c);
- } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
- // Cannot add Exception to this API. throw Runtime
- System.err.println("Error creating Aes CipherInputStream");
- return null; // should never get here.
- }
- }
+ public CipherOutputStream outputStream(OutputStream os, boolean encrypt) {
+ try {
+ Cipher c = Cipher.getInstance(AES);
+ if(encrypt) {
+ c.init(Cipher.ENCRYPT_MODE,aeskeySpec);
+ } else {
+ c.init(Cipher.DECRYPT_MODE,aeskeySpec);
+ }
+ return new CipherOutputStream(os,c);
+ } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
+ // Cannot add Exception to this API. throw Runtime
+ System.err.println("Error creating Aes CipherOutputStream");
+ return null; // should never get here.
+ }
+ }
+
+ public CipherInputStream inputStream(InputStream is, boolean encrypt) {
+ try {
+ Cipher c = Cipher.getInstance(AES);
+ if(encrypt) {
+ c.init(Cipher.ENCRYPT_MODE,aeskeySpec);
+ } else {
+ c.init(Cipher.DECRYPT_MODE,aeskeySpec);
+ }
+ return new CipherInputStream(is,c);
+ } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
+ // Cannot add Exception to this API. throw Runtime
+ System.err.println("Error creating Aes CipherInputStream");
+ return null; // should never get here.
+ }
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
index 39631894..d9d4474d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java
@@ -48,420 +48,420 @@ import org.onap.aaf.cadi.principal.CachedBasicPrincipal;
*
*/
public abstract class AbsUserCache<PERM extends Permission> {
- // Need an obvious key for when there is no Authentication Cred
- private static final String NO_CRED = "NoCred";
- static final int MIN_INTERVAL = 1000*60; // Min 1 min
- static final int MAX_INTERVAL = 1000*60*60*4; // 4 hour max
- private static Timer timer;
- // Map of userName to User
- private final Map<String, User<PERM>> userMap;
- private static final Map<String, Miss> missMap = new TreeMap<>();
- private final Symm missEncrypt;
-
- private Clean clean;
- protected Access access;
-
- protected AbsUserCache(Access access, long cleanInterval, int highCount, int usageCount) {
- this.access = access;
- Symm s;
- try {
- byte[] gennedKey = Symm.keygen();
- s = Symm.obtain(new ByteArrayInputStream(gennedKey));
- } catch (IOException e) {
- access.log(e);
- s = Symm.base64noSplit;
- }
- missEncrypt = s;
-
- userMap = new ConcurrentHashMap<>();
+ // Need an obvious key for when there is no Authentication Cred
+ private static final String NO_CRED = "NoCred";
+ static final int MIN_INTERVAL = 1000*60; // Min 1 min
+ static final int MAX_INTERVAL = 1000*60*60*4; // 4 hour max
+ private static Timer timer;
+ // Map of userName to User
+ private final Map<String, User<PERM>> userMap;
+ private static final Map<String, Miss> missMap = new TreeMap<>();
+ private final Symm missEncrypt;
+
+ private Clean clean;
+ protected Access access;
+
+ protected AbsUserCache(Access access, long cleanInterval, int highCount, int usageCount) {
+ this.access = access;
+ Symm s;
+ try {
+ byte[] gennedKey = Symm.keygen();
+ s = Symm.obtain(new ByteArrayInputStream(gennedKey));
+ } catch (IOException e) {
+ access.log(e);
+ s = Symm.base64noSplit;
+ }
+ missEncrypt = s;
+
+ userMap = new ConcurrentHashMap<>();
-
- if(cleanInterval>0) {
- cleanInterval = Math.max(MIN_INTERVAL, cleanInterval);
- synchronized(AbsUserCache.class) { // Lazy instantiate.. in case there is no cleanup needed
- if(timer==null) {
- timer = new Timer("CADI Cleanup Timer",true);
- }
-
- timer.schedule(clean = new Clean(access, cleanInterval, highCount, usageCount), cleanInterval, cleanInterval);
- access.log(Access.Level.INIT, "Cleaning Thread initialized with interval of",cleanInterval, "ms and max objects of", highCount);
- }
- }
- }
-
- @SuppressWarnings("unchecked")
- public AbsUserCache(AbsUserCache<PERM> cache) {
- this.access = cache.access;
- userMap = cache.userMap;
- missEncrypt = cache.missEncrypt;
-
- synchronized(AbsUserCache.class) {
- if(cache.clean!=null && cache.clean.lur==null && this instanceof CachingLur) {
- cache.clean.lur=(CachingLur<PERM>)this;
- }
- }
- }
+
+ if(cleanInterval>0) {
+ cleanInterval = Math.max(MIN_INTERVAL, cleanInterval);
+ synchronized(AbsUserCache.class) { // Lazy instantiate.. in case there is no cleanup needed
+ if(timer==null) {
+ timer = new Timer("CADI Cleanup Timer",true);
+ }
+
+ timer.schedule(clean = new Clean(access, cleanInterval, highCount, usageCount), cleanInterval, cleanInterval);
+ access.log(Access.Level.INIT, "Cleaning Thread initialized with interval of",cleanInterval, "ms and max objects of", highCount);
+ }
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ public AbsUserCache(AbsUserCache<PERM> cache) {
+ this.access = cache.access;
+ userMap = cache.userMap;
+ missEncrypt = cache.missEncrypt;
+
+ synchronized(AbsUserCache.class) {
+ if(cache.clean!=null && cache.clean.lur==null && this instanceof CachingLur) {
+ cache.clean.lur=(CachingLur<PERM>)this;
+ }
+ }
+ }
- protected void setLur(CachingLur<PERM> lur) {
- if(clean!=null)clean.lur = lur;
-
- }
-
- protected void addUser(User<PERM> user) {
- Principal p = user.principal;
- String key;
- try {
- if(p instanceof GetCred) {
- key = missKey(p.getName(), ((GetCred)p).getCred());
- } else {
- byte[] cred;
- if((cred=user.getCred())==null) {
- key = user.name + NO_CRED;
- } else {
- key = missKey(user.name,cred);
- }
- }
- } catch (IOException e) {
- access.log(e);
- return;
- }
- userMap.put(key, user);
- }
+ protected void setLur(CachingLur<PERM> lur) {
+ if(clean!=null)clean.lur = lur;
+
+ }
+
+ protected void addUser(User<PERM> user) {
+ Principal p = user.principal;
+ String key;
+ try {
+ if(p instanceof GetCred) {
+ key = missKey(p.getName(), ((GetCred)p).getCred());
+ } else {
+ byte[] cred;
+ if((cred=user.getCred())==null) {
+ key = user.name + NO_CRED;
+ } else {
+ key = missKey(user.name,cred);
+ }
+ }
+ } catch (IOException e) {
+ access.log(e);
+ return;
+ }
+ userMap.put(key, user);
+ }
- // Useful for looking up by WebToken, etc.
- protected void addUser(String key, User<PERM> user) {
- userMap.put(key, user);
- }
-
- /**
- * Add miss to missMap. If Miss exists, or too many tries, returns false.
- *
- * otherwise, returns true to allow another attempt.
- *
- * @param key
- * @param bs
- * @return
- * @throws IOException
- */
- protected synchronized boolean addMiss(String key, byte[] bs) {
- String mkey;
- try {
- mkey = missKey(key,bs);
- } catch (IOException e) {
- access.log(e);
- return false;
- }
- Miss miss = missMap.get(mkey);
- if(miss==null) {
- missMap.put(mkey, new Miss(bs,clean==null?MIN_INTERVAL:clean.timeInterval,key));
- return true;
- }
- return miss.mayContinue();
- }
+ // Useful for looking up by WebToken, etc.
+ protected void addUser(String key, User<PERM> user) {
+ userMap.put(key, user);
+ }
+
+ /**
+ * Add miss to missMap. If Miss exists, or too many tries, returns false.
+ *
+ * otherwise, returns true to allow another attempt.
+ *
+ * @param key
+ * @param bs
+ * @return
+ * @throws IOException
+ */
+ protected synchronized boolean addMiss(String key, byte[] bs) {
+ String mkey;
+ try {
+ mkey = missKey(key,bs);
+ } catch (IOException e) {
+ access.log(e);
+ return false;
+ }
+ Miss miss = missMap.get(mkey);
+ if(miss==null) {
+ missMap.put(mkey, new Miss(bs,clean==null?MIN_INTERVAL:clean.timeInterval,key));
+ return true;
+ }
+ return miss.mayContinue();
+ }
- protected Miss missed(String key, byte[] bs) throws IOException {
- return missMap.get(missKey(key,bs));
- }
+ protected Miss missed(String key, byte[] bs) throws IOException {
+ return missMap.get(missKey(key,bs));
+ }
- protected User<PERM> getUser(Principal principal) {
- String key;
- if(principal instanceof GetCred) {
- GetCred gc = (GetCred)principal;
- try {
- key = missKey(principal.getName(), gc.getCred());
- } catch (IOException e) {
- access.log(e, "Error getting key from Principal");
- key = principal.getName();
- }
- } else {
- key = principal.getName()+NO_CRED;
- }
- User<PERM> u = userMap.get(key);
- if(u!=null) {
- u.incCount();
- }
- return u;
- }
-
- protected User<PERM> getUser(CachedBasicPrincipal cbp) {
- return getUser(cbp.getName(), cbp.getCred());
- }
-
- protected User<PERM> getUser(String user, byte[] cred) {
- User<PERM> u;
- String key=null;
- try {
- key =missKey(user,cred);
- } catch (IOException e) {
- access.log(e);
- return null;
- }
- u = userMap.get(key);
- if(u!=null) {
- if(u.permExpired()) {
- userMap.remove(key);
- u=null;
- } else {
- u.incCount();
- }
- }
- return u;
- }
-
- /**
- * Removes User from the Cache
- * @param user
- */
- protected void remove(User<PERM> user) {
- userMap.remove(user.principal.getName());
- }
-
- /**
- * Removes user from the Cache
- *
- * @param user
- */
- public void remove(String user) {
- Object o = userMap.remove(user);
- if(o!=null) {
- access.log(Level.INFO, user,"removed from Client Cache by Request");
- }
- }
-
- /**
- * Clear all Users from the Client Cache
- */
- public void clearAll() {
- userMap.clear();
- }
-
- public final List<DumpInfo> dumpInfo() {
- List<DumpInfo> rv = new ArrayList<>();
- for(User<PERM> user : userMap.values()) {
- rv.add(new DumpInfo(user));
- }
- return rv;
- }
+ protected User<PERM> getUser(Principal principal) {
+ String key;
+ if(principal instanceof GetCred) {
+ GetCred gc = (GetCred)principal;
+ try {
+ key = missKey(principal.getName(), gc.getCred());
+ } catch (IOException e) {
+ access.log(e, "Error getting key from Principal");
+ key = principal.getName();
+ }
+ } else {
+ key = principal.getName()+NO_CRED;
+ }
+ User<PERM> u = userMap.get(key);
+ if(u!=null) {
+ u.incCount();
+ }
+ return u;
+ }
+
+ protected User<PERM> getUser(CachedBasicPrincipal cbp) {
+ return getUser(cbp.getName(), cbp.getCred());
+ }
+
+ protected User<PERM> getUser(String user, byte[] cred) {
+ User<PERM> u;
+ String key=null;
+ try {
+ key =missKey(user,cred);
+ } catch (IOException e) {
+ access.log(e);
+ return null;
+ }
+ u = userMap.get(key);
+ if(u!=null) {
+ if(u.permExpired()) {
+ userMap.remove(key);
+ u=null;
+ } else {
+ u.incCount();
+ }
+ }
+ return u;
+ }
+
+ /**
+ * Removes User from the Cache
+ * @param user
+ */
+ protected void remove(User<PERM> user) {
+ userMap.remove(user.principal.getName());
+ }
+
+ /**
+ * Removes user from the Cache
+ *
+ * @param user
+ */
+ public void remove(String user) {
+ Object o = userMap.remove(user);
+ if(o!=null) {
+ access.log(Level.INFO, user,"removed from Client Cache by Request");
+ }
+ }
+
+ /**
+ * Clear all Users from the Client Cache
+ */
+ public void clearAll() {
+ userMap.clear();
+ }
+
+ public final List<DumpInfo> dumpInfo() {
+ List<DumpInfo> rv = new ArrayList<>();
+ for(User<PERM> user : userMap.values()) {
+ rv.add(new DumpInfo(user));
+ }
+ return rv;
+ }
- /**
- * The default behavior of a LUR is to not handle something exclusively.
- */
- public boolean handlesExclusively(Permission ... pond) {
- return false;
- }
-
- /**
- * Container calls when cleaning up...
- *
- * If overloading in Derived class, be sure to call "super.destroy()"
- */
- public void destroy() {
- if(timer!=null) {
- timer.purge();
- timer.cancel();
- }
- }
-
-
+ /**
+ * The default behavior of a LUR is to not handle something exclusively.
+ */
+ public boolean handlesExclusively(Permission ... pond) {
+ return false;
+ }
+
+ /**
+ * Container calls when cleaning up...
+ *
+ * If overloading in Derived class, be sure to call "super.destroy()"
+ */
+ public void destroy() {
+ if(timer!=null) {
+ timer.purge();
+ timer.cancel();
+ }
+ }
+
+
- // Simple map of Group name to a set of User Names
- // private Map<String, Set<String>> groupMap = new HashMap<>();
+ // Simple map of Group name to a set of User Names
+ // private Map<String, Set<String>> groupMap = new HashMap<>();
- /**
- * Class to hold a small subset of the data, because we don't want to expose actual Permission or User Objects
- */
- public final class DumpInfo {
- public String user;
- public List<String> perms;
-
- public DumpInfo(User<PERM> user) {
- this.user = user.principal.getName();
- perms = new ArrayList<>(user.perms.keySet());
- }
- }
-
- /**
- * Clean will examine resources, and remove those that have expired.
- *
- * If "highs" have been exceeded, then we'll expire 10% more the next time. This will adjust after each run
- * without checking contents more than once, making a good average "high" in the minimum speed.
- *
- * @author Jonathan
- *
- */
- private final class Clean extends TimerTask {
- private final Access access;
- private CachingLur<PERM> lur;
-
- // The idea here is to not be too restrictive on a high, but to Expire more items by
- // shortening the time to expire. This is done by judiciously incrementing "advance"
- // when the "highs" are exceeded. This effectively reduces numbers of cached items quickly.
- private final int high;
- private long advance;
- private final long timeInterval;
- private final int usageTriggerCount;
-
- public Clean(Access access, long cleanInterval, int highCount, int usageTriggerCount) {
- this.access = access;
- lur = null;
- high = highCount;
- timeInterval = cleanInterval;
- advance = 0;
- this.usageTriggerCount=usageTriggerCount;
- }
- public void run() {
- int renewed = 0;
- int count = 0;
- int total = 0;
- try {
- // look at now. If we need to expire more by increasing "now" by "advance"
- ArrayList<User<PERM>> al = new ArrayList<>(userMap.values().size());
- al.addAll(0, userMap.values());
- long now = System.currentTimeMillis() + advance;
- for(User<PERM> user : al) {
- ++total;
- if(user.count>usageTriggerCount) {
- boolean touched = false, removed=false;
- if(user.principal instanceof CachedPrincipal) {
- CachedPrincipal cp = (CachedPrincipal)user.principal;
- if(cp.expires() < now) {
- switch(cp.revalidate(null)) {
- case INACCESSIBLE:
- access.log(Level.AUDIT, "AAF Inaccessible. Keeping credentials");
- break;
- case REVALIDATED:
- user.resetCount();
- touched = true;
- break;
- default:
- user.resetCount();
- remove(user);
- ++count;
- removed = true;
- break;
- }
- }
- }
-
- if(!removed && lur!=null && user.permExpires<= now ) {
- if(lur.reload(user).equals(Resp.REVALIDATED)) {
- user.renewPerm();
- access.log(Level.DEBUG, "Reloaded Perms for",user);
- touched = true;
- }
- }
- user.resetCount();
- if(touched) {
- ++renewed;
- }
-
- } else {
- if(user.permExpired()) {
- remove(user);
- ++count;
- }
- }
- }
-
- // Clean out Misses
- int missTotal = missMap.keySet().size();
- int miss = 0;
- if(missTotal>0) {
- ArrayList<String> keys = new ArrayList<>(missTotal);
- keys.addAll(missMap.keySet());
- for(String key : keys) {
- Miss m = missMap.get(key);
- if(m!=null) {
- long timeLeft = m.timestamp - System.currentTimeMillis();
- if(timeLeft<0) {
- synchronized(missMap) {
- missMap.remove(key);
- }
- access.log(Level.INFO, m.name, " has been removed from Missed Credential Map (" + m.tries + " invalid tries)");
- ++miss;
- } else {
- access.log(Level.INFO, m.name, " remains in Missed Credential Map (" + m.tries + " invalid tries) for " + (timeLeft/1000) + " more seconds");
- }
- }
- }
- }
-
- if(count+renewed+miss>0) {
- access.log(Level.INFO, (lur==null?"Cache":lur.getClass().getSimpleName()), "removed",count,
- "and renewed",renewed,"expired Permissions out of", total,"and removed", miss, "password misses out of",missTotal);
- }
-
- // If High (total) is reached during this period, increase the number of expired services removed for next time.
- // There's no point doing it again here, as there should have been cleaned items.
- if(total>high) {
- // advance cleanup by 10%, without getting greater than timeInterval.
- advance = Math.min(timeInterval, advance+(timeInterval/10));
- } else {
- // reduce advance by 10%, without getting lower than 0.
- advance = Math.max(0, advance-(timeInterval/10));
- }
- } catch (Exception e) {
- access.log(Level.ERROR,e.getMessage());
- }
- }
- }
+ /**
+ * Class to hold a small subset of the data, because we don't want to expose actual Permission or User Objects
+ */
+ public final class DumpInfo {
+ public String user;
+ public List<String> perms;
+
+ public DumpInfo(User<PERM> user) {
+ this.user = user.principal.getName();
+ perms = new ArrayList<>(user.perms.keySet());
+ }
+ }
+
+ /**
+ * Clean will examine resources, and remove those that have expired.
+ *
+ * If "highs" have been exceeded, then we'll expire 10% more the next time. This will adjust after each run
+ * without checking contents more than once, making a good average "high" in the minimum speed.
+ *
+ * @author Jonathan
+ *
+ */
+ private final class Clean extends TimerTask {
+ private final Access access;
+ private CachingLur<PERM> lur;
+
+ // The idea here is to not be too restrictive on a high, but to Expire more items by
+ // shortening the time to expire. This is done by judiciously incrementing "advance"
+ // when the "highs" are exceeded. This effectively reduces numbers of cached items quickly.
+ private final int high;
+ private long advance;
+ private final long timeInterval;
+ private final int usageTriggerCount;
+
+ public Clean(Access access, long cleanInterval, int highCount, int usageTriggerCount) {
+ this.access = access;
+ lur = null;
+ high = highCount;
+ timeInterval = cleanInterval;
+ advance = 0;
+ this.usageTriggerCount=usageTriggerCount;
+ }
+ public void run() {
+ int renewed = 0;
+ int count = 0;
+ int total = 0;
+ try {
+ // look at now. If we need to expire more by increasing "now" by "advance"
+ ArrayList<User<PERM>> al = new ArrayList<>(userMap.values().size());
+ al.addAll(0, userMap.values());
+ long now = System.currentTimeMillis() + advance;
+ for(User<PERM> user : al) {
+ ++total;
+ if(user.count>usageTriggerCount) {
+ boolean touched = false, removed=false;
+ if(user.principal instanceof CachedPrincipal) {
+ CachedPrincipal cp = (CachedPrincipal)user.principal;
+ if(cp.expires() < now) {
+ switch(cp.revalidate(null)) {
+ case INACCESSIBLE:
+ access.log(Level.AUDIT, "AAF Inaccessible. Keeping credentials");
+ break;
+ case REVALIDATED:
+ user.resetCount();
+ touched = true;
+ break;
+ default:
+ user.resetCount();
+ remove(user);
+ ++count;
+ removed = true;
+ break;
+ }
+ }
+ }
+
+ if(!removed && lur!=null && user.permExpires<= now ) {
+ if(lur.reload(user).equals(Resp.REVALIDATED)) {
+ user.renewPerm();
+ access.log(Level.DEBUG, "Reloaded Perms for",user);
+ touched = true;
+ }
+ }
+ user.resetCount();
+ if(touched) {
+ ++renewed;
+ }
+
+ } else {
+ if(user.permExpired()) {
+ remove(user);
+ ++count;
+ }
+ }
+ }
+
+ // Clean out Misses
+ int missTotal = missMap.keySet().size();
+ int miss = 0;
+ if(missTotal>0) {
+ ArrayList<String> keys = new ArrayList<>(missTotal);
+ keys.addAll(missMap.keySet());
+ for(String key : keys) {
+ Miss m = missMap.get(key);
+ if(m!=null) {
+ long timeLeft = m.timestamp - System.currentTimeMillis();
+ if(timeLeft<0) {
+ synchronized(missMap) {
+ missMap.remove(key);
+ }
+ access.log(Level.INFO, m.name, " has been removed from Missed Credential Map (" + m.tries + " invalid tries)");
+ ++miss;
+ } else {
+ access.log(Level.INFO, m.name, " remains in Missed Credential Map (" + m.tries + " invalid tries) for " + (timeLeft/1000) + " more seconds");
+ }
+ }
+ }
+ }
+
+ if(count+renewed+miss>0) {
+ access.log(Level.INFO, (lur==null?"Cache":lur.getClass().getSimpleName()), "removed",count,
+ "and renewed",renewed,"expired Permissions out of", total,"and removed", miss, "password misses out of",missTotal);
+ }
+
+ // If High (total) is reached during this period, increase the number of expired services removed for next time.
+ // There's no point doing it again here, as there should have been cleaned items.
+ if(total>high) {
+ // advance cleanup by 10%, without getting greater than timeInterval.
+ advance = Math.min(timeInterval, advance+(timeInterval/10));
+ } else {
+ // reduce advance by 10%, without getting lower than 0.
+ advance = Math.max(0, advance-(timeInterval/10));
+ }
+ } catch (Exception e) {
+ access.log(Level.ERROR,e.getMessage());
+ }
+ }
+ }
- private String missKey(String name, byte[] bs) throws IOException {
- return name + Hash.toHex(missEncrypt.encode(bs));
- }
+ private String missKey(String name, byte[] bs) throws IOException {
+ return name + Hash.toHex(missEncrypt.encode(bs));
+ }
- protected static class Miss {
- private static final int MAX_TRIES = 3;
+ protected static class Miss {
+ private static final int MAX_TRIES = 3;
- long timestamp;
+ long timestamp;
- private long timetolive;
+ private long timetolive;
- private long tries;
+ private long tries;
- private final String name;
-
- public Miss(final byte[] first, final long timeInterval, final String name) {
- timestamp = System.currentTimeMillis() + timeInterval;
- this.timetolive = timeInterval;
- tries = 0L;
- this.name = name;
- }
-
-
- public synchronized boolean mayContinue() {
- long ts = System.currentTimeMillis();
- if(ts>timestamp) {
- tries = 0;
- timestamp = ts + timetolive;
- } else if(MAX_TRIES <= ++tries) {
- return false;
- }
- return true;
- }
-
- }
-
- /**
- * Report on state
- */
- public String toString() {
- return getClass().getSimpleName() +
- " Cache:\n Users Cached: " +
- userMap.size() +
- "\n Misses Saved: " +
- missMap.size() +
- '\n';
-
- }
+ private final String name;
+
+ public Miss(final byte[] first, final long timeInterval, final String name) {
+ timestamp = System.currentTimeMillis() + timeInterval;
+ this.timetolive = timeInterval;
+ tries = 0L;
+ this.name = name;
+ }
+
+
+ public synchronized boolean mayContinue() {
+ long ts = System.currentTimeMillis();
+ if(ts>timestamp) {
+ tries = 0;
+ timestamp = ts + timetolive;
+ } else if(MAX_TRIES <= ++tries) {
+ return false;
+ }
+ return true;
+ }
+
+ }
+
+ /**
+ * Report on state
+ */
+ public String toString() {
+ return getClass().getSimpleName() +
+ " Cache:\n Users Cached: " +
+ userMap.size() +
+ "\n Misses Saved: " +
+ missMap.size() +
+ '\n';
+
+ }
- public void clear(Principal p, StringBuilder sb) {
- sb.append(toString());
- userMap.clear();
- missMap.clear();
- access.log(Level.AUDIT, p.getName(),"has cleared User Cache in",getClass().getSimpleName());
- sb.append("Now cleared\n");
- }
+ public void clear(Principal p, StringBuilder sb) {
+ sb.append(toString());
+ userMap.clear();
+ missMap.clear();
+ access.log(Level.AUDIT, p.getName(),"has cleared User Cache in",getClass().getSimpleName());
+ sb.append("Now cleared\n");
+ }
} \ No newline at end of file
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java
index 83127238..76d9bb2a 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java
@@ -35,146 +35,146 @@ import java.util.Properties;
*
*/
public interface Access {
- // levels to use
- public enum Level {
- DEBUG(0x1), INFO(0x10), AUDIT(0x100), WARN(0x2000), ERROR(0x4000), INIT(0x8000),TRACE(0x10000),NONE(0XFFFF);
- private final int bit;
-
- Level(int ord) {
- bit = ord;
- }
-
- public boolean inMask(int mask) {
- return (mask & bit) == bit;
- }
-
- public int addToMask(int mask) {
- return mask | bit;
- }
-
- public int delFromMask(int mask) {
- return mask & ~bit;
- }
-
- public int toggle(int mask) {
- if(inMask(mask)) {
- return delFromMask(mask);
- } else {
- return addToMask(mask);
- }
- }
-
-
- public int maskOf() {
- int mask=0;
- for(Level l : values()) {
- if(ordinal()<=l.ordinal() && l!=NONE) {
- mask|=l.bit;
- }
- }
- return mask;
- }
- }
-
- /**
- * Write a variable list of Object's text via the toString() method with appropriate space, etc.
- * @param elements
- */
- public void log(Level level, Object ... elements);
-
- /**
- * Printf mechanism for Access
- * @param level
- * @param fmt
- * @param elements
- */
- public void printf(Level level, String fmt, Object ... elements);
-
- /**
- * Check if message will log before constructing
- * @param level
- * @return
- */
- public boolean willLog(Level level);
-
- /**
- * Write the contents of an exception, followed by a variable list of Object's text via the
- * toString() method with appropriate space, etc.
- *
- * The Loglevel is always "ERROR"
- *
- * @param elements
- */
- public void log(Exception e, Object ... elements);
-
- /**
- * Set the Level to compare logging too
- */
- public void setLogLevel(Level level);
-
- /**
- * It is important in some cases to create a class from within the same Classloader that created
- * Security Objects. Specifically, it's pretty typical for Web Containers to separate classloaders
- * so as to allow Apps with different dependencies.
- * @return
- */
- public ClassLoader classLoader();
-
- public String getProperty(String string, String def);
-
- public Properties getProperties();
-
- public void load(InputStream is) throws IOException;
-
- /**
- * if "anytext" is true, then decryption will always be attempted. Otherwise, only if starts with
- * Symm.ENC
- * @param encrypted
- * @param anytext
- * @return
- * @throws IOException
- */
- public String decrypt(String encrypted, boolean anytext) throws IOException;
-
- public static final Access NULL = new Access() {
- public void log(Level level, Object... elements) {
- }
-
- @Override
- public void printf(Level level, String fmt, Object... elements) {
- }
-
- public void log(Exception e, Object... elements) {
- }
-
- public ClassLoader classLoader() {
- return ClassLoader.getSystemClassLoader();
- }
-
- public String getProperty(String string, String def) {
- return null;
- }
-
- public void load(InputStream is) throws IOException {
- }
-
- public void setLogLevel(Level level) {
- }
-
- public String decrypt(String encrypted, boolean anytext) throws IOException {
- return encrypted;
- }
-
- @Override
- public boolean willLog(Level level) {
- return false;
- }
-
- @Override
- public Properties getProperties() {
- return new Properties();
- }
- };
+ // levels to use
+ public enum Level {
+ DEBUG(0x1), INFO(0x10), AUDIT(0x100), WARN(0x2000), ERROR(0x4000), INIT(0x8000),TRACE(0x10000),NONE(0XFFFF);
+ private final int bit;
+
+ Level(int ord) {
+ bit = ord;
+ }
+
+ public boolean inMask(int mask) {
+ return (mask & bit) == bit;
+ }
+
+ public int addToMask(int mask) {
+ return mask | bit;
+ }
+
+ public int delFromMask(int mask) {
+ return mask & ~bit;
+ }
+
+ public int toggle(int mask) {
+ if(inMask(mask)) {
+ return delFromMask(mask);
+ } else {
+ return addToMask(mask);
+ }
+ }
+
+
+ public int maskOf() {
+ int mask=0;
+ for(Level l : values()) {
+ if(ordinal()<=l.ordinal() && l!=NONE) {
+ mask|=l.bit;
+ }
+ }
+ return mask;
+ }
+ }
+
+ /**
+ * Write a variable list of Object's text via the toString() method with appropriate space, etc.
+ * @param elements
+ */
+ public void log(Level level, Object ... elements);
+
+ /**
+ * Printf mechanism for Access
+ * @param level
+ * @param fmt
+ * @param elements
+ */
+ public void printf(Level level, String fmt, Object ... elements);
+
+ /**
+ * Check if message will log before constructing
+ * @param level
+ * @return
+ */
+ public boolean willLog(Level level);
+
+ /**
+ * Write the contents of an exception, followed by a variable list of Object's text via the
+ * toString() method with appropriate space, etc.
+ *
+ * The Loglevel is always "ERROR"
+ *
+ * @param elements
+ */
+ public void log(Exception e, Object ... elements);
+
+ /**
+ * Set the Level to compare logging too
+ */
+ public void setLogLevel(Level level);
+
+ /**
+ * It is important in some cases to create a class from within the same Classloader that created
+ * Security Objects. Specifically, it's pretty typical for Web Containers to separate classloaders
+ * so as to allow Apps with different dependencies.
+ * @return
+ */
+ public ClassLoader classLoader();
+
+ public String getProperty(String string, String def);
+
+ public Properties getProperties();
+
+ public void load(InputStream is) throws IOException;
+
+ /**
+ * if "anytext" is true, then decryption will always be attempted. Otherwise, only if starts with
+ * Symm.ENC
+ * @param encrypted
+ * @param anytext
+ * @return
+ * @throws IOException
+ */
+ public String decrypt(String encrypted, boolean anytext) throws IOException;
+
+ public static final Access NULL = new Access() {
+ public void log(Level level, Object... elements) {
+ }
+
+ @Override
+ public void printf(Level level, String fmt, Object... elements) {
+ }
+
+ public void log(Exception e, Object... elements) {
+ }
+
+ public ClassLoader classLoader() {
+ return ClassLoader.getSystemClassLoader();
+ }
+
+ public String getProperty(String string, String def) {
+ return null;
+ }
+
+ public void load(InputStream is) throws IOException {
+ }
+
+ public void setLogLevel(Level level) {
+ }
+
+ public String decrypt(String encrypted, boolean anytext) throws IOException {
+ return encrypted;
+ }
+
+ @Override
+ public boolean willLog(Level level) {
+ return false;
+ }
+
+ @Override
+ public Properties getProperties() {
+ return new Properties();
+ }
+ };
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/BasicCred.java b/cadi/core/src/main/java/org/onap/aaf/cadi/BasicCred.java
index b80cda89..ebb41aba 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/BasicCred.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/BasicCred.java
@@ -30,7 +30,7 @@ package org.onap.aaf.cadi;
*
*/
public interface BasicCred extends GetCred {
- public void setUser(String user);
- public void setCred(byte[] passwd);
- public String getUser();
+ public void setUser(String user);
+ public void setCred(byte[] passwd);
+ public String getUser();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java b/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java
index 2df01cda..3f47351b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java
@@ -47,154 +47,154 @@ import javax.servlet.ServletInputStream;
*
*/
public class BufferedServletInputStream extends ServletInputStream {
- private static final int NONE = 0;
- private static final int STORE = 1;
- private static final int READ = 2;
-
- private InputStream is;
- private int state = NONE;
- private Capacitor capacitor;
-
- public BufferedServletInputStream(InputStream is) {
- this.is = is;
- capacitor = null;
- }
-
-
- public int read() throws IOException {
- int value=-1;
- if(capacitor==null) {
- value=is.read();
- } else {
- switch(state) {
- case STORE:
- value = is.read();
- if(value>=0) {
- capacitor.put((byte)value);
- }
- break;
- case READ:
- value = capacitor.read();
- if(value<0) {
- capacitor.done();
- capacitor=null; // all done with buffer
- value = is.read();
- }
- }
- }
- return value;
- }
-
- public int read(byte[] b) throws IOException {
- return read(b,0,b.length);
- }
-
-
- public int read(byte[] b, int off, int len) throws IOException {
- int count = -1;
- if(capacitor==null) {
- count = is.read(b,off,len);
- } else {
- switch(state) {
- case STORE:
- count = is.read(b, off, len);
- if(count>0) {
- capacitor.put(b, off, count);
- }
- break;
- case READ:
- count = capacitor.read(b, off, len);
- if(count<=0) {
- capacitor.done();
- capacitor=null; // all done with buffer
- }
- if(count<len) {
- int temp = is.read(b, count, len-count);
- if(temp>0) { // watch for -1
- count+=temp;
- } else if(count<=0) {
+ private static final int NONE = 0;
+ private static final int STORE = 1;
+ private static final int READ = 2;
+
+ private InputStream is;
+ private int state = NONE;
+ private Capacitor capacitor;
+
+ public BufferedServletInputStream(InputStream is) {
+ this.is = is;
+ capacitor = null;
+ }
+
+
+ public int read() throws IOException {
+ int value=-1;
+ if(capacitor==null) {
+ value=is.read();
+ } else {
+ switch(state) {
+ case STORE:
+ value = is.read();
+ if(value>=0) {
+ capacitor.put((byte)value);
+ }
+ break;
+ case READ:
+ value = capacitor.read();
+ if(value<0) {
+ capacitor.done();
+ capacitor=null; // all done with buffer
+ value = is.read();
+ }
+ }
+ }
+ return value;
+ }
+
+ public int read(byte[] b) throws IOException {
+ return read(b,0,b.length);
+ }
+
+
+ public int read(byte[] b, int off, int len) throws IOException {
+ int count = -1;
+ if(capacitor==null) {
+ count = is.read(b,off,len);
+ } else {
+ switch(state) {
+ case STORE:
+ count = is.read(b, off, len);
+ if(count>0) {
+ capacitor.put(b, off, count);
+ }
+ break;
+ case READ:
+ count = capacitor.read(b, off, len);
+ if(count<=0) {
+ capacitor.done();
+ capacitor=null; // all done with buffer
+ }
+ if(count<len) {
+ int temp = is.read(b, count, len-count);
+ if(temp>0) { // watch for -1
+ count+=temp;
+ } else if(count<=0) {
count = temp; // must account for Stream coming back -1
- }
- }
- break;
- }
- }
- return count;
- }
-
- public long skip(long n) throws IOException {
- long skipped = capacitor.skip(n);
- if(skipped<n) {
- skipped += is.skip(n-skipped);
- }
- return skipped;
- }
-
-
- public int available() throws IOException {
- int count = is.available();
- if(capacitor!=null)count+=capacitor.available();
- return count;
- }
-
- /**
- * Return just amount buffered (for debugging purposes, mostly)
- * @return
- */
- public int buffered() {
- return capacitor.available();
- }
-
-
- public void close() throws IOException {
- if(capacitor!=null) {
- capacitor.done();
- capacitor=null;
- }
- is.close();
- }
-
-
- /**
- * Note: Readlimit is ignored in this implementation, because the need was for unknown buffer size which wouldn't
- * require allocating and dumping huge chunks of memory every use, or risk overflow.
- */
- public synchronized void mark(int readlimit) {
- switch(state) {
- case NONE:
- capacitor = new Capacitor();
- break;
- case READ:
- capacitor.done();
- break;
- }
- state = STORE;
- }
-
-
- /**
- * Reset Stream
- *
- * Calling this twice is not supported in typical Stream situations, but it is allowed in this service. The caveat is that it can only reset
- * the data read in since Mark has been called. The data integrity is only valid if you have not continued to read past what is stored.
- *
- */
- public synchronized void reset() throws IOException {
- switch(state) {
- case STORE:
- capacitor.setForRead();
- state = READ;
- break;
- case READ:
- capacitor.reset();
- break;
- case NONE:
- throw new IOException("InputStream has not been marked");
- }
- }
-
-
- public boolean markSupported() {
- return true;
- }
+ }
+ }
+ break;
+ }
+ }
+ return count;
+ }
+
+ public long skip(long n) throws IOException {
+ long skipped = capacitor.skip(n);
+ if(skipped<n) {
+ skipped += is.skip(n-skipped);
+ }
+ return skipped;
+ }
+
+
+ public int available() throws IOException {
+ int count = is.available();
+ if(capacitor!=null)count+=capacitor.available();
+ return count;
+ }
+
+ /**
+ * Return just amount buffered (for debugging purposes, mostly)
+ * @return
+ */
+ public int buffered() {
+ return capacitor.available();
+ }
+
+
+ public void close() throws IOException {
+ if(capacitor!=null) {
+ capacitor.done();
+ capacitor=null;
+ }
+ is.close();
+ }
+
+
+ /**
+ * Note: Readlimit is ignored in this implementation, because the need was for unknown buffer size which wouldn't
+ * require allocating and dumping huge chunks of memory every use, or risk overflow.
+ */
+ public synchronized void mark(int readlimit) {
+ switch(state) {
+ case NONE:
+ capacitor = new Capacitor();
+ break;
+ case READ:
+ capacitor.done();
+ break;
+ }
+ state = STORE;
+ }
+
+
+ /**
+ * Reset Stream
+ *
+ * Calling this twice is not supported in typical Stream situations, but it is allowed in this service. The caveat is that it can only reset
+ * the data read in since Mark has been called. The data integrity is only valid if you have not continued to read past what is stored.
+ *
+ */
+ public synchronized void reset() throws IOException {
+ switch(state) {
+ case STORE:
+ capacitor.setForRead();
+ state = READ;
+ break;
+ case READ:
+ capacitor.reset();
+ break;
+ case NONE:
+ throw new IOException("InputStream has not been marked");
+ }
+ }
+
+
+ public boolean markSupported() {
+ return true;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CachedPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CachedPrincipal.java
index 2bb3db32..6f3fe126 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CachedPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CachedPrincipal.java
@@ -30,18 +30,18 @@ import java.security.Principal;
*
*/
public interface CachedPrincipal extends Principal {
- public enum Resp {NOT_MINE,UNVALIDATED,REVALIDATED,INACCESSIBLE,DENIED};
-
- /**
- * Re-validate with Creator
- *
- * @return
- */
- public abstract Resp revalidate(Object state);
-
- /**
- * Store when last updated.
- * @return
- */
- public abstract long expires();
+ public enum Resp {NOT_MINE,UNVALIDATED,REVALIDATED,INACCESSIBLE,DENIED};
+
+ /**
+ * Re-validate with Creator
+ *
+ * @return
+ */
+ public abstract Resp revalidate(Object state);
+
+ /**
+ * Store when last updated.
+ * @return
+ */
+ public abstract long expires();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CachingLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CachingLur.java
index e083f4ed..c790f39e 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CachingLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CachingLur.java
@@ -27,8 +27,8 @@ import org.onap.aaf.cadi.CachedPrincipal.Resp;
public interface CachingLur<PERM extends Permission> extends Lur {
- public abstract void remove(String user);
- public abstract Resp reload(User<PERM> user);
- public abstract void setDebug(String commaDelimIDsOrNull);
- public abstract void clear(Principal p, StringBuilder sb);
+ public abstract void remove(String user);
+ public abstract Resp reload(User<PERM> user);
+ public abstract void setDebug(String commaDelimIDsOrNull);
+ public abstract void clear(Principal p, StringBuilder sb);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CadiException.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CadiException.java
index 0f250b36..96a55f93 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CadiException.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CadiException.java
@@ -26,25 +26,25 @@ package org.onap.aaf.cadi;
* @author Jonathan
*/
public class CadiException extends Exception {
- /**
- * Generated ID
- */
- private static final long serialVersionUID = -4180145363107742619L;
+ /**
+ * Generated ID
+ */
+ private static final long serialVersionUID = -4180145363107742619L;
- public CadiException() {
- super();
- }
+ public CadiException() {
+ super();
+ }
- public CadiException(String message) {
- super(message);
- }
+ public CadiException(String message) {
+ super(message);
+ }
- public CadiException(Throwable cause) {
- super(cause);
- }
+ public CadiException(Throwable cause) {
+ super(cause);
+ }
- public CadiException(String message, Throwable cause) {
- super(message, cause);
- }
+ public CadiException(String message, Throwable cause) {
+ super(message, cause);
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java
index 6f4d5cc7..647cd8a6 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java
@@ -51,150 +51,150 @@ import org.onap.aaf.cadi.util.Timing;
*
*/
public class CadiWrap extends HttpServletRequestWrapper implements HttpServletRequest, BasicCred {
- private TaggedPrincipal principal;
- private Lur lur;
- private String user; // used to set user/pass from brain-dead protocols like WSSE
- private byte[] password;
- private PermConverter pconv;
- private Access access;
-
- /**
- * Standard Wrapper constructor for Delegate pattern
- * @param request
- */
- public CadiWrap(HttpServletRequest request, TafResp tafResp, Lur lur) {
- super(request);
- principal = tafResp.getPrincipal();
- access = tafResp.getAccess();
- this.lur = lur;
- pconv = NullPermConverter.singleton();
- }
-
- /**
- * Standard Wrapper constructor for Delegate pattern, with PermConverter
- * @param request
- */
- public CadiWrap(HttpServletRequest request, TafResp tafResp, Lur lur, PermConverter pc) {
- super(request);
- principal = tafResp.getPrincipal();
- access = tafResp.getAccess();
- this.lur = lur;
- pconv = pc;
- }
-
-
- /**
- * Part of the HTTP Security API. Declare the User associated with this HTTP Transaction.
- * CADI does this by reporting the name associated with the Principal obtained, if any.
- */
- @Override
- public String getRemoteUser() {
- return principal==null?null:principal.getName();
- }
-
- /**
- * Part of the HTTP Security API. Return the User Principal associated with this HTTP
- * Transaction.
- */
- @Override
- public Principal getUserPrincipal() {
- return principal;
- }
-
- /**
- * This is the key API call for AUTHZ in J2EE. Given a Role (String passed in), is the user
- * associated with this HTTP Transaction allowed to function in this Role?
- *
- * For CADI, we pass the responsibility for determining this to the "LUR", which may be
- * determined by the Enterprise.
- *
- * Note: Role check is also done in "CadiRealm" in certain cases...
- *
- *
- */
- @Override
- public boolean isUserInRole(String perm) {
- return perm==null?false:checkPerm(access,"isUserInRole",principal,pconv,lur,perm);
- }
-
- public static boolean checkPerm(Access access, String caller, Principal principal, PermConverter pconv, Lur lur, String perm) {
- if(principal== null) {
- access.log(Level.AUDIT,caller, "No Principal in Transaction");
- return false;
- } else {
- final long start = System.nanoTime();
- perm = pconv.convert(perm);
- if(lur.fish(principal,lur.createPerm(perm))) {
- access.printf(Level.DEBUG,"%s: %s has %s, %f ms", caller, principal.getName(), perm, Timing.millis(start));
- return true;
- } else {
- access.printf(Level.DEBUG,"%s: %s does not have %s, %f ms", caller, principal.getName(), perm, Timing.millis(start));
- return false;
- }
- }
-
- }
-
- /**
- * CADI Function (Non J2EE standard). GetPermissions will read the Permissions from AAF (if configured) and Roles from Local Lur, etc
- * as implemented with lur.fishAll
- *
- * To utilize, the Request must be a "CadiWrap" object, then call.
- */
- public List<Permission> getPermissions(Principal p) {
- List<Permission> perms = new ArrayList<>();
- lur.fishAll(p, perms);
- return perms;
- }
- /**
- * Allow setting of tafResp and lur after construction
- *
- * This can happen if the CadiWrap is constructed in a Valve other than CadiValve
- */
- public void set(TafResp tafResp, Lur lur) {
- principal = tafResp.getPrincipal();
- access = tafResp.getAccess();
- this.lur = lur;
- }
-
- public String getUser() {
- if(user==null && principal!=null) {
- user = principal.getName();
- }
- return user;
- }
-
- public byte[] getCred() {
- return password;
- }
-
- public void setUser(String user) {
- this.user = user;
- }
-
- public void setCred(byte[] passwd) {
- password = passwd;
- }
-
- public CadiWrap setPermConverter(PermConverter pc) {
- pconv = pc;
- return this;
- }
-
- // Add a feature
- public void invalidate(String id) {
- if(lur instanceof EpiLur) {
- ((EpiLur)lur).remove(id);
- } else if(lur instanceof CachingLur) {
- ((CachingLur<?>)lur).remove(id);
- }
- }
-
- public Lur getLur() {
- return lur;
- }
-
- public Access access() {
- return access;
- }
+ private TaggedPrincipal principal;
+ private Lur lur;
+ private String user; // used to set user/pass from brain-dead protocols like WSSE
+ private byte[] password;
+ private PermConverter pconv;
+ private Access access;
+
+ /**
+ * Standard Wrapper constructor for Delegate pattern
+ * @param request
+ */
+ public CadiWrap(HttpServletRequest request, TafResp tafResp, Lur lur) {
+ super(request);
+ principal = tafResp.getPrincipal();
+ access = tafResp.getAccess();
+ this.lur = lur;
+ pconv = NullPermConverter.singleton();
+ }
+
+ /**
+ * Standard Wrapper constructor for Delegate pattern, with PermConverter
+ * @param request
+ */
+ public CadiWrap(HttpServletRequest request, TafResp tafResp, Lur lur, PermConverter pc) {
+ super(request);
+ principal = tafResp.getPrincipal();
+ access = tafResp.getAccess();
+ this.lur = lur;
+ pconv = pc;
+ }
+
+
+ /**
+ * Part of the HTTP Security API. Declare the User associated with this HTTP Transaction.
+ * CADI does this by reporting the name associated with the Principal obtained, if any.
+ */
+ @Override
+ public String getRemoteUser() {
+ return principal==null?null:principal.getName();
+ }
+
+ /**
+ * Part of the HTTP Security API. Return the User Principal associated with this HTTP
+ * Transaction.
+ */
+ @Override
+ public Principal getUserPrincipal() {
+ return principal;
+ }
+
+ /**
+ * This is the key API call for AUTHZ in J2EE. Given a Role (String passed in), is the user
+ * associated with this HTTP Transaction allowed to function in this Role?
+ *
+ * For CADI, we pass the responsibility for determining this to the "LUR", which may be
+ * determined by the Enterprise.
+ *
+ * Note: Role check is also done in "CadiRealm" in certain cases...
+ *
+ *
+ */
+ @Override
+ public boolean isUserInRole(String perm) {
+ return perm==null?false:checkPerm(access,"isUserInRole",principal,pconv,lur,perm);
+ }
+
+ public static boolean checkPerm(Access access, String caller, Principal principal, PermConverter pconv, Lur lur, String perm) {
+ if(principal== null) {
+ access.log(Level.AUDIT,caller, "No Principal in Transaction");
+ return false;
+ } else {
+ final long start = System.nanoTime();
+ perm = pconv.convert(perm);
+ if(lur.fish(principal,lur.createPerm(perm))) {
+ access.printf(Level.DEBUG,"%s: %s has %s, %f ms", caller, principal.getName(), perm, Timing.millis(start));
+ return true;
+ } else {
+ access.printf(Level.DEBUG,"%s: %s does not have %s, %f ms", caller, principal.getName(), perm, Timing.millis(start));
+ return false;
+ }
+ }
+
+ }
+
+ /**
+ * CADI Function (Non J2EE standard). GetPermissions will read the Permissions from AAF (if configured) and Roles from Local Lur, etc
+ * as implemented with lur.fishAll
+ *
+ * To utilize, the Request must be a "CadiWrap" object, then call.
+ */
+ public List<Permission> getPermissions(Principal p) {
+ List<Permission> perms = new ArrayList<>();
+ lur.fishAll(p, perms);
+ return perms;
+ }
+ /**
+ * Allow setting of tafResp and lur after construction
+ *
+ * This can happen if the CadiWrap is constructed in a Valve other than CadiValve
+ */
+ public void set(TafResp tafResp, Lur lur) {
+ principal = tafResp.getPrincipal();
+ access = tafResp.getAccess();
+ this.lur = lur;
+ }
+
+ public String getUser() {
+ if(user==null && principal!=null) {
+ user = principal.getName();
+ }
+ return user;
+ }
+
+ public byte[] getCred() {
+ return password;
+ }
+
+ public void setUser(String user) {
+ this.user = user;
+ }
+
+ public void setCred(byte[] passwd) {
+ password = passwd;
+ }
+
+ public CadiWrap setPermConverter(PermConverter pc) {
+ pconv = pc;
+ return this;
+ }
+
+ // Add a feature
+ public void invalidate(String id) {
+ if(lur instanceof EpiLur) {
+ ((EpiLur)lur).remove(id);
+ } else if(lur instanceof CachingLur) {
+ ((CachingLur<?>)lur).remove(id);
+ }
+ }
+
+ public Lur getLur() {
+ return lur;
+ }
+
+ public Access access() {
+ return access;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java
index 935e4f14..5ca1ce30 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java
@@ -35,207 +35,207 @@ import java.util.ArrayList;
*
*/
public class Capacitor {
- private static final int DEFAULT_CHUNK = 256;
- private ArrayList<ByteBuffer> bbs = new ArrayList<>();
- private ByteBuffer curr = null;
- private int idx;
-
- // Maintain a private RingBuffer for Memory, for efficiency
- private static ByteBuffer[] ring = new ByteBuffer[16];
- private static int start, end;
-
-
- public void put(byte b) {
- if(curr == null || curr.remaining()==0) { // ensure we have a "curr" buffer ready for data
- curr = ringGet();
- bbs.add(curr);
- }
- curr.put(b);
- }
+ private static final int DEFAULT_CHUNK = 256;
+ private ArrayList<ByteBuffer> bbs = new ArrayList<>();
+ private ByteBuffer curr = null;
+ private int idx;
+
+ // Maintain a private RingBuffer for Memory, for efficiency
+ private static ByteBuffer[] ring = new ByteBuffer[16];
+ private static int start, end;
+
+
+ public void put(byte b) {
+ if(curr == null || curr.remaining()==0) { // ensure we have a "curr" buffer ready for data
+ curr = ringGet();
+ bbs.add(curr);
+ }
+ curr.put(b);
+ }
- public int read() {
- if(curr!=null) {
- if(curr.remaining()>0) { // have a buffer, use it!
- return curr.get();
- } else if(idx<bbs.size()){ // Buffer not enough, get next one from array
- curr=bbs.get(idx++);
- return curr.get();
- }
- } // if no curr buffer, treat as end of stream
- return -1;
- }
-
- /**
- * read into an array like Streams
- *
- * @param array
- * @param offset
- * @param length
- * @return
- */
- public int read(byte[] array, int offset, int length) {
- if(curr==null)return -1;
- int len;
- int count=0;
- while(length>0) { // loop through while there's data needed
- if((len=curr.remaining())>length) { // if enough data in curr buffer, use this code
- curr.get(array,offset,length);
- count+=length;
- length=0;
- } else { // get data from curr, mark how much is needed to fulfil, and loop for next curr.
- curr.get(array,offset,len);
- count+=len;
- offset+=len;
- length-=len;
- if(idx<bbs.size()) {
- curr=bbs.get(idx++);
- } else {
- length=0; // stop, and return the count of how many we were able to load
- }
- }
- }
- return count;
- }
+ public int read() {
+ if(curr!=null) {
+ if(curr.remaining()>0) { // have a buffer, use it!
+ return curr.get();
+ } else if(idx<bbs.size()){ // Buffer not enough, get next one from array
+ curr=bbs.get(idx++);
+ return curr.get();
+ }
+ } // if no curr buffer, treat as end of stream
+ return -1;
+ }
+
+ /**
+ * read into an array like Streams
+ *
+ * @param array
+ * @param offset
+ * @param length
+ * @return
+ */
+ public int read(byte[] array, int offset, int length) {
+ if(curr==null)return -1;
+ int len;
+ int count=0;
+ while(length>0) { // loop through while there's data needed
+ if((len=curr.remaining())>length) { // if enough data in curr buffer, use this code
+ curr.get(array,offset,length);
+ count+=length;
+ length=0;
+ } else { // get data from curr, mark how much is needed to fulfil, and loop for next curr.
+ curr.get(array,offset,len);
+ count+=len;
+ offset+=len;
+ length-=len;
+ if(idx<bbs.size()) {
+ curr=bbs.get(idx++);
+ } else {
+ length=0; // stop, and return the count of how many we were able to load
+ }
+ }
+ }
+ return count;
+ }
- /**
- * Put an array of data into Capacitor
- *
- * @param array
- * @param offset
- * @param length
- */
- public void put(byte[] array, int offset, int length) {
- if(curr == null || curr.remaining()==0) {
- curr = ringGet();
- bbs.add(curr);
- }
-
- int len;
- while(length>0) {
- if((len=curr.remaining())>length) {
- curr.put(array,offset,length);
- length=0;
- } else {
-// System.out.println(new String(array));
- curr.put(array,offset,len);
- length-=len;
- offset+=len;
- curr = ringGet();
- bbs.add(curr);
- }
- }
- }
-
- /**
- * Move state from Storage mode into Read mode, changing all internal buffers to read mode, etc
- */
- public void setForRead() {
- for(ByteBuffer bb : bbs) {
- bb.flip();
- }
- if(bbs.isEmpty()) {
- curr = null;
- idx = 0;
- } else {
- curr=bbs.get(0);
- idx=1;
- }
- }
-
- /**
- * reuse all the buffers
- */
- public void done() {
- for(ByteBuffer bb : bbs) {
- ringPut(bb);
- }
- bbs.clear();
- curr = null;
- }
-
- /**
- * Declare amount of data available to be read at once.
- *
- * @return
- */
- public int available() {
- int count = 0;
- for(ByteBuffer bb : bbs) {
- count+=bb.remaining();
- }
- return count;
- }
-
- /**
- * Returns how many are left that were not skipped
- * @param n
- * @return
- */
- public long skip(long n) {
- long skipped=0L;
- int skip;
- if(curr==null) {
- return 0;
- }
- while(n>0) {
- if(n<(skip=curr.remaining())) {
- curr.position(curr.position()+(int)n);
- skipped+=skip;
- n=0;
- } else {
- curr.position(curr.limit());
-
- skipped-=skip;
- if(idx<bbs.size()) {
- curr=bbs.get(idx++);
- n-=skip;
- } else {
- n=0;
- }
- }
- }
- return skipped > 0 ? skipped : 0;
- }
- /**
- * Be able to re-read data that is stored that has already been re-read. This is not a standard Stream behavior, but can be useful
- * in a standalone mode.
- */
- public void reset() {
- for(ByteBuffer bb : bbs) {
- bb.position(0);
- }
- if(bbs.isEmpty()) {
- curr = null;
- idx = 0;
- } else {
- curr=bbs.get(0);
- idx=1;
- }
- }
+ /**
+ * Put an array of data into Capacitor
+ *
+ * @param array
+ * @param offset
+ * @param length
+ */
+ public void put(byte[] array, int offset, int length) {
+ if(curr == null || curr.remaining()==0) {
+ curr = ringGet();
+ bbs.add(curr);
+ }
+
+ int len;
+ while(length>0) {
+ if((len=curr.remaining())>length) {
+ curr.put(array,offset,length);
+ length=0;
+ } else {
+// System.out.println(new String(array));
+ curr.put(array,offset,len);
+ length-=len;
+ offset+=len;
+ curr = ringGet();
+ bbs.add(curr);
+ }
+ }
+ }
+
+ /**
+ * Move state from Storage mode into Read mode, changing all internal buffers to read mode, etc
+ */
+ public void setForRead() {
+ for(ByteBuffer bb : bbs) {
+ bb.flip();
+ }
+ if(bbs.isEmpty()) {
+ curr = null;
+ idx = 0;
+ } else {
+ curr=bbs.get(0);
+ idx=1;
+ }
+ }
+
+ /**
+ * reuse all the buffers
+ */
+ public void done() {
+ for(ByteBuffer bb : bbs) {
+ ringPut(bb);
+ }
+ bbs.clear();
+ curr = null;
+ }
+
+ /**
+ * Declare amount of data available to be read at once.
+ *
+ * @return
+ */
+ public int available() {
+ int count = 0;
+ for(ByteBuffer bb : bbs) {
+ count+=bb.remaining();
+ }
+ return count;
+ }
+
+ /**
+ * Returns how many are left that were not skipped
+ * @param n
+ * @return
+ */
+ public long skip(long n) {
+ long skipped=0L;
+ int skip;
+ if(curr==null) {
+ return 0;
+ }
+ while(n>0) {
+ if(n<(skip=curr.remaining())) {
+ curr.position(curr.position()+(int)n);
+ skipped+=skip;
+ n=0;
+ } else {
+ curr.position(curr.limit());
+
+ skipped-=skip;
+ if(idx<bbs.size()) {
+ curr=bbs.get(idx++);
+ n-=skip;
+ } else {
+ n=0;
+ }
+ }
+ }
+ return skipped > 0 ? skipped : 0;
+ }
+ /**
+ * Be able to re-read data that is stored that has already been re-read. This is not a standard Stream behavior, but can be useful
+ * in a standalone mode.
+ */
+ public void reset() {
+ for(ByteBuffer bb : bbs) {
+ bb.position(0);
+ }
+ if(bbs.isEmpty()) {
+ curr = null;
+ idx = 0;
+ } else {
+ curr=bbs.get(0);
+ idx=1;
+ }
+ }
- /*
- * Ring Functions. Reuse allocated memory
- */
- private ByteBuffer ringGet() {
- ByteBuffer bb = null;
- synchronized(ring) {
- bb=ring[start];
- ring[start]=null;
- if(bb!=null && ++start>15)start=0;
- }
- if(bb==null) {
- bb=ByteBuffer.allocate(DEFAULT_CHUNK);
- } else {
- bb.clear();// refresh reused buffer
- }
- return bb;
- }
-
- private void ringPut(ByteBuffer bb) {
- synchronized(ring) {
- ring[end]=bb; // if null or not, BB will just be Garbage collected
- if(++end>15)end=0;
- }
- }
+ /*
+ * Ring Functions. Reuse allocated memory
+ */
+ private ByteBuffer ringGet() {
+ ByteBuffer bb = null;
+ synchronized(ring) {
+ bb=ring[start];
+ ring[start]=null;
+ if(bb!=null && ++start>15)start=0;
+ }
+ if(bb==null) {
+ bb=ByteBuffer.allocate(DEFAULT_CHUNK);
+ } else {
+ bb.clear();// refresh reused buffer
+ }
+ return bb;
+ }
+
+ private void ringPut(ByteBuffer bb) {
+ synchronized(ring) {
+ ring[end]=bb; // if null or not, BB will just be Garbage collected
+ if(++end>15)end=0;
+ }
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java
index 9444cfac..7ca9fac2 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java
@@ -43,313 +43,313 @@ import org.onap.aaf.cadi.util.JsonOutputStream;
*/
public class CmdLine {
- private static boolean systemExit = true;
- /**
- * @param args
- */
- public static void main(String[] args) {
- if(args.length>0) {
- if("digest".equalsIgnoreCase(args[0]) && (args.length>2 || (args.length>1 && System.console()!=null))) {
- String keyfile;
- String password;
- if(args.length>2) {
- password = args[1];
- keyfile = args[2];
- if("-i".equals(password)) {
- int c;
- StringBuilder sb = new StringBuilder();
- try {
- while((c=System.in.read())>=0) {
- sb.append((char)c);
- }
- } catch (IOException e) {
- e.printStackTrace();
- }
- password = sb.toString();
- }
- } else {
- keyfile = args[1];
- password = new String(System.console().readPassword("Type here (keystrokes hidden): "));
- }
+ private static boolean systemExit = true;
+ /**
+ * @param args
+ */
+ public static void main(String[] args) {
+ if(args.length>0) {
+ if("digest".equalsIgnoreCase(args[0]) && (args.length>2 || (args.length>1 && System.console()!=null))) {
+ String keyfile;
+ String password;
+ if(args.length>2) {
+ password = args[1];
+ keyfile = args[2];
+ if("-i".equals(password)) {
+ int c;
+ StringBuilder sb = new StringBuilder();
+ try {
+ while((c=System.in.read())>=0) {
+ sb.append((char)c);
+ }
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ password = sb.toString();
+ }
+ } else {
+ keyfile = args[1];
+ password = new String(System.console().readPassword("Type here (keystrokes hidden): "));
+ }
- try {
- Symm symm;
- FileInputStream fis = new FileInputStream(keyfile);
- try {
- symm = Symm.obtain(fis);
- } finally {
- fis.close();
- }
- symm.enpass(password, System.out);
- System.out.println();
- System.out.flush();
- return;
- /* testing code... don't want it exposed
- System.out.println(" ******** Testing *********");
- for(int i=0;i<100000;++i) {
- System.out.println(args[1]);
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- b64.enpass(args[1], baos);
- String pass;
- System.out.println(pass=new String(baos.toByteArray()));
- ByteArrayOutputStream reconstituted = new ByteArrayOutputStream();
- b64.depass(pass, reconstituted);
- String r = reconstituted.toString();
- System.out.println(r);
- if(!r.equals(args[1])) {
- System.err.println("!!!!! STOP - ERROR !!!!!");
- return;
- }
- System.out.println();
- }
- System.out.flush();
- */
-
- } catch (IOException e) {
- System.err.println("Cannot digest password");
- System.err.println(" \""+ e.getMessage() + '"');
- }
+ try {
+ Symm symm;
+ FileInputStream fis = new FileInputStream(keyfile);
+ try {
+ symm = Symm.obtain(fis);
+ } finally {
+ fis.close();
+ }
+ symm.enpass(password, System.out);
+ System.out.println();
+ System.out.flush();
+ return;
+ /* testing code... don't want it exposed
+ System.out.println(" ******** Testing *********");
+ for(int i=0;i<100000;++i) {
+ System.out.println(args[1]);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ b64.enpass(args[1], baos);
+ String pass;
+ System.out.println(pass=new String(baos.toByteArray()));
+ ByteArrayOutputStream reconstituted = new ByteArrayOutputStream();
+ b64.depass(pass, reconstituted);
+ String r = reconstituted.toString();
+ System.out.println(r);
+ if(!r.equals(args[1])) {
+ System.err.println("!!!!! STOP - ERROR !!!!!");
+ return;
+ }
+ System.out.println();
+ }
+ System.out.flush();
+ */
+
+ } catch (IOException e) {
+ System.err.println("Cannot digest password");
+ System.err.println(" \""+ e.getMessage() + '"');
+ }
// DO NOT LEAVE THIS METHOD Compiled IN CODE... Do not want looking at passwords on disk too easy
// Jonathan. Oh, well, Deployment services need this behavior. I will put this code in, but leave it undocumented.
// One still needs access to the keyfile to read.
// July 2016 - thought of a tool "CMPass" to regurgitate from properties, but only if allowed.
- } else if("regurgitate".equalsIgnoreCase(args[0]) && args.length>2) {
- try {
- Symm symm;
- FileInputStream fis = new FileInputStream(args[2]);
- try {
- symm = Symm.obtain(fis);
- } finally {
- fis.close();
- }
- boolean isFile = false;
- if("-i".equals(args[1]) || (isFile="-f".equals(args[1]))) {
- BufferedReader br;
- if(isFile) {
- if(args.length<4) {
- System.err.println("Filename in 4th position");
- return;
- }
- br = new BufferedReader(new FileReader(args[3]));
- } else {
- br = new BufferedReader(new InputStreamReader(System.in));
- }
- try {
- String line;
- boolean cont = false;
- StringBuffer sb = new StringBuffer();
- JsonOutputStream jw = new JsonOutputStream(System.out);
- while((line=br.readLine())!=null) {
- if(cont) {
- int end;
- if((end=line.indexOf('"'))>=0) {
- sb.append(line,0,end);
- cont=false;
- } else {
- sb.append(line);
- }
- } else {
- int idx;
- if((idx = line.indexOf(' '))>=0
- && (idx = line.indexOf(' ',++idx))>0
- && (idx = line.indexOf('=',++idx))>0
- ) {
- System.out.println(line.substring(0, idx-5));
- int start = idx+2;
- int end;
- if((end=line.indexOf('"',start))<0) {
- end = line.length();
- cont = true;
- }
- sb.append(line,start,end);
- }
- }
- if(sb.length()>0) {
- symm.depass(sb.toString(),jw);
- if(!cont) {
- System.out.println();
- }
- }
- System.out.flush();
- sb.setLength(0);
- if(!cont) {
- jw.resetIndent();
- }
- }
- } finally {
- if(isFile) {
- br.close();
- }
- }
- } else {
- symm.depass(args[1], System.out);
- }
- System.out.println();
- System.out.flush();
- return;
- } catch (IOException e) {
- System.err.println("Cannot regurgitate password");
- System.err.println(" \""+ e.getMessage() + '"');
- }
- } else if("encode64".equalsIgnoreCase(args[0]) && args.length>1) {
- try {
- Symm.base64.encode(args[1], System.out);
- System.out.println();
- System.out.flush();
- return;
- } catch (IOException e) {
- System.err.println("Cannot encode Base64 with " + args[1]);
- System.err.println(" \""+ e.getMessage() + '"');
- }
- } else if("decode64".equalsIgnoreCase(args[0]) && args.length>1) {
- try {
- Symm.base64.decode(args[1], System.out);
- System.out.println();
- System.out.flush();
- return;
- } catch (IOException e) {
- System.err.println("Cannot decode Base64 text from " + args[1]);
- System.err.println(" \""+ e.getMessage() + '"');
- }
- } else if("encode64url".equalsIgnoreCase(args[0]) && args.length>1) {
- try {
- Symm.base64url.encode(args[1], System.out);
- System.out.println();
- System.out.flush();
- return;
- } catch (IOException e) {
- System.err.println("Cannot encode Base64url with " + args[1]);
- System.err.println(" \""+ e.getMessage() + '"');
- }
- } else if("decode64url".equalsIgnoreCase(args[0]) && args.length>1) {
- try {
- Symm.base64url.decode(args[1], System.out);
- System.out.println();
- System.out.flush();
- return;
- } catch (IOException e) {
- System.err.println("Cannot decode Base64url text from " + args[1]);
- System.err.println(" \""+ e.getMessage() + '"');
- }
- } else if("md5".equalsIgnoreCase(args[0]) && args.length>1) {
- try {
- System.out.println(Hash.hashMD5asStringHex(args[1]));
- System.out.flush();
- } catch (NoSuchAlgorithmException e) {
- System.err.println("Cannot hash MD5 from " + args[1]);
- System.err.println(" \""+ e.getMessage() + '"');
- }
- return;
- } else if("sha256".equalsIgnoreCase(args[0]) && args.length>1) {
- try {
- if(args.length>2) {
- int max = args.length>7?7:args.length;
- for(int i=2;i<max;++i) {
- int salt = Integer.parseInt(args[i]);
- System.out.println(Hash.hashSHA256asStringHex(args[1],salt));
- }
- } else {
- System.out.println(Hash.hashSHA256asStringHex(args[1]));
- }
- } catch (NoSuchAlgorithmException e) {
- System.err.println("Cannot hash SHA256 text from " + args[1]);
- System.err.println(" \""+ e.getMessage() + '"');
- }
- System.out.flush();
- return;
- } else if("keygen".equalsIgnoreCase(args[0])) {
- try {
- if(args.length>1) {
- File f = new File(args[1]);
- FileOutputStream fos = new FileOutputStream(f);
- try {
- fos.write(Symm.keygen());
- fos.flush();
- } finally {
- fos.close();
- Chmod.to400.chmod(f);
- }
- } else {
- // create a Symmetric Key out of same characters found in base64
- System.out.write(Symm.keygen());
- System.out.flush();
- }
- return;
- } catch (IOException e) {
- System.err.println("Cannot create a key " + args[0]);
- System.err.println(" \""+ e.getMessage() + '"');
- }
-
- } else if("passgen".equalsIgnoreCase(args[0])) {
- int numDigits;
- if(args.length <= 1) {
- numDigits = 24;
- } else {
- numDigits = Integer.parseInt(args[1]);
- if(numDigits<8)numDigits = 8;
- }
- String pass;
- boolean noLower,noUpper,noDigits,noSpecial,repeatingChars,missingChars;
- do {
- pass = Symm.randomGen(numDigits);
- missingChars=noLower=noUpper=noDigits=noSpecial=true;
- repeatingChars=false;
- int c=-1,last;
- for(int i=0;i<numDigits;++i) {
- last = c;
- c = pass.charAt(i);
- if(c==last) {
- repeatingChars=true;
- break;
- }
- if(noLower) {
- noLower=!(c>=0x61 && c<=0x7A);
- }
- if(noUpper) {
- noUpper=!(c>=0x41 && c<=0x5A);
- }
- if(noDigits) {
- noDigits=!(c>=0x30 && c<=0x39);
- }
- if(noSpecial) {
- noSpecial = "+!@#$%^&*(){}[]?:;,.".indexOf(c)<0;
- }
-
- missingChars = (noLower || noUpper || noDigits || noSpecial);
- }
- } while(missingChars || repeatingChars);
- System.out.println(pass.substring(0,numDigits));
- } else if("urlgen".equalsIgnoreCase(args[0])) {
- int numDigits;
- if(args.length <= 1) {
- numDigits = 24;
- } else {
- numDigits = Integer.parseInt(args[1]);
- }
- System.out.println(Symm.randomGen(Symm.base64url.codeset, numDigits).substring(0,numDigits));
- }
- } else {
- System.out.println("Usage: java -jar <this jar> ...");
- System.out.println(" keygen [<keyfile>] (Generates Key on file, or Std Out)");
- System.out.println(" digest [<passwd>|-i|] <keyfile> (Encrypts Password with \"keyfile\"");
- System.out.println(" if passwd = -i, will read StdIn");
- System.out.println(" if passwd is blank, will ask securely)");
- System.out.println(" passgen <digits> (Generate Password of given size)");
- System.out.println(" urlgen <digits> (Generate URL field of given size)");
- System.out.println(" encode64 <your text> (Encodes to Base64)");
- System.out.println(" decode64 <base64 encoded text> (Decodes from Base64)");
- System.out.println(" encode64url <your text> (Encodes to Base64 URL charset)");
- System.out.println(" decode64url <base64url encoded text> (Decodes from Base64 URL charset)");
- System.out.println(" sha256 <text> <salts(s)> (Digest String into SHA256 Hash)");
- System.out.println(" md5 <text> (Digest String into MD5 Hash)");
- }
- if (systemExit) {
- System.exit(1);
- }
- }
-
- public static void setSystemExit(boolean shouldExit) {
- systemExit = shouldExit;
- }
-
+ } else if("regurgitate".equalsIgnoreCase(args[0]) && args.length>2) {
+ try {
+ Symm symm;
+ FileInputStream fis = new FileInputStream(args[2]);
+ try {
+ symm = Symm.obtain(fis);
+ } finally {
+ fis.close();
+ }
+ boolean isFile = false;
+ if("-i".equals(args[1]) || (isFile="-f".equals(args[1]))) {
+ BufferedReader br;
+ if(isFile) {
+ if(args.length<4) {
+ System.err.println("Filename in 4th position");
+ return;
+ }
+ br = new BufferedReader(new FileReader(args[3]));
+ } else {
+ br = new BufferedReader(new InputStreamReader(System.in));
+ }
+ try {
+ String line;
+ boolean cont = false;
+ StringBuffer sb = new StringBuffer();
+ JsonOutputStream jw = new JsonOutputStream(System.out);
+ while((line=br.readLine())!=null) {
+ if(cont) {
+ int end;
+ if((end=line.indexOf('"'))>=0) {
+ sb.append(line,0,end);
+ cont=false;
+ } else {
+ sb.append(line);
+ }
+ } else {
+ int idx;
+ if((idx = line.indexOf(' '))>=0
+ && (idx = line.indexOf(' ',++idx))>0
+ && (idx = line.indexOf('=',++idx))>0
+ ) {
+ System.out.println(line.substring(0, idx-5));
+ int start = idx+2;
+ int end;
+ if((end=line.indexOf('"',start))<0) {
+ end = line.length();
+ cont = true;
+ }
+ sb.append(line,start,end);
+ }
+ }
+ if(sb.length()>0) {
+ symm.depass(sb.toString(),jw);
+ if(!cont) {
+ System.out.println();
+ }
+ }
+ System.out.flush();
+ sb.setLength(0);
+ if(!cont) {
+ jw.resetIndent();
+ }
+ }
+ } finally {
+ if(isFile) {
+ br.close();
+ }
+ }
+ } else {
+ symm.depass(args[1], System.out);
+ }
+ System.out.println();
+ System.out.flush();
+ return;
+ } catch (IOException e) {
+ System.err.println("Cannot regurgitate password");
+ System.err.println(" \""+ e.getMessage() + '"');
+ }
+ } else if("encode64".equalsIgnoreCase(args[0]) && args.length>1) {
+ try {
+ Symm.base64.encode(args[1], System.out);
+ System.out.println();
+ System.out.flush();
+ return;
+ } catch (IOException e) {
+ System.err.println("Cannot encode Base64 with " + args[1]);
+ System.err.println(" \""+ e.getMessage() + '"');
+ }
+ } else if("decode64".equalsIgnoreCase(args[0]) && args.length>1) {
+ try {
+ Symm.base64.decode(args[1], System.out);
+ System.out.println();
+ System.out.flush();
+ return;
+ } catch (IOException e) {
+ System.err.println("Cannot decode Base64 text from " + args[1]);
+ System.err.println(" \""+ e.getMessage() + '"');
+ }
+ } else if("encode64url".equalsIgnoreCase(args[0]) && args.length>1) {
+ try {
+ Symm.base64url.encode(args[1], System.out);
+ System.out.println();
+ System.out.flush();
+ return;
+ } catch (IOException e) {
+ System.err.println("Cannot encode Base64url with " + args[1]);
+ System.err.println(" \""+ e.getMessage() + '"');
+ }
+ } else if("decode64url".equalsIgnoreCase(args[0]) && args.length>1) {
+ try {
+ Symm.base64url.decode(args[1], System.out);
+ System.out.println();
+ System.out.flush();
+ return;
+ } catch (IOException e) {
+ System.err.println("Cannot decode Base64url text from " + args[1]);
+ System.err.println(" \""+ e.getMessage() + '"');
+ }
+ } else if("md5".equalsIgnoreCase(args[0]) && args.length>1) {
+ try {
+ System.out.println(Hash.hashMD5asStringHex(args[1]));
+ System.out.flush();
+ } catch (NoSuchAlgorithmException e) {
+ System.err.println("Cannot hash MD5 from " + args[1]);
+ System.err.println(" \""+ e.getMessage() + '"');
+ }
+ return;
+ } else if("sha256".equalsIgnoreCase(args[0]) && args.length>1) {
+ try {
+ if(args.length>2) {
+ int max = args.length>7?7:args.length;
+ for(int i=2;i<max;++i) {
+ int salt = Integer.parseInt(args[i]);
+ System.out.println(Hash.hashSHA256asStringHex(args[1],salt));
+ }
+ } else {
+ System.out.println(Hash.hashSHA256asStringHex(args[1]));
+ }
+ } catch (NoSuchAlgorithmException e) {
+ System.err.println("Cannot hash SHA256 text from " + args[1]);
+ System.err.println(" \""+ e.getMessage() + '"');
+ }
+ System.out.flush();
+ return;
+ } else if("keygen".equalsIgnoreCase(args[0])) {
+ try {
+ if(args.length>1) {
+ File f = new File(args[1]);
+ FileOutputStream fos = new FileOutputStream(f);
+ try {
+ fos.write(Symm.keygen());
+ fos.flush();
+ } finally {
+ fos.close();
+ Chmod.to400.chmod(f);
+ }
+ } else {
+ // create a Symmetric Key out of same characters found in base64
+ System.out.write(Symm.keygen());
+ System.out.flush();
+ }
+ return;
+ } catch (IOException e) {
+ System.err.println("Cannot create a key " + args[0]);
+ System.err.println(" \""+ e.getMessage() + '"');
+ }
+
+ } else if("passgen".equalsIgnoreCase(args[0])) {
+ int numDigits;
+ if(args.length <= 1) {
+ numDigits = 24;
+ } else {
+ numDigits = Integer.parseInt(args[1]);
+ if(numDigits<8)numDigits = 8;
+ }
+ String pass;
+ boolean noLower,noUpper,noDigits,noSpecial,repeatingChars,missingChars;
+ do {
+ pass = Symm.randomGen(numDigits);
+ missingChars=noLower=noUpper=noDigits=noSpecial=true;
+ repeatingChars=false;
+ int c=-1,last;
+ for(int i=0;i<numDigits;++i) {
+ last = c;
+ c = pass.charAt(i);
+ if(c==last) {
+ repeatingChars=true;
+ break;
+ }
+ if(noLower) {
+ noLower=!(c>=0x61 && c<=0x7A);
+ }
+ if(noUpper) {
+ noUpper=!(c>=0x41 && c<=0x5A);
+ }
+ if(noDigits) {
+ noDigits=!(c>=0x30 && c<=0x39);
+ }
+ if(noSpecial) {
+ noSpecial = "+!@#$%^&*(){}[]?:;,.".indexOf(c)<0;
+ }
+
+ missingChars = (noLower || noUpper || noDigits || noSpecial);
+ }
+ } while(missingChars || repeatingChars);
+ System.out.println(pass.substring(0,numDigits));
+ } else if("urlgen".equalsIgnoreCase(args[0])) {
+ int numDigits;
+ if(args.length <= 1) {
+ numDigits = 24;
+ } else {
+ numDigits = Integer.parseInt(args[1]);
+ }
+ System.out.println(Symm.randomGen(Symm.base64url.codeset, numDigits).substring(0,numDigits));
+ }
+ } else {
+ System.out.println("Usage: java -jar <this jar> ...");
+ System.out.println(" keygen [<keyfile>] (Generates Key on file, or Std Out)");
+ System.out.println(" digest [<passwd>|-i|] <keyfile> (Encrypts Password with \"keyfile\"");
+ System.out.println(" if passwd = -i, will read StdIn");
+ System.out.println(" if passwd is blank, will ask securely)");
+ System.out.println(" passgen <digits> (Generate Password of given size)");
+ System.out.println(" urlgen <digits> (Generate URL field of given size)");
+ System.out.println(" encode64 <your text> (Encodes to Base64)");
+ System.out.println(" decode64 <base64 encoded text> (Decodes from Base64)");
+ System.out.println(" encode64url <your text> (Encodes to Base64 URL charset)");
+ System.out.println(" decode64url <base64url encoded text> (Decodes from Base64 URL charset)");
+ System.out.println(" sha256 <text> <salts(s)> (Digest String into SHA256 Hash)");
+ System.out.println(" md5 <text> (Digest String into MD5 Hash)");
+ }
+ if (systemExit) {
+ System.exit(1);
+ }
+ }
+
+ public static void setSystemExit(boolean shouldExit) {
+ systemExit = shouldExit;
+ }
+
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Connector.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Connector.java
index 7f47ce78..f88c3fbe 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Connector.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Connector.java
@@ -22,5 +22,5 @@
package org.onap.aaf.cadi;
public interface Connector {
- public Lur newLur() throws CadiException;
+ public Lur newLur() throws CadiException;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CredVal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CredVal.java
index 4e42a5fb..6019f551 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CredVal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CredVal.java
@@ -31,12 +31,12 @@ package org.onap.aaf.cadi;
* @author Jonathan
*/
public interface CredVal {
- public enum Type{PASSWORD};
- /**
- * Validate if the User/Password combination matches records
- * @param user
- * @param pass
- * @return
- */
- public boolean validate(String user, Type type, byte[] cred, Object state);
+ public enum Type{PASSWORD};
+ /**
+ * Validate if the User/Password combination matches records
+ * @param user
+ * @param pass
+ * @return
+ */
+ public boolean validate(String user, Type type, byte[] cred, Object state);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CredValDomain.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CredValDomain.java
index e8a5c54b..db5ab0f2 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/CredValDomain.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CredValDomain.java
@@ -21,5 +21,5 @@
package org.onap.aaf.cadi;
public interface CredValDomain extends CredVal {
- public String domain();
+ public String domain();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/GetCred.java b/cadi/core/src/main/java/org/onap/aaf/cadi/GetCred.java
index e64f0dd4..039ba8f7 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/GetCred.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/GetCred.java
@@ -22,5 +22,5 @@
package org.onap.aaf.cadi;
public interface GetCred {
- byte[] getCred();
+ byte[] getCred();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java
index 6babb4c9..acd45019 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java
@@ -26,233 +26,233 @@ import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class Hash {
- private static char hexDigit[] = "0123456789abcdef".toCharArray();
-
+ private static char hexDigit[] = "0123456789abcdef".toCharArray();
+
/////////////////////////////////
// MD5
/////////////////////////////////
- /**
- * Encrypt MD5 from Byte Array to Byte Array
- * @param input
- * @return
- * @throws NoSuchAlgorithmException
- */
- public static byte[] hashMD5 (byte[] input) throws NoSuchAlgorithmException {
- // Note: Protect against Multi-thread issues with new MessageDigest
- MessageDigest md = MessageDigest.getInstance("MD5");
- md.update(input);
- return md.digest();
- }
+ /**
+ * Encrypt MD5 from Byte Array to Byte Array
+ * @param input
+ * @return
+ * @throws NoSuchAlgorithmException
+ */
+ public static byte[] hashMD5 (byte[] input) throws NoSuchAlgorithmException {
+ // Note: Protect against Multi-thread issues with new MessageDigest
+ MessageDigest md = MessageDigest.getInstance("MD5");
+ md.update(input);
+ return md.digest();
+ }
- /**
- * Encrypt MD5 from Byte Array to Byte Array
- * @param input
- * @return
- * @throws NoSuchAlgorithmException
- */
- public static byte[] hashMD5 (byte[] input, int offset, int length) throws NoSuchAlgorithmException {
- // Note: Protect against Multi-thread issues with new MessageDigest
- MessageDigest md = MessageDigest.getInstance("MD5");
- md.update(input,offset,length);
- return md.digest();
- }
+ /**
+ * Encrypt MD5 from Byte Array to Byte Array
+ * @param input
+ * @return
+ * @throws NoSuchAlgorithmException
+ */
+ public static byte[] hashMD5 (byte[] input, int offset, int length) throws NoSuchAlgorithmException {
+ // Note: Protect against Multi-thread issues with new MessageDigest
+ MessageDigest md = MessageDigest.getInstance("MD5");
+ md.update(input,offset,length);
+ return md.digest();
+ }
- /**
- * Convenience Function: Encrypt MD5 from String to String Hex representation
- *
- * @param input
- * @return
- * @throws NoSuchAlgorithmException
- */
- public static String hashMD5asStringHex(String input) throws NoSuchAlgorithmException {
- byte[] output = hashMD5(input.getBytes());
- StringBuilder sb = new StringBuilder("0x");
- for (byte b : output) {
- sb.append(hexDigit[(b >> 4) & 0x0f]);
- sb.append(hexDigit[b & 0x0f]);
- }
- return sb.toString();
- }
+ /**
+ * Convenience Function: Encrypt MD5 from String to String Hex representation
+ *
+ * @param input
+ * @return
+ * @throws NoSuchAlgorithmException
+ */
+ public static String hashMD5asStringHex(String input) throws NoSuchAlgorithmException {
+ byte[] output = hashMD5(input.getBytes());
+ StringBuilder sb = new StringBuilder("0x");
+ for (byte b : output) {
+ sb.append(hexDigit[(b >> 4) & 0x0f]);
+ sb.append(hexDigit[b & 0x0f]);
+ }
+ return sb.toString();
+ }
/////////////////////////////////
// SHA256
/////////////////////////////////
- /**
- * SHA256 Hashing
- */
- public static byte[] hashSHA256(byte[] input) throws NoSuchAlgorithmException {
- // Note: Protect against Multi-thread issues with new MessageDigest
- MessageDigest md = MessageDigest.getInstance("SHA-256");
- md.update(input);
- return md.digest();
- }
+ /**
+ * SHA256 Hashing
+ */
+ public static byte[] hashSHA256(byte[] input) throws NoSuchAlgorithmException {
+ // Note: Protect against Multi-thread issues with new MessageDigest
+ MessageDigest md = MessageDigest.getInstance("SHA-256");
+ md.update(input);
+ return md.digest();
+ }
- /**
- * SHA256 Hashing
- */
- public static byte[] hashSHA256(byte[] input, int offset, int length) throws NoSuchAlgorithmException {
- // Note: Protect against Multi-thread issues with new MessageDigest
- MessageDigest md = MessageDigest.getInstance("SHA-256");
- md.update(input,offset,length);
- return md.digest();
- }
-
- /**
- * Convenience Function: Hash from String to String Hex representation
- *
- * @param input
- * @return
- * @throws NoSuchAlgorithmException
- */
- public static String hashSHA256asStringHex(String input) throws NoSuchAlgorithmException {
- return toHex(hashSHA256(input.getBytes()));
- }
+ /**
+ * SHA256 Hashing
+ */
+ public static byte[] hashSHA256(byte[] input, int offset, int length) throws NoSuchAlgorithmException {
+ // Note: Protect against Multi-thread issues with new MessageDigest
+ MessageDigest md = MessageDigest.getInstance("SHA-256");
+ md.update(input,offset,length);
+ return md.digest();
+ }
+
+ /**
+ * Convenience Function: Hash from String to String Hex representation
+ *
+ * @param input
+ * @return
+ * @throws NoSuchAlgorithmException
+ */
+ public static String hashSHA256asStringHex(String input) throws NoSuchAlgorithmException {
+ return toHex(hashSHA256(input.getBytes()));
+ }
- /**
- * Convenience Function: Hash from String to String Hex representation
- *
- * @param input
- * @return
- * @throws NoSuchAlgorithmException
- */
- public static String hashSHA256asStringHex(String input, int salt) throws NoSuchAlgorithmException {
- byte[] in = input.getBytes();
- ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + in.length);
- bb.putInt(salt);
- bb.put(input.getBytes());
- return toHex(Hash.hashSHA256(bb.array()));
- }
-
- /**
- * Compare two byte arrays for equivalency
- * @param ba1
- * @param ba2
- * @return
- */
- public static boolean isEqual(byte ba1[], byte ba2[]) {
- if(ba1.length!=ba2.length)return false;
- for(int i = 0;i<ba1.length; ++i) {
- if(ba1[i]!=ba2[i])return false;
- }
- return true;
- }
+ /**
+ * Convenience Function: Hash from String to String Hex representation
+ *
+ * @param input
+ * @return
+ * @throws NoSuchAlgorithmException
+ */
+ public static String hashSHA256asStringHex(String input, int salt) throws NoSuchAlgorithmException {
+ byte[] in = input.getBytes();
+ ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + in.length);
+ bb.putInt(salt);
+ bb.put(input.getBytes());
+ return toHex(Hash.hashSHA256(bb.array()));
+ }
+
+ /**
+ * Compare two byte arrays for equivalency
+ * @param ba1
+ * @param ba2
+ * @return
+ */
+ public static boolean isEqual(byte ba1[], byte ba2[]) {
+ if(ba1.length!=ba2.length)return false;
+ for(int i = 0;i<ba1.length; ++i) {
+ if(ba1[i]!=ba2[i])return false;
+ }
+ return true;
+ }
- public static int compareTo(byte[] a, byte[] b) {
- int end = Math.min(a.length, b.length);
- int compare = 0;
- for(int i=0;compare == 0 && i<end;++i) {
- compare = a[i]-b[i];
- }
- if(compare==0)compare=a.length-b.length;
- return compare;
- }
+ public static int compareTo(byte[] a, byte[] b) {
+ int end = Math.min(a.length, b.length);
+ int compare = 0;
+ for(int i=0;compare == 0 && i<end;++i) {
+ compare = a[i]-b[i];
+ }
+ if(compare==0)compare=a.length-b.length;
+ return compare;
+ }
- public static String toHexNo0x(byte[] ba) {
- StringBuilder sb = new StringBuilder();
- for (byte b : ba) {
- sb.append(hexDigit[(b >> 4) & 0x0f]);
- sb.append(hexDigit[b & 0x0f]);
- }
- return sb.toString();
- }
+ public static String toHexNo0x(byte[] ba) {
+ StringBuilder sb = new StringBuilder();
+ for (byte b : ba) {
+ sb.append(hexDigit[(b >> 4) & 0x0f]);
+ sb.append(hexDigit[b & 0x0f]);
+ }
+ return sb.toString();
+ }
- public static String toHex(byte[] ba) {
- StringBuilder sb = new StringBuilder("0x");
- for (byte b : ba) {
- sb.append(hexDigit[(b >> 4) & 0x0f]);
- sb.append(hexDigit[b & 0x0f]);
- }
- return sb.toString();
- }
-
- public static String toHex(byte[] ba, int start, int length) {
- StringBuilder sb = new StringBuilder("0x");
- for (int i=start;i<length;++i) {
- sb.append(hexDigit[(ba[i] >> 4) & 0x0f]);
- sb.append(hexDigit[ba[i] & 0x0f]);
- }
- return sb.toString();
- }
+ public static String toHex(byte[] ba) {
+ StringBuilder sb = new StringBuilder("0x");
+ for (byte b : ba) {
+ sb.append(hexDigit[(b >> 4) & 0x0f]);
+ sb.append(hexDigit[b & 0x0f]);
+ }
+ return sb.toString();
+ }
+
+ public static String toHex(byte[] ba, int start, int length) {
+ StringBuilder sb = new StringBuilder("0x");
+ for (int i=start;i<length;++i) {
+ sb.append(hexDigit[(ba[i] >> 4) & 0x0f]);
+ sb.append(hexDigit[ba[i] & 0x0f]);
+ }
+ return sb.toString();
+ }
-
- public static byte[] fromHex(String s) throws CadiException{
- if(!s.startsWith("0x")) {
- throw new CadiException("HexString must start with \"0x\"");
- }
- boolean high = true;
- int c;
- byte b;
- byte[] ba = new byte[(s.length()-2)/2];
- int idx;
- for(int i=2;i<s.length();++i) {
- c = s.charAt(i);
- if(c>=0x30 && c<=0x39) {
- b=(byte)(c-0x30);
- } else if(c>=0x61 && c<=0x66) {
- b=(byte)(c-0x57); // account for "A"
- } else if(c>=0x41 && c<=0x46) {
- b=(byte)(c-0x37);
- } else {
- throw new CadiException("Invalid char '" + c + "' in HexString");
- }
- idx = (i-2)/2;
- if(high) {
- ba[idx]=(byte)(b<<4);
- high = false;
- } else {
- ba[idx]|=b;
- high = true;
- }
- }
- return ba;
- }
+
+ public static byte[] fromHex(String s) throws CadiException{
+ if(!s.startsWith("0x")) {
+ throw new CadiException("HexString must start with \"0x\"");
+ }
+ boolean high = true;
+ int c;
+ byte b;
+ byte[] ba = new byte[(s.length()-2)/2];
+ int idx;
+ for(int i=2;i<s.length();++i) {
+ c = s.charAt(i);
+ if(c>=0x30 && c<=0x39) {
+ b=(byte)(c-0x30);
+ } else if(c>=0x61 && c<=0x66) {
+ b=(byte)(c-0x57); // account for "A"
+ } else if(c>=0x41 && c<=0x46) {
+ b=(byte)(c-0x37);
+ } else {
+ throw new CadiException("Invalid char '" + c + "' in HexString");
+ }
+ idx = (i-2)/2;
+ if(high) {
+ ba[idx]=(byte)(b<<4);
+ high = false;
+ } else {
+ ba[idx]|=b;
+ high = true;
+ }
+ }
+ return ba;
+ }
- /**
- * Does not expect to start with "0x"
- * if Any Character doesn't match, it returns null;
- *
- * @param s
- * @return
- */
- public static byte[] fromHexNo0x(String s) {
- int c;
- byte b;
- byte[] ba;
- boolean high;
- int start;
- if(s.length()%2==0) {
- ba = new byte[s.length()/2];
- high=true;
- start=0;
- } else {
- ba = new byte[(s.length()/2)+1];
- high = false;
- start=1;
- }
- int idx;
- for(int i=start;i<s.length();++i) {
- c = s.charAt((i-start));
- if(c>=0x30 && c<=0x39) {
- b=(byte)(c-0x30);
- } else if(c>=0x61 && c<=0x66) {
- b=(byte)(c-0x57); // account for "A"
- } else if(c>=0x41 && c<=0x46) {
- b=(byte)(c-0x37);
- } else {
- return null;
- }
- idx = i/2;
- if(high) {
- ba[idx]=(byte)(b<<4);
- high = false;
- } else {
- ba[idx]|=b;
- high = true;
- }
- }
- return ba;
- }
+ /**
+ * Does not expect to start with "0x"
+ * if Any Character doesn't match, it returns null;
+ *
+ * @param s
+ * @return
+ */
+ public static byte[] fromHexNo0x(String s) {
+ int c;
+ byte b;
+ byte[] ba;
+ boolean high;
+ int start;
+ if(s.length()%2==0) {
+ ba = new byte[s.length()/2];
+ high=true;
+ start=0;
+ } else {
+ ba = new byte[(s.length()/2)+1];
+ high = false;
+ start=1;
+ }
+ int idx;
+ for(int i=start;i<s.length();++i) {
+ c = s.charAt((i-start));
+ if(c>=0x30 && c<=0x39) {
+ b=(byte)(c-0x30);
+ } else if(c>=0x61 && c<=0x66) {
+ b=(byte)(c-0x57); // account for "A"
+ } else if(c>=0x41 && c<=0x46) {
+ b=(byte)(c-0x37);
+ } else {
+ return null;
+ }
+ idx = i/2;
+ if(high) {
+ ba[idx]=(byte)(b<<4);
+ high = false;
+ } else {
+ ba[idx]|=b;
+ high = true;
+ }
+ }
+ return ba;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Locator.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Locator.java
index 22258d12..c40cb998 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Locator.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Locator.java
@@ -22,15 +22,15 @@
package org.onap.aaf.cadi;
public interface Locator<T> {
- public T get(Locator.Item item) throws LocatorException;
- public boolean hasItems();
- public void invalidate(Locator.Item item) throws LocatorException;
- public Locator.Item best() throws LocatorException;
- public Item first() throws LocatorException;
- public Item next(Item item) throws LocatorException;
- public boolean refresh();
- public void destroy();
-
- public interface Item {}
+ public T get(Locator.Item item) throws LocatorException;
+ public boolean hasItems();
+ public void invalidate(Locator.Item item) throws LocatorException;
+ public Locator.Item best() throws LocatorException;
+ public Item first() throws LocatorException;
+ public Item next(Item item) throws LocatorException;
+ public boolean refresh();
+ public void destroy();
+
+ public interface Item {}
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/LocatorException.java b/cadi/core/src/main/java/org/onap/aaf/cadi/LocatorException.java
index f14fba70..da56d4b2 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/LocatorException.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/LocatorException.java
@@ -22,25 +22,25 @@
package org.onap.aaf.cadi;
public class LocatorException extends Exception {
- /**
- *
- */
- private static final long serialVersionUID = -4267929804321134469L;
+ /**
+ *
+ */
+ private static final long serialVersionUID = -4267929804321134469L;
- public LocatorException(String arg0) {
- super(arg0);
- }
+ public LocatorException(String arg0) {
+ super(arg0);
+ }
- public LocatorException(Throwable arg0) {
- super(arg0);
- }
+ public LocatorException(Throwable arg0) {
+ super(arg0);
+ }
- public LocatorException(String arg0, Throwable arg1) {
- super(arg0, arg1);
- }
+ public LocatorException(String arg0, Throwable arg1) {
+ super(arg0, arg1);
+ }
- public LocatorException(CharSequence cs) {
- super(cs.toString());
- }
+ public LocatorException(CharSequence cs) {
+ super(cs.toString());
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
index 0beb4856..bdc9f643 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Lur.java
@@ -39,54 +39,54 @@ import java.util.List;
*
*/
public interface Lur {
- /**
- * Allow the Lur, which has correct Permission access, to create and hand back.
- */
- public Permission createPerm(String p);
-
- /**
- * Fish for Principals in a Pond
- *
- * or more boringly, is the User identified within a named collection representing permission.
- *
- * @param principalName
- * @return
- */
- public boolean fish(Principal bait, Permission ... pond);
+ /**
+ * Allow the Lur, which has correct Permission access, to create and hand back.
+ */
+ public Permission createPerm(String p);
+
+ /**
+ * Fish for Principals in a Pond
+ *
+ * or more boringly, is the User identified within a named collection representing permission.
+ *
+ * @param principalName
+ * @return
+ */
+ public boolean fish(Principal bait, Permission ... pond);
- /**
- * Fish all the Principals out a Pond
- *
- * For additional humor, pronounce the following with a Southern Drawl, "FishOil"
- *
- * or more boringly, load the List with Permissions found for Principal
- *
- * @param principalName
- * @return
- */
- public void fishAll(Principal bait, List<Permission> permissions);
+ /**
+ * Fish all the Principals out a Pond
+ *
+ * For additional humor, pronounce the following with a Southern Drawl, "FishOil"
+ *
+ * or more boringly, load the List with Permissions found for Principal
+ *
+ * @param principalName
+ * @return
+ */
+ public void fishAll(Principal bait, List<Permission> permissions);
- /**
- * Allow implementations to disconnect, or cleanup resources if unneeded
- */
- public void destroy();
+ /**
+ * Allow implementations to disconnect, or cleanup resources if unneeded
+ */
+ public void destroy();
- /**
- * Does this LUR handle this pond exclusively? Important for EpiLUR to determine whether
- * to try another (more expensive) LUR
- * @param pond
- * @return
- */
- public boolean handlesExclusively(Permission ... pond);
-
- /**
- * Does the LUR support a particular kind of Principal
- * This can be used to check name's domain, like above, or Principal type
- */
- public boolean handles(Principal principal);
-
- /**
- * Clear: Clear any Caching, if exists
- */
- public void clear(Principal p, StringBuilder report);
+ /**
+ * Does this LUR handle this pond exclusively? Important for EpiLUR to determine whether
+ * to try another (more expensive) LUR
+ * @param pond
+ * @return
+ */
+ public boolean handlesExclusively(Permission ... pond);
+
+ /**
+ * Does the LUR support a particular kind of Principal
+ * This can be used to check name's domain, like above, or Principal type
+ */
+ public boolean handles(Principal principal);
+
+ /**
+ * Clear: Clear any Caching, if exists
+ */
+ public void clear(Principal p, StringBuilder report);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Permission.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Permission.java
index f8061290..2537c386 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Permission.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Permission.java
@@ -22,7 +22,7 @@
package org.onap.aaf.cadi;
public interface Permission {
- public String permType();
- public String getKey();
- public boolean match(Permission p);
+ public String permType();
+ public String getKey();
+ public boolean match(Permission p);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java b/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java
index 3d15b09d..a35777f8 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java
@@ -37,365 +37,365 @@ import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.cadi.config.SecurityInfo;
public class PropAccess implements Access {
- // Sonar says cannot be static... it's ok. not too many PropAccesses created.
- private final SimpleDateFormat iso8601 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ");
+ // Sonar says cannot be static... it's ok. not too many PropAccesses created.
+ private final SimpleDateFormat iso8601 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ");
- public static final Level DEFAULT = Level.AUDIT;
-
- private Symm symm;
- private int level;
- private Properties props;
- private List<String> recursionProtection = null;
- private LogIt logIt;
- private String name;
+ public static final Level DEFAULT = Level.AUDIT;
+
+ private Symm symm;
+ private int level;
+ private Properties props;
+ private List<String> recursionProtection = null;
+ private LogIt logIt;
+ private String name;
- public PropAccess() {
- logIt = new StreamLogIt(System.out);
- init(null);
- }
-
- /**
- * This Constructor soly exists to instantiate Servlet Context Based Logging that will call "init" later.
- * @param sc
- */
- protected PropAccess(Object o) {
- logIt = new StreamLogIt(System.out);
- props = new Properties();
- }
-
- public PropAccess(String ... args) {
- this(System.out,args);
- }
-
- public PropAccess(PrintStream ps, String[] args) {
- logIt = new StreamLogIt(ps==null?System.out:ps);
- init(logIt,args);
- }
-
- public PropAccess(LogIt logit, String[] args) {
- init(logit, args);
- }
-
- public PropAccess(Properties p) {
- this(System.out,p);
- }
-
- public PropAccess(PrintStream ps, Properties p) {
- logIt = new StreamLogIt(ps==null?System.out:ps);
- init(p);
- }
-
- protected void init(final LogIt logIt, final String[] args) {
- this.logIt = logIt;
- Properties nprops=new Properties();
- int eq;
- for(String arg : args) {
- if((eq=arg.indexOf('='))>0) {
- nprops.setProperty(arg.substring(0, eq),arg.substring(eq+1));
- }
- }
- init(nprops);
- }
-
- protected void init(Properties p) {
- // Make sure these two are set before any changes in Logging
- name = "cadi";
- level=DEFAULT.maskOf();
-
- props = new Properties();
- // First, load related System Properties
- for(Entry<Object,Object> es : System.getProperties().entrySet()) {
- String key = es.getKey().toString();
- for(String start : new String[] {"cadi_","aaf_","cm_"}) {
- if(key.startsWith(start)) {
- props.put(key, es.getValue());
- }
- }
- }
- // Second, overlay or fill in with Passed in Props
- if(p!=null) {
- props.putAll(p);
- }
-
- // Third, load any Chained Property Files
- load(props.getProperty(Config.CADI_PROP_FILES));
-
- String sLevel = props.getProperty(Config.CADI_LOGLEVEL);
- if(sLevel!=null) {
- level=Level.valueOf(sLevel).maskOf();
- }
- // Setup local Symmetrical key encryption
- if(symm==null) {
- try {
- symm = Symm.obtain(this);
- } catch (CadiException e) {
- System.err.append("FATAL ERROR: Cannot obtain Key Information.");
- e.printStackTrace(System.err);
- System.exit(1);
- }
- }
-
- name = props.getProperty(Config.CADI_LOGNAME, name);
-
- specialConversions();
- }
+ public PropAccess() {
+ logIt = new StreamLogIt(System.out);
+ init(null);
+ }
+
+ /**
+ * This Constructor soly exists to instantiate Servlet Context Based Logging that will call "init" later.
+ * @param sc
+ */
+ protected PropAccess(Object o) {
+ logIt = new StreamLogIt(System.out);
+ props = new Properties();
+ }
+
+ public PropAccess(String ... args) {
+ this(System.out,args);
+ }
+
+ public PropAccess(PrintStream ps, String[] args) {
+ logIt = new StreamLogIt(ps==null?System.out:ps);
+ init(logIt,args);
+ }
+
+ public PropAccess(LogIt logit, String[] args) {
+ init(logit, args);
+ }
+
+ public PropAccess(Properties p) {
+ this(System.out,p);
+ }
+
+ public PropAccess(PrintStream ps, Properties p) {
+ logIt = new StreamLogIt(ps==null?System.out:ps);
+ init(p);
+ }
+
+ protected void init(final LogIt logIt, final String[] args) {
+ this.logIt = logIt;
+ Properties nprops=new Properties();
+ int eq;
+ for(String arg : args) {
+ if((eq=arg.indexOf('='))>0) {
+ nprops.setProperty(arg.substring(0, eq),arg.substring(eq+1));
+ }
+ }
+ init(nprops);
+ }
+
+ protected void init(Properties p) {
+ // Make sure these two are set before any changes in Logging
+ name = "cadi";
+ level=DEFAULT.maskOf();
+
+ props = new Properties();
+ // First, load related System Properties
+ for(Entry<Object,Object> es : System.getProperties().entrySet()) {
+ String key = es.getKey().toString();
+ for(String start : new String[] {"cadi_","aaf_","cm_"}) {
+ if(key.startsWith(start)) {
+ props.put(key, es.getValue());
+ }
+ }
+ }
+ // Second, overlay or fill in with Passed in Props
+ if(p!=null) {
+ props.putAll(p);
+ }
+
+ // Third, load any Chained Property Files
+ load(props.getProperty(Config.CADI_PROP_FILES));
+
+ String sLevel = props.getProperty(Config.CADI_LOGLEVEL);
+ if(sLevel!=null) {
+ level=Level.valueOf(sLevel).maskOf();
+ }
+ // Setup local Symmetrical key encryption
+ if(symm==null) {
+ try {
+ symm = Symm.obtain(this);
+ } catch (CadiException e) {
+ System.err.append("FATAL ERROR: Cannot obtain Key Information.");
+ e.printStackTrace(System.err);
+ System.exit(1);
+ }
+ }
+
+ name = props.getProperty(Config.CADI_LOGNAME, name);
+
+ specialConversions();
+ }
- private void specialConversions() {
- // Critical - if no Security Protocols set, then set it. We'll just get messed up if not
- if(props.get(Config.CADI_PROTOCOLS)==null) {
- props.setProperty(Config.CADI_PROTOCOLS, SecurityInfo.HTTPS_PROTOCOLS_DEFAULT);
- }
-
- Object temp;
- temp=props.get(Config.CADI_PROTOCOLS);
- if(props.get(Config.HTTPS_PROTOCOLS)==null && temp!=null) {
- props.put(Config.HTTPS_PROTOCOLS, temp);
- }
-
- if(temp!=null) {
- if("1.7".equals(System.getProperty("java.specification.version"))
- && (temp==null || (temp instanceof String && ((String)temp).contains("TLSv1.2")))) {
- System.setProperty(Config.HTTPS_CIPHER_SUITES, Config.HTTPS_CIPHER_SUITES_DEFAULT);
- }
- }
- }
+ private void specialConversions() {
+ // Critical - if no Security Protocols set, then set it. We'll just get messed up if not
+ if(props.get(Config.CADI_PROTOCOLS)==null) {
+ props.setProperty(Config.CADI_PROTOCOLS, SecurityInfo.HTTPS_PROTOCOLS_DEFAULT);
+ }
+
+ Object temp;
+ temp=props.get(Config.CADI_PROTOCOLS);
+ if(props.get(Config.HTTPS_PROTOCOLS)==null && temp!=null) {
+ props.put(Config.HTTPS_PROTOCOLS, temp);
+ }
+
+ if(temp!=null) {
+ if("1.7".equals(System.getProperty("java.specification.version"))
+ && (temp==null || (temp instanceof String && ((String)temp).contains("TLSv1.2")))) {
+ System.setProperty(Config.HTTPS_CIPHER_SUITES, Config.HTTPS_CIPHER_SUITES_DEFAULT);
+ }
+ }
+ }
- private void load(String cadi_prop_files) {
- if(cadi_prop_files==null) {
- return;
- }
- String prevKeyFile = props.getProperty(Config.CADI_KEYFILE);
- int prev = 0, end = cadi_prop_files.length();
- int idx;
- String filename;
- while(prev<end) {
- idx = cadi_prop_files.indexOf(File.pathSeparatorChar,prev);
- if(idx<0) {
- idx = end;
- }
- File file = new File(filename=cadi_prop_files.substring(prev,idx));
- if(file.exists()) {
- printf(Level.INIT,"Loading CADI Properties from %s",file.getAbsolutePath());
- try {
- FileInputStream fis = new FileInputStream(file);
- try {
- props.load(fis);
- // Recursively Load
- String chainProp = props.getProperty(Config.CADI_PROP_FILES);
- if(chainProp!=null) {
- if(recursionProtection==null) {
- recursionProtection = new ArrayList<>();
- recursionProtection.add(cadi_prop_files);
- }
- if(!recursionProtection.contains(chainProp)) {
- recursionProtection.add(chainProp);
- load(chainProp); // recurse
- }
- }
- } finally {
- fis.close();
- }
- } catch (Exception e) {
- log(e,filename,"cannot be opened");
- }
- } else {
- printf(Level.WARN,"Warning: recursive CADI Property %s does not exist",file.getAbsolutePath());
- }
- prev = idx+1;
- }
-
- // Trim
- for(Entry<Object, Object> es : props.entrySet()) {
- Object value = es.getValue();
- if(value instanceof String) {
- String trim = ((String)value).trim();
- // Remove Beginning/End Quotes, which might be there if mixed with Bash Props
- int s = 0, e=trim.length()-1;
- if(s<e && trim.charAt(s)=='"' && trim.charAt(e)=='"') {
- trim=trim.substring(s+1,e);
- }
- if(trim!=value) { // Yes, I want OBJECT equals
- props.setProperty((String)es.getKey(), trim);
- }
- }
- }
- // Reset Symm if Keyfile Changes:
- String newKeyFile = props.getProperty(Config.CADI_KEYFILE);
- if((prevKeyFile!=null && newKeyFile!=null) || (newKeyFile!=null && !newKeyFile.equals(prevKeyFile))) {
- try {
- symm = Symm.obtain(this);
- } catch (CadiException e) {
- System.err.append("FATAL ERROR: Cannot obtain Key Information.");
- e.printStackTrace(System.err);
- System.exit(1);
- }
+ private void load(String cadi_prop_files) {
+ if(cadi_prop_files==null) {
+ return;
+ }
+ String prevKeyFile = props.getProperty(Config.CADI_KEYFILE);
+ int prev = 0, end = cadi_prop_files.length();
+ int idx;
+ String filename;
+ while(prev<end) {
+ idx = cadi_prop_files.indexOf(File.pathSeparatorChar,prev);
+ if(idx<0) {
+ idx = end;
+ }
+ File file = new File(filename=cadi_prop_files.substring(prev,idx));
+ if(file.exists()) {
+ printf(Level.INIT,"Loading CADI Properties from %s",file.getAbsolutePath());
+ try {
+ FileInputStream fis = new FileInputStream(file);
+ try {
+ props.load(fis);
+ // Recursively Load
+ String chainProp = props.getProperty(Config.CADI_PROP_FILES);
+ if(chainProp!=null) {
+ if(recursionProtection==null) {
+ recursionProtection = new ArrayList<>();
+ recursionProtection.add(cadi_prop_files);
+ }
+ if(!recursionProtection.contains(chainProp)) {
+ recursionProtection.add(chainProp);
+ load(chainProp); // recurse
+ }
+ }
+ } finally {
+ fis.close();
+ }
+ } catch (Exception e) {
+ log(e,filename,"cannot be opened");
+ }
+ } else {
+ printf(Level.WARN,"Warning: recursive CADI Property %s does not exist",file.getAbsolutePath());
+ }
+ prev = idx+1;
+ }
+
+ // Trim
+ for(Entry<Object, Object> es : props.entrySet()) {
+ Object value = es.getValue();
+ if(value instanceof String) {
+ String trim = ((String)value).trim();
+ // Remove Beginning/End Quotes, which might be there if mixed with Bash Props
+ int s = 0, e=trim.length()-1;
+ if(s<e && trim.charAt(s)=='"' && trim.charAt(e)=='"') {
+ trim=trim.substring(s+1,e);
+ }
+ if(trim!=value) { // Yes, I want OBJECT equals
+ props.setProperty((String)es.getKey(), trim);
+ }
+ }
+ }
+ // Reset Symm if Keyfile Changes:
+ String newKeyFile = props.getProperty(Config.CADI_KEYFILE);
+ if((prevKeyFile!=null && newKeyFile!=null) || (newKeyFile!=null && !newKeyFile.equals(prevKeyFile))) {
+ try {
+ symm = Symm.obtain(this);
+ } catch (CadiException e) {
+ System.err.append("FATAL ERROR: Cannot obtain Key Information.");
+ e.printStackTrace(System.err);
+ System.exit(1);
+ }
- prevKeyFile=newKeyFile;
- }
-
- String loglevel = props.getProperty(Config.CADI_LOGLEVEL);
- if(loglevel!=null) {
- try {
- level=Level.valueOf(loglevel).maskOf();
- } catch (IllegalArgumentException e) {
- printf(Level.ERROR,"%s=%s is an Invalid Log Level",Config.CADI_LOGLEVEL,loglevel);
- }
- }
-
- specialConversions();
- }
-
- @Override
- public void load(InputStream is) throws IOException {
- props.load(is);
- load(props.getProperty(Config.CADI_PROP_FILES));
- }
+ prevKeyFile=newKeyFile;
+ }
+
+ String loglevel = props.getProperty(Config.CADI_LOGLEVEL);
+ if(loglevel!=null) {
+ try {
+ level=Level.valueOf(loglevel).maskOf();
+ } catch (IllegalArgumentException e) {
+ printf(Level.ERROR,"%s=%s is an Invalid Log Level",Config.CADI_LOGLEVEL,loglevel);
+ }
+ }
+
+ specialConversions();
+ }
+
+ @Override
+ public void load(InputStream is) throws IOException {
+ props.load(is);
+ load(props.getProperty(Config.CADI_PROP_FILES));
+ }
- @Override
- public void log(Level level, Object ... elements) {
- if(willLog(level)) {
- logIt.push(level,elements);
- }
- }
+ @Override
+ public void log(Level level, Object ... elements) {
+ if(willLog(level)) {
+ logIt.push(level,elements);
+ }
+ }
- protected StringBuilder buildMsg(Level level, Object[] elements) {
- return buildMsg(name,iso8601,level,elements);
- }
+ protected StringBuilder buildMsg(Level level, Object[] elements) {
+ return buildMsg(name,iso8601,level,elements);
+ }
- public static StringBuilder buildMsg(final String name, final SimpleDateFormat sdf, Level level, Object[] elements) {
- StringBuilder sb = new StringBuilder(sdf.format(new Date()));
- sb.append(' ');
- sb.append(level.name());
- sb.append(" [");
- sb.append(name);
-
- int end = elements.length;
- if(end<=0) {
- sb.append("] ");
- } else {
- int idx = 0;
- if(elements[idx] instanceof Integer) {
- sb.append('-');
- sb.append(elements[idx]);
- ++idx;
- }
- sb.append("] ");
- String s;
- boolean first = true;
- for(Object o : elements) {
- if(o!=null) {
- s=o.toString();
- if(first) {
- first = false;
- } else {
- int l = s.length();
- if(l>0) {
- switch(s.charAt(l-1)) {
- case ' ':
- break;
- default:
- sb.append(' ');
- }
- }
- }
- sb.append(s);
- }
- }
- }
- return sb;
- }
+ public static StringBuilder buildMsg(final String name, final SimpleDateFormat sdf, Level level, Object[] elements) {
+ StringBuilder sb = new StringBuilder(sdf.format(new Date()));
+ sb.append(' ');
+ sb.append(level.name());
+ sb.append(" [");
+ sb.append(name);
+
+ int end = elements.length;
+ if(end<=0) {
+ sb.append("] ");
+ } else {
+ int idx = 0;
+ if(elements[idx] instanceof Integer) {
+ sb.append('-');
+ sb.append(elements[idx]);
+ ++idx;
+ }
+ sb.append("] ");
+ String s;
+ boolean first = true;
+ for(Object o : elements) {
+ if(o!=null) {
+ s=o.toString();
+ if(first) {
+ first = false;
+ } else {
+ int l = s.length();
+ if(l>0) {
+ switch(s.charAt(l-1)) {
+ case ' ':
+ break;
+ default:
+ sb.append(' ');
+ }
+ }
+ }
+ sb.append(s);
+ }
+ }
+ }
+ return sb;
+ }
- @Override
- public void log(Exception e, Object... elements) {
- log(Level.ERROR,e.getMessage(),elements);
- e.printStackTrace(System.err);
- }
+ @Override
+ public void log(Exception e, Object... elements) {
+ log(Level.ERROR,e.getMessage(),elements);
+ e.printStackTrace(System.err);
+ }
- @Override
- public void printf(Level level, String fmt, Object... elements) {
- if(willLog(level)) {
- log(level,String.format(fmt, elements));
- }
- }
+ @Override
+ public void printf(Level level, String fmt, Object... elements) {
+ if(willLog(level)) {
+ log(level,String.format(fmt, elements));
+ }
+ }
- @Override
- public void setLogLevel(Level level) {
- this.level = level.maskOf();
- }
+ @Override
+ public void setLogLevel(Level level) {
+ this.level = level.maskOf();
+ }
- @Override
- public boolean willLog(Level level) {
- return level.inMask(this.level);
- }
+ @Override
+ public boolean willLog(Level level) {
+ return level.inMask(this.level);
+ }
- @Override
- public ClassLoader classLoader() {
- return ClassLoader.getSystemClassLoader();
- }
+ @Override
+ public ClassLoader classLoader() {
+ return ClassLoader.getSystemClassLoader();
+ }
- @Override
- public String getProperty(String tag, String def) {
- return props.getProperty(tag,def);
- }
+ @Override
+ public String getProperty(String tag, String def) {
+ return props.getProperty(tag,def);
+ }
- @Override
- public String decrypt(String encrypted, boolean anytext) throws IOException {
- return (encrypted!=null && (anytext==true || encrypted.startsWith(Symm.ENC)))
- ? symm.depass(encrypted)
- : encrypted;
- }
-
- public String encrypt(String unencrypted) throws IOException {
- return Symm.ENC+symm.enpass(unencrypted);
- }
+ @Override
+ public String decrypt(String encrypted, boolean anytext) throws IOException {
+ return (encrypted!=null && (anytext==true || encrypted.startsWith(Symm.ENC)))
+ ? symm.depass(encrypted)
+ : encrypted;
+ }
+
+ public String encrypt(String unencrypted) throws IOException {
+ return Symm.ENC+symm.enpass(unencrypted);
+ }
- //////////////////
- // Additional
- //////////////////
- public String getProperty(String tag) {
- return props.getProperty(tag);
- }
-
+ //////////////////
+ // Additional
+ //////////////////
+ public String getProperty(String tag) {
+ return props.getProperty(tag);
+ }
+
- public Properties getProperties() {
- return props;
- }
+ public Properties getProperties() {
+ return props;
+ }
- public void setProperty(String tag, String value) {
- if(value!=null) {
- props.put(tag, value);
- if(Config.CADI_KEYFILE.equals(tag)) {
- // reset decryption too
- try {
- symm = Symm.obtain(this);
- } catch (CadiException e) {
- System.err.append("FATAL ERROR: Cannot obtain Key Information.");
- e.printStackTrace(System.err);
- System.exit(1);
- }
- }
- }
- }
+ public void setProperty(String tag, String value) {
+ if(value!=null) {
+ props.put(tag, value);
+ if(Config.CADI_KEYFILE.equals(tag)) {
+ // reset decryption too
+ try {
+ symm = Symm.obtain(this);
+ } catch (CadiException e) {
+ System.err.append("FATAL ERROR: Cannot obtain Key Information.");
+ e.printStackTrace(System.err);
+ System.exit(1);
+ }
+ }
+ }
+ }
- public interface LogIt {
- public void push(Level level, Object ... elements) ;
- }
-
- private class StreamLogIt implements LogIt {
- private PrintStream ps;
-
- public StreamLogIt(PrintStream ps) {
- this.ps = ps;
- }
- @Override
- public void push(Level level, Object ... elements) {
- ps.println(buildMsg(level,elements));
- ps.flush();
- }
-
- }
+ public interface LogIt {
+ public void push(Level level, Object ... elements) ;
+ }
+
+ private class StreamLogIt implements LogIt {
+ private PrintStream ps;
+
+ public StreamLogIt(PrintStream ps) {
+ this.ps = ps;
+ }
+ @Override
+ public void push(Level level, Object ... elements) {
+ ps.println(buildMsg(level,elements));
+ ps.flush();
+ }
+
+ }
- public void set(LogIt logit) {
- logIt = logit;
- }
+ public void set(LogIt logit) {
+ logIt = logit;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Revalidator.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Revalidator.java
index 125ac24c..66ba86ae 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Revalidator.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Revalidator.java
@@ -23,12 +23,12 @@ package org.onap.aaf.cadi;
public interface Revalidator<TRANS> {
- /**
- * Re-Validate Credential
- *
- * @param prin
- * @return
- */
- public CachedPrincipal.Resp revalidate(TRANS trans, CachedPrincipal prin);
+ /**
+ * Re-Validate Credential
+ *
+ * @param prin
+ * @return
+ */
+ public CachedPrincipal.Resp revalidate(TRANS trans, CachedPrincipal prin);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/SecuritySetter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/SecuritySetter.java
index 31563017..194712e0 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/SecuritySetter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/SecuritySetter.java
@@ -31,14 +31,14 @@ package org.onap.aaf.cadi;
*
*/
public interface SecuritySetter<CT> {
- public String getID();
-
- public void setSecurity(CT client) throws CadiException;
-
- /**
- * Returns number of bad logins registered
- * @param respCode
- * @return
- */
- public int setLastResponse(int respCode);
+ public String getID();
+
+ public void setSecurity(CT client) throws CadiException;
+
+ /**
+ * Returns number of bad logins registered
+ * @param respCode
+ * @return
+ */
+ public int setLastResponse(int respCode);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java b/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java
index 38a01a09..518ea6dd 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java
@@ -28,40 +28,40 @@ import javax.servlet.ServletContext;
public class ServletContextAccess extends PropAccess {
- private ServletContext context;
+ private ServletContext context;
- public ServletContextAccess(FilterConfig filterConfig) {
- super(filterConfig); // protected constructor... does not have "init" called.
- context = filterConfig.getServletContext();
+ public ServletContextAccess(FilterConfig filterConfig) {
+ super(filterConfig); // protected constructor... does not have "init" called.
+ context = filterConfig.getServletContext();
- for(Enumeration<?> en = filterConfig.getInitParameterNames();en.hasMoreElements();) {
- String name = (String)en.nextElement();
- setProperty(name, filterConfig.getInitParameter(name));
- }
- init(getProperties());
- }
+ for(Enumeration<?> en = filterConfig.getInitParameterNames();en.hasMoreElements();) {
+ String name = (String)en.nextElement();
+ setProperty(name, filterConfig.getInitParameter(name));
+ }
+ init(getProperties());
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.PropAccess#log(org.onap.aaf.cadi.Access.Level, java.lang.Object[])
- */
- @Override
- public void log(Level level, Object... elements) {
- if(willLog(level)) {
- StringBuilder sb = buildMsg(level, elements);
- context.log(sb.toString());
- }
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.PropAccess#log(org.onap.aaf.cadi.Access.Level, java.lang.Object[])
+ */
+ @Override
+ public void log(Level level, Object... elements) {
+ if(willLog(level)) {
+ StringBuilder sb = buildMsg(level, elements);
+ context.log(sb.toString());
+ }
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.PropAccess#log(java.lang.Exception, java.lang.Object[])
- */
- @Override
- public void log(Exception e, Object... elements) {
- StringBuilder sb = buildMsg(Level.ERROR, elements);
- context.log(sb.toString(),e);
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.PropAccess#log(java.lang.Exception, java.lang.Object[])
+ */
+ @Override
+ public void log(Exception e, Object... elements) {
+ StringBuilder sb = buildMsg(Level.ERROR, elements);
+ context.log(sb.toString(),e);
+ }
- public ServletContext context() {
- return context;
- }
+ public ServletContext context() {
+ return context;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
index afc1d979..fd60b0c1 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java
@@ -69,184 +69,184 @@ import org.onap.aaf.cadi.config.Config;
*
*/
public class Symm {
- private static final byte[] DOUBLE_EQ = new byte[] {'=','='};
- public static final String ENC = "enc:";
- private static final Object LOCK = new Object();
- private static final SecureRandom random = new SecureRandom();
-
- public final char[] codeset;
- private final int splitLinesAt;
- private final String encoding;
- private final Convert convert;
- private final boolean endEquals;
- private byte[] keyBytes = null;
- //Note: AES Encryption is not Thread Safe. It is Synchronized
- //private AES aes = null; // only initialized from File, and only if needed for Passwords
-
- /**
- * This is the standard base64 Key Set.
- * RFC 2045
- */
- public static final Symm base64 = new Symm(
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".toCharArray()
- ,76, Config.UTF_8,true);
-
- public static final Symm base64noSplit = new Symm(
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".toCharArray()
- ,Integer.MAX_VALUE, Config.UTF_8,true);
-
- /**
- * This is the standard base64 set suitable for URLs and Filenames
- * RFC 4648
- */
- public static final Symm base64url = new Symm(
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_".toCharArray()
- ,76, Config.UTF_8,true);
-
- /**
- * A Password set, using US-ASCII
- * RFC 4648
- */
- public static final Symm encrypt = new Symm(base64url.codeset,1024, "US-ASCII", false);
- private static final byte[] EMPTY = new byte[0];
-
- /**
- * A typical set of Password Chars
- * Note, this is too large to fit into the algorithm. Only use with PassGen
- */
- private static char passChars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+!@#$%^&*(){}[]?:;,.".toCharArray();
-
-
- private static Symm internalOnly = null;
-
- /**
- * Use this to create special case Case Sets and/or Line breaks
- *
- * If you don't know why you need this, use the Singleton Method
- *
- * @param codeset
- * @param split
- */
- public Symm(char[] codeset, int split, String charset, boolean useEndEquals) {
- this.codeset = codeset;
- splitLinesAt = split;
- encoding = charset;
- endEquals = useEndEquals;
- char prev = 0, curr=0, first = 0;
- int offset=Integer.SIZE; // something that's out of range for integer array
-
- // There can be time efficiencies gained when the underlying keyset consists mainly of ordered
- // data (i.e. abcde...). Therefore, we'll quickly analyze the keyset. If it proves to have
- // too much entropy, the "Unordered" algorithm, which is faster in such cases is used.
- ArrayList<int[]> la = new ArrayList<>();
- for(int i=0;i<codeset.length;++i) {
- curr = codeset[i];
- if(prev+1==curr) { // is next character in set
- prev = curr;
- } else {
- if(offset!=Integer.SIZE) { // add previous range
- la.add(new int[]{first,prev,offset});
- }
- first = prev = curr;
- offset = curr-i;
- }
- }
- la.add(new int[]{first,curr,offset});
- if(la.size()>codeset.length/3) {
- convert = new Unordered(codeset);
- } else { // too random to get speed enhancement from range algorithm
- int[][] range = new int[la.size()][];
- la.toArray(range);
- convert = new Ordered(range);
- }
- }
-
- public Symm copy(int lines) {
- return new Symm(codeset,lines,encoding,endEquals);
- }
-
- // Only used by keygen, which is intentionally randomized. Therefore, always use unordered
- private Symm(char[] codeset, Symm parent) {
- this.codeset = codeset;
- splitLinesAt = parent.splitLinesAt;
- endEquals = parent.endEquals;
- encoding = parent.encoding;
- convert = new Unordered(codeset);
- }
-
- /**
- * Obtain the base64() behavior of this class, for use in standard BASIC AUTH mechanism, etc.
- * @return
- */
- @Deprecated
- public static final Symm base64() {
- return base64;
- }
-
- /**
- * Obtain the base64() behavior of this class, for use in standard BASIC AUTH mechanism, etc.
- * No Line Splitting
- * @return
- */
- @Deprecated
- public static final Symm base64noSplit() {
- return base64noSplit;
- }
-
- /**
- * Obtain the base64 "URL" behavior of this class, for use in File Names, etc. (no "/")
- */
- @Deprecated
- public static final Symm base64url() {
- return base64url;
- }
-
- /**
- * Obtain a special ASCII version for Scripting, with base set of base64url use in File Names, etc. (no "/")
- */
- public static final Symm baseCrypt() {
- return encrypt;
- }
-
- public <T> T exec(SyncExec<T> exec) throws Exception {
- synchronized(LOCK) {
- if(keyBytes == null) {
- keyBytes = new byte[AES.AES_KEY_SIZE/8];
- int offset = (Math.abs(codeset[0])+47)%(codeset.length-keyBytes.length);
- for(int i=0;i<keyBytes.length;++i) {
- keyBytes[i] = (byte)codeset[i+offset];
- }
- }
- }
- return exec.exec(new AES(keyBytes,0,keyBytes.length));
- }
-
- public interface Encryption {
- public CipherOutputStream outputStream(OutputStream os, boolean encrypt);
- public CipherInputStream inputStream(InputStream is, boolean encrypt);
- }
-
- public static interface SyncExec<T> {
- public T exec(Encryption enc) throws IOException, Exception;
- }
-
+ private static final byte[] DOUBLE_EQ = new byte[] {'=','='};
+ public static final String ENC = "enc:";
+ private static final Object LOCK = new Object();
+ private static final SecureRandom random = new SecureRandom();
+
+ public final char[] codeset;
+ private final int splitLinesAt;
+ private final String encoding;
+ private final Convert convert;
+ private final boolean endEquals;
+ private byte[] keyBytes = null;
+ //Note: AES Encryption is not Thread Safe. It is Synchronized
+ //private AES aes = null; // only initialized from File, and only if needed for Passwords
+
+ /**
+ * This is the standard base64 Key Set.
+ * RFC 2045
+ */
+ public static final Symm base64 = new Symm(
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".toCharArray()
+ ,76, Config.UTF_8,true);
+
+ public static final Symm base64noSplit = new Symm(
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".toCharArray()
+ ,Integer.MAX_VALUE, Config.UTF_8,true);
+
+ /**
+ * This is the standard base64 set suitable for URLs and Filenames
+ * RFC 4648
+ */
+ public static final Symm base64url = new Symm(
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_".toCharArray()
+ ,76, Config.UTF_8,true);
+
+ /**
+ * A Password set, using US-ASCII
+ * RFC 4648
+ */
+ public static final Symm encrypt = new Symm(base64url.codeset,1024, "US-ASCII", false);
+ private static final byte[] EMPTY = new byte[0];
+
+ /**
+ * A typical set of Password Chars
+ * Note, this is too large to fit into the algorithm. Only use with PassGen
+ */
+ private static char passChars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+!@#$%^&*(){}[]?:;,.".toCharArray();
+
+
+ private static Symm internalOnly = null;
+
+ /**
+ * Use this to create special case Case Sets and/or Line breaks
+ *
+ * If you don't know why you need this, use the Singleton Method
+ *
+ * @param codeset
+ * @param split
+ */
+ public Symm(char[] codeset, int split, String charset, boolean useEndEquals) {
+ this.codeset = codeset;
+ splitLinesAt = split;
+ encoding = charset;
+ endEquals = useEndEquals;
+ char prev = 0, curr=0, first = 0;
+ int offset=Integer.SIZE; // something that's out of range for integer array
+
+ // There can be time efficiencies gained when the underlying keyset consists mainly of ordered
+ // data (i.e. abcde...). Therefore, we'll quickly analyze the keyset. If it proves to have
+ // too much entropy, the "Unordered" algorithm, which is faster in such cases is used.
+ ArrayList<int[]> la = new ArrayList<>();
+ for(int i=0;i<codeset.length;++i) {
+ curr = codeset[i];
+ if(prev+1==curr) { // is next character in set
+ prev = curr;
+ } else {
+ if(offset!=Integer.SIZE) { // add previous range
+ la.add(new int[]{first,prev,offset});
+ }
+ first = prev = curr;
+ offset = curr-i;
+ }
+ }
+ la.add(new int[]{first,curr,offset});
+ if(la.size()>codeset.length/3) {
+ convert = new Unordered(codeset);
+ } else { // too random to get speed enhancement from range algorithm
+ int[][] range = new int[la.size()][];
+ la.toArray(range);
+ convert = new Ordered(range);
+ }
+ }
+
+ public Symm copy(int lines) {
+ return new Symm(codeset,lines,encoding,endEquals);
+ }
+
+ // Only used by keygen, which is intentionally randomized. Therefore, always use unordered
+ private Symm(char[] codeset, Symm parent) {
+ this.codeset = codeset;
+ splitLinesAt = parent.splitLinesAt;
+ endEquals = parent.endEquals;
+ encoding = parent.encoding;
+ convert = new Unordered(codeset);
+ }
+
+ /**
+ * Obtain the base64() behavior of this class, for use in standard BASIC AUTH mechanism, etc.
+ * @return
+ */
+ @Deprecated
+ public static final Symm base64() {
+ return base64;
+ }
+
+ /**
+ * Obtain the base64() behavior of this class, for use in standard BASIC AUTH mechanism, etc.
+ * No Line Splitting
+ * @return
+ */
+ @Deprecated
+ public static final Symm base64noSplit() {
+ return base64noSplit;
+ }
+
+ /**
+ * Obtain the base64 "URL" behavior of this class, for use in File Names, etc. (no "/")
+ */
+ @Deprecated
+ public static final Symm base64url() {
+ return base64url;
+ }
+
+ /**
+ * Obtain a special ASCII version for Scripting, with base set of base64url use in File Names, etc. (no "/")
+ */
+ public static final Symm baseCrypt() {
+ return encrypt;
+ }
+
+ public <T> T exec(SyncExec<T> exec) throws Exception {
+ synchronized(LOCK) {
+ if(keyBytes == null) {
+ keyBytes = new byte[AES.AES_KEY_SIZE/8];
+ int offset = (Math.abs(codeset[0])+47)%(codeset.length-keyBytes.length);
+ for(int i=0;i<keyBytes.length;++i) {
+ keyBytes[i] = (byte)codeset[i+offset];
+ }
+ }
+ }
+ return exec.exec(new AES(keyBytes,0,keyBytes.length));
+ }
+
+ public interface Encryption {
+ public CipherOutputStream outputStream(OutputStream os, boolean encrypt);
+ public CipherInputStream inputStream(InputStream is, boolean encrypt);
+ }
+
+ public static interface SyncExec<T> {
+ public T exec(Encryption enc) throws IOException, Exception;
+ }
+
public byte[] encode(byte[] toEncrypt) throws IOException {
- if(toEncrypt==null) {
- return EMPTY;
- } else {
- ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(toEncrypt.length*1.25));
- encode(new ByteArrayInputStream(toEncrypt),baos);
- return baos.toByteArray();
- }
- }
+ if(toEncrypt==null) {
+ return EMPTY;
+ } else {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(toEncrypt.length*1.25));
+ encode(new ByteArrayInputStream(toEncrypt),baos);
+ return baos.toByteArray();
+ }
+ }
public byte[] decode(byte[] encrypted) throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(encrypted.length*1.25));
- decode(new ByteArrayInputStream(encrypted),baos);
- return baos.toByteArray();
- }
+ ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(encrypted.length*1.25));
+ decode(new ByteArrayInputStream(encrypted),baos);
+ return baos.toByteArray();
+ }
- /**
+ /**
* Helper function for String API of "Encode"
* use "getBytes" with appropriate char encoding, etc.
*
@@ -255,22 +255,22 @@ public class Symm {
* @throws IOException
*/
public String encode(String str) throws IOException {
- byte[] array;
- boolean useDefaultEncoding = false;
- try {
- array = str.getBytes(encoding);
- } catch (IOException e) {
- array = str.getBytes(); // take default
- useDefaultEncoding = true;
- }
- // Calculate expected size to avoid any buffer expansion copies within the ByteArrayOutput code
- ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(array.length*1.363)); // account for 4 bytes for 3 and a byte or two more
-
- encode(new ByteArrayInputStream(array),baos);
- if (useDefaultEncoding) {
- return baos.toString();
- }
- return baos.toString(encoding);
+ byte[] array;
+ boolean useDefaultEncoding = false;
+ try {
+ array = str.getBytes(encoding);
+ } catch (IOException e) {
+ array = str.getBytes(); // take default
+ useDefaultEncoding = true;
+ }
+ // Calculate expected size to avoid any buffer expansion copies within the ByteArrayOutput code
+ ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(array.length*1.363)); // account for 4 bytes for 3 and a byte or two more
+
+ encode(new ByteArrayInputStream(array),baos);
+ if (useDefaultEncoding) {
+ return baos.toString();
+ }
+ return baos.toString(encoding);
}
/**
@@ -281,24 +281,24 @@ public class Symm {
* @throws IOException
*/
public String decode(String str) throws IOException {
- byte[] array;
- boolean useDefaultEncoding = false;
- try {
- array = str.getBytes(encoding);
- } catch (IOException e) {
- array = str.getBytes(); // take default
- useDefaultEncoding = true;
- }
- // Calculate expected size to avoid any buffer expansion copies within the ByteArrayOutput code
- ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(array.length*.76)); // Decoding is 3 bytes for 4. Allocate slightly more than 3/4s
- decode(new ByteArrayInputStream(array), baos);
- if (useDefaultEncoding) {
- return baos.toString();
- }
- return baos.toString(encoding);
- }
-
- /**
+ byte[] array;
+ boolean useDefaultEncoding = false;
+ try {
+ array = str.getBytes(encoding);
+ } catch (IOException e) {
+ array = str.getBytes(); // take default
+ useDefaultEncoding = true;
+ }
+ // Calculate expected size to avoid any buffer expansion copies within the ByteArrayOutput code
+ ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(array.length*.76)); // Decoding is 3 bytes for 4. Allocate slightly more than 3/4s
+ decode(new ByteArrayInputStream(array), baos);
+ if (useDefaultEncoding) {
+ return baos.toString();
+ }
+ return baos.toString(encoding);
+ }
+
+ /**
* Convenience Function
*
* encode String into InputStream and call encode(InputStream, OutputStream)
@@ -307,29 +307,29 @@ public class Symm {
* @param out
* @throws IOException
*/
- public void encode(String string, OutputStream out) throws IOException {
- encode(new ByteArrayInputStream(string.getBytes()),out);
- }
-
- /**
- * Convenience Function
- *
- * encode String into InputStream and call decode(InputStream, OutputStream)
- *
- * @param string
- * @param out
- * @throws IOException
- */
- public void decode(String string, OutputStream out) throws IOException {
- decode(new ByteArrayInputStream(string.getBytes()),out);
- }
+ public void encode(String string, OutputStream out) throws IOException {
+ encode(new ByteArrayInputStream(string.getBytes()),out);
+ }
+
+ /**
+ * Convenience Function
+ *
+ * encode String into InputStream and call decode(InputStream, OutputStream)
+ *
+ * @param string
+ * @param out
+ * @throws IOException
+ */
+ public void decode(String string, OutputStream out) throws IOException {
+ decode(new ByteArrayInputStream(string.getBytes()),out);
+ }
public void encode(InputStream is, OutputStream os, byte[] prefix) throws IOException {
- os.write(prefix);
- encode(is,os);
+ os.write(prefix);
+ encode(is,os);
}
- /**
+ /**
* encode InputStream onto Output Stream
*
* @param is
@@ -338,95 +338,95 @@ public class Symm {
* @throws IOException
*/
public void encode(InputStream is, OutputStream os) throws IOException {
- // StringBuilder sb = new StringBuilder((int)(estimate*1.255)); // try to get the right size of StringBuilder from start.. slightly more than 1.25 times
- int prev=0;
- int read, idx=0, line=0;
- boolean go;
- do {
- read = is.read();
- if(go = read>=0) {
- if(line>=splitLinesAt) {
- os.write('\n');
- line = 0;
- }
- switch(++idx) { // 1 based reading, slightly faster ++
- case 1: // ptr is the first 6 bits of read
- os.write(codeset[read>>2]);
- prev = read;
- break;
- case 2: // ptr is the last 2 bits of prev followed by the first 4 bits of read
- os.write(codeset[((prev & 0x03)<<4) | (read>>4)]);
- prev = read;
- break;
- default: //(3+)
- // Char 1 is last 4 bits of prev plus the first 2 bits of read
- // Char 2 is the last 6 bits of read
- os.write(codeset[(((prev & 0xF)<<2) | (read>>6))]);
- if(line==splitLinesAt) { // deal with line splitting for two characters
- os.write('\n');
- line=0;
- }
- os.write(codeset[(read & 0x3F)]);
- ++line;
- idx = 0;
- prev = 0;
- }
- ++line;
- } else { // deal with any remaining bits from Prev, then pad
- switch(idx) {
- case 1: // just the last 2 bits of prev
- os.write(codeset[(prev & 0x03)<<4]);
- if(endEquals)os.write(DOUBLE_EQ);
- break;
- case 2: // just the last 4 bits of prev
- os.write(codeset[(prev & 0xF)<<2]);
- if(endEquals)os.write('=');
- break;
- }
- idx = 0;
- }
-
- } while(go);
+ // StringBuilder sb = new StringBuilder((int)(estimate*1.255)); // try to get the right size of StringBuilder from start.. slightly more than 1.25 times
+ int prev=0;
+ int read, idx=0, line=0;
+ boolean go;
+ do {
+ read = is.read();
+ if(go = read>=0) {
+ if(line>=splitLinesAt) {
+ os.write('\n');
+ line = 0;
+ }
+ switch(++idx) { // 1 based reading, slightly faster ++
+ case 1: // ptr is the first 6 bits of read
+ os.write(codeset[read>>2]);
+ prev = read;
+ break;
+ case 2: // ptr is the last 2 bits of prev followed by the first 4 bits of read
+ os.write(codeset[((prev & 0x03)<<4) | (read>>4)]);
+ prev = read;
+ break;
+ default: //(3+)
+ // Char 1 is last 4 bits of prev plus the first 2 bits of read
+ // Char 2 is the last 6 bits of read
+ os.write(codeset[(((prev & 0xF)<<2) | (read>>6))]);
+ if(line==splitLinesAt) { // deal with line splitting for two characters
+ os.write('\n');
+ line=0;
+ }
+ os.write(codeset[(read & 0x3F)]);
+ ++line;
+ idx = 0;
+ prev = 0;
+ }
+ ++line;
+ } else { // deal with any remaining bits from Prev, then pad
+ switch(idx) {
+ case 1: // just the last 2 bits of prev
+ os.write(codeset[(prev & 0x03)<<4]);
+ if(endEquals)os.write(DOUBLE_EQ);
+ break;
+ case 2: // just the last 4 bits of prev
+ os.write(codeset[(prev & 0xF)<<2]);
+ if(endEquals)os.write('=');
+ break;
+ }
+ idx = 0;
+ }
+
+ } while(go);
}
public void decode(InputStream is, OutputStream os, int skip) throws IOException {
- if(is.skip(skip)!=skip) {
- throw new IOException("Error skipping on IOStream in Symm");
- }
- decode(is,os);
+ if(is.skip(skip)!=skip) {
+ throw new IOException("Error skipping on IOStream in Symm");
+ }
+ decode(is,os);
}
/**
- * Decode InputStream onto OutputStream
- * @param is
- * @param os
- * @throws IOException
- */
+ * Decode InputStream onto OutputStream
+ * @param is
+ * @param os
+ * @throws IOException
+ */
public void decode(InputStream is, OutputStream os) throws IOException {
- int read, idx=0;
- int prev=0, index;
- while((read = is.read())>=0) {
- index = convert.convert(read);
- if(index>=0) {
- switch(++idx) { // 1 based cases, slightly faster ++
- case 1: // index goes into first 6 bits of prev
- prev = index<<2;
- break;
- case 2: // write second 2 bits of into prev, write byte, last 4 bits go into prev
- os.write((byte)(prev|(index>>4)));
- prev = index<<4;
- break;
- case 3: // first 4 bits of index goes into prev, write byte, last 2 bits go into prev
- os.write((byte)(prev|(index>>2)));
- prev = index<<6;
- break;
- default: // (3+) | prev and last six of index
- os.write((byte)(prev|(index&0x3F)));
- idx = prev = 0;
- }
- }
- };
- os.flush();
+ int read, idx=0;
+ int prev=0, index;
+ while((read = is.read())>=0) {
+ index = convert.convert(read);
+ if(index>=0) {
+ switch(++idx) { // 1 based cases, slightly faster ++
+ case 1: // index goes into first 6 bits of prev
+ prev = index<<2;
+ break;
+ case 2: // write second 2 bits of into prev, write byte, last 4 bits go into prev
+ os.write((byte)(prev|(index>>4)));
+ prev = index<<4;
+ break;
+ case 3: // first 4 bits of index goes into prev, write byte, last 2 bits go into prev
+ os.write((byte)(prev|(index>>2)));
+ prev = index<<6;
+ break;
+ default: // (3+) | prev and last six of index
+ os.write((byte)(prev|(index&0x3F)));
+ idx = prev = 0;
+ }
+ }
+ };
+ os.flush();
}
/**
@@ -435,7 +435,7 @@ public class Symm {
*
*/
private interface Convert {
- public int convert(int read) throws IOException;
+ public int convert(int read) throws IOException;
}
/**
@@ -445,27 +445,27 @@ public class Symm {
*
*/
private static final class Ordered implements Convert {
- private int[][] range;
- public Ordered(int[][] range) {
- this.range = range;
- }
- public int convert(int read) throws IOException {
- // System.out.print((char)read);
- switch(read) {
- case -1:
- case '=':
- case ' ':
- case '\n':
- case '\r':
- return -1;
- }
- for(int i=0;i<range.length;++i) {
- if(read >= range[i][0] && read<=range[i][1]) {
- return read-range[i][2];
- }
- }
- throw new IOException("Unacceptable Character in Stream");
- }
+ private int[][] range;
+ public Ordered(int[][] range) {
+ this.range = range;
+ }
+ public int convert(int read) throws IOException {
+ // System.out.print((char)read);
+ switch(read) {
+ case -1:
+ case '=':
+ case ' ':
+ case '\n':
+ case '\r':
+ return -1;
+ }
+ for(int i=0;i<range.length;++i) {
+ if(read >= range[i][0] && read<=range[i][1]) {
+ return read-range[i][2];
+ }
+ }
+ throw new IOException("Unacceptable Character in Stream");
+ }
}
/**
@@ -475,24 +475,24 @@ public class Symm {
*
*/
private static final class Unordered implements Convert {
- private char[] codec;
- public Unordered(char[] codec) {
- this.codec = codec;
- }
- public int convert(int read) throws IOException {
- switch(read) {
- case -1:
- case '=':
- case '\n':
- case '\r':
- return -1;
- }
- for(int i=0;i<codec.length;++i) {
- if(codec[i]==read)return i;
- }
- // don't give clue in Encryption mode
- throw new IOException("Unacceptable Character in Stream");
- }
+ private char[] codec;
+ public Unordered(char[] codec) {
+ this.codec = codec;
+ }
+ public int convert(int read) throws IOException {
+ switch(read) {
+ case -1:
+ case '=':
+ case '\n':
+ case '\r':
+ return -1;
+ }
+ for(int i=0;i<codec.length;++i) {
+ if(codec[i]==read)return i;
+ }
+ // don't give clue in Encryption mode
+ throw new IOException("Unacceptable Character in Stream");
+ }
}
/**
@@ -502,34 +502,34 @@ public class Symm {
* @throws IOException
*/
public static byte[] keygen() throws IOException {
- byte inkey[] = new byte[0x600];
- new SecureRandom().nextBytes(inkey);
- ByteArrayOutputStream baos = new ByteArrayOutputStream(0x800);
- base64url.encode(new ByteArrayInputStream(inkey), baos);
- return baos.toByteArray();
+ byte inkey[] = new byte[0x600];
+ new SecureRandom().nextBytes(inkey);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream(0x800);
+ base64url.encode(new ByteArrayInputStream(inkey), baos);
+ return baos.toByteArray();
}
// A class allowing us to be less predictable about significant digits (i.e. not picking them up from the
// beginning, and not picking them up in an ordered row. Gives a nice 2048 with no visible patterns.
private class Obtain {
- private int last;
- private int skip;
- private int length;
- private byte[] key;
+ private int last;
+ private int skip;
+ private int length;
+ private byte[] key;
- private Obtain(Symm b64, byte[] key) {
- skip = Math.abs(key[key.length-13]%key.length);
- if((key.length&0x1) == (skip&0x1)) { // if both are odd or both are even
- ++skip;
- }
- length = b64.codeset.length;
- last = 17+length%59; // never start at beginning
- this.key = key;
- }
-
- private int next() {
- return Math.abs(key[(++last*skip)%key.length])%length;
- }
+ private Obtain(Symm b64, byte[] key) {
+ skip = Math.abs(key[key.length-13]%key.length);
+ if((key.length&0x1) == (skip&0x1)) { // if both are odd or both are even
+ ++skip;
+ }
+ length = b64.codeset.length;
+ last = 17+length%59; // never start at beginning
+ this.key = key;
+ }
+
+ private int next() {
+ return Math.abs(key[(++last*skip)%key.length])%length;
+ }
};
/**
@@ -541,55 +541,55 @@ public class Symm {
* @throws CadiException
*/
public static Symm obtain(Access access) throws CadiException {
- String keyfile = access.getProperty(Config.CADI_KEYFILE,null);
- if(keyfile!=null) {
- Symm symm = Symm.baseCrypt();
-
- File file = new File(keyfile);
- try {
- access.log(Level.INIT, Config.CADI_KEYFILE,"points to",file.getCanonicalPath());
- } catch (IOException e1) {
- access.log(Level.INIT, Config.CADI_KEYFILE,"points to",file.getAbsolutePath());
- }
- if(file.exists()) {
- try {
- FileInputStream fis = new FileInputStream(file);
- try {
- symm = Symm.obtain(fis);
- } finally {
- try {
- fis.close();
- } catch (IOException e) {
- }
- }
- } catch (IOException e) {
- access.log(e, "Cannot load keyfile");
- }
- } else {
- String filename;
- try {
- filename = file.getCanonicalPath();
- } catch (IOException e) {
- filename = file.getAbsolutePath();
- }
- throw new CadiException("ERROR: " + filename + " does not exist!");
- }
- return symm;
- } else {
- try {
- return internalOnly();
- } catch (IOException e) {
- throw new CadiException(e);
- }
- }
+ String keyfile = access.getProperty(Config.CADI_KEYFILE,null);
+ if(keyfile!=null) {
+ Symm symm = Symm.baseCrypt();
+
+ File file = new File(keyfile);
+ try {
+ access.log(Level.INIT, Config.CADI_KEYFILE,"points to",file.getCanonicalPath());
+ } catch (IOException e1) {
+ access.log(Level.INIT, Config.CADI_KEYFILE,"points to",file.getAbsolutePath());
+ }
+ if(file.exists()) {
+ try {
+ FileInputStream fis = new FileInputStream(file);
+ try {
+ symm = Symm.obtain(fis);
+ } finally {
+ try {
+ fis.close();
+ } catch (IOException e) {
+ }
+ }
+ } catch (IOException e) {
+ access.log(e, "Cannot load keyfile");
+ }
+ } else {
+ String filename;
+ try {
+ filename = file.getCanonicalPath();
+ } catch (IOException e) {
+ filename = file.getAbsolutePath();
+ }
+ throw new CadiException("ERROR: " + filename + " does not exist!");
+ }
+ return symm;
+ } else {
+ try {
+ return internalOnly();
+ } catch (IOException e) {
+ throw new CadiException(e);
+ }
+ }
}
/**
* Create a new random key
*/
public Symm obtain() throws IOException {
- byte inkey[] = new byte[0x800];
- new SecureRandom().nextBytes(inkey);
- return obtain(inkey);
+ byte inkey[] = new byte[0x800];
+ new SecureRandom().nextBytes(inkey);
+ return obtain(inkey);
}
/**
@@ -600,7 +600,7 @@ public class Symm {
* @throws IOException
*/
public static Symm obtain(String key) throws IOException {
- return obtain(new ByteArrayInputStream(key.getBytes()));
+ return obtain(new ByteArrayInputStream(key.getBytes()));
}
/**
@@ -611,18 +611,18 @@ public class Symm {
* @throws IOException
*/
public static Symm obtain(InputStream is) throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- try {
- base64url.decode(is, baos);
- } catch (IOException e) {
- // don't give clue
- throw new IOException("Invalid Key");
- }
- byte[] bkey = baos.toByteArray();
- if(bkey.length<0x88) { // 2048 bit key
- throw new IOException("Invalid key");
- }
- return baseCrypt().obtain(bkey);
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ try {
+ base64url.decode(is, baos);
+ } catch (IOException e) {
+ // don't give clue
+ throw new IOException("Invalid Key");
+ }
+ byte[] bkey = baos.toByteArray();
+ if(bkey.length<0x88) { // 2048 bit key
+ throw new IOException("Invalid key");
+ }
+ return baseCrypt().obtain(bkey);
}
/**
@@ -633,12 +633,12 @@ public class Symm {
* @throws IOException
*/
public static Symm obtain(File f) throws IOException {
- FileInputStream fis = new FileInputStream(f);
- try {
- return obtain(fis);
- } finally {
- fis.close();
- }
+ FileInputStream fis = new FileInputStream(f);
+ try {
+ return obtain(fis);
+ } finally {
+ fis.close();
+ }
}
/**
* Decrypt into a String
@@ -650,9 +650,9 @@ public class Symm {
* @throws IOException
*/
public String enpass(String password) throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- enpass(password,baos);
- return new String(baos.toByteArray());
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ enpass(password,baos);
+ return new String(baos.toByteArray());
}
/**
@@ -663,65 +663,65 @@ public class Symm {
* @throws IOException
*/
public void enpass(final String password, final OutputStream os) throws IOException {
- if(password==null) {
- throw new IOException("Invalid password passed");
- }
- final ByteArrayOutputStream baos = new ByteArrayOutputStream();
- DataOutputStream dos = new DataOutputStream(baos);
- byte[] bytes = password.getBytes();
- if(this.getClass().getSimpleName().startsWith("base64")) { // don't expose randomization
- dos.write(bytes);
- } else {
-
- Random r = new SecureRandom();
- int start = 0;
- byte b;
- for(int i=0;i<3;++i) {
- dos.writeByte(b=(byte)r.nextInt());
- start+=Math.abs(b);
- }
- start%=0x7;
- for(int i=0;i<start;++i) {
- dos.writeByte(r.nextInt());
- }
- dos.writeInt((int)System.currentTimeMillis());
- int minlength = Math.min(0x9,bytes.length);
- dos.writeByte(minlength); // expect truncation
- if(bytes.length<0x9) {
- for(int i=0;i<bytes.length;++i) {
- dos.writeByte(r.nextInt());
- dos.writeByte(bytes[i]);
- }
- // make sure it's long enough
- for(int i=bytes.length;i<0x9;++i) {
- dos.writeByte(r.nextInt());
- }
- } else {
- dos.write(bytes);
- }
- }
-
- // 7/21/2016 Jonathan add AES Encryption to the mix
- try {
- exec(new SyncExec<Void>() {
- @Override
- public Void exec(Encryption enc) throws Exception {
- CipherInputStream cis = enc.inputStream(new ByteArrayInputStream(baos.toByteArray()), true);
- try {
- encode(cis,os);
- } finally {
- os.flush();
- cis.close();
- }
- return null;
- }
- });
- } catch (IOException e) {
- throw e;
- } catch (Exception e) {
- throw new IOException(e);
- }
- }
+ if(password==null) {
+ throw new IOException("Invalid password passed");
+ }
+ final ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ DataOutputStream dos = new DataOutputStream(baos);
+ byte[] bytes = password.getBytes();
+ if(this.getClass().getSimpleName().startsWith("base64")) { // don't expose randomization
+ dos.write(bytes);
+ } else {
+
+ Random r = new SecureRandom();
+ int start = 0;
+ byte b;
+ for(int i=0;i<3;++i) {
+ dos.writeByte(b=(byte)r.nextInt());
+ start+=Math.abs(b);
+ }
+ start%=0x7;
+ for(int i=0;i<start;++i) {
+ dos.writeByte(r.nextInt());
+ }
+ dos.writeInt((int)System.currentTimeMillis());
+ int minlength = Math.min(0x9,bytes.length);
+ dos.writeByte(minlength); // expect truncation
+ if(bytes.length<0x9) {
+ for(int i=0;i<bytes.length;++i) {
+ dos.writeByte(r.nextInt());
+ dos.writeByte(bytes[i]);
+ }
+ // make sure it's long enough
+ for(int i=bytes.length;i<0x9;++i) {
+ dos.writeByte(r.nextInt());
+ }
+ } else {
+ dos.write(bytes);
+ }
+ }
+
+ // 7/21/2016 Jonathan add AES Encryption to the mix
+ try {
+ exec(new SyncExec<Void>() {
+ @Override
+ public Void exec(Encryption enc) throws Exception {
+ CipherInputStream cis = enc.inputStream(new ByteArrayInputStream(baos.toByteArray()), true);
+ try {
+ encode(cis,os);
+ } finally {
+ os.flush();
+ cis.close();
+ }
+ return null;
+ }
+ });
+ } catch (IOException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new IOException(e);
+ }
+ }
/**
* Decrypt a password into a String
@@ -733,10 +733,10 @@ public class Symm {
* @throws IOException
*/
public String depass(String password) throws IOException {
- if(password==null)return null;
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- depass(password,baos);
- return new String(baos.toByteArray());
+ if(password==null)return null;
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ depass(password,baos);
+ return new String(baos.toByteArray());
}
/**
@@ -750,68 +750,68 @@ public class Symm {
* @throws IOException
*/
public long depass(final String password, final OutputStream os) throws IOException {
- int offset = password.startsWith(ENC)?4:0;
- final ByteArrayOutputStream baos = new ByteArrayOutputStream();
- final ByteArrayInputStream bais = new ByteArrayInputStream(password.getBytes(),offset,password.length()-offset);
- try {
- exec(new SyncExec<Void>() {
- @Override
- public Void exec(Encryption enc) throws IOException {
- CipherOutputStream cos = enc.outputStream(baos, false);
- decode(bais,cos);
- cos.close(); // flush
- return null;
- }
- });
- } catch (IOException e) {
- throw e;
- } catch (Exception e) {
- throw new IOException(e);
- }
-
- byte[] bytes = baos.toByteArray();
- DataInputStream dis = new DataInputStream(new ByteArrayInputStream(bytes));
- long time;
- if(this.getClass().getSimpleName().startsWith("base64")) { // don't expose randomization
- os.write(bytes);
- time = 0L;
- } else {
- int start=0;
- for(int i=0;i<3;++i) {
- start+=Math.abs(dis.readByte());
- }
- start%=0x7;
- for(int i=0;i<start;++i) {
- dis.readByte();
- }
- time = (dis.readInt() & 0xFFFF)|(System.currentTimeMillis()&0xFFFF0000);
- int minlength = dis.readByte();
- if(minlength<0x9){
- DataOutputStream dos = new DataOutputStream(os);
- for(int i=0;i<minlength;++i) {
- dis.readByte();
- dos.writeByte(dis.readByte());
- }
- } else {
- int pre =((Byte.SIZE*3+Integer.SIZE+Byte.SIZE)/Byte.SIZE)+start;
- os.write(bytes, pre, bytes.length-pre);
- }
- }
- return time;
+ int offset = password.startsWith(ENC)?4:0;
+ final ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ final ByteArrayInputStream bais = new ByteArrayInputStream(password.getBytes(),offset,password.length()-offset);
+ try {
+ exec(new SyncExec<Void>() {
+ @Override
+ public Void exec(Encryption enc) throws IOException {
+ CipherOutputStream cos = enc.outputStream(baos, false);
+ decode(bais,cos);
+ cos.close(); // flush
+ return null;
+ }
+ });
+ } catch (IOException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new IOException(e);
+ }
+
+ byte[] bytes = baos.toByteArray();
+ DataInputStream dis = new DataInputStream(new ByteArrayInputStream(bytes));
+ long time;
+ if(this.getClass().getSimpleName().startsWith("base64")) { // don't expose randomization
+ os.write(bytes);
+ time = 0L;
+ } else {
+ int start=0;
+ for(int i=0;i<3;++i) {
+ start+=Math.abs(dis.readByte());
+ }
+ start%=0x7;
+ for(int i=0;i<start;++i) {
+ dis.readByte();
+ }
+ time = (dis.readInt() & 0xFFFF)|(System.currentTimeMillis()&0xFFFF0000);
+ int minlength = dis.readByte();
+ if(minlength<0x9){
+ DataOutputStream dos = new DataOutputStream(os);
+ for(int i=0;i<minlength;++i) {
+ dis.readByte();
+ dos.writeByte(dis.readByte());
+ }
+ } else {
+ int pre =((Byte.SIZE*3+Integer.SIZE+Byte.SIZE)/Byte.SIZE)+start;
+ os.write(bytes, pre, bytes.length-pre);
+ }
+ }
+ return time;
}
public static String randomGen(int numBytes) {
- return randomGen(passChars,numBytes);
+ return randomGen(passChars,numBytes);
}
public static String randomGen(char[] chars ,int numBytes) {
- int rint;
- StringBuilder sb = new StringBuilder(numBytes);
- for(int i=0;i<numBytes;++i) {
- rint = random.nextInt(chars.length);
- sb.append(chars[rint]);
- }
- return sb.toString();
+ int rint;
+ StringBuilder sb = new StringBuilder(numBytes);
+ for(int i=0;i<numBytes;++i) {
+ rint = random.nextInt(chars.length);
+ sb.append(chars[rint]);
+ }
+ return sb.toString();
}
// Internal mechanism for helping to randomize placement of characters within a Symm codeset
// Based on an incoming data stream (originally created randomly, but can be recreated within
@@ -821,52 +821,52 @@ public class Symm {
// shuffled for a good spread. It is, however, repeatable, given the same number set, allowing for
// quick recreation when the official stream is actually obtained.
public Symm obtain(byte[] key) throws IOException {
- int filled = codeset.length;
- char[] seq = new char[filled];
- int end = filled--;
-
- boolean right = true;
- int index;
- Obtain o = new Obtain(this,key);
-
- while(filled>=0) {
- index = o.next();
- if(index<0 || index>=codeset.length) {
- System.out.println("uh, oh");
- }
- if(right) { // alternate going left or right to find the next open slot (keeps it from taking too long to hit something)
- for(int j=index;j<end;++j) {
- if(seq[j]==0) {
- seq[j]=codeset[filled];
- --filled;
- break;
- }
- }
- right = false;
- } else {
- for(int j=index;j>=0;--j) {
- if(seq[j]==0) {
- seq[j]=codeset[filled];
- --filled;
- break;
- }
- }
- right = true;
- }
- }
- Symm newSymm = new Symm(seq,this);
- // Set the KeyBytes
- try {
- newSymm.keyBytes = new byte[AES.AES_KEY_SIZE/8];
- int offset = (Math.abs(key[(47%key.length)])+137)%(key.length-newSymm.keyBytes.length);
- for(int i=0;i<newSymm.keyBytes.length;++i) {
- newSymm.keyBytes[i] = key[i+offset];
- }
- } catch (Exception e) {
- throw new IOException(e);
- }
-
- return newSymm;
+ int filled = codeset.length;
+ char[] seq = new char[filled];
+ int end = filled--;
+
+ boolean right = true;
+ int index;
+ Obtain o = new Obtain(this,key);
+
+ while(filled>=0) {
+ index = o.next();
+ if(index<0 || index>=codeset.length) {
+ System.out.println("uh, oh");
+ }
+ if(right) { // alternate going left or right to find the next open slot (keeps it from taking too long to hit something)
+ for(int j=index;j<end;++j) {
+ if(seq[j]==0) {
+ seq[j]=codeset[filled];
+ --filled;
+ break;
+ }
+ }
+ right = false;
+ } else {
+ for(int j=index;j>=0;--j) {
+ if(seq[j]==0) {
+ seq[j]=codeset[filled];
+ --filled;
+ break;
+ }
+ }
+ right = true;
+ }
+ }
+ Symm newSymm = new Symm(seq,this);
+ // Set the KeyBytes
+ try {
+ newSymm.keyBytes = new byte[AES.AES_KEY_SIZE/8];
+ int offset = (Math.abs(key[(47%key.length)])+137)%(key.length-newSymm.keyBytes.length);
+ for(int i=0;i<newSymm.keyBytes.length;++i) {
+ newSymm.keyBytes[i] = key[i+offset];
+ }
+ } catch (Exception e) {
+ throw new IOException(e);
+ }
+
+ return newSymm;
}
/**
@@ -876,14 +876,14 @@ public class Symm {
* @throws IOException
*/
public static synchronized Symm internalOnly() throws IOException {
- if(internalOnly==null) {
- ByteArrayInputStream baos = new ByteArrayInputStream(keygen());
- try {
- internalOnly = Symm.obtain(baos);
- } finally {
- baos.close();
- }
- }
- return internalOnly;
+ if(internalOnly==null) {
+ ByteArrayInputStream baos = new ByteArrayInputStream(keygen());
+ try {
+ internalOnly = Symm.obtain(baos);
+ } finally {
+ baos.close();
+ }
+ }
+ return internalOnly;
}
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Taf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Taf.java
index 1767258c..771ebcf4 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Taf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Taf.java
@@ -36,22 +36,22 @@ import org.onap.aaf.cadi.taf.TafResp;
*
*/
public interface Taf {
- enum LifeForm {CBLF, SBLF, LFN};
- /**
- * The lifeForm param is a humorous way of describing whether the interaction is proceeding from direct Human Interaction via a browser
- * or App which can directly query a memorized password, key sequence, bio-feedback, from that user, or a machine mechanism for which identity
- * can more easily be determined by Certificate, Mechanical ID/Password etc. Popularized in modern culture and Science Fiction (especially
- * Star Trek), we (starting with Robert Garskof) use the terms "Carbon Based Life Form" (CBLF) for mechanisms with people at the end of them, or
- * "Silicon Based Life Forms" (SBLF) to indicate machine only interactions. I have added "LFN" for (Life-Form Neutral) to aid identifying
- * processes for which it doesn't matter whether there is a human at the immediate end of the chain, or cannot be determined mechanically.
- *
- * The variable parameter is not necessarily ideal, but with too many unknown Tafs to be created, flexibility,
- * is unfortunately required at this point. Future versions could lock this down more. Jonathan 10/18/2012
- *
- * @param lifeForm
- * @param info
- * @return
- */
- public TafResp validate(LifeForm reading, String ... info);
-
+ enum LifeForm {CBLF, SBLF, LFN};
+ /**
+ * The lifeForm param is a humorous way of describing whether the interaction is proceeding from direct Human Interaction via a browser
+ * or App which can directly query a memorized password, key sequence, bio-feedback, from that user, or a machine mechanism for which identity
+ * can more easily be determined by Certificate, Mechanical ID/Password etc. Popularized in modern culture and Science Fiction (especially
+ * Star Trek), we (starting with Robert Garskof) use the terms "Carbon Based Life Form" (CBLF) for mechanisms with people at the end of them, or
+ * "Silicon Based Life Forms" (SBLF) to indicate machine only interactions. I have added "LFN" for (Life-Form Neutral) to aid identifying
+ * processes for which it doesn't matter whether there is a human at the immediate end of the chain, or cannot be determined mechanically.
+ *
+ * The variable parameter is not necessarily ideal, but with too many unknown Tafs to be created, flexibility,
+ * is unfortunately required at this point. Future versions could lock this down more. Jonathan 10/18/2012
+ *
+ * @param lifeForm
+ * @param info
+ * @return
+ */
+ public TafResp validate(LifeForm reading, String ... info);
+
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Transmutate.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Transmutate.java
index 63722253..1203b8d2 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/Transmutate.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Transmutate.java
@@ -35,11 +35,11 @@ import java.security.Principal;
*
*/
public interface Transmutate<T> {
- /**
- * Mutate the (assumed validated) Principal into the expected Principal name to be used to construct
- *
- * @param p
- * @return
- */
- public T mutate(Principal p);
+ /**
+ * Mutate the (assumed validated) Principal into the expected Principal name to be used to construct
+ *
+ * @param p
+ * @return
+ */
+ public T mutate(Principal p);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/TrustChecker.java b/cadi/core/src/main/java/org/onap/aaf/cadi/TrustChecker.java
index fabec0b0..6b1433f4 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/TrustChecker.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/TrustChecker.java
@@ -32,21 +32,21 @@ import org.onap.aaf.cadi.taf.TafResp;
*
*/
public interface TrustChecker {
- public TafResp mayTrust(TafResp tresp, HttpServletRequest req);
-
- /**
- * A class that trusts no-one else, so just return same TResp
- */
- public static TrustChecker NOTRUST = new TrustChecker() {
- @Override
- public TafResp mayTrust(TafResp tresp, HttpServletRequest req) {
- return tresp;
- }
+ public TafResp mayTrust(TafResp tresp, HttpServletRequest req);
+
+ /**
+ * A class that trusts no-one else, so just return same TResp
+ */
+ public static TrustChecker NOTRUST = new TrustChecker() {
+ @Override
+ public TafResp mayTrust(TafResp tresp, HttpServletRequest req) {
+ return tresp;
+ }
- @Override
- public void setLur(Lur lur) {
- }
- };
+ @Override
+ public void setLur(Lur lur) {
+ }
+ };
- public void setLur(Lur lur);
+ public void setLur(Lur lur);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/User.java b/cadi/core/src/main/java/org/onap/aaf/cadi/User.java
index 34aaf170..512f2e6a 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/User.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/User.java
@@ -36,142 +36,142 @@ import org.onap.aaf.cadi.lur.LocalPermission;
*
*/
public final class User<PERM extends Permission> {
- private static final Map<String,Permission> NULL_MAP = new HashMap<>();
- public String name;
- private byte[] cred;
- public Principal principal;
- Map<String, Permission> perms ;
- long permExpires;
- private final long interval;
- int count;
-
- // Note: This should only be used for Local RBAC (in memory)
- public User(Principal principal) {
- this.principal = principal;
- name = principal.getName();
- perms = NULL_MAP;
- permExpires = Long.MAX_VALUE; // Never. Well, until 64 bits of millis since 1970 expires...
- interval = 0L;
- count = 0;
- }
-
- public User(String name, byte[] cred) {
- this.principal = null;
- this.name = name;
- this.cred = cred;
- perms = NULL_MAP;
- permExpires = Long.MAX_VALUE; // Never. Well, until 64 bits of millis since 1970 expires...
- interval = 0L;
- count = 0;
- }
-
- public User(Principal principal, long expireInterval) {
- this.principal = principal;
- this.name = principal.getName();
- perms = NULL_MAP;
- expireInterval = Math.max(expireInterval, 0); // avoid < 1
- interval = Math.max(AbsUserCache.MIN_INTERVAL,Math.min(expireInterval,AbsUserCache.MAX_INTERVAL));
- count = 0;
- renewPerm();
- renewPerm();
- }
-
- public User(String name, byte[] cred, long expireInterval) {
- this.principal = null;
- this.name = name;
- this.cred = cred;
- perms = NULL_MAP;
- expireInterval = Math.max(expireInterval, 0); // avoid < 1
- interval = Math.max(AbsUserCache.MIN_INTERVAL,Math.min(expireInterval,AbsUserCache.MAX_INTERVAL));
- count = 0;
- renewPerm();
- }
-
- public void renewPerm() {
- permExpires = System.currentTimeMillis()+interval;
- }
-
- public long permExpires() {
- return permExpires;
- }
-
- public boolean permExpired() {
- return System.currentTimeMillis() > permExpires;
- }
-
- public boolean noPerms() {
- return perms==null || perms==NULL_MAP || perms.values().size()==0;
- }
-
- public synchronized void setNoPerms() {
- perms=NULL_MAP;
- renewPerm();
- }
-
- public boolean permsUnloaded() {
- return perms==null || perms==NULL_MAP;
- }
-
- public synchronized void incCount() {
- ++count;
- }
-
- public synchronized void resetCount() {
- count=0;
- }
-
- public Map<String,Permission> newMap() {
- return new ConcurrentHashMap<>();
- }
-
- public void add(LocalPermission permission) {
- if(perms==NULL_MAP) {
- perms=newMap();
- }
- perms.put(permission.getKey(),permission);
- }
-
- public void add(Map<String, Permission> newMap, PERM permission) {
- newMap.put(permission.getKey(),permission);
- }
-
- public synchronized void setMap(Map<String, Permission> newMap) {
- perms = newMap;
- renewPerm();
- }
-
- public boolean contains(Permission perm) {
- for (Permission p : perms.values()) {
- if (p.match(perm)) return true;
- }
- return false;
- }
-
- public void copyPermsTo(List<Permission> sink) {
- sink.addAll(perms.values());
- }
-
- public String toString() {
- StringBuilder sb = new StringBuilder();
- sb.append(principal.getName());
- sb.append('|');
- boolean first = true;
- synchronized(perms) {
- for(Permission gp : perms.values()) {
- if(first) {
- first = false;
- sb.append(':');
- } else {
- sb.append(',');
- }
- sb.append(gp.getKey());
- }
- }
- return sb.toString();
- }
-
- public byte[] getCred() {
- return cred;
- }
+ private static final Map<String,Permission> NULL_MAP = new HashMap<>();
+ public String name;
+ private byte[] cred;
+ public Principal principal;
+ Map<String, Permission> perms ;
+ long permExpires;
+ private final long interval;
+ int count;
+
+ // Note: This should only be used for Local RBAC (in memory)
+ public User(Principal principal) {
+ this.principal = principal;
+ name = principal.getName();
+ perms = NULL_MAP;
+ permExpires = Long.MAX_VALUE; // Never. Well, until 64 bits of millis since 1970 expires...
+ interval = 0L;
+ count = 0;
+ }
+
+ public User(String name, byte[] cred) {
+ this.principal = null;
+ this.name = name;
+ this.cred = cred;
+ perms = NULL_MAP;
+ permExpires = Long.MAX_VALUE; // Never. Well, until 64 bits of millis since 1970 expires...
+ interval = 0L;
+ count = 0;
+ }
+
+ public User(Principal principal, long expireInterval) {
+ this.principal = principal;
+ this.name = principal.getName();
+ perms = NULL_MAP;
+ expireInterval = Math.max(expireInterval, 0); // avoid < 1
+ interval = Math.max(AbsUserCache.MIN_INTERVAL,Math.min(expireInterval,AbsUserCache.MAX_INTERVAL));
+ count = 0;
+ renewPerm();
+ renewPerm();
+ }
+
+ public User(String name, byte[] cred, long expireInterval) {
+ this.principal = null;
+ this.name = name;
+ this.cred = cred;
+ perms = NULL_MAP;
+ expireInterval = Math.max(expireInterval, 0); // avoid < 1
+ interval = Math.max(AbsUserCache.MIN_INTERVAL,Math.min(expireInterval,AbsUserCache.MAX_INTERVAL));
+ count = 0;
+ renewPerm();
+ }
+
+ public void renewPerm() {
+ permExpires = System.currentTimeMillis()+interval;
+ }
+
+ public long permExpires() {
+ return permExpires;
+ }
+
+ public boolean permExpired() {
+ return System.currentTimeMillis() > permExpires;
+ }
+
+ public boolean noPerms() {
+ return perms==null || perms==NULL_MAP || perms.values().size()==0;
+ }
+
+ public synchronized void setNoPerms() {
+ perms=NULL_MAP;
+ renewPerm();
+ }
+
+ public boolean permsUnloaded() {
+ return perms==null || perms==NULL_MAP;
+ }
+
+ public synchronized void incCount() {
+ ++count;
+ }
+
+ public synchronized void resetCount() {
+ count=0;
+ }
+
+ public Map<String,Permission> newMap() {
+ return new ConcurrentHashMap<>();
+ }
+
+ public void add(LocalPermission permission) {
+ if(perms==NULL_MAP) {
+ perms=newMap();
+ }
+ perms.put(permission.getKey(),permission);
+ }
+
+ public void add(Map<String, Permission> newMap, PERM permission) {
+ newMap.put(permission.getKey(),permission);
+ }
+
+ public synchronized void setMap(Map<String, Permission> newMap) {
+ perms = newMap;
+ renewPerm();
+ }
+
+ public boolean contains(Permission perm) {
+ for (Permission p : perms.values()) {
+ if (p.match(perm)) return true;
+ }
+ return false;
+ }
+
+ public void copyPermsTo(List<Permission> sink) {
+ sink.addAll(perms.values());
+ }
+
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ sb.append(principal.getName());
+ sb.append('|');
+ boolean first = true;
+ synchronized(perms) {
+ for(Permission gp : perms.values()) {
+ if(first) {
+ first = false;
+ sb.append(':');
+ } else {
+ sb.append(',');
+ }
+ sb.append(gp.getKey());
+ }
+ }
+ return sb.toString();
+ }
+
+ public byte[] getCred() {
+ return cred;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/UserChain.java b/cadi/core/src/main/java/org/onap/aaf/cadi/UserChain.java
index 9d8f2b04..f6a98085 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/UserChain.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/UserChain.java
@@ -38,6 +38,6 @@ package org.onap.aaf.cadi;
*
*/
public interface UserChain {
- public enum Protocol {BasicAuth,Cookie,Cert,OAuth};
- public String userChain();
+ public enum Protocol {BasicAuth,Cookie,Cert,OAuth};
+ public String userChain();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index 8cb6ae06..4784d1ee 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -67,739 +67,739 @@ import org.onap.aaf.cadi.taf.dos.DenialOfServiceTaf;
*/
public class Config {
- private static final String AAF_V2_0 = "org.onap.aaf.cadi.aaf.v2_0";
- private static final String AAF_V2_0_AAFCON = AAF_V2_0+".AAFCon";
- private static final String AAF_V2_0_AAF_LUR_PERM = AAF_V2_0+".AAFLurPerm";
- private static final String OAUTH = "org.onap.auth.oauth";
- private static final String OAUTH_TOKEN_MGR = OAUTH+".TokenMgr";
- private static final String OAUTH_HTTP_TAF = OAUTH+".OAuth2HttpTaf";
- private static final String OAUTH_DIRECT_TAF = OAUTH+".OAuthDirectTAF";
- public static final String UTF_8 = "UTF-8";
-
- // Property Names associated with configurations.
- // As of 1.0.2, these have had the dots removed so as to be compatible with JavaBean style
- // configurations as well as property list style.
- public static final String HOSTNAME = "hostname";
- public static final String CADI_PROP_FILES = "cadi_prop_files"; // Additional Properties files (separate with ;)
- public static final String CADI_LOGLEVEL = "cadi_loglevel";
- public static final String CADI_LOGDIR = "cadi_log_dir";
- public static final String CADI_ETCDIR = "cadi_etc_dir";
- public static final String CADI_LOGNAME = "cadi_logname";
- public static final String CADI_KEYFILE = "cadi_keyfile";
- public static final String CADI_KEYSTORE = "cadi_keystore";
- public static final String CADI_KEYSTORE_PASSWORD = "cadi_keystore_password";
- public static final String CADI_ALIAS = "cadi_alias";
- public static final String CADI_LOGINPAGE_URL = "cadi_loginpage_url";
- public static final String CADI_LATITUDE = "cadi_latitude";
- public static final String CADI_LONGITUDE = "cadi_longitude";
-
-
- public static final String CADI_KEY_PASSWORD = "cadi_key_password";
- public static final String CADI_TRUSTSTORE = "cadi_truststore";
- public static final String CADI_TRUSTSTORE_PASSWORD = "cadi_truststore_password";
- public static final String CADI_X509_ISSUERS = "cadi_x509_issuers";
- public static final String CADI_TRUST_MASKS="cadi_trust_masks";
- public static final String CADI_TRUST_PERM="cadi_trust_perm"; // IDs with this perm can utilize the "AS " user concept
- public static final String CADI_PROTOCOLS = "cadi_protocols";
- public static final String CADI_NOAUTHN = "cadi_noauthn";
- public static final String CADI_LOC_LIST = "cadi_loc_list";
-
- public static final String CADI_USER_CHAIN_TAG = "cadi_user_chain";
- public static final String CADI_USER_CHAIN = "USER_CHAIN";
-
- public static final String CADI_OAUTH2_URL="cadi_oauth2_url";
- public static final String CADI_TOKEN_DIR = "cadi_token_dir";
+ private static final String AAF_V2_0 = "org.onap.aaf.cadi.aaf.v2_0";
+ private static final String AAF_V2_0_AAFCON = AAF_V2_0+".AAFCon";
+ private static final String AAF_V2_0_AAF_LUR_PERM = AAF_V2_0+".AAFLurPerm";
+ private static final String OAUTH = "org.onap.auth.oauth";
+ private static final String OAUTH_TOKEN_MGR = OAUTH+".TokenMgr";
+ private static final String OAUTH_HTTP_TAF = OAUTH+".OAuth2HttpTaf";
+ private static final String OAUTH_DIRECT_TAF = OAUTH+".OAuthDirectTAF";
+ public static final String UTF_8 = "UTF-8";
+
+ // Property Names associated with configurations.
+ // As of 1.0.2, these have had the dots removed so as to be compatible with JavaBean style
+ // configurations as well as property list style.
+ public static final String HOSTNAME = "hostname";
+ public static final String CADI_PROP_FILES = "cadi_prop_files"; // Additional Properties files (separate with ;)
+ public static final String CADI_LOGLEVEL = "cadi_loglevel";
+ public static final String CADI_LOGDIR = "cadi_log_dir";
+ public static final String CADI_ETCDIR = "cadi_etc_dir";
+ public static final String CADI_LOGNAME = "cadi_logname";
+ public static final String CADI_KEYFILE = "cadi_keyfile";
+ public static final String CADI_KEYSTORE = "cadi_keystore";
+ public static final String CADI_KEYSTORE_PASSWORD = "cadi_keystore_password";
+ public static final String CADI_ALIAS = "cadi_alias";
+ public static final String CADI_LOGINPAGE_URL = "cadi_loginpage_url";
+ public static final String CADI_LATITUDE = "cadi_latitude";
+ public static final String CADI_LONGITUDE = "cadi_longitude";
+
+
+ public static final String CADI_KEY_PASSWORD = "cadi_key_password";
+ public static final String CADI_TRUSTSTORE = "cadi_truststore";
+ public static final String CADI_TRUSTSTORE_PASSWORD = "cadi_truststore_password";
+ public static final String CADI_X509_ISSUERS = "cadi_x509_issuers";
+ public static final String CADI_TRUST_MASKS="cadi_trust_masks";
+ public static final String CADI_TRUST_PERM="cadi_trust_perm"; // IDs with this perm can utilize the "AS " user concept
+ public static final String CADI_PROTOCOLS = "cadi_protocols";
+ public static final String CADI_NOAUTHN = "cadi_noauthn";
+ public static final String CADI_LOC_LIST = "cadi_loc_list";
+
+ public static final String CADI_USER_CHAIN_TAG = "cadi_user_chain";
+ public static final String CADI_USER_CHAIN = "USER_CHAIN";
+
+ public static final String CADI_OAUTH2_URL="cadi_oauth2_url";
+ public static final String CADI_TOKEN_DIR = "cadi_token_dir";
public static final String HTTPS_PROTOCOLS = "https.protocols";
public static final String HTTPS_CIPHER_SUITES = "https.cipherSuites";
public static final String HTTPS_CLIENT_PROTOCOLS="jdk.tls.client.protocols";
public static final String HTTPS_CIPHER_SUITES_DEFAULT="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,"
- + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,"
- + "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,"
- + "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,"
- + "TLS_ECDH_RSA_WITH_RC4_128_SHA,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,"
- + "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
-
-
- public static final String LOCALHOST_ALLOW = "localhost_allow";
- public static final String LOCALHOST_DENY = "localhost_deny";
-
- public static final String BASIC_REALM = "basic_realm"; // what is sent to the client
- public static final String BASIC_WARN = "basic_warn"; // Warning of insecure channel
- public static final String USERS = "local_users";
- public static final String GROUPS = "local_groups";
- public static final String WRITE_TO = "local_writeto"; // dump RBAC to local file in Tomcat Style (some apps use)
-
- public static final String OAUTH_CLIENT_ID="client_id";
- public static final String OAUTH_CLIENT_SECRET="client_secret";
-
- public static final String AAF_ENV = "aaf_env";
- public static final String AAF_ROOT_NS = "aaf_root_ns";
- public static final String AAF_ROOT_NS_DEF = "org.osaaf.aaf";
- public static final String AAF_ROOT_COMPANY = "aaf_root_company";
- public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator
- private static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables.
- public static final String AAF_DEFAULT_VERSION = "2.1";
- public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
- public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.service:" + AAF_DEFAULT_VERSION;
- public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.gui:" + AAF_DEFAULT_VERSION;
- public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:" + AAF_DEFAULT_VERSION;
- public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.fs:" + AAF_DEFAULT_VERSION;
- public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.hello:" + AAF_DEFAULT_VERSION;
- public static final String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/AAF_NS.token:" + AAF_DEFAULT_VERSION;
- public static final String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/AAF_NS.introspect:" + AAF_DEFAULT_VERSION;
-
- public static final String AAF_REGISTER_AS = "aaf_register_as";
- public static final String AAF_APPID = "aaf_id";
- public static final String AAF_APPPASS = "aaf_password";
- public static final String AAF_LUR_CLASS = "aaf_lur_class";
- public static final String AAF_TAF_CLASS = "aaf_taf_class";
- public static final String AAF_CONNECTOR_CLASS = "aaf_connector_class";
- public static final String AAF_LOCATOR_CLASS = "aaf_locator_class";
- public static final String AAF_CONN_TIMEOUT = "aaf_conn_timeout";
- public static final String AAF_CONN_TIMEOUT_DEF = "3000";
- public static final String AAF_CONN_IDLE_TIMEOUT = "aaf_conn_idle_timeout"; // only for Direct Jetty Access.
- public static final String AAF_CONN_IDLE_TIMEOUT_DEF = "10000"; // only for Direct Jetty Access.
-
- // Default Classes: These are for Class loading to avoid direct compile links
- public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf";
- public static final String AAF_LOCATOR_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFLocator";
- public static final String CADI_OLUR_CLASS_DEF = "org.onap.aaf.cadi.olur.OLur";
- public static final String CADI_OBASIC_HTTP_TAF_DEF = "org.onap.aaf.cadi.obasic.OBasicHttpTaf";
- public static final String CADI_AAF_CON_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFCon";
-
- public static final String AAF_CALL_TIMEOUT = "aaf_timeout";
- public static final String AAF_CALL_TIMEOUT_DEF = "5000";
- public static final String AAF_USER_EXPIRES = "aaf_user_expires";
- public static final String AAF_USER_EXPIRES_DEF = "600000"; // Default is 10 mins
- public static final String AAF_CLEAN_INTERVAL = "aaf_clean_interval";
- public static final String AAF_CLEAN_INTERVAL_DEF = "30000"; // Default is 30 seconds
- public static final String AAF_REFRESH_TRIGGER_COUNT = "aaf_refresh_trigger_count";
- public static final String AAF_REFRESH_TRIGGER_COUNT_DEF = "3"; // Default is 10 mins
-
- public static final String AAF_HIGH_COUNT = "aaf_high_count";
- public static final String AAF_HIGH_COUNT_DEF = "1000"; // Default is 1000 entries
- public static final String AAF_PERM_MAP = "aaf_perm_map";
- public static final String AAF_COMPONENT = "aaf_component";
- public static final String AAF_CERT_IDS = "aaf_cert_ids";
- public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited
- public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only.
-
- public static final String GW_URL = "gw_url";
- public static final String CM_URL = "cm_url";
- public static final String CM_TRUSTED_CAS = "cm_trusted_cas";
-
- public static final String PATHFILTER_URLPATTERN = "pathfilter_urlpattern";
- public static final String PATHFILTER_STACK = "pathfilter_stack";
- public static final String PATHFILTER_NS = "pathfilter_ns";
- public static final String PATHFILTER_NOT_AUTHORIZED_MSG = "pathfilter_not_authorized_msg";
-
- // This one should go unpublic
- public static final String AAF_DEFAULT_REALM = "aaf_default_realm";
- private static String defaultRealm="none";
-
- public static final String AAF_DOMAIN_SUPPORT = "aaf_domain_support";
- public static final String AAF_DOMAIN_SUPPORT_DEF = ".com:.org";
-
- // OAUTH2
- public static final String AAF_OAUTH2_TOKEN_URL = "aaf_oauth2_token_url";
- public static final String AAF_OAUTH2_INTROSPECT_URL = "aaf_oauth2_introspect_url";
- public static final String AAF_ALT_OAUTH2_TOKEN_URL = "aaf_alt_oauth2_token_url";
- public static final String AAF_ALT_OAUTH2_INTROSPECT_URL = "aaf_alt_oauth2_introspect_url";
- public static final String AAF_ALT_OAUTH2_DOMAIN = "aaf_alt_oauth2_domain";
- public static final String AAF_ALT_CLIENT_ID = "aaf_alt_oauth2_client_id";
- public static final String AAF_ALT_CLIENT_SECRET = "aaf_alt_oauth2_client_secret";
- public static final String AAF_OAUTH2_HELLO_URL = "aaf_oauth2_hello_url";
-
- private static final String AAF_V2_0_AAF_CON_HTTP = "org.onap.aaf.cadi.aaf.v2_0.AAFConHttp";
-
-
- public static void setDefaultRealm(Access access) {
- try {
- defaultRealm = logProp(access,Config.AAF_DEFAULT_REALM,
- logProp(access,Config.BASIC_REALM,
- logProp(access,HOSTNAME,InetAddress.getLocalHost().getHostName())
- )
- );
- } catch (UnknownHostException e) {
- access.log(Level.INIT, "Unable to determine Hostname",e);
- }
- }
-
- public static HttpTaf configHttpTaf(Connector con, SecurityInfoC<HttpURLConnection> si, TrustChecker tc, CredVal up, Lur lur, Object ... additionalTafLurs) throws CadiException, LocatorException {
- Access access = si.access;
- /////////////////////////////////////////////////////
- // Setup AAFCon for any following
- /////////////////////////////////////////////////////
- Class<?> aafConClass = loadClass(access,CADI_AAF_CON_DEF);
- Object aafcon = null;
- if(con!=null && aafConClass!=null && aafConClass.isAssignableFrom(con.getClass())) {
- aafcon = con;
- } else if(lur != null) {
- Field f;
- try {
- f = lur.getClass().getField("aaf");
- aafcon = f.get(lur);
- } catch (Exception e) {
- access.log(Level.INIT, e);
- }
- }
-
- boolean hasDirectAAF = hasDirect("DirectAAFLur",additionalTafLurs);
- // IMPORTANT! Don't attempt to load AAF Connector if there is no AAF URL
- String aafURL = access.getProperty(AAF_URL,null);
- if(!hasDirectAAF && aafcon==null && aafURL!=null) {
- aafcon = loadAAFConnector(si, aafURL);
- }
-
- HttpTaf taf;
- // Setup Host, in case Network reports an unusable Hostname (i.e. VTiers, VPNs, etc)
- String hostname = logProp(access, HOSTNAME,null);
- if(hostname==null) {
- try {
- hostname = InetAddress.getLocalHost().getHostName();
- } catch (UnknownHostException e1) {
- throw new CadiException("Unable to determine Hostname",e1);
- }
- }
-
- access.log(Level.INIT, "Hostname set to",hostname);
- // Get appropriate TAFs
- ArrayList<HttpTaf> htlist = new ArrayList<>();
-
- /////////////////////////////////////////////////////
- // Add a Denial of Service TAF
- // Note: how IPs and IDs are added are up to service type.
- // They call "DenialOfServiceTaf.denyIP(String) or denyID(String)
- /////////////////////////////////////////////////////
- htlist.add(new DenialOfServiceTaf(access));
-
- /////////////////////////////////////////////////////
- // Configure Client Cert TAF
- /////////////////////////////////////////////////////
- X509Taf x509TAF = null;
- String truststore = logProp(access, CADI_TRUSTSTORE,null);
- if(truststore!=null) {
- String truststorePwd = access.getProperty(CADI_TRUSTSTORE_PASSWORD,null);
- if(truststorePwd!=null) {
- if(truststorePwd.startsWith(Symm.ENC)) {
- try {
- access.decrypt(truststorePwd,false);
- } catch (IOException e) {
- throw new CadiException(CADI_TRUSTSTORE_PASSWORD + " cannot be decrypted",e);
- }
- }
- try {
- x509TAF=new X509Taf(access,lur);
- htlist.add(x509TAF);
- access.log(Level.INIT,"Certificate Authorization enabled");
- } catch (SecurityException | IllegalArgumentException e) {
- access.log(Level.INIT,"AAFListedCertIdentity cannot be instantiated. Certificate Authorization is now disabled",e);
- } catch (CertificateException e) {
- access.log(Level.INIT,"Certificate Authorization failed, it is disabled",e);
- } catch (NoSuchAlgorithmException e) {
- access.log(Level.INIT,"Certificate Authorization failed, wrong Security Algorithm",e);
- }
- }
- } else {
- access.log(Level.INIT,"Certificate Authorization not enabled");
- }
-
- /////////////////////////////////////////////////////
- // Configure Basic Auth (local content)
- /////////////////////////////////////////////////////
- boolean hasOAuthDirectTAF = hasDirect("DirectOAuthTAF", additionalTafLurs);
- String basicRealm = logProp(access, BASIC_REALM,null);
- String aafCleanup = logProp(access, AAF_USER_EXPIRES,AAF_USER_EXPIRES_DEF); // Default is 10 mins
- long userExp = Long.parseLong(aafCleanup);
- boolean basicWarn = "TRUE".equals(access.getProperty(BASIC_WARN,"FALSE"));
-
- if(!hasDirectAAF) {
- HttpTaf aaftaf=null;
- if(!hasOAuthDirectTAF) {
- if(basicRealm!=null) {
- @SuppressWarnings("unchecked")
- Class<HttpTaf> obasicCls = (Class<HttpTaf>)loadClass(access,CADI_OBASIC_HTTP_TAF_DEF);
- if(obasicCls!=null) {
- try {
- String tokenurl = logProp(access,Config.AAF_OAUTH2_TOKEN_URL, null);
- String introspecturl = logProp(access,Config.AAF_OAUTH2_INTROSPECT_URL, null);
- if(tokenurl==null || introspecturl==null) {
- access.log(Level.INIT,"Both tokenurl and introspecturl are required. Oauth Authorization is disabled.");
- }
- Constructor<HttpTaf> obasicConst = obasicCls.getConstructor(PropAccess.class,String.class, String.class, String.class);
- htlist.add(obasicConst.newInstance(access,basicRealm,tokenurl,introspecturl));
- access.log(Level.INIT,"Oauth supported Basic Authorization is enabled");
- } catch (NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
- access.log(Level.INIT, e);
- }
- } else if(up!=null) {
- access.log(Level.INIT,"Basic Authorization is enabled using realm",basicRealm);
- // Allow warning about insecure channel to be turned off
- if(!basicWarn) {
- access.log(Level.INIT, "WARNING! The basicWarn property has been set to false.",
- " There will be no additional warning if Basic Auth is used on an insecure channel");
- }
- BasicHttpTaf bht = new BasicHttpTaf(access, up, basicRealm, userExp, basicWarn);
- for(Object o : additionalTafLurs) {
- if(o instanceof CredValDomain) {
- bht.add((CredValDomain)o);
- }
- }
- if(x509TAF!=null) {
- x509TAF.add(bht);
- }
- htlist.add(bht);
- access.log(Level.INIT,"Basic Authorization is enabled");
- }
- } else {
- access.log(Level.INIT,"Local Basic Authorization is disabled. Enable by setting basicRealm=<appropriate realm, i.e. my.att.com>");
- }
-
- /////////////////////////////////////////////////////
- // Configure AAF Driven Basic Auth
- /////////////////////////////////////////////////////
- if(aafcon==null) {
- access.log(Level.INIT,"AAF Connection (AAFcon) is null. Cannot create an AAF TAF");
- } else if(aafURL==null) {
- access.log(Level.INIT,"No AAF URL in properties, Cannot create an AAF TAF");
- } else {// There's an AAF_URL... try to configure an AAF
- String aafTafClassName = logProp(access, AAF_TAF_CLASS,AAF_TAF_CLASS_DEF);
- // Only 2.0 available at this time
- if(AAF_TAF_CLASS_DEF.equals(aafTafClassName)) {
- try {
- Class<?> aafTafClass = loadClass(access,aafTafClassName);
- if(aafTafClass!=null) {
- Constructor<?> cstr = aafTafClass.getConstructor(Connector.class,boolean.class,AbsUserCache.class);
- if(cstr!=null) {
- if(lur instanceof AbsUserCache) {
- aaftaf = (HttpTaf)cstr.newInstance(aafcon,basicWarn,lur);
- } else {
- cstr = aafTafClass.getConstructor(Connector.class,boolean.class);
- if(cstr!=null) {
- aaftaf = (HttpTaf)cstr.newInstance(aafcon,basicWarn);
- }
- }
- if(aaftaf==null) {
- access.log(Level.INIT,"ERROR! AAF TAF Failed construction. NOT Configured");
- } else {
- access.log(Level.INIT,"AAF TAF Configured to ",aafURL);
- // Note: will add later, after all others configured
- }
- }
- } else {
- access.log(Level.INIT, "There is no AAF TAF class available: %s. AAF TAF not configured.",aafTafClassName);
- }
- } catch(Exception e) {
- access.log(Level.INIT,"ERROR! AAF TAF Failed construction. NOT Configured",e);
- }
- }
- }
- }
-
- /////////////////////////////////////////////////////
- // Configure OAuth TAF
- /////////////////////////////////////////////////////
- if(!hasOAuthDirectTAF) {
- String oauthTokenUrl = logProp(access,Config.AAF_OAUTH2_TOKEN_URL,null);
- Class<?> oadtClss;
- try {
- oadtClss = Class.forName(OAUTH_DIRECT_TAF);
- } catch (ClassNotFoundException e1) {
- oadtClss = null;
- access.log(Level.INIT, e1);
- }
- if(additionalTafLurs!=null && additionalTafLurs.length>0 && (oadtClss!=null && additionalTafLurs[0].getClass().isAssignableFrom(oadtClss))) {
- htlist.add((HttpTaf)additionalTafLurs[0]);
- String[] array= new String[additionalTafLurs.length-1];
- if(array.length>0) {
- System.arraycopy(htlist, 1, array, 0, array.length);
- }
- additionalTafLurs = array;
- access.log(Level.INIT,"OAuth2 Direct is enabled");
- } else if(oauthTokenUrl!=null) {
- String oauthIntrospectUrl = logProp(access,Config.AAF_OAUTH2_INTROSPECT_URL,null);
- @SuppressWarnings("unchecked")
- Class<HttpTaf> oaTCls = (Class<HttpTaf>)loadClass(access,OAUTH_HTTP_TAF);
- if(oaTCls!=null) {
- Class<?> oaTTmgrCls = loadClass(access, OAUTH_TOKEN_MGR);
- if(oaTTmgrCls!=null) {
- try {
- Method oaTTmgrGI = oaTTmgrCls.getMethod("getInstance",PropAccess.class,String.class,String.class);
- Object oaTTmgr = oaTTmgrGI.invoke(null /*this is static method*/,access,oauthTokenUrl,oauthIntrospectUrl);
- Constructor<HttpTaf> oaTConst = oaTCls.getConstructor(Access.class,oaTTmgrCls);
- htlist.add(oaTConst.newInstance(access,oaTTmgr));
- access.log(Level.INIT,"OAuth2 TAF is enabled");
- } catch (NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | InstantiationException e) {
- access.log(Level.INIT,"OAuth2HttpTaf cannot be instantiated. OAuth2 is disabled",e);
- }
- }
- }
- } else {
- access.log(Level.INIT,"OAuth TAF is not configured");
- }
- }
-
- /////////////////////////////////////////////////////
- // Adding BasicAuth (AAF) last, after other primary Cookie Based
- // Needs to be before Cert... see below
- /////////////////////////////////////////////////////
- if(aaftaf!=null) {
- htlist.add(aaftaf);
- }
- }
-
- /////////////////////////////////////////////////////
- // Any Additional Lurs passed in Constructor
- /////////////////////////////////////////////////////
- if(additionalTafLurs!=null) {
- for(Object additional : additionalTafLurs) {
- if(additional instanceof BasicHttpTaf) {
- BasicHttpTaf ht = (BasicHttpTaf)additional;
- for(Object cv : additionalTafLurs) {
- if(cv instanceof CredValDomain) {
- ht.add((CredValDomain)cv);
- access.printf(Level.INIT,"%s Authentication is enabled",cv);
- }
- }
- htlist.add(ht);
- } else if(additional instanceof HttpTaf) {
- HttpTaf ht = (HttpTaf)additional;
- htlist.add(ht);
- access.printf(Level.INIT,"%s Authentication is enabled",additional.getClass().getSimpleName());
- } else if(hasOAuthDirectTAF) {
- Class<?> daupCls;
- try {
- daupCls = Class.forName("org.onap.aaf.auth.direct.DirectAAFUserPass");
- } catch (ClassNotFoundException e) {
- daupCls = null;
- access.log(Level.INIT, e);
- }
- if(daupCls != null && additional.getClass().isAssignableFrom(daupCls)) {
- htlist.add(new BasicHttpTaf(access, (CredVal)additional , basicRealm, userExp, basicWarn));
- access.printf(Level.INIT,"Direct BasicAuth Authentication is enabled",additional.getClass().getSimpleName());
- }
- }
- }
- }
-
- // Add BasicAuth, if any, to x509Taf
- if(x509TAF!=null) {
- for( HttpTaf ht : htlist) {
- if(ht instanceof BasicHttpTaf) {
- x509TAF.add((BasicHttpTaf)ht);
- }
- }
- }
- /////////////////////////////////////////////////////
- // Create EpiTaf from configured TAFs
- /////////////////////////////////////////////////////
- if(htlist.size()==1) {
- // just return the one
- taf = htlist.get(0);
- } else {
- HttpTaf[] htarray = new HttpTaf[htlist.size()];
- htlist.toArray(htarray);
- Locator<URI> locator = loadLocator(si, logProp(access, AAF_LOCATE_URL, null));
-
- taf = new HttpEpiTaf(access,locator, tc, htarray); // ok to pass locator == null
- String level = logProp(access, CADI_LOGLEVEL, null);
- if(level!=null) {
- access.setLogLevel(Level.valueOf(level));
- }
- }
-
- return taf;
- }
-
- public static String logProp(Access access,String tag, String def) {
- String rv = access.getProperty(tag, def);
- if(rv == null) {
- access.log(Level.INIT,tag,"is not explicitly set");
- } else {
- access.log(Level.INIT,tag,"is set to",rv);
- }
- return rv;
- }
-
- public static Lur configLur(SecurityInfoC<HttpURLConnection> si, Connector con, Object ... additionalTafLurs) throws CadiException {
- Access access = si.access;
- List<Lur> lurs = new ArrayList<>();
-
- /////////////////////////////////////////////////////
- // Configure a Local Property Based RBAC/LUR
- /////////////////////////////////////////////////////
- try {
- String users = access.getProperty(USERS,null);
- String groups = access.getProperty(GROUPS,null);
-
- if(groups!=null || users!=null) {
- LocalLur ll = new LocalLur(access, users, groups); // note b64==null is ok.. just means no encryption.
- lurs.add(ll);
-
- String writeto = access.getProperty(WRITE_TO,null);
- if(writeto!=null) {
- String msg = UsersDump.updateUsers(writeto, ll);
- if(msg!=null) {
- access.log(Level.INIT,"ERROR! Error Updating ",writeto,"with roles and users:",msg);
- }
- }
- }
- } catch (IOException e) {
- throw new CadiException(e);
- }
-
- /////////////////////////////////////////////////////
- // Configure the OAuth Lur (if any)
- /////////////////////////////////////////////////////
- String tokenUrl = logProp(access,AAF_OAUTH2_TOKEN_URL, null);
- String introspectUrl = logProp(access,AAF_OAUTH2_INTROSPECT_URL, null);
- if(tokenUrl!=null && introspectUrl !=null) {
- try {
- Class<?> olurCls = loadClass(access, CADI_OLUR_CLASS_DEF);
- if(olurCls!=null) {
- Constructor<?> olurCnst = olurCls.getConstructor(PropAccess.class,String.class,String.class);
- Lur olur = (Lur)olurCnst.newInstance(access,tokenUrl,introspectUrl);
- lurs.add(olur);
- access.log(Level.INIT, "OAuth2 LUR enabled");
- } else {
- access.log(Level.INIT,"AAF/OAuth LUR plugin is not available.");
- }
- } catch (NoSuchMethodException| SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
- String msg = e.getMessage();
- if(msg==null && e.getCause()!=null) {
- msg = e.getCause().getMessage();
- }
- access.log(Level.INIT,"AAF/OAuth LUR is not instantiated.",msg,e);
- }
- } else {
- access.log(Level.INIT, "OAuth2 Lur disabled");
- }
-
- if(con!=null) { // try to reutilize connector
- lurs.add(con.newLur());
- } else {
- /////////////////////////////////////////////////////
- // Configure the AAF Lur (if any)
- /////////////////////////////////////////////////////
- String aafURL = logProp(access,AAF_URL,null); // Trigger Property
- String aafEnv = access.getProperty(AAF_ENV,null);
- if(aafEnv == null && aafURL!=null && access instanceof PropAccess) { // set AAF_ENV from AAF_URL
- int ec = aafURL.indexOf("envContext=");
- if(ec>0) {
- ec += 11; // length of envContext=
- int slash = aafURL.indexOf('/', ec);
- if(slash>0) {
- aafEnv = aafURL.substring(ec, slash);
- ((PropAccess)access).setProperty(AAF_ENV, aafEnv);
- access.printf(Level.INIT, "Setting aafEnv to %s from aaf_url value",aafEnv);
- }
- }
- }
-
- // Don't configure AAF if it is using DirectAccess
- if(!hasDirect("DirectAAFLur",additionalTafLurs)) {
- if(aafURL==null) {
- access.log(Level.INIT,"No AAF LUR properties, AAF will not be loaded");
- } else {// There's an AAF_URL... try to configure an AAF
- String aafLurClassStr = logProp(access,AAF_LUR_CLASS,AAF_V2_0_AAF_LUR_PERM);
- ////////////AAF Lur 2.0 /////////////
- if(aafLurClassStr!=null && aafLurClassStr.startsWith(AAF_V2_0)) {
- try {
- Object aafcon = loadAAFConnector(si, aafURL);
- if(aafcon==null) {
- access.log(Level.INIT,"AAF LUR class,",aafLurClassStr,"cannot be constructed without valid AAFCon object.");
- } else {
- Class<?> aafAbsAAFCon = loadClass(access, AAF_V2_0_AAFCON);
- if(aafAbsAAFCon!=null) {
- Method mNewLur = aafAbsAAFCon.getMethod("newLur");
- Object aaflur = mNewLur.invoke(aafcon);
-
- if(aaflur==null) {
- access.log(Level.INIT,"ERROR! AAF LUR Failed construction. NOT Configured");
- } else {
- access.log(Level.INIT,"AAF LUR Configured to ",aafURL);
- lurs.add((Lur)aaflur);
- String debugIDs = logProp(access,Config.AAF_DEBUG_IDS, null);
- if(debugIDs !=null && aaflur instanceof CachingLur) {
- ((CachingLur<?>)aaflur).setDebug(debugIDs);
- }
- }
- }
- }
- } catch (Exception e) {
- access.log(e,"AAF LUR class,",aafLurClassStr,"could not be constructed with given Constructors.");
- }
- }
- }
- }
- }
-
- /////////////////////////////////////////////////////
- // Any Additional passed in Constructor
- /////////////////////////////////////////////////////
- if(additionalTafLurs!=null) {
- for(Object additional : additionalTafLurs) {
- if(additional instanceof Lur) {
- lurs.add((Lur)additional);
- access.log(Level.INIT, additional);
- }
- }
- }
-
- /////////////////////////////////////////////////////
- // Return a Lur based on how many there are...
- /////////////////////////////////////////////////////
- switch(lurs.size()) {
- case 0:
- access.log(Level.INIT,"WARNING! No CADI LURs configured");
- // Return a NULL Lur that does nothing.
- return new NullLur();
- case 1:
- return lurs.get(0); // Only one, just return it, save processing
- default:
- // Multiple Lurs, use EpiLUR to handle
- Lur[] la = new Lur[lurs.size()];
- lurs.toArray(la);
- return new EpiLur(la);
- }
- }
-
- private static boolean hasDirect(String simpleClassName, Object[] additionalTafLurs) {
- if(additionalTafLurs!=null) {
- for(Object tf : additionalTafLurs) {
- if(tf.getClass().getSimpleName().equals(simpleClassName)) {
- return true;
- }
- }
- }
- return false;
- }
-
- public static Object loadAAFConnector(SecurityInfoC<HttpURLConnection> si, String aafURL) {
- Access access = si.access;
- Object aafcon = null;
- Class<?> aafConClass = null;
-
- try {
- if (aafURL!=null) {
- String aafConnector = access.getProperty(AAF_CONNECTOR_CLASS, AAF_V2_0_AAF_CON_HTTP);
- if (AAF_V2_0_AAF_CON_HTTP.equals(aafConnector)) {
- aafConClass = loadClass(access, AAF_V2_0_AAF_CON_HTTP);
- if (aafConClass != null) {
- for (Constructor<?> c : aafConClass.getConstructors()) {
- List<Object> lo = new ArrayList<>();
- for (Class<?> pc : c.getParameterTypes()) {
- if (pc.equals(Access.class)) {
- lo.add(access);
- } else if (pc.equals(Locator.class)) {
- lo.add(loadLocator(si, aafURL));
- }
- }
- if (c.getParameterTypes().length != lo.size()) {
- continue; // back to another Constructor
- } else {
- aafcon = c.newInstance(lo.toArray());
- }
- break;
- }
- }
- }
- if (aafcon != null) {
- String mechid = logProp(access, Config.AAF_APPID, null);
- String pass = access.getProperty(Config.AAF_APPPASS, null);
- if (mechid != null && pass != null) {
- try {
- Method basicAuth = aafConClass.getMethod("basicAuth", String.class, String.class);
- basicAuth.invoke(aafcon, mechid, pass);
- } catch (NoSuchMethodException nsme) {
- access.log(Level.NONE, nsme);
- // it's ok, don't use
- }
- }
- }
- }
- } catch (Exception e) {
- access.log(e, "AAF Connector could not be constructed with given Constructors.");
- }
-
- return aafcon;
- }
-
- public static Class<?> loadClass(Access access, String className) {
- Class<?> cls=null;
- try {
- cls = access.classLoader().loadClass(className);
- } catch (ClassNotFoundException cnfe) {
- access.log(Level.NONE, cnfe);
- try {
- cls = access.getClass().getClassLoader().loadClass(className);
- } catch (ClassNotFoundException cnfe2) {
- access.log(Level.NONE, cnfe2);
- // just return null
- }
- }
- return cls;
- }
-
- @SuppressWarnings("unchecked")
- public static Locator<URI> loadLocator(SecurityInfoC<HttpURLConnection> si, final String _url) throws LocatorException {
- Access access = si.access;
- Locator<URI> locator = null;
- if(_url==null) {
- access.log(Level.INIT,"No URL passed to 'loadLocator'. Disabled");
- } else {
- String url = _url;
- String replacement;
- int idxAAFLocateUrl;
- if((idxAAFLocateUrl=_url.indexOf(AAF_LOCATE_URL_TAG))>0 && ((replacement=access.getProperty(AAF_LOCATE_URL, null))!=null)) {
- StringBuilder sb = new StringBuilder(replacement);
- if(!replacement.endsWith("/locate")) {
- sb.append("/locate");
- }
- sb.append(_url,idxAAFLocateUrl+AAF_LOCATE_URL_TAG.length(),_url.length());
- url = sb.toString();
- }
-
- try {
- Class<?> lcls = loadClass(access,AAF_LOCATOR_CLASS_DEF);
- if(lcls==null) {
- throw new CadiException("Need to include aaf-cadi-aaf jar for AAFLocator");
- }
- // First check for preloaded
- try {
- Method meth = lcls.getMethod("create",String.class);
- locator = (Locator<URI>)meth.invoke(null,url);
- } catch (Exception e) {
- access.log(Level.INIT, e);
- }
- if(locator==null) {
- URI locatorURI = new URI(url);
- Constructor<?> cnst = lcls.getConstructor(SecurityInfoC.class,URI.class);
- locator = (Locator<URI>)cnst.newInstance(new Object[] {si,locatorURI});
- int port = locatorURI.getPort();
- String portS = port<0?"":(":"+locatorURI.getPort());
-
- access.log(Level.INFO, "AAFLocator enabled using " + locatorURI.getScheme() +"://"+locatorURI.getHost() + portS);
- } else {
- access.log(Level.INFO, "AAFLocator enabled using preloaded " + locator.getClass().getSimpleName());
- }
- } catch (InvocationTargetException e) {
- if(e.getTargetException() instanceof LocatorException) {
- throw (LocatorException)e.getTargetException();
- }
- access.log(Level.INIT,e.getTargetException().getMessage(),"AAFLocator for",url,"could not be created.",e);
- } catch (Exception e) {
- access.log(Level.INIT,"AAFLocator for",url,"could not be created.",e);
- }
- }
- return locator;
- }
-
- // Set by CSP, or is hostname.
- public static String getDefaultRealm() {
- return defaultRealm;
- }
+ + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,"
+ + "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,"
+ + "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,TLS_ECDHE_RSA_WITH_RC4_128_SHA,TLS_ECDH_ECDSA_WITH_RC4_128_SHA,"
+ + "TLS_ECDH_RSA_WITH_RC4_128_SHA,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,"
+ + "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,TLS_EMPTY_RENEGOTIATION_INFO_SCSV";
+
+
+ public static final String LOCALHOST_ALLOW = "localhost_allow";
+ public static final String LOCALHOST_DENY = "localhost_deny";
+
+ public static final String BASIC_REALM = "basic_realm"; // what is sent to the client
+ public static final String BASIC_WARN = "basic_warn"; // Warning of insecure channel
+ public static final String USERS = "local_users";
+ public static final String GROUPS = "local_groups";
+ public static final String WRITE_TO = "local_writeto"; // dump RBAC to local file in Tomcat Style (some apps use)
+
+ public static final String OAUTH_CLIENT_ID="client_id";
+ public static final String OAUTH_CLIENT_SECRET="client_secret";
+
+ public static final String AAF_ENV = "aaf_env";
+ public static final String AAF_ROOT_NS = "aaf_root_ns";
+ public static final String AAF_ROOT_NS_DEF = "org.osaaf.aaf";
+ public static final String AAF_ROOT_COMPANY = "aaf_root_company";
+ public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator
+ private static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables.
+ public static final String AAF_DEFAULT_VERSION = "2.1";
+ public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
+ public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.service:" + AAF_DEFAULT_VERSION;
+ public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.gui:" + AAF_DEFAULT_VERSION;
+ public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:" + AAF_DEFAULT_VERSION;
+ public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.fs:" + AAF_DEFAULT_VERSION;
+ public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.hello:" + AAF_DEFAULT_VERSION;
+ public static final String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/AAF_NS.token:" + AAF_DEFAULT_VERSION;
+ public static final String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/AAF_NS.introspect:" + AAF_DEFAULT_VERSION;
+
+ public static final String AAF_REGISTER_AS = "aaf_register_as";
+ public static final String AAF_APPID = "aaf_id";
+ public static final String AAF_APPPASS = "aaf_password";
+ public static final String AAF_LUR_CLASS = "aaf_lur_class";
+ public static final String AAF_TAF_CLASS = "aaf_taf_class";
+ public static final String AAF_CONNECTOR_CLASS = "aaf_connector_class";
+ public static final String AAF_LOCATOR_CLASS = "aaf_locator_class";
+ public static final String AAF_CONN_TIMEOUT = "aaf_conn_timeout";
+ public static final String AAF_CONN_TIMEOUT_DEF = "3000";
+ public static final String AAF_CONN_IDLE_TIMEOUT = "aaf_conn_idle_timeout"; // only for Direct Jetty Access.
+ public static final String AAF_CONN_IDLE_TIMEOUT_DEF = "10000"; // only for Direct Jetty Access.
+
+ // Default Classes: These are for Class loading to avoid direct compile links
+ public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf";
+ public static final String AAF_LOCATOR_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFLocator";
+ public static final String CADI_OLUR_CLASS_DEF = "org.onap.aaf.cadi.olur.OLur";
+ public static final String CADI_OBASIC_HTTP_TAF_DEF = "org.onap.aaf.cadi.obasic.OBasicHttpTaf";
+ public static final String CADI_AAF_CON_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFCon";
+
+ public static final String AAF_CALL_TIMEOUT = "aaf_timeout";
+ public static final String AAF_CALL_TIMEOUT_DEF = "5000";
+ public static final String AAF_USER_EXPIRES = "aaf_user_expires";
+ public static final String AAF_USER_EXPIRES_DEF = "600000"; // Default is 10 mins
+ public static final String AAF_CLEAN_INTERVAL = "aaf_clean_interval";
+ public static final String AAF_CLEAN_INTERVAL_DEF = "30000"; // Default is 30 seconds
+ public static final String AAF_REFRESH_TRIGGER_COUNT = "aaf_refresh_trigger_count";
+ public static final String AAF_REFRESH_TRIGGER_COUNT_DEF = "3"; // Default is 10 mins
+
+ public static final String AAF_HIGH_COUNT = "aaf_high_count";
+ public static final String AAF_HIGH_COUNT_DEF = "1000"; // Default is 1000 entries
+ public static final String AAF_PERM_MAP = "aaf_perm_map";
+ public static final String AAF_COMPONENT = "aaf_component";
+ public static final String AAF_CERT_IDS = "aaf_cert_ids";
+ public static final String AAF_DEBUG_IDS = "aaf_debug_ids"; // comma delimited
+ public static final String AAF_DATA_DIR = "aaf_data_dir"; // AAF processes and Components only.
+
+ public static final String GW_URL = "gw_url";
+ public static final String CM_URL = "cm_url";
+ public static final String CM_TRUSTED_CAS = "cm_trusted_cas";
+
+ public static final String PATHFILTER_URLPATTERN = "pathfilter_urlpattern";
+ public static final String PATHFILTER_STACK = "pathfilter_stack";
+ public static final String PATHFILTER_NS = "pathfilter_ns";
+ public static final String PATHFILTER_NOT_AUTHORIZED_MSG = "pathfilter_not_authorized_msg";
+
+ // This one should go unpublic
+ public static final String AAF_DEFAULT_REALM = "aaf_default_realm";
+ private static String defaultRealm="none";
+
+ public static final String AAF_DOMAIN_SUPPORT = "aaf_domain_support";
+ public static final String AAF_DOMAIN_SUPPORT_DEF = ".com:.org";
+
+ // OAUTH2
+ public static final String AAF_OAUTH2_TOKEN_URL = "aaf_oauth2_token_url";
+ public static final String AAF_OAUTH2_INTROSPECT_URL = "aaf_oauth2_introspect_url";
+ public static final String AAF_ALT_OAUTH2_TOKEN_URL = "aaf_alt_oauth2_token_url";
+ public static final String AAF_ALT_OAUTH2_INTROSPECT_URL = "aaf_alt_oauth2_introspect_url";
+ public static final String AAF_ALT_OAUTH2_DOMAIN = "aaf_alt_oauth2_domain";
+ public static final String AAF_ALT_CLIENT_ID = "aaf_alt_oauth2_client_id";
+ public static final String AAF_ALT_CLIENT_SECRET = "aaf_alt_oauth2_client_secret";
+ public static final String AAF_OAUTH2_HELLO_URL = "aaf_oauth2_hello_url";
+
+ private static final String AAF_V2_0_AAF_CON_HTTP = "org.onap.aaf.cadi.aaf.v2_0.AAFConHttp";
+
+
+ public static void setDefaultRealm(Access access) {
+ try {
+ defaultRealm = logProp(access,Config.AAF_DEFAULT_REALM,
+ logProp(access,Config.BASIC_REALM,
+ logProp(access,HOSTNAME,InetAddress.getLocalHost().getHostName())
+ )
+ );
+ } catch (UnknownHostException e) {
+ access.log(Level.INIT, "Unable to determine Hostname",e);
+ }
+ }
+
+ public static HttpTaf configHttpTaf(Connector con, SecurityInfoC<HttpURLConnection> si, TrustChecker tc, CredVal up, Lur lur, Object ... additionalTafLurs) throws CadiException, LocatorException {
+ Access access = si.access;
+ /////////////////////////////////////////////////////
+ // Setup AAFCon for any following
+ /////////////////////////////////////////////////////
+ Class<?> aafConClass = loadClass(access,CADI_AAF_CON_DEF);
+ Object aafcon = null;
+ if(con!=null && aafConClass!=null && aafConClass.isAssignableFrom(con.getClass())) {
+ aafcon = con;
+ } else if(lur != null) {
+ Field f;
+ try {
+ f = lur.getClass().getField("aaf");
+ aafcon = f.get(lur);
+ } catch (Exception e) {
+ access.log(Level.INIT, e);
+ }
+ }
+
+ boolean hasDirectAAF = hasDirect("DirectAAFLur",additionalTafLurs);
+ // IMPORTANT! Don't attempt to load AAF Connector if there is no AAF URL
+ String aafURL = access.getProperty(AAF_URL,null);
+ if(!hasDirectAAF && aafcon==null && aafURL!=null) {
+ aafcon = loadAAFConnector(si, aafURL);
+ }
+
+ HttpTaf taf;
+ // Setup Host, in case Network reports an unusable Hostname (i.e. VTiers, VPNs, etc)
+ String hostname = logProp(access, HOSTNAME,null);
+ if(hostname==null) {
+ try {
+ hostname = InetAddress.getLocalHost().getHostName();
+ } catch (UnknownHostException e1) {
+ throw new CadiException("Unable to determine Hostname",e1);
+ }
+ }
+
+ access.log(Level.INIT, "Hostname set to",hostname);
+ // Get appropriate TAFs
+ ArrayList<HttpTaf> htlist = new ArrayList<>();
+
+ /////////////////////////////////////////////////////
+ // Add a Denial of Service TAF
+ // Note: how IPs and IDs are added are up to service type.
+ // They call "DenialOfServiceTaf.denyIP(String) or denyID(String)
+ /////////////////////////////////////////////////////
+ htlist.add(new DenialOfServiceTaf(access));
+
+ /////////////////////////////////////////////////////
+ // Configure Client Cert TAF
+ /////////////////////////////////////////////////////
+ X509Taf x509TAF = null;
+ String truststore = logProp(access, CADI_TRUSTSTORE,null);
+ if(truststore!=null) {
+ String truststorePwd = access.getProperty(CADI_TRUSTSTORE_PASSWORD,null);
+ if(truststorePwd!=null) {
+ if(truststorePwd.startsWith(Symm.ENC)) {
+ try {
+ access.decrypt(truststorePwd,false);
+ } catch (IOException e) {
+ throw new CadiException(CADI_TRUSTSTORE_PASSWORD + " cannot be decrypted",e);
+ }
+ }
+ try {
+ x509TAF=new X509Taf(access,lur);
+ htlist.add(x509TAF);
+ access.log(Level.INIT,"Certificate Authorization enabled");
+ } catch (SecurityException | IllegalArgumentException e) {
+ access.log(Level.INIT,"AAFListedCertIdentity cannot be instantiated. Certificate Authorization is now disabled",e);
+ } catch (CertificateException e) {
+ access.log(Level.INIT,"Certificate Authorization failed, it is disabled",e);
+ } catch (NoSuchAlgorithmException e) {
+ access.log(Level.INIT,"Certificate Authorization failed, wrong Security Algorithm",e);
+ }
+ }
+ } else {
+ access.log(Level.INIT,"Certificate Authorization not enabled");
+ }
+
+ /////////////////////////////////////////////////////
+ // Configure Basic Auth (local content)
+ /////////////////////////////////////////////////////
+ boolean hasOAuthDirectTAF = hasDirect("DirectOAuthTAF", additionalTafLurs);
+ String basicRealm = logProp(access, BASIC_REALM,null);
+ String aafCleanup = logProp(access, AAF_USER_EXPIRES,AAF_USER_EXPIRES_DEF); // Default is 10 mins
+ long userExp = Long.parseLong(aafCleanup);
+ boolean basicWarn = "TRUE".equals(access.getProperty(BASIC_WARN,"FALSE"));
+
+ if(!hasDirectAAF) {
+ HttpTaf aaftaf=null;
+ if(!hasOAuthDirectTAF) {
+ if(basicRealm!=null) {
+ @SuppressWarnings("unchecked")
+ Class<HttpTaf> obasicCls = (Class<HttpTaf>)loadClass(access,CADI_OBASIC_HTTP_TAF_DEF);
+ if(obasicCls!=null) {
+ try {
+ String tokenurl = logProp(access,Config.AAF_OAUTH2_TOKEN_URL, null);
+ String introspecturl = logProp(access,Config.AAF_OAUTH2_INTROSPECT_URL, null);
+ if(tokenurl==null || introspecturl==null) {
+ access.log(Level.INIT,"Both tokenurl and introspecturl are required. Oauth Authorization is disabled.");
+ }
+ Constructor<HttpTaf> obasicConst = obasicCls.getConstructor(PropAccess.class,String.class, String.class, String.class);
+ htlist.add(obasicConst.newInstance(access,basicRealm,tokenurl,introspecturl));
+ access.log(Level.INIT,"Oauth supported Basic Authorization is enabled");
+ } catch (NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
+ access.log(Level.INIT, e);
+ }
+ } else if(up!=null) {
+ access.log(Level.INIT,"Basic Authorization is enabled using realm",basicRealm);
+ // Allow warning about insecure channel to be turned off
+ if(!basicWarn) {
+ access.log(Level.INIT, "WARNING! The basicWarn property has been set to false.",
+ " There will be no additional warning if Basic Auth is used on an insecure channel");
+ }
+ BasicHttpTaf bht = new BasicHttpTaf(access, up, basicRealm, userExp, basicWarn);
+ for(Object o : additionalTafLurs) {
+ if(o instanceof CredValDomain) {
+ bht.add((CredValDomain)o);
+ }
+ }
+ if(x509TAF!=null) {
+ x509TAF.add(bht);
+ }
+ htlist.add(bht);
+ access.log(Level.INIT,"Basic Authorization is enabled");
+ }
+ } else {
+ access.log(Level.INIT,"Local Basic Authorization is disabled. Enable by setting basicRealm=<appropriate realm, i.e. my.att.com>");
+ }
+
+ /////////////////////////////////////////////////////
+ // Configure AAF Driven Basic Auth
+ /////////////////////////////////////////////////////
+ if(aafcon==null) {
+ access.log(Level.INIT,"AAF Connection (AAFcon) is null. Cannot create an AAF TAF");
+ } else if(aafURL==null) {
+ access.log(Level.INIT,"No AAF URL in properties, Cannot create an AAF TAF");
+ } else {// There's an AAF_URL... try to configure an AAF
+ String aafTafClassName = logProp(access, AAF_TAF_CLASS,AAF_TAF_CLASS_DEF);
+ // Only 2.0 available at this time
+ if(AAF_TAF_CLASS_DEF.equals(aafTafClassName)) {
+ try {
+ Class<?> aafTafClass = loadClass(access,aafTafClassName);
+ if(aafTafClass!=null) {
+ Constructor<?> cstr = aafTafClass.getConstructor(Connector.class,boolean.class,AbsUserCache.class);
+ if(cstr!=null) {
+ if(lur instanceof AbsUserCache) {
+ aaftaf = (HttpTaf)cstr.newInstance(aafcon,basicWarn,lur);
+ } else {
+ cstr = aafTafClass.getConstructor(Connector.class,boolean.class);
+ if(cstr!=null) {
+ aaftaf = (HttpTaf)cstr.newInstance(aafcon,basicWarn);
+ }
+ }
+ if(aaftaf==null) {
+ access.log(Level.INIT,"ERROR! AAF TAF Failed construction. NOT Configured");
+ } else {
+ access.log(Level.INIT,"AAF TAF Configured to ",aafURL);
+ // Note: will add later, after all others configured
+ }
+ }
+ } else {
+ access.log(Level.INIT, "There is no AAF TAF class available: %s. AAF TAF not configured.",aafTafClassName);
+ }
+ } catch(Exception e) {
+ access.log(Level.INIT,"ERROR! AAF TAF Failed construction. NOT Configured",e);
+ }
+ }
+ }
+ }
+
+ /////////////////////////////////////////////////////
+ // Configure OAuth TAF
+ /////////////////////////////////////////////////////
+ if(!hasOAuthDirectTAF) {
+ String oauthTokenUrl = logProp(access,Config.AAF_OAUTH2_TOKEN_URL,null);
+ Class<?> oadtClss;
+ try {
+ oadtClss = Class.forName(OAUTH_DIRECT_TAF);
+ } catch (ClassNotFoundException e1) {
+ oadtClss = null;
+ access.log(Level.INIT, e1);
+ }
+ if(additionalTafLurs!=null && additionalTafLurs.length>0 && (oadtClss!=null && additionalTafLurs[0].getClass().isAssignableFrom(oadtClss))) {
+ htlist.add((HttpTaf)additionalTafLurs[0]);
+ String[] array= new String[additionalTafLurs.length-1];
+ if(array.length>0) {
+ System.arraycopy(htlist, 1, array, 0, array.length);
+ }
+ additionalTafLurs = array;
+ access.log(Level.INIT,"OAuth2 Direct is enabled");
+ } else if(oauthTokenUrl!=null) {
+ String oauthIntrospectUrl = logProp(access,Config.AAF_OAUTH2_INTROSPECT_URL,null);
+ @SuppressWarnings("unchecked")
+ Class<HttpTaf> oaTCls = (Class<HttpTaf>)loadClass(access,OAUTH_HTTP_TAF);
+ if(oaTCls!=null) {
+ Class<?> oaTTmgrCls = loadClass(access, OAUTH_TOKEN_MGR);
+ if(oaTTmgrCls!=null) {
+ try {
+ Method oaTTmgrGI = oaTTmgrCls.getMethod("getInstance",PropAccess.class,String.class,String.class);
+ Object oaTTmgr = oaTTmgrGI.invoke(null /*this is static method*/,access,oauthTokenUrl,oauthIntrospectUrl);
+ Constructor<HttpTaf> oaTConst = oaTCls.getConstructor(Access.class,oaTTmgrCls);
+ htlist.add(oaTConst.newInstance(access,oaTTmgr));
+ access.log(Level.INIT,"OAuth2 TAF is enabled");
+ } catch (NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | InstantiationException e) {
+ access.log(Level.INIT,"OAuth2HttpTaf cannot be instantiated. OAuth2 is disabled",e);
+ }
+ }
+ }
+ } else {
+ access.log(Level.INIT,"OAuth TAF is not configured");
+ }
+ }
+
+ /////////////////////////////////////////////////////
+ // Adding BasicAuth (AAF) last, after other primary Cookie Based
+ // Needs to be before Cert... see below
+ /////////////////////////////////////////////////////
+ if(aaftaf!=null) {
+ htlist.add(aaftaf);
+ }
+ }
+
+ /////////////////////////////////////////////////////
+ // Any Additional Lurs passed in Constructor
+ /////////////////////////////////////////////////////
+ if(additionalTafLurs!=null) {
+ for(Object additional : additionalTafLurs) {
+ if(additional instanceof BasicHttpTaf) {
+ BasicHttpTaf ht = (BasicHttpTaf)additional;
+ for(Object cv : additionalTafLurs) {
+ if(cv instanceof CredValDomain) {
+ ht.add((CredValDomain)cv);
+ access.printf(Level.INIT,"%s Authentication is enabled",cv);
+ }
+ }
+ htlist.add(ht);
+ } else if(additional instanceof HttpTaf) {
+ HttpTaf ht = (HttpTaf)additional;
+ htlist.add(ht);
+ access.printf(Level.INIT,"%s Authentication is enabled",additional.getClass().getSimpleName());
+ } else if(hasOAuthDirectTAF) {
+ Class<?> daupCls;
+ try {
+ daupCls = Class.forName("org.onap.aaf.auth.direct.DirectAAFUserPass");
+ } catch (ClassNotFoundException e) {
+ daupCls = null;
+ access.log(Level.INIT, e);
+ }
+ if(daupCls != null && additional.getClass().isAssignableFrom(daupCls)) {
+ htlist.add(new BasicHttpTaf(access, (CredVal)additional , basicRealm, userExp, basicWarn));
+ access.printf(Level.INIT,"Direct BasicAuth Authentication is enabled",additional.getClass().getSimpleName());
+ }
+ }
+ }
+ }
+
+ // Add BasicAuth, if any, to x509Taf
+ if(x509TAF!=null) {
+ for( HttpTaf ht : htlist) {
+ if(ht instanceof BasicHttpTaf) {
+ x509TAF.add((BasicHttpTaf)ht);
+ }
+ }
+ }
+ /////////////////////////////////////////////////////
+ // Create EpiTaf from configured TAFs
+ /////////////////////////////////////////////////////
+ if(htlist.size()==1) {
+ // just return the one
+ taf = htlist.get(0);
+ } else {
+ HttpTaf[] htarray = new HttpTaf[htlist.size()];
+ htlist.toArray(htarray);
+ Locator<URI> locator = loadLocator(si, logProp(access, AAF_LOCATE_URL, null));
+
+ taf = new HttpEpiTaf(access,locator, tc, htarray); // ok to pass locator == null
+ String level = logProp(access, CADI_LOGLEVEL, null);
+ if(level!=null) {
+ access.setLogLevel(Level.valueOf(level));
+ }
+ }
+
+ return taf;
+ }
+
+ public static String logProp(Access access,String tag, String def) {
+ String rv = access.getProperty(tag, def);
+ if(rv == null) {
+ access.log(Level.INIT,tag,"is not explicitly set");
+ } else {
+ access.log(Level.INIT,tag,"is set to",rv);
+ }
+ return rv;
+ }
+
+ public static Lur configLur(SecurityInfoC<HttpURLConnection> si, Connector con, Object ... additionalTafLurs) throws CadiException {
+ Access access = si.access;
+ List<Lur> lurs = new ArrayList<>();
+
+ /////////////////////////////////////////////////////
+ // Configure a Local Property Based RBAC/LUR
+ /////////////////////////////////////////////////////
+ try {
+ String users = access.getProperty(USERS,null);
+ String groups = access.getProperty(GROUPS,null);
+
+ if(groups!=null || users!=null) {
+ LocalLur ll = new LocalLur(access, users, groups); // note b64==null is ok.. just means no encryption.
+ lurs.add(ll);
+
+ String writeto = access.getProperty(WRITE_TO,null);
+ if(writeto!=null) {
+ String msg = UsersDump.updateUsers(writeto, ll);
+ if(msg!=null) {
+ access.log(Level.INIT,"ERROR! Error Updating ",writeto,"with roles and users:",msg);
+ }
+ }
+ }
+ } catch (IOException e) {
+ throw new CadiException(e);
+ }
+
+ /////////////////////////////////////////////////////
+ // Configure the OAuth Lur (if any)
+ /////////////////////////////////////////////////////
+ String tokenUrl = logProp(access,AAF_OAUTH2_TOKEN_URL, null);
+ String introspectUrl = logProp(access,AAF_OAUTH2_INTROSPECT_URL, null);
+ if(tokenUrl!=null && introspectUrl !=null) {
+ try {
+ Class<?> olurCls = loadClass(access, CADI_OLUR_CLASS_DEF);
+ if(olurCls!=null) {
+ Constructor<?> olurCnst = olurCls.getConstructor(PropAccess.class,String.class,String.class);
+ Lur olur = (Lur)olurCnst.newInstance(access,tokenUrl,introspectUrl);
+ lurs.add(olur);
+ access.log(Level.INIT, "OAuth2 LUR enabled");
+ } else {
+ access.log(Level.INIT,"AAF/OAuth LUR plugin is not available.");
+ }
+ } catch (NoSuchMethodException| SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
+ String msg = e.getMessage();
+ if(msg==null && e.getCause()!=null) {
+ msg = e.getCause().getMessage();
+ }
+ access.log(Level.INIT,"AAF/OAuth LUR is not instantiated.",msg,e);
+ }
+ } else {
+ access.log(Level.INIT, "OAuth2 Lur disabled");
+ }
+
+ if(con!=null) { // try to reutilize connector
+ lurs.add(con.newLur());
+ } else {
+ /////////////////////////////////////////////////////
+ // Configure the AAF Lur (if any)
+ /////////////////////////////////////////////////////
+ String aafURL = logProp(access,AAF_URL,null); // Trigger Property
+ String aafEnv = access.getProperty(AAF_ENV,null);
+ if(aafEnv == null && aafURL!=null && access instanceof PropAccess) { // set AAF_ENV from AAF_URL
+ int ec = aafURL.indexOf("envContext=");
+ if(ec>0) {
+ ec += 11; // length of envContext=
+ int slash = aafURL.indexOf('/', ec);
+ if(slash>0) {
+ aafEnv = aafURL.substring(ec, slash);
+ ((PropAccess)access).setProperty(AAF_ENV, aafEnv);
+ access.printf(Level.INIT, "Setting aafEnv to %s from aaf_url value",aafEnv);
+ }
+ }
+ }
+
+ // Don't configure AAF if it is using DirectAccess
+ if(!hasDirect("DirectAAFLur",additionalTafLurs)) {
+ if(aafURL==null) {
+ access.log(Level.INIT,"No AAF LUR properties, AAF will not be loaded");
+ } else {// There's an AAF_URL... try to configure an AAF
+ String aafLurClassStr = logProp(access,AAF_LUR_CLASS,AAF_V2_0_AAF_LUR_PERM);
+ ////////////AAF Lur 2.0 /////////////
+ if(aafLurClassStr!=null && aafLurClassStr.startsWith(AAF_V2_0)) {
+ try {
+ Object aafcon = loadAAFConnector(si, aafURL);
+ if(aafcon==null) {
+ access.log(Level.INIT,"AAF LUR class,",aafLurClassStr,"cannot be constructed without valid AAFCon object.");
+ } else {
+ Class<?> aafAbsAAFCon = loadClass(access, AAF_V2_0_AAFCON);
+ if(aafAbsAAFCon!=null) {
+ Method mNewLur = aafAbsAAFCon.getMethod("newLur");
+ Object aaflur = mNewLur.invoke(aafcon);
+
+ if(aaflur==null) {
+ access.log(Level.INIT,"ERROR! AAF LUR Failed construction. NOT Configured");
+ } else {
+ access.log(Level.INIT,"AAF LUR Configured to ",aafURL);
+ lurs.add((Lur)aaflur);
+ String debugIDs = logProp(access,Config.AAF_DEBUG_IDS, null);
+ if(debugIDs !=null && aaflur instanceof CachingLur) {
+ ((CachingLur<?>)aaflur).setDebug(debugIDs);
+ }
+ }
+ }
+ }
+ } catch (Exception e) {
+ access.log(e,"AAF LUR class,",aafLurClassStr,"could not be constructed with given Constructors.");
+ }
+ }
+ }
+ }
+ }
+
+ /////////////////////////////////////////////////////
+ // Any Additional passed in Constructor
+ /////////////////////////////////////////////////////
+ if(additionalTafLurs!=null) {
+ for(Object additional : additionalTafLurs) {
+ if(additional instanceof Lur) {
+ lurs.add((Lur)additional);
+ access.log(Level.INIT, additional);
+ }
+ }
+ }
+
+ /////////////////////////////////////////////////////
+ // Return a Lur based on how many there are...
+ /////////////////////////////////////////////////////
+ switch(lurs.size()) {
+ case 0:
+ access.log(Level.INIT,"WARNING! No CADI LURs configured");
+ // Return a NULL Lur that does nothing.
+ return new NullLur();
+ case 1:
+ return lurs.get(0); // Only one, just return it, save processing
+ default:
+ // Multiple Lurs, use EpiLUR to handle
+ Lur[] la = new Lur[lurs.size()];
+ lurs.toArray(la);
+ return new EpiLur(la);
+ }
+ }
+
+ private static boolean hasDirect(String simpleClassName, Object[] additionalTafLurs) {
+ if(additionalTafLurs!=null) {
+ for(Object tf : additionalTafLurs) {
+ if(tf.getClass().getSimpleName().equals(simpleClassName)) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ public static Object loadAAFConnector(SecurityInfoC<HttpURLConnection> si, String aafURL) {
+ Access access = si.access;
+ Object aafcon = null;
+ Class<?> aafConClass = null;
+
+ try {
+ if (aafURL!=null) {
+ String aafConnector = access.getProperty(AAF_CONNECTOR_CLASS, AAF_V2_0_AAF_CON_HTTP);
+ if (AAF_V2_0_AAF_CON_HTTP.equals(aafConnector)) {
+ aafConClass = loadClass(access, AAF_V2_0_AAF_CON_HTTP);
+ if (aafConClass != null) {
+ for (Constructor<?> c : aafConClass.getConstructors()) {
+ List<Object> lo = new ArrayList<>();
+ for (Class<?> pc : c.getParameterTypes()) {
+ if (pc.equals(Access.class)) {
+ lo.add(access);
+ } else if (pc.equals(Locator.class)) {
+ lo.add(loadLocator(si, aafURL));
+ }
+ }
+ if (c.getParameterTypes().length != lo.size()) {
+ continue; // back to another Constructor
+ } else {
+ aafcon = c.newInstance(lo.toArray());
+ }
+ break;
+ }
+ }
+ }
+ if (aafcon != null) {
+ String mechid = logProp(access, Config.AAF_APPID, null);
+ String pass = access.getProperty(Config.AAF_APPPASS, null);
+ if (mechid != null && pass != null) {
+ try {
+ Method basicAuth = aafConClass.getMethod("basicAuth", String.class, String.class);
+ basicAuth.invoke(aafcon, mechid, pass);
+ } catch (NoSuchMethodException nsme) {
+ access.log(Level.NONE, nsme);
+ // it's ok, don't use
+ }
+ }
+ }
+ }
+ } catch (Exception e) {
+ access.log(e, "AAF Connector could not be constructed with given Constructors.");
+ }
+
+ return aafcon;
+ }
+
+ public static Class<?> loadClass(Access access, String className) {
+ Class<?> cls=null;
+ try {
+ cls = access.classLoader().loadClass(className);
+ } catch (ClassNotFoundException cnfe) {
+ access.log(Level.NONE, cnfe);
+ try {
+ cls = access.getClass().getClassLoader().loadClass(className);
+ } catch (ClassNotFoundException cnfe2) {
+ access.log(Level.NONE, cnfe2);
+ // just return null
+ }
+ }
+ return cls;
+ }
+
+ @SuppressWarnings("unchecked")
+ public static Locator<URI> loadLocator(SecurityInfoC<HttpURLConnection> si, final String _url) throws LocatorException {
+ Access access = si.access;
+ Locator<URI> locator = null;
+ if(_url==null) {
+ access.log(Level.INIT,"No URL passed to 'loadLocator'. Disabled");
+ } else {
+ String url = _url;
+ String replacement;
+ int idxAAFLocateUrl;
+ if((idxAAFLocateUrl=_url.indexOf(AAF_LOCATE_URL_TAG))>0 && ((replacement=access.getProperty(AAF_LOCATE_URL, null))!=null)) {
+ StringBuilder sb = new StringBuilder(replacement);
+ if(!replacement.endsWith("/locate")) {
+ sb.append("/locate");
+ }
+ sb.append(_url,idxAAFLocateUrl+AAF_LOCATE_URL_TAG.length(),_url.length());
+ url = sb.toString();
+ }
+
+ try {
+ Class<?> lcls = loadClass(access,AAF_LOCATOR_CLASS_DEF);
+ if(lcls==null) {
+ throw new CadiException("Need to include aaf-cadi-aaf jar for AAFLocator");
+ }
+ // First check for preloaded
+ try {
+ Method meth = lcls.getMethod("create",String.class);
+ locator = (Locator<URI>)meth.invoke(null,url);
+ } catch (Exception e) {
+ access.log(Level.INIT, e);
+ }
+ if(locator==null) {
+ URI locatorURI = new URI(url);
+ Constructor<?> cnst = lcls.getConstructor(SecurityInfoC.class,URI.class);
+ locator = (Locator<URI>)cnst.newInstance(new Object[] {si,locatorURI});
+ int port = locatorURI.getPort();
+ String portS = port<0?"":(":"+locatorURI.getPort());
+
+ access.log(Level.INFO, "AAFLocator enabled using " + locatorURI.getScheme() +"://"+locatorURI.getHost() + portS);
+ } else {
+ access.log(Level.INFO, "AAFLocator enabled using preloaded " + locator.getClass().getSimpleName());
+ }
+ } catch (InvocationTargetException e) {
+ if(e.getTargetException() instanceof LocatorException) {
+ throw (LocatorException)e.getTargetException();
+ }
+ access.log(Level.INIT,e.getTargetException().getMessage(),"AAFLocator for",url,"could not be created.",e);
+ } catch (Exception e) {
+ access.log(Level.INIT,"AAFLocator for",url,"could not be created.",e);
+ }
+ }
+ return locator;
+ }
+
+ // Set by CSP, or is hostname.
+ public static String getDefaultRealm() {
+ return defaultRealm;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java
index dfb7b4d3..56ac4dd5 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java
@@ -27,71 +27,71 @@ import org.onap.aaf.cadi.Access;
import org.onap.aaf.cadi.Access.Level;
public interface Get {
- public String get(String name, String def, boolean print);
-
-
- /**
- * A class for Getting info out of "JavaBean" format
- * @author Jonathan
- *
- */
- public static class Bean implements Get {
- private Object bean;
- private Class<?> bc;
- private Class<?>[] params;
- private Object[] args;
-
- public Bean(Object bean) {
- this.bean = bean;
- bc = bean.getClass();
- params = new Class<?>[0]; // note, this will allow to go out of scope after config
- args = new Object[0];
- }
-
- public String get(String name, String def, boolean print) {
- String str = null;
- String gname = "get"+Character.toUpperCase(name.charAt(0))+name.substring(1);
- try {
- Method meth = bc.getMethod(gname, params);
- Object obj = meth.invoke(bean, args);
- str = obj==null?null:obj.toString(); // easy string convert...
- } catch (Exception e) {
- }
-
- // Take def if nothing else
- if(str==null) {
- str = def;
- // don't log defaults
- } else {
- str = str.trim(); // this is vital in Property File based values, as spaces can hide easily
- }
- // Note: Can't log during configuration
- return str;
- }
- }
+ public String get(String name, String def, boolean print);
+
+
+ /**
+ * A class for Getting info out of "JavaBean" format
+ * @author Jonathan
+ *
+ */
+ public static class Bean implements Get {
+ private Object bean;
+ private Class<?> bc;
+ private Class<?>[] params;
+ private Object[] args;
+
+ public Bean(Object bean) {
+ this.bean = bean;
+ bc = bean.getClass();
+ params = new Class<?>[0]; // note, this will allow to go out of scope after config
+ args = new Object[0];
+ }
+
+ public String get(String name, String def, boolean print) {
+ String str = null;
+ String gname = "get"+Character.toUpperCase(name.charAt(0))+name.substring(1);
+ try {
+ Method meth = bc.getMethod(gname, params);
+ Object obj = meth.invoke(bean, args);
+ str = obj==null?null:obj.toString(); // easy string convert...
+ } catch (Exception e) {
+ }
+
+ // Take def if nothing else
+ if(str==null) {
+ str = def;
+ // don't log defaults
+ } else {
+ str = str.trim(); // this is vital in Property File based values, as spaces can hide easily
+ }
+ // Note: Can't log during configuration
+ return str;
+ }
+ }
- public static Get NULL = new Get() {
- public String get(String name, String def, boolean print) {
- return def;
- }
- };
+ public static Get NULL = new Get() {
+ public String get(String name, String def, boolean print) {
+ return def;
+ }
+ };
- public static class AccessGet implements Get {
- private Access access;
- public AccessGet(Access access) {
- this.access = access;
- }
- public String get(String name, String def, boolean print) {
- String gotten = access.getProperty(name, def);
- if(print) {
- if(gotten == null) {
- access.log(Level.INIT,name, "is not set");
- } else {
- access.log(Level.INIT,name, "is set to", gotten);
- }
- }
- return gotten;
- }
- }
+ public static class AccessGet implements Get {
+ private Access access;
+ public AccessGet(Access access) {
+ this.access = access;
+ }
+ public String get(String name, String def, boolean print) {
+ String gotten = access.getProperty(name, def);
+ if(print) {
+ if(gotten == null) {
+ access.log(Level.INIT,name, "is not set");
+ } else {
+ access.log(Level.INIT,name, "is set to", gotten);
+ }
+ }
+ return gotten;
+ }
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java
index b44de05f..4655dfa1 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java
@@ -24,34 +24,34 @@ package org.onap.aaf.cadi.config;
import org.onap.aaf.cadi.PropAccess;
public class GetAccess extends PropAccess {
- private final Get getter;
-
- public GetAccess(Get getter) {
- super(new String[]{"cadi_prop_files="+getter.get("cadi_prop_files", null, true)});
- this.getter = getter;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.PropAccess#getProperty(java.lang.String, java.lang.String)
- */
- @Override
- public String getProperty(String tag, String def) {
- String rv;
- rv = super.getProperty(tag, null);
- if(rv==null && getter!=null) {
- rv = getter.get(tag, null, true);
- }
- return rv==null?def:rv;
- }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.PropAccess#getProperty(java.lang.String)
- */
- @Override
- public String getProperty(String tag) {
- return getProperty(tag, null);
- }
+ private final Get getter;
+
+ public GetAccess(Get getter) {
+ super(new String[]{"cadi_prop_files="+getter.get("cadi_prop_files", null, true)});
+ this.getter = getter;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.PropAccess#getProperty(java.lang.String, java.lang.String)
+ */
+ @Override
+ public String getProperty(String tag, String def) {
+ String rv;
+ rv = super.getProperty(tag, null);
+ if(rv==null && getter!=null) {
+ rv = getter.get(tag, null, true);
+ }
+ return rv==null?def:rv;
+ }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.PropAccess#getProperty(java.lang.String)
+ */
+ @Override
+ public String getProperty(String tag) {
+ return getProperty(tag, null);
+ }
- public Get get() {
- return getter;
- }
+ public Get get() {
+ return getter;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
index f63de20c..bb9981bf 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java
@@ -55,230 +55,230 @@ import org.onap.aaf.cadi.util.MaskFormatException;
import org.onap.aaf.cadi.util.NetMask;
public class SecurityInfo {
- private static final String SECURITY_ALGO = "RSA";
- private static final String HTTPS_PROTOCOLS = "https.protocols";
- private static final String JDK_TLS_CLIENT_PROTOCOLS = "jdk.tls.client.protocols";
+ private static final String SECURITY_ALGO = "RSA";
+ private static final String HTTPS_PROTOCOLS = "https.protocols";
+ private static final String JDK_TLS_CLIENT_PROTOCOLS = "jdk.tls.client.protocols";
- public static final String HTTPS_PROTOCOLS_DEFAULT = "TLSv1.1,TLSv1.2";
- public static final String REGEX_COMMA = "\\s*,\\s*";
- public static final String SSL_KEY_MANAGER_FACTORY_ALGORITHM;
-
- private SSLSocketFactory socketFactory;
- private X509KeyManager[] x509KeyManager;
- private X509TrustManager[] x509TrustManager;
- public final String defaultAlias;
- private NetMask[] trustMasks;
- private SSLContext context;
- private HostnameVerifier maskHV;
- public final Access access;
+ public static final String HTTPS_PROTOCOLS_DEFAULT = "TLSv1.1,TLSv1.2";
+ public static final String REGEX_COMMA = "\\s*,\\s*";
+ public static final String SSL_KEY_MANAGER_FACTORY_ALGORITHM;
+
+ private SSLSocketFactory socketFactory;
+ private X509KeyManager[] x509KeyManager;
+ private X509TrustManager[] x509TrustManager;
+ public final String defaultAlias;
+ private NetMask[] trustMasks;
+ private SSLContext context;
+ private HostnameVerifier maskHV;
+ public final Access access;
- // Change Key Algorithms for IBM's VM. Could put in others, if needed.
- static {
- if ("IBM Corporation".equalsIgnoreCase(System.getProperty("java.vm.vendor"))) {
- SSL_KEY_MANAGER_FACTORY_ALGORITHM = "IbmX509";
- } else {
- SSL_KEY_MANAGER_FACTORY_ALGORITHM = "SunX509";
- }
- }
-
+ // Change Key Algorithms for IBM's VM. Could put in others, if needed.
+ static {
+ if ("IBM Corporation".equalsIgnoreCase(System.getProperty("java.vm.vendor"))) {
+ SSL_KEY_MANAGER_FACTORY_ALGORITHM = "IbmX509";
+ } else {
+ SSL_KEY_MANAGER_FACTORY_ALGORITHM = "SunX509";
+ }
+ }
+
- public SecurityInfo(final Access access) throws CadiException {
- try {
- this.access = access;
- // reuse DME2 Properties for convenience if specific Properties don't exist
-
- initializeKeyManager();
-
- initializeTrustManager();
-
- defaultAlias = access.getProperty(Config.CADI_ALIAS, null);
-
- initializeTrustMasks();
+ public SecurityInfo(final Access access) throws CadiException {
+ try {
+ this.access = access;
+ // reuse DME2 Properties for convenience if specific Properties don't exist
+
+ initializeKeyManager();
+
+ initializeTrustManager();
+
+ defaultAlias = access.getProperty(Config.CADI_ALIAS, null);
+
+ initializeTrustMasks();
- String httpsProtocols = Config.logProp(access, Config.CADI_PROTOCOLS,
- access.getProperty(HTTPS_PROTOCOLS, HTTPS_PROTOCOLS_DEFAULT)
- );
- System.setProperty(HTTPS_PROTOCOLS, httpsProtocols);
- System.setProperty(JDK_TLS_CLIENT_PROTOCOLS, httpsProtocols);
- if ("1.7".equals(System.getProperty("java.specification.version")) && httpsProtocols.contains("TLSv1.2")) {
- System.setProperty(Config.HTTPS_CIPHER_SUITES, Config.HTTPS_CIPHER_SUITES_DEFAULT);
- }
+ String httpsProtocols = Config.logProp(access, Config.CADI_PROTOCOLS,
+ access.getProperty(HTTPS_PROTOCOLS, HTTPS_PROTOCOLS_DEFAULT)
+ );
+ System.setProperty(HTTPS_PROTOCOLS, httpsProtocols);
+ System.setProperty(JDK_TLS_CLIENT_PROTOCOLS, httpsProtocols);
+ if ("1.7".equals(System.getProperty("java.specification.version")) && httpsProtocols.contains("TLSv1.2")) {
+ System.setProperty(Config.HTTPS_CIPHER_SUITES, Config.HTTPS_CIPHER_SUITES_DEFAULT);
+ }
- context = SSLContext.getInstance("TLS");
- context.init(x509KeyManager, x509TrustManager, null);
- SSLContext.setDefault(context);
- socketFactory = context.getSocketFactory();
- } catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException | CertificateException | UnrecoverableKeyException | IOException e) {
- throw new CadiException(e);
- }
- }
+ context = SSLContext.getInstance("TLS");
+ context.init(x509KeyManager, x509TrustManager, null);
+ SSLContext.setDefault(context);
+ socketFactory = context.getSocketFactory();
+ } catch (NoSuchAlgorithmException | KeyManagementException | KeyStoreException | CertificateException | UnrecoverableKeyException | IOException e) {
+ throw new CadiException(e);
+ }
+ }
- /**
- * @return the scf
- */
- public SSLSocketFactory getSSLSocketFactory() {
- return socketFactory;
- }
+ /**
+ * @return the scf
+ */
+ public SSLSocketFactory getSSLSocketFactory() {
+ return socketFactory;
+ }
- public SSLContext getSSLContext() {
- return context;
- }
+ public SSLContext getSSLContext() {
+ return context;
+ }
- /**
- * @return the km
- */
- public X509KeyManager[] getKeyManagers() {
- return x509KeyManager;
- }
+ /**
+ * @return the km
+ */
+ public X509KeyManager[] getKeyManagers() {
+ return x509KeyManager;
+ }
- public void checkClientTrusted(X509Certificate[] certarr) throws CertificateException {
- for (X509TrustManager xtm : x509TrustManager) {
- xtm.checkClientTrusted(certarr, SECURITY_ALGO);
- }
- }
+ public void checkClientTrusted(X509Certificate[] certarr) throws CertificateException {
+ for (X509TrustManager xtm : x509TrustManager) {
+ xtm.checkClientTrusted(certarr, SECURITY_ALGO);
+ }
+ }
- public void checkServerTrusted(X509Certificate[] certarr) throws CertificateException {
- for (X509TrustManager xtm : x509TrustManager) {
- xtm.checkServerTrusted(certarr, SECURITY_ALGO);
- }
- }
+ public void checkServerTrusted(X509Certificate[] certarr) throws CertificateException {
+ for (X509TrustManager xtm : x509TrustManager) {
+ xtm.checkServerTrusted(certarr, SECURITY_ALGO);
+ }
+ }
- public void setSocketFactoryOn(HttpsURLConnection hsuc) {
- hsuc.setSSLSocketFactory(socketFactory);
- if (maskHV != null && !maskHV.equals(hsuc.getHostnameVerifier())) {
- hsuc.setHostnameVerifier(maskHV);
- }
- }
-
- protected void initializeKeyManager() throws CadiException, IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException, UnrecoverableKeyException {
- String keyStore = access.getProperty(Config.CADI_KEYSTORE, null);
- if (keyStore != null && !new File(keyStore).exists()) {
- throw new CadiException(keyStore + " does not exist");
- }
+ public void setSocketFactoryOn(HttpsURLConnection hsuc) {
+ hsuc.setSSLSocketFactory(socketFactory);
+ if (maskHV != null && !maskHV.equals(hsuc.getHostnameVerifier())) {
+ hsuc.setHostnameVerifier(maskHV);
+ }
+ }
+
+ protected void initializeKeyManager() throws CadiException, IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException, UnrecoverableKeyException {
+ String keyStore = access.getProperty(Config.CADI_KEYSTORE, null);
+ if (keyStore != null && !new File(keyStore).exists()) {
+ throw new CadiException(keyStore + " does not exist");
+ }
- String keyStorePasswd = access.getProperty(Config.CADI_KEYSTORE_PASSWORD, null);
- keyStorePasswd = (keyStorePasswd == null) ? null : access.decrypt(keyStorePasswd, false);
- if (keyStore == null || keyStorePasswd == null) {
- x509KeyManager = new X509KeyManager[0];
- return;
- }
+ String keyStorePasswd = access.getProperty(Config.CADI_KEYSTORE_PASSWORD, null);
+ keyStorePasswd = (keyStorePasswd == null) ? null : access.decrypt(keyStorePasswd, false);
+ if (keyStore == null || keyStorePasswd == null) {
+ x509KeyManager = new X509KeyManager[0];
+ return;
+ }
- String keyPasswd = access.getProperty(Config.CADI_KEY_PASSWORD, null);
- keyPasswd = (keyPasswd == null) ? keyStorePasswd : access.decrypt(keyPasswd, false);
+ String keyPasswd = access.getProperty(Config.CADI_KEY_PASSWORD, null);
+ keyPasswd = (keyPasswd == null) ? keyStorePasswd : access.decrypt(keyPasswd, false);
- KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(SSL_KEY_MANAGER_FACTORY_ALGORITHM);
+ KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(SSL_KEY_MANAGER_FACTORY_ALGORITHM);
- ArrayList<X509KeyManager> keyManagers = new ArrayList<>();
- File file;
- for (String ksname : keyStore.split(REGEX_COMMA)) {
- String keystoreFormat;
- if (ksname.endsWith(".p12") || ksname.endsWith(".pkcs12")) {
- keystoreFormat = "PKCS12";
- } else {
- keystoreFormat = "JKS";
- }
+ ArrayList<X509KeyManager> keyManagers = new ArrayList<>();
+ File file;
+ for (String ksname : keyStore.split(REGEX_COMMA)) {
+ String keystoreFormat;
+ if (ksname.endsWith(".p12") || ksname.endsWith(".pkcs12")) {
+ keystoreFormat = "PKCS12";
+ } else {
+ keystoreFormat = "JKS";
+ }
- file = new File(ksname);
- if (file.exists()) {
- FileInputStream fis = new FileInputStream(file);
- try {
- KeyStore ks = KeyStore.getInstance(keystoreFormat);
- ks.load(fis, keyStorePasswd.toCharArray());
- keyManagerFactory.init(ks, keyPasswd.toCharArray());
- } finally {
- fis.close();
- }
- }
- }
- for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) {
- if (keyManager instanceof X509KeyManager) {
- keyManagers.add((X509KeyManager)keyManager);
- }
- }
- x509KeyManager = new X509KeyManager[keyManagers.size()];
- keyManagers.toArray(x509KeyManager);
- }
+ file = new File(ksname);
+ if (file.exists()) {
+ FileInputStream fis = new FileInputStream(file);
+ try {
+ KeyStore ks = KeyStore.getInstance(keystoreFormat);
+ ks.load(fis, keyStorePasswd.toCharArray());
+ keyManagerFactory.init(ks, keyPasswd.toCharArray());
+ } finally {
+ fis.close();
+ }
+ }
+ }
+ for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) {
+ if (keyManager instanceof X509KeyManager) {
+ keyManagers.add((X509KeyManager)keyManager);
+ }
+ }
+ x509KeyManager = new X509KeyManager[keyManagers.size()];
+ keyManagers.toArray(x509KeyManager);
+ }
- protected void initializeTrustManager() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException, CadiException {
- String trustStore = access.getProperty(Config.CADI_TRUSTSTORE, null);
- if (trustStore != null && !new File(trustStore).exists()) {
- throw new CadiException(trustStore + " does not exist");
- }
+ protected void initializeTrustManager() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException, CadiException {
+ String trustStore = access.getProperty(Config.CADI_TRUSTSTORE, null);
+ if (trustStore != null && !new File(trustStore).exists()) {
+ throw new CadiException(trustStore + " does not exist");
+ }
- if (trustStore == null) {
- return;
- }
+ if (trustStore == null) {
+ return;
+ }
- String trustStorePasswd = access.getProperty(Config.CADI_TRUSTSTORE_PASSWORD, null);
- trustStorePasswd = (trustStorePasswd == null) ? "changeit"/*defacto Java Trust Pass*/ : access.decrypt(trustStorePasswd, false);
+ String trustStorePasswd = access.getProperty(Config.CADI_TRUSTSTORE_PASSWORD, null);
+ trustStorePasswd = (trustStorePasswd == null) ? "changeit"/*defacto Java Trust Pass*/ : access.decrypt(trustStorePasswd, false);
- TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(SSL_KEY_MANAGER_FACTORY_ALGORITHM);
- File file;
- for (String trustStoreName : trustStore.split(REGEX_COMMA)) {
- file = new File(trustStoreName);
- if (file.exists()) {
- FileInputStream fis = new FileInputStream(file);
- try {
- KeyStore ts = KeyStore.getInstance("JKS");
- ts.load(fis, trustStorePasswd.toCharArray());
- trustManagerFactory.init(ts);
- } finally {
- fis.close();
- }
- }
- }
+ TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(SSL_KEY_MANAGER_FACTORY_ALGORITHM);
+ File file;
+ for (String trustStoreName : trustStore.split(REGEX_COMMA)) {
+ file = new File(trustStoreName);
+ if (file.exists()) {
+ FileInputStream fis = new FileInputStream(file);
+ try {
+ KeyStore ts = KeyStore.getInstance("JKS");
+ ts.load(fis, trustStorePasswd.toCharArray());
+ trustManagerFactory.init(ts);
+ } finally {
+ fis.close();
+ }
+ }
+ }
- TrustManager trustManagers[] = trustManagerFactory.getTrustManagers();
- if (trustManagers == null || trustManagers.length == 0) {
- return;
- }
+ TrustManager trustManagers[] = trustManagerFactory.getTrustManagers();
+ if (trustManagers == null || trustManagers.length == 0) {
+ return;
+ }
- x509TrustManager = new X509TrustManager[trustManagers.length];
- for (int i = 0; i < trustManagers.length; ++i) {
- try {
- x509TrustManager[i] = (X509TrustManager)trustManagers[i];
- } catch (ClassCastException e) {
- access.log(Level.WARN, "Non X509 TrustManager", x509TrustManager[i].getClass().getName(), "skipped in SecurityInfo");
- }
- }
- }
-
- protected void initializeTrustMasks() throws AccessException {
- String tips = access.getProperty(Config.CADI_TRUST_MASKS, null);
- if (tips == null) {
- return;
- }
+ x509TrustManager = new X509TrustManager[trustManagers.length];
+ for (int i = 0; i < trustManagers.length; ++i) {
+ try {
+ x509TrustManager[i] = (X509TrustManager)trustManagers[i];
+ } catch (ClassCastException e) {
+ access.log(Level.WARN, "Non X509 TrustManager", x509TrustManager[i].getClass().getName(), "skipped in SecurityInfo");
+ }
+ }
+ }
+
+ protected void initializeTrustMasks() throws AccessException {
+ String tips = access.getProperty(Config.CADI_TRUST_MASKS, null);
+ if (tips == null) {
+ return;
+ }
- access.log(Level.INIT, "Explicitly accepting valid X509s from", tips);
- String[] ipsplit = tips.split(REGEX_COMMA);
- trustMasks = new NetMask[ipsplit.length];
- for (int i = 0; i < ipsplit.length; ++i) {
- try {
- trustMasks[i] = new NetMask(ipsplit[i]);
- } catch (MaskFormatException e) {
- throw new AccessException("Invalid IP Mask in " + Config.CADI_TRUST_MASKS, e);
- }
- }
-
- final HostnameVerifier origHV = HttpsURLConnection.getDefaultHostnameVerifier();
- maskHV = new HostnameVerifier() {
- @Override
- public boolean verify(final String urlHostName, final SSLSession session) {
- try {
- // This will pick up /etc/host entries as well as DNS
- InetAddress ia = InetAddress.getByName(session.getPeerHost());
- for (NetMask tmask : trustMasks) {
- if (tmask.isInNet(ia.getHostAddress())) {
- return true;
- }
- }
- } catch (UnknownHostException e) {
- // It's ok. do normal Verify
- }
- return origHV.verify(urlHostName, session);
- };
- };
- HttpsURLConnection.setDefaultHostnameVerifier(maskHV);
- }
-
+ access.log(Level.INIT, "Explicitly accepting valid X509s from", tips);
+ String[] ipsplit = tips.split(REGEX_COMMA);
+ trustMasks = new NetMask[ipsplit.length];
+ for (int i = 0; i < ipsplit.length; ++i) {
+ try {
+ trustMasks[i] = new NetMask(ipsplit[i]);
+ } catch (MaskFormatException e) {
+ throw new AccessException("Invalid IP Mask in " + Config.CADI_TRUST_MASKS, e);
+ }
+ }
+
+ final HostnameVerifier origHV = HttpsURLConnection.getDefaultHostnameVerifier();
+ maskHV = new HostnameVerifier() {
+ @Override
+ public boolean verify(final String urlHostName, final SSLSession session) {
+ try {
+ // This will pick up /etc/host entries as well as DNS
+ InetAddress ia = InetAddress.getByName(session.getPeerHost());
+ for (NetMask tmask : trustMasks) {
+ if (tmask.isInNet(ia.getHostAddress())) {
+ return true;
+ }
+ }
+ } catch (UnknownHostException e) {
+ // It's ok. do normal Verify
+ }
+ return origHV.verify(urlHostName, session);
+ };
+ };
+ HttpsURLConnection.setDefaultHostnameVerifier(maskHV);
+ }
+
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java
index 8e5faf4c..45e1dd1c 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java
@@ -31,64 +31,64 @@ import org.onap.aaf.cadi.SecuritySetter;
public class SecurityInfoC<CLIENT> extends SecurityInfo {
- public static final String DEF_ID = "ID not Set";
- private static Map<Class<?>,SecurityInfoC<?>> sicMap = new HashMap<>();
- public SecuritySetter<CLIENT> defSS;
+ public static final String DEF_ID = "ID not Set";
+ private static Map<Class<?>,SecurityInfoC<?>> sicMap = new HashMap<>();
+ public SecuritySetter<CLIENT> defSS;
- public SecurityInfoC(Access access) throws CadiException {
- super(access);
- defSS = new DEFSS<CLIENT>();
- }
-
- @SuppressWarnings("unchecked")
- public static synchronized <CLIENT> SecurityInfoC<CLIENT> instance(Access access, Class<CLIENT> cls) throws CadiException {
- SecurityInfoInit<CLIENT> sii;
- if(cls.isAssignableFrom(HttpURLConnection.class)) {
- try {
- @SuppressWarnings("rawtypes")
- Class<SecurityInfoInit> initCls = (Class<SecurityInfoInit>)Class.forName("org.onap.aaf.cadi.http.HSecurityInfoInit");
- sii = initCls.newInstance();
- } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e) {
- throw new CadiException("CADI using HttpURLConnection requires cadi-client jar",e);
- }
- } else {
- sii = new SecurityInfoInit<CLIENT>() {
- @Override
- public SecuritySetter<CLIENT> bestDefault(SecurityInfoC<CLIENT> si) throws CadiException {
- return new DEFSS<CLIENT>();
- }
- };
- }
-
- SecurityInfoC<CLIENT> sic = (SecurityInfoC<CLIENT>) sicMap.get(cls);
- if(sic==null) {
- sic = new SecurityInfoC<CLIENT>(access);
- sic.set(sii.bestDefault(sic));
- sicMap.put(cls, sic);
- }
- return sic;
- }
+ public SecurityInfoC(Access access) throws CadiException {
+ super(access);
+ defSS = new DEFSS<CLIENT>();
+ }
+
+ @SuppressWarnings("unchecked")
+ public static synchronized <CLIENT> SecurityInfoC<CLIENT> instance(Access access, Class<CLIENT> cls) throws CadiException {
+ SecurityInfoInit<CLIENT> sii;
+ if(cls.isAssignableFrom(HttpURLConnection.class)) {
+ try {
+ @SuppressWarnings("rawtypes")
+ Class<SecurityInfoInit> initCls = (Class<SecurityInfoInit>)Class.forName("org.onap.aaf.cadi.http.HSecurityInfoInit");
+ sii = initCls.newInstance();
+ } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e) {
+ throw new CadiException("CADI using HttpURLConnection requires cadi-client jar",e);
+ }
+ } else {
+ sii = new SecurityInfoInit<CLIENT>() {
+ @Override
+ public SecuritySetter<CLIENT> bestDefault(SecurityInfoC<CLIENT> si) throws CadiException {
+ return new DEFSS<CLIENT>();
+ }
+ };
+ }
+
+ SecurityInfoC<CLIENT> sic = (SecurityInfoC<CLIENT>) sicMap.get(cls);
+ if(sic==null) {
+ sic = new SecurityInfoC<CLIENT>(access);
+ sic.set(sii.bestDefault(sic));
+ sicMap.put(cls, sic);
+ }
+ return sic;
+ }
- public SecurityInfoC<CLIENT> set(SecuritySetter<CLIENT> defSS) {
- this.defSS = defSS;
- return this;
- }
+ public SecurityInfoC<CLIENT> set(SecuritySetter<CLIENT> defSS) {
+ this.defSS = defSS;
+ return this;
+ }
- private static class DEFSS<C> implements SecuritySetter<C> {
- @Override
- public String getID() {
- return DEF_ID;
- }
+ private static class DEFSS<C> implements SecuritySetter<C> {
+ @Override
+ public String getID() {
+ return DEF_ID;
+ }
- @Override
- public void setSecurity(C client) throws CadiException {
- throw new CadiException("No Client Credentials set.");
- }
+ @Override
+ public void setSecurity(C client) throws CadiException {
+ throw new CadiException("No Client Credentials set.");
+ }
- @Override
- public int setLastResponse(int respCode) {
- return 0;
- }
- };
+ @Override
+ public int setLastResponse(int respCode) {
+ return 0;
+ }
+ };
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoInit.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoInit.java
index d77a7196..614f363b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoInit.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoInit.java
@@ -24,5 +24,5 @@ import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.SecuritySetter;
public interface SecurityInfoInit<CLIENT> {
- public SecuritySetter<CLIENT> bestDefault(SecurityInfoC<CLIENT> si) throws CadiException;
+ public SecuritySetter<CLIENT> bestDefault(SecurityInfoC<CLIENT> si) throws CadiException;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java
index 5aea719e..de25cb7f 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java
@@ -36,127 +36,127 @@ import org.onap.aaf.cadi.lur.LocalLur;
public class UsersDump {
- /**
- * @param args
- */
- public static boolean write(OutputStream os, AbsUserCache<?> lur) {
- PrintStream ps;
- if(os instanceof PrintStream) {
- ps = (PrintStream)os;
- } else {
- ps = new PrintStream(os);
- }
- try {
- ps.println("<?xml version='1.0' encoding='utf-8'?>");
- ps.println("<!--");
- ps.print( " Code Generated Tomcat Users and Roles from AT&T LUR on ");
- ps.println(new Date());
- ps.println( "-->");
- ps.println("<tomcat-users>");
+ /**
+ * @param args
+ */
+ public static boolean write(OutputStream os, AbsUserCache<?> lur) {
+ PrintStream ps;
+ if(os instanceof PrintStream) {
+ ps = (PrintStream)os;
+ } else {
+ ps = new PrintStream(os);
+ }
+ try {
+ ps.println("<?xml version='1.0' encoding='utf-8'?>");
+ ps.println("<!--");
+ ps.print( " Code Generated Tomcat Users and Roles from AT&T LUR on ");
+ ps.println(new Date());
+ ps.println( "-->");
+ ps.println("<tomcat-users>");
- // We loop through Users, but want to write Groups first... therefore, save off print
- StringBuilder sb = new StringBuilder();
-
- // Obtain all unique role names
- HashSet<String> groups = new HashSet<>();
- for(AbsUserCache<?>.DumpInfo di : lur.dumpInfo()) {
- sb.append("\n <user username=\"");
- sb.append(di.user);
- sb.append("\" roles=\"");
- boolean first = true;
- for(String role : di.perms) {
- groups.add(role);
- if(first)first = false;
- else sb.append(',');
- sb.append(role);
- }
- sb.append("\"/>");
+ // We loop through Users, but want to write Groups first... therefore, save off print
+ StringBuilder sb = new StringBuilder();
+
+ // Obtain all unique role names
+ HashSet<String> groups = new HashSet<>();
+ for(AbsUserCache<?>.DumpInfo di : lur.dumpInfo()) {
+ sb.append("\n <user username=\"");
+ sb.append(di.user);
+ sb.append("\" roles=\"");
+ boolean first = true;
+ for(String role : di.perms) {
+ groups.add(role);
+ if(first)first = false;
+ else sb.append(',');
+ sb.append(role);
+ }
+ sb.append("\"/>");
- }
+ }
- // Print roles
- for(String group : groups) {
- ps.print(" <role rolename=\"");
- ps.print(group);
- ps.println("\"/>");
- }
-
- ps.println(sb);
+ // Print roles
+ for(String group : groups) {
+ ps.print(" <role rolename=\"");
+ ps.print(group);
+ ps.println("\"/>");
+ }
+
+ ps.println(sb);
- ps.println("</tomcat-users>");
- ps.flush();
- } catch (Exception t) {
- t.printStackTrace(ps);
- return false;
- }
- return true;
- }
-
- /**
- *
- * Note: This method returns a String if there's an error, or null if ok.
- * This unusual style is necessitated by the fact that any Exceptions thrown are likely to
- * be unlogged and hidden from view, making debugging almost impossible.
- *
- * @param writeto
- * @param up
- * @return
- */
- public static String updateUsers(String writeto, LocalLur up) {
- // Dump a Tomcat-user.xml lookalike (anywhere)
- if(writeto!=null) {
- // First read content
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- if(UsersDump.write(baos, up)) {
- byte[] postulate = baos.toByteArray();
- // now get contents of file
- File file = new File(writeto);
- boolean writeIt;
- if(file.exists()) {
- try {
- FileInputStream fis = new FileInputStream(file);
- byte[] orig = new byte[(int)file.length()];
- int read;
- try {
- read = fis.read(orig);
- } finally {
- fis.close();
- }
- if(read<=0) {
- writeIt = false;
- } else {
- // Starting at third "<" (<tomcat-users> line)
- int startA=0, startB=0;
- for(int i=0;startA<orig.length && i<3;++startA) if(orig[startA]=='<')++i;
- for(int i=0;startB<orig.length && i<3;++startB) if(postulate[startB]=='<')++i;
-
- writeIt=orig.length-startA!=postulate.length-startB; // first, check if remaining length is the same
- while(!writeIt && startA<orig.length && startB<postulate.length) {
- if(orig[startA++]!=postulate[startB++])writeIt = true;
- }
- }
- } catch (Exception e) {
- writeIt = true;
- }
- } else {
- writeIt = true;
- }
-
- if(writeIt) {
- try {
- FileOutputStream fos = new FileOutputStream(file);
- try {
- fos.write(postulate);
- } finally {
- fos.close();
- }
- } catch (IOException e) {
- return e.getMessage();
- }
- }
- }
- }
- return null; // no message means ok.
- }
+ ps.println("</tomcat-users>");
+ ps.flush();
+ } catch (Exception t) {
+ t.printStackTrace(ps);
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ *
+ * Note: This method returns a String if there's an error, or null if ok.
+ * This unusual style is necessitated by the fact that any Exceptions thrown are likely to
+ * be unlogged and hidden from view, making debugging almost impossible.
+ *
+ * @param writeto
+ * @param up
+ * @return
+ */
+ public static String updateUsers(String writeto, LocalLur up) {
+ // Dump a Tomcat-user.xml lookalike (anywhere)
+ if(writeto!=null) {
+ // First read content
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ if(UsersDump.write(baos, up)) {
+ byte[] postulate = baos.toByteArray();
+ // now get contents of file
+ File file = new File(writeto);
+ boolean writeIt;
+ if(file.exists()) {
+ try {
+ FileInputStream fis = new FileInputStream(file);
+ byte[] orig = new byte[(int)file.length()];
+ int read;
+ try {
+ read = fis.read(orig);
+ } finally {
+ fis.close();
+ }
+ if(read<=0) {
+ writeIt = false;
+ } else {
+ // Starting at third "<" (<tomcat-users> line)
+ int startA=0, startB=0;
+ for(int i=0;startA<orig.length && i<3;++startA) if(orig[startA]=='<')++i;
+ for(int i=0;startB<orig.length && i<3;++startB) if(postulate[startB]=='<')++i;
+
+ writeIt=orig.length-startA!=postulate.length-startB; // first, check if remaining length is the same
+ while(!writeIt && startA<orig.length && startB<postulate.length) {
+ if(orig[startA++]!=postulate[startB++])writeIt = true;
+ }
+ }
+ } catch (Exception e) {
+ writeIt = true;
+ }
+ } else {
+ writeIt = true;
+ }
+
+ if(writeIt) {
+ try {
+ FileOutputStream fos = new FileOutputStream(file);
+ try {
+ fos.write(postulate);
+ } finally {
+ fos.close();
+ }
+ } catch (IOException e) {
+ return e.getMessage();
+ }
+ }
+ }
+ }
+ return null; // no message means ok.
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZ.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZ.java
index 7fd1e93c..5aa502d4 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZ.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZ.java
@@ -32,5 +32,5 @@ import javax.servlet.Servlet;
@Target({TYPE})
@Retention(RUNTIME)
public @interface AUTHZ {
- Class<? extends Servlet> value();
+ Class<? extends Servlet> value();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java
index f72a99bf..0bd87d98 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AUTHZServlet.java
@@ -37,62 +37,62 @@ import javax.servlet.http.HttpServletResponse;
*
*/
public class AUTHZServlet<S extends Servlet> implements Servlet {
- private String[] roles;
- private Servlet delegate;
+ private String[] roles;
+ private Servlet delegate;
- protected AUTHZServlet(Class<S> cls) {
- try {
- delegate = cls.newInstance();
- } catch (Exception e) {
- delegate = null;
- }
- RolesAllowed rolesAllowed = cls.getAnnotation(RolesAllowed.class);
- if (rolesAllowed == null) {
- roles = null;
- } else {
- roles = rolesAllowed.value();
- }
- }
-
- public void init(ServletConfig sc) throws ServletException {
- if (delegate == null) {
- throw new ServletException("Invalid Servlet Delegate");
- }
- delegate.init(sc);
- }
-
- public ServletConfig getServletConfig() {
- return delegate.getServletConfig();
- }
+ protected AUTHZServlet(Class<S> cls) {
+ try {
+ delegate = cls.newInstance();
+ } catch (Exception e) {
+ delegate = null;
+ }
+ RolesAllowed rolesAllowed = cls.getAnnotation(RolesAllowed.class);
+ if (rolesAllowed == null) {
+ roles = null;
+ } else {
+ roles = rolesAllowed.value();
+ }
+ }
+
+ public void init(ServletConfig sc) throws ServletException {
+ if (delegate == null) {
+ throw new ServletException("Invalid Servlet Delegate");
+ }
+ delegate.init(sc);
+ }
+
+ public ServletConfig getServletConfig() {
+ return delegate.getServletConfig();
+ }
- public String getServletInfo() {
- return delegate.getServletInfo();
- }
+ public String getServletInfo() {
+ return delegate.getServletInfo();
+ }
- public void service(ServletRequest req, ServletResponse resp) throws ServletException, IOException {
- if (roles == null) {
- delegate.service(req, resp);
- return;
- }
+ public void service(ServletRequest req, ServletResponse resp) throws ServletException, IOException {
+ if (roles == null) {
+ delegate.service(req, resp);
+ return;
+ }
- // Validate
- try {
- HttpServletRequest hreq = (HttpServletRequest)req;
- for (String role : roles) {
- if (hreq.isUserInRole(role)) {
- delegate.service(req, resp);
- return;
- }
- }
+ // Validate
+ try {
+ HttpServletRequest hreq = (HttpServletRequest)req;
+ for (String role : roles) {
+ if (hreq.isUserInRole(role)) {
+ delegate.service(req, resp);
+ return;
+ }
+ }
- ((HttpServletResponse)resp).sendError(403); // forbidden
- } catch (ClassCastException e) {
- throw new ServletException("JASPIServlet only supports HTTPServletRequest/HttpServletResponse");
- }
- }
+ ((HttpServletResponse)resp).sendError(403); // forbidden
+ } catch (ClassCastException e) {
+ throw new ServletException("JASPIServlet only supports HTTPServletRequest/HttpServletResponse");
+ }
+ }
- public void destroy() {
- delegate.destroy();
- }
+ public void destroy() {
+ delegate.destroy();
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AccessGetter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AccessGetter.java
index ab34a0a4..ae4347d3 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AccessGetter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/AccessGetter.java
@@ -24,12 +24,12 @@ import org.onap.aaf.cadi.Access;
import org.onap.aaf.cadi.config.Get;
public class AccessGetter implements Get {
- private final Access access;
- public AccessGetter(Access access) {
- this.access = access;
- }
- public String get(String name, String def, boolean print) {
- return access.getProperty(name, def);
- }
+ private final Access access;
+ public AccessGetter(Access access) {
+ this.access = access;
+ }
+ public String get(String name, String def, boolean print) {
+ return access.getProperty(name, def);
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java
index 29234ed7..affb8f96 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java
@@ -66,286 +66,286 @@ import org.onap.aaf.cadi.util.Timing;
*
*/
public class CadiFilter implements Filter {
- private static CadiHTTPManip httpChecker;
- private static String[] pathExceptions;
- private static List<Pair> mapPairs;
- private Access access;
- private Object[] additionalTafLurs;
- private Filter oauthFilter;
- private static int count=0;
-
- public Lur getLur() {
- return httpChecker.getLur();
- }
-
- /**
- * Construct a viable Filter
- *
- * Due to the vagaries of many containers, there is a tendency to create Objects and call "Init" on
- * them at a later time. Therefore, this object creates with an object that denies all access
- * until appropriate Init happens, just in case the container lets something slip by in the meantime.
- *
- */
- public CadiFilter() {
- additionalTafLurs = CadiHTTPManip.noAdditional;
- }
+ private static CadiHTTPManip httpChecker;
+ private static String[] pathExceptions;
+ private static List<Pair> mapPairs;
+ private Access access;
+ private Object[] additionalTafLurs;
+ private Filter oauthFilter;
+ private static int count=0;
+
+ public Lur getLur() {
+ return httpChecker.getLur();
+ }
+
+ /**
+ * Construct a viable Filter
+ *
+ * Due to the vagaries of many containers, there is a tendency to create Objects and call "Init" on
+ * them at a later time. Therefore, this object creates with an object that denies all access
+ * until appropriate Init happens, just in case the container lets something slip by in the meantime.
+ *
+ */
+ public CadiFilter() {
+ additionalTafLurs = CadiHTTPManip.noAdditional;
+ }
- /**
- * This constructor to be used when directly constructing and placing in HTTP Engine
- *
- * @param access
- * @param moreTafLurs
- * @throws ServletException
- */
- public CadiFilter(Access access, Object ... moreTafLurs) throws ServletException {
- additionalTafLurs = moreTafLurs;
- init(new AccessGetter(this.access = access));
- }
+ /**
+ * This constructor to be used when directly constructing and placing in HTTP Engine
+ *
+ * @param access
+ * @param moreTafLurs
+ * @throws ServletException
+ */
+ public CadiFilter(Access access, Object ... moreTafLurs) throws ServletException {
+ additionalTafLurs = moreTafLurs;
+ init(new AccessGetter(this.access = access));
+ }
- /**
- * Use this to pass in a PreContructed CADI Filter, but with initializing... let Servlet do it
- * @param init
- * @param access
- * @param moreTafLurs
- * @throws ServletException
- */
- public CadiFilter(boolean init, PropAccess access, Object ... moreTafLurs) throws ServletException {
- this.access = access;
- additionalTafLurs = moreTafLurs;
- if(init) {
- init(new AccessGetter(access));
- }
- }
+ /**
+ * Use this to pass in a PreContructed CADI Filter, but with initializing... let Servlet do it
+ * @param init
+ * @param access
+ * @param moreTafLurs
+ * @throws ServletException
+ */
+ public CadiFilter(boolean init, PropAccess access, Object ... moreTafLurs) throws ServletException {
+ this.access = access;
+ additionalTafLurs = moreTafLurs;
+ if(init) {
+ init(new AccessGetter(access));
+ }
+ }
- /**
- * Init
- *
- * Standard Filter "init" call with FilterConfig to obtain properties. POJOs can construct a
- * FilterConfig with the mechanism of their choice, and standard J2EE Servlet engines utilize this
- * mechanism already.
- */
- //TODO Always validate changes against Tomcat AbsCadiValve and Jaspi CadiSAM Init functions
- public void init(FilterConfig filterConfig) throws ServletException {
- // need the Context for Logging, instantiating ClassLoader, etc
- ServletContextAccess sca=new ServletContextAccess(filterConfig);
- if(access==null) {
- access = sca;
- }
-
- // Set Protected getter with base Access, for internal class instantiations
- init(new FCGet(access, sca.context(), filterConfig));
- }
-
+ /**
+ * Init
+ *
+ * Standard Filter "init" call with FilterConfig to obtain properties. POJOs can construct a
+ * FilterConfig with the mechanism of their choice, and standard J2EE Servlet engines utilize this
+ * mechanism already.
+ */
+ //TODO Always validate changes against Tomcat AbsCadiValve and Jaspi CadiSAM Init functions
+ public void init(FilterConfig filterConfig) throws ServletException {
+ // need the Context for Logging, instantiating ClassLoader, etc
+ ServletContextAccess sca=new ServletContextAccess(filterConfig);
+ if(access==null) {
+ access = sca;
+ }
+
+ // Set Protected getter with base Access, for internal class instantiations
+ init(new FCGet(access, sca.context(), filterConfig));
+ }
+
- @SuppressWarnings("unchecked")
- private void init(Get getter) throws ServletException {
+ @SuppressWarnings("unchecked")
+ private void init(Get getter) throws ServletException {
// Start with the assumption of "Don't trust anyone".
- TrustChecker tc = TrustChecker.NOTRUST; // default position
- try {
- Class<TrustChecker> ctc = (Class<TrustChecker>) Class.forName("org.onap.aaf.cadi.aaf.v2_0.AAFTrustChecker");
- if(ctc!=null) {
- Constructor<TrustChecker> contc = ctc.getConstructor(Access.class);
- if(contc!=null) {
- tc = contc.newInstance(access);
- }
- }
- } catch (Exception e) {
- access.log(Level.INIT, "AAFTrustChecker cannot be loaded",e.getMessage());
- }
-
- try {
- Class<Filter> cf=null;
- try {
- cf= (Class<Filter>) Class.forName("org.onap.aaf.cadi.oauth.OAuthFilter");
- oauthFilter = cf.newInstance();
- } catch (ClassNotFoundException e) {
- oauthFilter = new Filter() { // Null Filter
- @Override
- public void destroy() {
- }
-
- @Override
- public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)throws IOException, ServletException {
- chain.doFilter(req, resp);
- }
-
- @Override
- public void init(FilterConfig arg0) throws ServletException {
- }
- };
- }
- } catch (Exception e) {
- access.log(Level.INIT, "AAFTrustChecker cannot be loaded",e.getMessage());
- }
+ TrustChecker tc = TrustChecker.NOTRUST; // default position
+ try {
+ Class<TrustChecker> ctc = (Class<TrustChecker>) Class.forName("org.onap.aaf.cadi.aaf.v2_0.AAFTrustChecker");
+ if(ctc!=null) {
+ Constructor<TrustChecker> contc = ctc.getConstructor(Access.class);
+ if(contc!=null) {
+ tc = contc.newInstance(access);
+ }
+ }
+ } catch (Exception e) {
+ access.log(Level.INIT, "AAFTrustChecker cannot be loaded",e.getMessage());
+ }
+
+ try {
+ Class<Filter> cf=null;
+ try {
+ cf= (Class<Filter>) Class.forName("org.onap.aaf.cadi.oauth.OAuthFilter");
+ oauthFilter = cf.newInstance();
+ } catch (ClassNotFoundException e) {
+ oauthFilter = new Filter() { // Null Filter
+ @Override
+ public void destroy() {
+ }
+
+ @Override
+ public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)throws IOException, ServletException {
+ chain.doFilter(req, resp);
+ }
+
+ @Override
+ public void init(FilterConfig arg0) throws ServletException {
+ }
+ };
+ }
+ } catch (Exception e) {
+ access.log(Level.INIT, "AAFTrustChecker cannot be loaded",e.getMessage());
+ }
// Synchronize, because some instantiations call init several times on the same object
// In this case, the epiTaf will be changed to a non-NullTaf, and thus not instantiate twice.
- synchronized(CadiHTTPManip.noAdditional /*will always remain same Object*/) {
- ++count;
- if(httpChecker == null) {
- if(access==null) {
- access = new PropAccess();
- }
- try {
- httpChecker = new CadiHTTPManip(access,null /*reuseable Con*/,tc, additionalTafLurs);
- } catch (CadiException | LocatorException e1) {
- throw new ServletException(e1);
- }
- } else if(access==null) {
- access= httpChecker.getAccess();
- }
+ synchronized(CadiHTTPManip.noAdditional /*will always remain same Object*/) {
+ ++count;
+ if(httpChecker == null) {
+ if(access==null) {
+ access = new PropAccess();
+ }
+ try {
+ httpChecker = new CadiHTTPManip(access,null /*reuseable Con*/,tc, additionalTafLurs);
+ } catch (CadiException | LocatorException e1) {
+ throw new ServletException(e1);
+ }
+ } else if(access==null) {
+ access= httpChecker.getAccess();
+ }
- /*
- * Setup Authn Path Exceptions
- */
- if(pathExceptions==null) {
- String str = getter.get(Config.CADI_NOAUTHN, null, true);
- if(str!=null) {
- pathExceptions = str.split("\\s*:\\s*");
- }
- }
-
- /*
- * SETUP Permission Converters... those that can take Strings from a Vendor Product, and convert to appropriate AAF Permissions
- */
- if(mapPairs==null) {
- String str = getter.get(Config.AAF_PERM_MAP, null, true);
- if(str!=null) {
- String mstr = getter.get(Config.AAF_PERM_MAP, null, true);
- if(mstr!=null) {
- String map[] = mstr.split("\\s*:\\s*");
- if(map.length>0) {
- MapPermConverter mpc=null;
- int idx;
- mapPairs = new ArrayList<>();
- for(String entry : map) {
- if((idx=entry.indexOf('='))<0) { // it's a Path, so create a new converter
- access.log(Level.INIT,"Loading Perm Conversions for:",entry);
- mapPairs.add(new Pair(entry,mpc=new MapPermConverter()));
- } else {
- if(mpc!=null) {
- mpc.map().put(entry.substring(0,idx),entry.substring(idx+1));
- } else {
- access.log(Level.ERROR,"cadi_perm_map is malformed; ",entry, "is skipped");
- }
- }
- }
- }
- }
- }
- }
- }
+ /*
+ * Setup Authn Path Exceptions
+ */
+ if(pathExceptions==null) {
+ String str = getter.get(Config.CADI_NOAUTHN, null, true);
+ if(str!=null) {
+ pathExceptions = str.split("\\s*:\\s*");
+ }
+ }
+
+ /*
+ * SETUP Permission Converters... those that can take Strings from a Vendor Product, and convert to appropriate AAF Permissions
+ */
+ if(mapPairs==null) {
+ String str = getter.get(Config.AAF_PERM_MAP, null, true);
+ if(str!=null) {
+ String mstr = getter.get(Config.AAF_PERM_MAP, null, true);
+ if(mstr!=null) {
+ String map[] = mstr.split("\\s*:\\s*");
+ if(map.length>0) {
+ MapPermConverter mpc=null;
+ int idx;
+ mapPairs = new ArrayList<>();
+ for(String entry : map) {
+ if((idx=entry.indexOf('='))<0) { // it's a Path, so create a new converter
+ access.log(Level.INIT,"Loading Perm Conversions for:",entry);
+ mapPairs.add(new Pair(entry,mpc=new MapPermConverter()));
+ } else {
+ if(mpc!=null) {
+ mpc.map().put(entry.substring(0,idx),entry.substring(idx+1));
+ } else {
+ access.log(Level.ERROR,"cadi_perm_map is malformed; ",entry, "is skipped");
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
- // Remove Getter
+ // Remove Getter
getter = Get.NULL;
- }
+ }
- /**
- * Containers call "destroy" when time to cleanup
- */
- public void destroy() {
- // Synchronize, in case multiCadiFilters are used.
- synchronized(CadiHTTPManip.noAdditional) {
- if(--count<=0 && httpChecker!=null) {
- httpChecker.destroy();
- httpChecker=null;
- access=null;
- pathExceptions=null;
- }
- }
- }
+ /**
+ * Containers call "destroy" when time to cleanup
+ */
+ public void destroy() {
+ // Synchronize, in case multiCadiFilters are used.
+ synchronized(CadiHTTPManip.noAdditional) {
+ if(--count<=0 && httpChecker!=null) {
+ httpChecker.destroy();
+ httpChecker=null;
+ access=null;
+ pathExceptions=null;
+ }
+ }
+ }
- /**
- * doFilter
- *
- * This is the standard J2EE invocation. Analyze the request, modify response as necessary, and
- * only call the next item in the filterChain if request is suitably Authenticated.
- */
- //TODO Always validate changes against Tomcat AbsCadiValve and Jaspi CadiSAM functions
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
- final long startAll = System.nanoTime();
- long startCode, startValidate;
- float code=0f, validate=0f;
- String user = "n/a";
- String tag = "";
- try {
- HttpServletRequest hreq = (HttpServletRequest)request;
- if(noAuthn(hreq)) {
- startCode=System.nanoTime();
- chain.doFilter(request, response);
- code = Timing.millis(startCode);
- } else {
- HttpServletResponse hresp = (HttpServletResponse)response;
- startValidate=System.nanoTime();
- TafResp tresp = httpChecker.validate(hreq, hresp, hreq);
- validate = Timing.millis(startValidate);
- if(tresp.isAuthenticated()==RESP.IS_AUTHENTICATED) {
- user = tresp.getPrincipal().personalName();
- tag = tresp.getPrincipal().tag();
- CadiWrap cw = new CadiWrap(hreq, tresp, httpChecker.getLur(),getConverter(hreq));
- if(httpChecker.notCadi(cw, hresp)) {
- startCode=System.nanoTime();
- oauthFilter.doFilter(cw,response,chain);
- code = Timing.millis(startCode);
- }
- }
- }
- } catch (ClassCastException e) {
- throw new ServletException("CadiFilter expects Servlet to be an HTTP Servlet",e);
- } finally {
- access.printf(Level.WARN, "Trans: user=%s[%s],ip=%s,ms=%f,validate=%f,code=%f",
- user,tag,request.getRemoteAddr(),
- Timing.millis(startAll),validate,code);
- }
- }
+ /**
+ * doFilter
+ *
+ * This is the standard J2EE invocation. Analyze the request, modify response as necessary, and
+ * only call the next item in the filterChain if request is suitably Authenticated.
+ */
+ //TODO Always validate changes against Tomcat AbsCadiValve and Jaspi CadiSAM functions
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+ final long startAll = System.nanoTime();
+ long startCode, startValidate;
+ float code=0f, validate=0f;
+ String user = "n/a";
+ String tag = "";
+ try {
+ HttpServletRequest hreq = (HttpServletRequest)request;
+ if(noAuthn(hreq)) {
+ startCode=System.nanoTime();
+ chain.doFilter(request, response);
+ code = Timing.millis(startCode);
+ } else {
+ HttpServletResponse hresp = (HttpServletResponse)response;
+ startValidate=System.nanoTime();
+ TafResp tresp = httpChecker.validate(hreq, hresp, hreq);
+ validate = Timing.millis(startValidate);
+ if(tresp.isAuthenticated()==RESP.IS_AUTHENTICATED) {
+ user = tresp.getPrincipal().personalName();
+ tag = tresp.getPrincipal().tag();
+ CadiWrap cw = new CadiWrap(hreq, tresp, httpChecker.getLur(),getConverter(hreq));
+ if(httpChecker.notCadi(cw, hresp)) {
+ startCode=System.nanoTime();
+ oauthFilter.doFilter(cw,response,chain);
+ code = Timing.millis(startCode);
+ }
+ }
+ }
+ } catch (ClassCastException e) {
+ throw new ServletException("CadiFilter expects Servlet to be an HTTP Servlet",e);
+ } finally {
+ access.printf(Level.WARN, "Trans: user=%s[%s],ip=%s,ms=%f,validate=%f,code=%f",
+ user,tag,request.getRemoteAddr(),
+ Timing.millis(startAll),validate,code);
+ }
+ }
- /**
- * If PathExceptions exist, report if these should not have Authn applied.
- * @param hreq
- * @return
- */
- private boolean noAuthn(HttpServletRequest hreq) {
- if(pathExceptions!=null) {
- String pi = hreq.getPathInfo();
- if(pi==null) return false; // JBoss sometimes leaves null
- for(String pe : pathExceptions) {
- if(pi.startsWith(pe))return true;
- }
- }
- return false;
- }
-
- /**
- * Get Converter by Path
- */
- private PermConverter getConverter(HttpServletRequest hreq) {
- if(mapPairs!=null) {
- String pi = hreq.getPathInfo();
- if(pi !=null) {
- for(Pair p: mapPairs) {
- if(pi.startsWith(p.name))return p.pc;
- }
- }
- }
- return NullPermConverter.singleton();
- }
-
- /**
- * store PermConverters by Path prefix
- * @author Jonathan
- *
- */
- private class Pair {
- public Pair(String key, PermConverter pc) {
- name = key;
- this.pc = pc;
- }
- public String name;
- public PermConverter pc;
- }
+ /**
+ * If PathExceptions exist, report if these should not have Authn applied.
+ * @param hreq
+ * @return
+ */
+ private boolean noAuthn(HttpServletRequest hreq) {
+ if(pathExceptions!=null) {
+ String pi = hreq.getPathInfo();
+ if(pi==null) return false; // JBoss sometimes leaves null
+ for(String pe : pathExceptions) {
+ if(pi.startsWith(pe))return true;
+ }
+ }
+ return false;
+ }
+
+ /**
+ * Get Converter by Path
+ */
+ private PermConverter getConverter(HttpServletRequest hreq) {
+ if(mapPairs!=null) {
+ String pi = hreq.getPathInfo();
+ if(pi !=null) {
+ for(Pair p: mapPairs) {
+ if(pi.startsWith(p.name))return p.pc;
+ }
+ }
+ }
+ return NullPermConverter.singleton();
+ }
+
+ /**
+ * store PermConverters by Path prefix
+ * @author Jonathan
+ *
+ */
+ private class Pair {
+ public Pair(String key, PermConverter pc) {
+ name = key;
+ this.pc = pc;
+ }
+ public String name;
+ public PermConverter pc;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java
index 9d1653fa..3c0f139b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java
@@ -55,159 +55,159 @@ import org.onap.aaf.cadi.util.UserChainManip;
*
*/
public class CadiHTTPManip {
- private static final String ACCESS_CADI_CONTROL = ".access|cadi|control";
- private static final String METH = "OPTIONS";
- private static final String CADI = "/cadi/";
- private static final String CADI_CACHE_PRINT = "/cadi/cache/print";
- private static final String CADI_CACHE_CLEAR = "/cadi/cache/clear";
- private static final String CADI_LOG_SET = "/cadi/log/set/";
- private static final Object LOCK = new Object();
- private Access access;
- private HttpTaf taf;
- private CredVal up;
- private Lur lur;
- private String thisPerm,companyPerm,aaf_id;
-
- public static final Object[] noAdditional = new Object[0]; // CadiFilter can be created each call in some systems
+ private static final String ACCESS_CADI_CONTROL = ".access|cadi|control";
+ private static final String METH = "OPTIONS";
+ private static final String CADI = "/cadi/";
+ private static final String CADI_CACHE_PRINT = "/cadi/cache/print";
+ private static final String CADI_CACHE_CLEAR = "/cadi/cache/clear";
+ private static final String CADI_LOG_SET = "/cadi/log/set/";
+ private static final Object LOCK = new Object();
+ private Access access;
+ private HttpTaf taf;
+ private CredVal up;
+ private Lur lur;
+ private String thisPerm,companyPerm,aaf_id;
+
+ public static final Object[] noAdditional = new Object[0]; // CadiFilter can be created each call in some systems
- public CadiHTTPManip(Access access, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException, LocatorException {
- synchronized(LOCK) {
- this.access = access;
-// Get getter = new AccessGetter(access);
- Config.setDefaultRealm(access);
-
- aaf_id = access.getProperty(Config.CADI_ALIAS,access.getProperty(Config.AAF_APPID, null));
- if(aaf_id==null) {
- access.printf(Level.INIT, "%s is not set. %s can be used instead",Config.AAF_APPID,Config.CADI_ALIAS);
- } else {
- access.printf(Level.INIT, "%s is set to %s",Config.AAF_APPID,aaf_id);
- }
- String ns = aaf_id==null?null:UserChainManip.idToNS(aaf_id);
- if(ns!=null) {
- thisPerm = ns+ACCESS_CADI_CONTROL;
- int dot = ns.indexOf('.');
- if(dot>=0) {
- int dot2=ns.indexOf('.',dot+1);
- if(dot2<0) {
- dot2=dot;
- }
- companyPerm = ns.substring(0, dot2)+ACCESS_CADI_CONTROL;
- } else {
- companyPerm = "com"+ACCESS_CADI_CONTROL;
- }
- } else {
- thisPerm = companyPerm = "com"+ACCESS_CADI_CONTROL;
- }
- SecurityInfoC<HttpURLConnection> si;
- si = SecurityInfoC.instance(access, HttpURLConnection.class);
-
- lur = Config.configLur(si, con, additionalTafLurs);
-
- tc.setLur(lur);
- if(lur instanceof EpiLur) {
- up = ((EpiLur)lur).getUserPassImpl();
- } else if(lur instanceof CredVal) {
- up = (CredVal)lur;
- } else {
- up = null;
- }
- taf = Config.configHttpTaf(con,si, tc, up, lur, additionalTafLurs);
- }
- }
+ public CadiHTTPManip(Access access, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException, LocatorException {
+ synchronized(LOCK) {
+ this.access = access;
+// Get getter = new AccessGetter(access);
+ Config.setDefaultRealm(access);
+
+ aaf_id = access.getProperty(Config.CADI_ALIAS,access.getProperty(Config.AAF_APPID, null));
+ if(aaf_id==null) {
+ access.printf(Level.INIT, "%s is not set. %s can be used instead",Config.AAF_APPID,Config.CADI_ALIAS);
+ } else {
+ access.printf(Level.INIT, "%s is set to %s",Config.AAF_APPID,aaf_id);
+ }
+ String ns = aaf_id==null?null:UserChainManip.idToNS(aaf_id);
+ if(ns!=null) {
+ thisPerm = ns+ACCESS_CADI_CONTROL;
+ int dot = ns.indexOf('.');
+ if(dot>=0) {
+ int dot2=ns.indexOf('.',dot+1);
+ if(dot2<0) {
+ dot2=dot;
+ }
+ companyPerm = ns.substring(0, dot2)+ACCESS_CADI_CONTROL;
+ } else {
+ companyPerm = "com"+ACCESS_CADI_CONTROL;
+ }
+ } else {
+ thisPerm = companyPerm = "com"+ACCESS_CADI_CONTROL;
+ }
+ SecurityInfoC<HttpURLConnection> si;
+ si = SecurityInfoC.instance(access, HttpURLConnection.class);
+
+ lur = Config.configLur(si, con, additionalTafLurs);
+
+ tc.setLur(lur);
+ if(lur instanceof EpiLur) {
+ up = ((EpiLur)lur).getUserPassImpl();
+ } else if(lur instanceof CredVal) {
+ up = (CredVal)lur;
+ } else {
+ up = null;
+ }
+ taf = Config.configHttpTaf(con,si, tc, up, lur, additionalTafLurs);
+ }
+ }
- public TafResp validate(HttpServletRequest hreq, HttpServletResponse hresp, Object state) throws IOException {
- TafResp tresp = taf.validate(Taf.LifeForm.LFN, hreq, hresp);
- switch(tresp.isAuthenticated()) {
- case IS_AUTHENTICATED:
- access.printf(Level.INFO,"Authenticated: %s from %s:%d",
- tresp.desc(), hreq.getRemoteAddr(), hreq.getRemotePort());
- break;
- case TRY_AUTHENTICATING:
- switch (tresp.authenticate()) {
- case IS_AUTHENTICATED:
- access.printf(Level.INFO,"Authenticated: %s from %s:%d",
- tresp.desc(), hreq.getRemoteAddr(), hreq.getRemotePort());
- break;
- case HTTP_REDIRECT_INVOKED:
- access.log(Level.INFO,"Authenticating via redirection: ", tresp.desc());
- break;
- case NO_FURTHER_PROCESSING:
- access.printf(Level.AUDIT,"Authentication Failure: %s from %s:%d"
- , tresp.desc(), hreq.getRemoteAddr(), hreq.getRemotePort());
- hresp.sendError(403, tresp.desc()); // Forbidden
- break;
+ public TafResp validate(HttpServletRequest hreq, HttpServletResponse hresp, Object state) throws IOException {
+ TafResp tresp = taf.validate(Taf.LifeForm.LFN, hreq, hresp);
+ switch(tresp.isAuthenticated()) {
+ case IS_AUTHENTICATED:
+ access.printf(Level.INFO,"Authenticated: %s from %s:%d",
+ tresp.desc(), hreq.getRemoteAddr(), hreq.getRemotePort());
+ break;
+ case TRY_AUTHENTICATING:
+ switch (tresp.authenticate()) {
+ case IS_AUTHENTICATED:
+ access.printf(Level.INFO,"Authenticated: %s from %s:%d",
+ tresp.desc(), hreq.getRemoteAddr(), hreq.getRemotePort());
+ break;
+ case HTTP_REDIRECT_INVOKED:
+ access.log(Level.INFO,"Authenticating via redirection: ", tresp.desc());
+ break;
+ case NO_FURTHER_PROCESSING:
+ access.printf(Level.AUDIT,"Authentication Failure: %s from %s:%d"
+ , tresp.desc(), hreq.getRemoteAddr(), hreq.getRemotePort());
+ hresp.sendError(403, tresp.desc()); // Forbidden
+ break;
- default:
- access.printf(Level.AUDIT,"No TAF will authorize for request from %s:%d"
- , hreq.getRemoteAddr(), hreq.getRemotePort());
- hresp.sendError(403, tresp.desc()); // Forbidden
- }
- break;
- case NO_FURTHER_PROCESSING:
- access.printf(Level.AUDIT,"Authentication Failure: %s from %s:%d",
- tresp.desc(), hreq.getRemoteAddr(), hreq.getRemotePort());
- hresp.sendError(403, "Access Denied"); // FORBIDDEN
- break;
- default:
- access.printf(Level.AUDIT,"No TAF will authorize for request from %s:%d"
- , hreq.getRemoteAddr(), hreq.getRemotePort());
- hresp.sendError(403, "Access Denied"); // FORBIDDEN
- }
- return tresp;
- }
-
- public boolean notCadi(CadiWrap req, HttpServletResponse resp) {
-
- String pathInfo = req.getPathInfo();
- if(METH.equalsIgnoreCase(req.getMethod()) && pathInfo!=null && pathInfo.contains(CADI)) {
- if(req.getUser().equals(aaf_id) || req.isUserInRole(thisPerm) || req.isUserInRole(companyPerm)) {
- try {
- if(pathInfo.contains(CADI_CACHE_PRINT)) {
- resp.getOutputStream().println(lur.toString());
- resp.setStatus(200);
- return false;
- } else if(pathInfo.contains(CADI_CACHE_CLEAR)) {
- StringBuilder report = new StringBuilder();
- lur.clear(req.getUserPrincipal(), report);
- resp.getOutputStream().println(report.toString());
- resp.setStatus(200);
- return false;
- } else if(pathInfo.contains(CADI_LOG_SET)) {
- Level l;
- int slash = pathInfo.lastIndexOf('/');
- String level = pathInfo.substring(slash+1);
- try {
- l = Level.valueOf(level);
- access.printf(Level.AUDIT, "%s has set CADI Log Level to '%s'",req.getUser(),l.name());
- access.setLogLevel(l);
- } catch (IllegalArgumentException e) {
- access.printf(Level.AUDIT, "'%s' is not a valid CADI Log Level",level);
- }
- return false;
- }
- } catch (IOException e) {
- access.log(e);
- }
- }
- }
- return true;
- }
+ default:
+ access.printf(Level.AUDIT,"No TAF will authorize for request from %s:%d"
+ , hreq.getRemoteAddr(), hreq.getRemotePort());
+ hresp.sendError(403, tresp.desc()); // Forbidden
+ }
+ break;
+ case NO_FURTHER_PROCESSING:
+ access.printf(Level.AUDIT,"Authentication Failure: %s from %s:%d",
+ tresp.desc(), hreq.getRemoteAddr(), hreq.getRemotePort());
+ hresp.sendError(403, "Access Denied"); // FORBIDDEN
+ break;
+ default:
+ access.printf(Level.AUDIT,"No TAF will authorize for request from %s:%d"
+ , hreq.getRemoteAddr(), hreq.getRemotePort());
+ hresp.sendError(403, "Access Denied"); // FORBIDDEN
+ }
+ return tresp;
+ }
+
+ public boolean notCadi(CadiWrap req, HttpServletResponse resp) {
+
+ String pathInfo = req.getPathInfo();
+ if(METH.equalsIgnoreCase(req.getMethod()) && pathInfo!=null && pathInfo.contains(CADI)) {
+ if(req.getUser().equals(aaf_id) || req.isUserInRole(thisPerm) || req.isUserInRole(companyPerm)) {
+ try {
+ if(pathInfo.contains(CADI_CACHE_PRINT)) {
+ resp.getOutputStream().println(lur.toString());
+ resp.setStatus(200);
+ return false;
+ } else if(pathInfo.contains(CADI_CACHE_CLEAR)) {
+ StringBuilder report = new StringBuilder();
+ lur.clear(req.getUserPrincipal(), report);
+ resp.getOutputStream().println(report.toString());
+ resp.setStatus(200);
+ return false;
+ } else if(pathInfo.contains(CADI_LOG_SET)) {
+ Level l;
+ int slash = pathInfo.lastIndexOf('/');
+ String level = pathInfo.substring(slash+1);
+ try {
+ l = Level.valueOf(level);
+ access.printf(Level.AUDIT, "%s has set CADI Log Level to '%s'",req.getUser(),l.name());
+ access.setLogLevel(l);
+ } catch (IllegalArgumentException e) {
+ access.printf(Level.AUDIT, "'%s' is not a valid CADI Log Level",level);
+ }
+ return false;
+ }
+ } catch (IOException e) {
+ access.log(e);
+ }
+ }
+ }
+ return true;
+ }
- public Lur getLur() {
- return lur;
- }
-
- public void destroy() {
- access.log(Level.INFO,"CadiHttpChecker destroyed.");
- if(lur!=null) {
- lur.destroy();
- lur=null;
- }
- }
+ public Lur getLur() {
+ return lur;
+ }
+
+ public void destroy() {
+ access.log(Level.INFO,"CadiHttpChecker destroyed.");
+ if(lur!=null) {
+ lur.destroy();
+ lur=null;
+ }
+ }
- public Access getAccess() {
- return access;
- }
+ public Access getAccess() {
+ return access;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java
index 9c4cca10..f56cbf27 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java
@@ -33,44 +33,44 @@ import org.onap.aaf.cadi.config.Get;
* cleans up the initialization code.
*/
class FCGet implements Get {
- /**
- *
- */
- private final Access access;
- private FilterConfig filterConfig;
- private ServletContext context;
+ /**
+ *
+ */
+ private final Access access;
+ private FilterConfig filterConfig;
+ private ServletContext context;
- public FCGet(Access access, ServletContext context, FilterConfig filterConfig) {
- this.access = access;
- this.context = context;
- this.filterConfig = filterConfig;
- }
+ public FCGet(Access access, ServletContext context, FilterConfig filterConfig) {
+ this.access = access;
+ this.context = context;
+ this.filterConfig = filterConfig;
+ }
- public String get(String name, String def, boolean print) {
- String str = null;
- // Try Server Context First
- if(context!=null) {
- str = context.getInitParameter(name);
- }
-
- // Try Filter Context next
- if(str==null && filterConfig != null) {
- str = filterConfig.getInitParameter(name);
- }
-
- if(str==null) {
- str = access.getProperty(name, def);
- }
- // Take def if nothing else
- if(str==null) {
- str = def;
- // don't log defaults
- } else {
- str = str.trim(); // this is vital in Property File based values, as spaces can hide easily
- if(print) {
- access.log(Level.INFO,"Setting", name, "to", str);
- }
- }
- return str;
- }
+ public String get(String name, String def, boolean print) {
+ String str = null;
+ // Try Server Context First
+ if(context!=null) {
+ str = context.getInitParameter(name);
+ }
+
+ // Try Filter Context next
+ if(str==null && filterConfig != null) {
+ str = filterConfig.getInitParameter(name);
+ }
+
+ if(str==null) {
+ str = access.getProperty(name, def);
+ }
+ // Take def if nothing else
+ if(str==null) {
+ str = def;
+ // don't log defaults
+ } else {
+ str = str.trim(); // this is vital in Property File based values, as spaces can hide easily
+ if(print) {
+ access.log(Level.INFO,"Setting", name, "to", str);
+ }
+ }
+ return str;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java
index f0786b12..7953e076 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapPermConverter.java
@@ -25,30 +25,30 @@ import java.util.HashMap;
import java.util.Map;
public class MapPermConverter implements PermConverter {
- private HashMap<String,String> map;
+ private HashMap<String,String> map;
- /**
- * Create with colon separated name value pairs
- * i.e. teAdmin=com.att.myNS.myPerm|*|*:teUser=...
- *
- * @param value
- */
- public MapPermConverter() {
- map = new HashMap<>();
- }
+ /**
+ * Create with colon separated name value pairs
+ * i.e. teAdmin=com.att.myNS.myPerm|*|*:teUser=...
+ *
+ * @param value
+ */
+ public MapPermConverter() {
+ map = new HashMap<>();
+ }
- /**
- * use to instantiate entries
- *
- * @return
- */
- public Map<String,String> map() {
- return map;
- }
+ /**
+ * use to instantiate entries
+ *
+ * @return
+ */
+ public Map<String,String> map() {
+ return map;
+ }
- public String convert(String minimal) {
- String rv = map.get(minimal);
- return (rv == null) ? minimal : rv;
- }
+ public String convert(String minimal) {
+ String rv = map.get(minimal);
+ return (rv == null) ? minimal : rv;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/NullPermConverter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/NullPermConverter.java
index 8b70d95d..bb63d097 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/NullPermConverter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/NullPermConverter.java
@@ -32,14 +32,14 @@ package org.onap.aaf.cadi.filter;
*/
public class NullPermConverter implements PermConverter {
- private static final NullPermConverter singleton = new NullPermConverter();
+ private static final NullPermConverter singleton = new NullPermConverter();
- private NullPermConverter() {}
+ private NullPermConverter() {}
- public static NullPermConverter singleton() { return singleton; }
+ public static NullPermConverter singleton() { return singleton; }
- public String convert(String minimal) {
- return minimal;
- }
+ public String convert(String minimal) {
+ return minimal;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PathFilter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PathFilter.java
index cf87c840..f0de0481 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PathFilter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PathFilter.java
@@ -48,133 +48,133 @@ import org.onap.aaf.cadi.config.Config;
*
*/
public class PathFilter implements Filter {
- private final Log log;
-
- private ServletContext context;
- private String aafType;
- private String notAuthorizedMsg;
-
- /**
- * Construct a viable Filter for installing in Container WEB.XML, etc.
- *
- */
- public PathFilter() {
- log = new Log() {
- public void info(String ... msg) {
- context.log(build("INFO:", msg));
- }
- public void audit(String ... msg) {
- context.log(build("AUDIT:", msg));
- }
- private String build(String type, String []msg) {
- StringBuilder sb = new StringBuilder(type);
- for (String s : msg) {
- sb.append(' ');
- sb.append(s);
- }
- return sb.toString();
- }
- };
- }
-
- /**
- * Filter that can be constructed within Java
- * @param access
- */
- public PathFilter(final Access access) {
- log = new Log() {
- public void info(String ... msg) {
- access.log(Level.INFO, (Object[])msg);
- }
- public void audit(String ... msg) {
- access.log(Level.AUDIT, (Object[])msg);
- }
- };
- }
-
- /**
- * Init
- *
- * Standard Filter "init" call with FilterConfig to obtain properties. POJOs can construct a
- * FilterConfig with the mechanism of their choice, and standard J2EE Servlet engines utilize this
- * mechanism already.
- */
- public void init(FilterConfig filterConfig) throws ServletException {
- // need the Context for Logging, instantiating ClassLoader, etc
- context = filterConfig.getServletContext();
- StringBuilder sb = new StringBuilder();
- StringBuilder err = new StringBuilder();
- Object attr = context.getAttribute(Config.PATHFILTER_NS);
- if (attr == null) {
- err.append("PathFilter - pathfilter_ns is not set");
- } else {
- sb.append(attr.toString());
- }
-
- attr = context.getAttribute(Config.PATHFILTER_STACK);
- if (attr == null) {
- log.info("PathFilter - No pathfilter_stack set, ignoring");
- } else {
- sb.append('.');
- sb.append(attr.toString());
- }
-
- attr = context.getAttribute(Config.PATHFILTER_URLPATTERN);
- if (attr == null) {
- log.info("PathFilter - No pathfilter_urlpattern set, defaulting to 'urlpattern'");
- sb.append(".urlpattern");
- } else {
- sb.append('.');
- sb.append(attr.toString());
- }
-
- log.info("PathFilter - AAF Permission Type is", sb.toString());
-
- sb.append('|');
-
- aafType = sb.toString();
-
- attr = context.getAttribute(Config.PATHFILTER_NOT_AUTHORIZED_MSG);
- if (attr == null) {
- notAuthorizedMsg = "Forbidden - Not Authorized to access this Path";
- } else {
- notAuthorizedMsg = attr.toString();
- }
-
- if (err.length() > 0) {
- throw new ServletException(err.toString());
- }
- }
-
- private interface Log {
- public void info(String ... msg);
- public void audit(String ... msg);
- }
-
- /**
- * doFilter
- *
- * This is the standard J2EE invocation. Analyze the request, modify response as necessary, and
- * only call the next item in the filterChain if request is suitably Authenticated.
- */
- //TODO Always validate changes against Tomcat AbsCadiValve and Jaspi CadiSAM functions
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
- HttpServletRequest hreq = (HttpServletRequest)request;
- HttpServletResponse hresp = (HttpServletResponse)response;
- String perm = aafType + hreq.getPathInfo() + '|' + hreq.getMethod();
- if (hreq.isUserInRole(perm)) {
- chain.doFilter(request, response);
- } else {
- log.audit("PathFilter has denied", hreq.getUserPrincipal().getName(), "access to", perm);
- hresp.sendError(403, notAuthorizedMsg);
- }
- }
-
- /**
- * Containers call "destroy" when time to cleanup
- */
- public void destroy() {
- log.info("PathFilter destroyed.");
- }
+ private final Log log;
+
+ private ServletContext context;
+ private String aafType;
+ private String notAuthorizedMsg;
+
+ /**
+ * Construct a viable Filter for installing in Container WEB.XML, etc.
+ *
+ */
+ public PathFilter() {
+ log = new Log() {
+ public void info(String ... msg) {
+ context.log(build("INFO:", msg));
+ }
+ public void audit(String ... msg) {
+ context.log(build("AUDIT:", msg));
+ }
+ private String build(String type, String []msg) {
+ StringBuilder sb = new StringBuilder(type);
+ for (String s : msg) {
+ sb.append(' ');
+ sb.append(s);
+ }
+ return sb.toString();
+ }
+ };
+ }
+
+ /**
+ * Filter that can be constructed within Java
+ * @param access
+ */
+ public PathFilter(final Access access) {
+ log = new Log() {
+ public void info(String ... msg) {
+ access.log(Level.INFO, (Object[])msg);
+ }
+ public void audit(String ... msg) {
+ access.log(Level.AUDIT, (Object[])msg);
+ }
+ };
+ }
+
+ /**
+ * Init
+ *
+ * Standard Filter "init" call with FilterConfig to obtain properties. POJOs can construct a
+ * FilterConfig with the mechanism of their choice, and standard J2EE Servlet engines utilize this
+ * mechanism already.
+ */
+ public void init(FilterConfig filterConfig) throws ServletException {
+ // need the Context for Logging, instantiating ClassLoader, etc
+ context = filterConfig.getServletContext();
+ StringBuilder sb = new StringBuilder();
+ StringBuilder err = new StringBuilder();
+ Object attr = context.getAttribute(Config.PATHFILTER_NS);
+ if (attr == null) {
+ err.append("PathFilter - pathfilter_ns is not set");
+ } else {
+ sb.append(attr.toString());
+ }
+
+ attr = context.getAttribute(Config.PATHFILTER_STACK);
+ if (attr == null) {
+ log.info("PathFilter - No pathfilter_stack set, ignoring");
+ } else {
+ sb.append('.');
+ sb.append(attr.toString());
+ }
+
+ attr = context.getAttribute(Config.PATHFILTER_URLPATTERN);
+ if (attr == null) {
+ log.info("PathFilter - No pathfilter_urlpattern set, defaulting to 'urlpattern'");
+ sb.append(".urlpattern");
+ } else {
+ sb.append('.');
+ sb.append(attr.toString());
+ }
+
+ log.info("PathFilter - AAF Permission Type is", sb.toString());
+
+ sb.append('|');
+
+ aafType = sb.toString();
+
+ attr = context.getAttribute(Config.PATHFILTER_NOT_AUTHORIZED_MSG);
+ if (attr == null) {
+ notAuthorizedMsg = "Forbidden - Not Authorized to access this Path";
+ } else {
+ notAuthorizedMsg = attr.toString();
+ }
+
+ if (err.length() > 0) {
+ throw new ServletException(err.toString());
+ }
+ }
+
+ private interface Log {
+ public void info(String ... msg);
+ public void audit(String ... msg);
+ }
+
+ /**
+ * doFilter
+ *
+ * This is the standard J2EE invocation. Analyze the request, modify response as necessary, and
+ * only call the next item in the filterChain if request is suitably Authenticated.
+ */
+ //TODO Always validate changes against Tomcat AbsCadiValve and Jaspi CadiSAM functions
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+ HttpServletRequest hreq = (HttpServletRequest)request;
+ HttpServletResponse hresp = (HttpServletResponse)response;
+ String perm = aafType + hreq.getPathInfo() + '|' + hreq.getMethod();
+ if (hreq.isUserInRole(perm)) {
+ chain.doFilter(request, response);
+ } else {
+ log.audit("PathFilter has denied", hreq.getUserPrincipal().getName(), "access to", perm);
+ hresp.sendError(403, notAuthorizedMsg);
+ }
+ }
+
+ /**
+ * Containers call "destroy" when time to cleanup
+ */
+ public void destroy() {
+ log.info("PathFilter destroyed.");
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PermConverter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PermConverter.java
index bb97894b..dfd0f64b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PermConverter.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/PermConverter.java
@@ -28,5 +28,5 @@ package org.onap.aaf.cadi.filter;
*
*/
public interface PermConverter {
- public String convert(String minimal);
+ public String convert(String minimal);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/RolesAllowed.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/RolesAllowed.java
index 5f709f12..ac61a5c6 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/RolesAllowed.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/RolesAllowed.java
@@ -47,10 +47,10 @@ import java.lang.annotation.Target;
@Target({TYPE})
@Retention(RUNTIME)
public @interface RolesAllowed {
- /**
- * Security role of the implementation, which doesn't have to be an EJB or CORBA like object. Can be just a
- * Handler
- * @return
- */
- String[] value();
+ /**
+ * Security role of the implementation, which doesn't have to be an EJB or CORBA like object. Can be just a
+ * Handler
+ * @return
+ */
+ String[] value();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/ServletImpl.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/ServletImpl.java
index 02c2600f..5386eb2d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/ServletImpl.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/ServletImpl.java
@@ -47,10 +47,10 @@ import javax.servlet.Servlet;
@Target({TYPE})
@Retention(RUNTIME)
public @interface ServletImpl {
- /**
- * Security role of the implementation, which doesn't have to be an EJB or CORBA like object. Can be just a
- * Handler
- * @return
- */
- Class<? extends Servlet> value();
+ /**
+ * Security role of the implementation, which doesn't have to be an EJB or CORBA like object. Can be just a
+ * Handler
+ * @return
+ */
+ Class<? extends Servlet> value();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java
index 43dd1018..c1b477b1 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java
@@ -28,42 +28,42 @@ import org.onap.aaf.cadi.GetCred;
import org.onap.aaf.cadi.Symm;
public class ConfigPrincipal implements Principal, GetCred {
- private String name;
- private byte[] cred;
- private String content;
+ private String name;
+ private byte[] cred;
+ private String content;
- public ConfigPrincipal(String name, String passwd) {
- this.name = name;
- this.cred = passwd.getBytes();
- content = null;
- }
+ public ConfigPrincipal(String name, String passwd) {
+ this.name = name;
+ this.cred = passwd.getBytes();
+ content = null;
+ }
- public ConfigPrincipal(String name, byte[] cred) {
- this.name = name;
- this.cred = cred;
- content = null;
- }
+ public ConfigPrincipal(String name, byte[] cred) {
+ this.name = name;
+ this.cred = cred;
+ content = null;
+ }
- public String getName() {
- return name;
- }
-
- public byte[] getCred() {
- return cred;
- }
+ public String getName() {
+ return name;
+ }
+
+ public byte[] getCred() {
+ return cred;
+ }
- public String toString() {
- return name;
- }
-
- public String getAsBasicAuthHeader() throws IOException {
- if(content ==null) {
- String s = name + ':' + new String(cred);
- content = "Basic " + Symm.base64.encode(s);
- } else if(!content.startsWith("Basic ")) { // content is the saved password from construction
- String s = name + ':' + content;
- content = "Basic " + Symm.base64.encode(s);
- }
- return content;
- }
+ public String toString() {
+ return name;
+ }
+
+ public String getAsBasicAuthHeader() throws IOException {
+ if(content ==null) {
+ String s = name + ':' + new String(cred);
+ content = "Basic " + Symm.base64.encode(s);
+ } else if(!content.startsWith("Basic ")) { // content is the saved password from construction
+ String s = name + ':' + content;
+ content = "Basic " + Symm.base64.encode(s);
+ }
+ return content;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
index b442c7d9..2c5e1957 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java
@@ -46,124 +46,124 @@ import org.onap.aaf.cadi.Permission;
*
*/
public final class EpiLur implements Lur {
- private final Lur[] lurs;
-
- /**
- * EpiLur constructor
- *
- * Construct the EpiLur from variable TAF parameters
- * @param lurs
- * @throws CadiException
- */
- public EpiLur(Lur ... lurs) throws CadiException{
- this.lurs = lurs;
- if(lurs.length==0) throw new CadiException("Need at least one Lur implementation in constructor");
- }
+ private final Lur[] lurs;
+
+ /**
+ * EpiLur constructor
+ *
+ * Construct the EpiLur from variable TAF parameters
+ * @param lurs
+ * @throws CadiException
+ */
+ public EpiLur(Lur ... lurs) throws CadiException{
+ this.lurs = lurs;
+ if(lurs.length==0) throw new CadiException("Need at least one Lur implementation in constructor");
+ }
- public boolean fish(Principal bait, Permission ... pond) {
- if(pond==null) {
- return false;
- }
- boolean rv = false;
- Lur lur;
- for(int i=0;!rv && i<lurs.length;++i) {
- rv = (lur = lurs[i]).fish(bait, pond);
- if(!rv && lur.handlesExclusively(pond)) break;
- }
- return rv;
- }
+ public boolean fish(Principal bait, Permission ... pond) {
+ if(pond==null) {
+ return false;
+ }
+ boolean rv = false;
+ Lur lur;
+ for(int i=0;!rv && i<lurs.length;++i) {
+ rv = (lur = lurs[i]).fish(bait, pond);
+ if(!rv && lur.handlesExclusively(pond)) break;
+ }
+ return rv;
+ }
- public void fishAll(Principal bait, List<Permission> permissions) {
- for(Lur lur : lurs) {
- lur.fishAll(bait, permissions);
- }
- }
+ public void fishAll(Principal bait, List<Permission> permissions) {
+ for(Lur lur : lurs) {
+ lur.fishAll(bait, permissions);
+ }
+ }
- public void destroy() {
- for(Lur lur : lurs) {
- lur.destroy();
- }
- }
+ public void destroy() {
+ for(Lur lur : lurs) {
+ lur.destroy();
+ }
+ }
- /**
- * Return the first Lur (if any) which also implements UserPass
- * @return
- */
- public CredVal getUserPassImpl() {
- for(Lur lur : lurs) {
- if(lur instanceof CredVal) {
- return (CredVal)lur;
- }
- }
- return null;
- }
+ /**
+ * Return the first Lur (if any) which also implements UserPass
+ * @return
+ */
+ public CredVal getUserPassImpl() {
+ for(Lur lur : lurs) {
+ if(lur instanceof CredVal) {
+ return (CredVal)lur;
+ }
+ }
+ return null;
+ }
- // Never needed... Only EpiLur uses...
- public boolean handlesExclusively(Permission ... pond) {
- return false;
- }
-
- /**
- * Get Lur for index. Returns null if out of range
- * @param idx
- * @return
- */
- public Lur get(int idx) {
- if(idx>=0 && idx<lurs.length) {
- return lurs[idx];
- }
- return null;
- }
+ // Never needed... Only EpiLur uses...
+ public boolean handlesExclusively(Permission ... pond) {
+ return false;
+ }
+
+ /**
+ * Get Lur for index. Returns null if out of range
+ * @param idx
+ * @return
+ */
+ public Lur get(int idx) {
+ if(idx>=0 && idx<lurs.length) {
+ return lurs[idx];
+ }
+ return null;
+ }
- public boolean handles(Principal p) {
- for(Lur l : lurs) {
- if(l.handles(p)) {
- return true;
- }
- }
- return false;
- }
+ public boolean handles(Principal p) {
+ for(Lur l : lurs) {
+ if(l.handles(p)) {
+ return true;
+ }
+ }
+ return false;
+ }
- public void remove(String id) {
- for(Lur l : lurs) {
- if(l instanceof CachingLur) {
- ((CachingLur<?>)l).remove(id);
- }
- }
- }
-
- public Lur subLur(Class<? extends Lur> cls ) {
- for(Lur l : lurs) {
- if(l.getClass().isAssignableFrom(cls)) {
- return l;
- }
- }
- return null;
- }
+ public void remove(String id) {
+ for(Lur l : lurs) {
+ if(l instanceof CachingLur) {
+ ((CachingLur<?>)l).remove(id);
+ }
+ }
+ }
+
+ public Lur subLur(Class<? extends Lur> cls ) {
+ for(Lur l : lurs) {
+ if(l.getClass().isAssignableFrom(cls)) {
+ return l;
+ }
+ }
+ return null;
+ }
- @Override
- public Permission createPerm(String p) {
- return new LocalPermission(p);
- }
+ @Override
+ public Permission createPerm(String p) {
+ return new LocalPermission(p);
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#clear(java.security.Principal, java.lang.StringBuilder)
- */
- @Override
- public void clear(Principal p, StringBuilder report) {
- for(Lur lur : lurs) {
- lur.clear(p, report);
- }
- }
-
- public String toString() {
- StringBuilder sb = new StringBuilder();
- for(Lur lur : lurs) {
- sb.append(lur.getClass().getSimpleName());
- sb.append(": Report\n");
- sb.append(lur.toString());
- sb.append('\n');
- }
- return sb.toString();
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#clear(java.security.Principal, java.lang.StringBuilder)
+ */
+ @Override
+ public void clear(Principal p, StringBuilder report) {
+ for(Lur lur : lurs) {
+ lur.clear(p, report);
+ }
+ }
+
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ for(Lur lur : lurs) {
+ sb.append(lur.getClass().getSimpleName());
+ sb.append(": Report\n");
+ sb.append(lur.toString());
+ sb.append('\n');
+ }
+ return sb.toString();
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
index e177a22f..d2b6f1aa 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java
@@ -45,177 +45,177 @@ import org.onap.aaf.cadi.config.Config;
*
*/
public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur, CredVal {
- public static final String SEMI = "\\s*;\\s*";
- public static final String COLON = "\\s*:\\s*";
- public static final String COMMA = "\\s*,\\s*";
- public static final String PERCENT = "\\s*%\\s*";
-
- // Use to quickly determine whether any given group is supported by this LUR
- private final Set<String> supportingGroups;
- private String supportedRealm;
-
- /**
- * Construct by building structure, see "build"
- *
- * Reconstruct with "build"
- *
- * @param userProperties
- * @param groupProperties
- * @param decryptor
- * @throws IOException
- */
- public LocalLur(Access access, String userProperties, String groupProperties) throws IOException {
- super(access, 0, 0, Integer.MAX_VALUE); // data doesn't expire
- supportedRealm = access.getProperty(Config.BASIC_REALM, "localized");
- supportingGroups = new TreeSet<>();
-
- if (userProperties != null) {
- parseUserProperties(userProperties);
- }
-
- if (groupProperties != null) {
- parseGroupProperties(groupProperties);
- }
- }
-
- public boolean validate(String user, CredVal.Type type, byte[] cred, Object state) {
- if (cred == null) {
- return false;
- }
- User<LocalPermission> usr = getUser(user, cred);
- if (usr == null) {
- return false;
- }
- // covers null as well as bad pass
- if ((type == Type.PASSWORD) && (usr.principal instanceof ConfigPrincipal)) {;
- return Hash.isEqual(cred, ((ConfigPrincipal)usr.principal).getCred());
- }
- return false;
- }
-
- // @Override
- public boolean fish(Principal bait, Permission ... pond) {
- if (pond == null) {
- return false;
- }
- for(Permission p : pond) {
- if (handles(bait) && p instanceof LocalPermission) { // local Users only have LocalPermissions
- User<LocalPermission> user = getUser(bait);
- if (user != null) {
- return user.contains((LocalPermission)p);
- }
- }
- }
- return false;
- }
-
- // We do not want to expose the actual Group, so make a copy.
- public void fishAll(Principal bait, List<Permission> perms) {
- if (handles(bait)) {
- User<LocalPermission> user = getUser(bait);
- if (user != null) {
- user.copyPermsTo(perms);
- }
- }
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#handles(java.security.Principal)
- */
- @Override
- public boolean handles(Principal principal) {
- if (principal == null) {
- return false;
- }
- return principal.getName().endsWith(supportedRealm);
- }
-
- @Override
- public boolean handlesExclusively(Permission ... pond) {
- boolean rv = false;
- for (Permission p : pond) {
- if(rv=supportingGroups.contains(p.getKey())) {
- break;
- }
- }
- return rv;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#createPerm(java.lang.String)
- */
- @Override
- public Permission createPerm(String p) {
- return new LocalPermission(p);
- }
-
- private void parseUserProperties(String userProperties) throws IOException {
- // For each User name...
- for (String userProperty : userProperties.trim().split(SEMI)) {
- String[] userInfo = userProperty.split(COLON, 2);
- String[] userPass = userInfo[0].split(PERCENT, 2);
- String userName = userPass[0];
-
- byte[] password = null;
- if (userPass.length > 1) {
- password = access.decrypt(userPass[1], true).getBytes();
- if (userName.indexOf('@') < 0) {
- userName += '@' + access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm());
- }
- }
- User<LocalPermission> usr;
- usr = new User<>(new ConfigPrincipal(userName, password));
- addUser(usr);
- access.log(Level.INIT, "Local User:", usr.principal);
-
- if (userInfo.length > 1) {
- Map<String, Permission> newMap = usr.newMap();
- for (String group : userInfo[1].split(COMMA)) {
- supportingGroups.add(group);
- usr.add(newMap, new LocalPermission(group));
- }
- usr.setMap(newMap);
- }
- }
- }
-
-
- private void parseGroupProperties(String groupProperties) throws IOException {
- // For each Group name...
- for (String group : groupProperties.trim().split(SEMI)) {
- String[] groups = group.split(COLON, 2);
- if (groups.length <= 1) {
- continue;
- }
- supportingGroups.add(groups[0]);
- LocalPermission p = new LocalPermission(groups[0]);
-
- // Add all users (known by comma separators)
- for (String groupMember : groups[1].split(COMMA)) {
- // look for password, if so, put in passMap
- String[] userPass = groupMember.split(PERCENT, 2);
- String userName = userPass[0];
- if (userName.indexOf('@') < 0) {
- userName += '@' + access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm());
- }
-
- User<LocalPermission> usr = null;
- byte[] password = null;
- if (userPass.length > 1) {
- password = access.decrypt(userPass[1], true).getBytes();
- }
- usr = getUser(userName, password);
- if (usr == null) {
- usr = new User<>(new ConfigPrincipal(userName, password));
- addUser(usr);
- }
- else {
- usr.principal = new ConfigPrincipal(userName, password);
- }
- usr.add(p);
- access.log(Level.INIT, "Local User:", usr.principal);
- }
- }
- }
+ public static final String SEMI = "\\s*;\\s*";
+ public static final String COLON = "\\s*:\\s*";
+ public static final String COMMA = "\\s*,\\s*";
+ public static final String PERCENT = "\\s*%\\s*";
+
+ // Use to quickly determine whether any given group is supported by this LUR
+ private final Set<String> supportingGroups;
+ private String supportedRealm;
+
+ /**
+ * Construct by building structure, see "build"
+ *
+ * Reconstruct with "build"
+ *
+ * @param userProperties
+ * @param groupProperties
+ * @param decryptor
+ * @throws IOException
+ */
+ public LocalLur(Access access, String userProperties, String groupProperties) throws IOException {
+ super(access, 0, 0, Integer.MAX_VALUE); // data doesn't expire
+ supportedRealm = access.getProperty(Config.BASIC_REALM, "localized");
+ supportingGroups = new TreeSet<>();
+
+ if (userProperties != null) {
+ parseUserProperties(userProperties);
+ }
+
+ if (groupProperties != null) {
+ parseGroupProperties(groupProperties);
+ }
+ }
+
+ public boolean validate(String user, CredVal.Type type, byte[] cred, Object state) {
+ if (cred == null) {
+ return false;
+ }
+ User<LocalPermission> usr = getUser(user, cred);
+ if (usr == null) {
+ return false;
+ }
+ // covers null as well as bad pass
+ if ((type == Type.PASSWORD) && (usr.principal instanceof ConfigPrincipal)) {;
+ return Hash.isEqual(cred, ((ConfigPrincipal)usr.principal).getCred());
+ }
+ return false;
+ }
+
+ // @Override
+ public boolean fish(Principal bait, Permission ... pond) {
+ if (pond == null) {
+ return false;
+ }
+ for(Permission p : pond) {
+ if (handles(bait) && p instanceof LocalPermission) { // local Users only have LocalPermissions
+ User<LocalPermission> user = getUser(bait);
+ if (user != null) {
+ return user.contains((LocalPermission)p);
+ }
+ }
+ }
+ return false;
+ }
+
+ // We do not want to expose the actual Group, so make a copy.
+ public void fishAll(Principal bait, List<Permission> perms) {
+ if (handles(bait)) {
+ User<LocalPermission> user = getUser(bait);
+ if (user != null) {
+ user.copyPermsTo(perms);
+ }
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#handles(java.security.Principal)
+ */
+ @Override
+ public boolean handles(Principal principal) {
+ if (principal == null) {
+ return false;
+ }
+ return principal.getName().endsWith(supportedRealm);
+ }
+
+ @Override
+ public boolean handlesExclusively(Permission ... pond) {
+ boolean rv = false;
+ for (Permission p : pond) {
+ if(rv=supportingGroups.contains(p.getKey())) {
+ break;
+ }
+ }
+ return rv;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#createPerm(java.lang.String)
+ */
+ @Override
+ public Permission createPerm(String p) {
+ return new LocalPermission(p);
+ }
+
+ private void parseUserProperties(String userProperties) throws IOException {
+ // For each User name...
+ for (String userProperty : userProperties.trim().split(SEMI)) {
+ String[] userInfo = userProperty.split(COLON, 2);
+ String[] userPass = userInfo[0].split(PERCENT, 2);
+ String userName = userPass[0];
+
+ byte[] password = null;
+ if (userPass.length > 1) {
+ password = access.decrypt(userPass[1], true).getBytes();
+ if (userName.indexOf('@') < 0) {
+ userName += '@' + access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm());
+ }
+ }
+ User<LocalPermission> usr;
+ usr = new User<>(new ConfigPrincipal(userName, password));
+ addUser(usr);
+ access.log(Level.INIT, "Local User:", usr.principal);
+
+ if (userInfo.length > 1) {
+ Map<String, Permission> newMap = usr.newMap();
+ for (String group : userInfo[1].split(COMMA)) {
+ supportingGroups.add(group);
+ usr.add(newMap, new LocalPermission(group));
+ }
+ usr.setMap(newMap);
+ }
+ }
+ }
+
+
+ private void parseGroupProperties(String groupProperties) throws IOException {
+ // For each Group name...
+ for (String group : groupProperties.trim().split(SEMI)) {
+ String[] groups = group.split(COLON, 2);
+ if (groups.length <= 1) {
+ continue;
+ }
+ supportingGroups.add(groups[0]);
+ LocalPermission p = new LocalPermission(groups[0]);
+
+ // Add all users (known by comma separators)
+ for (String groupMember : groups[1].split(COMMA)) {
+ // look for password, if so, put in passMap
+ String[] userPass = groupMember.split(PERCENT, 2);
+ String userName = userPass[0];
+ if (userName.indexOf('@') < 0) {
+ userName += '@' + access.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm());
+ }
+
+ User<LocalPermission> usr = null;
+ byte[] password = null;
+ if (userPass.length > 1) {
+ password = access.decrypt(userPass[1], true).getBytes();
+ }
+ usr = getUser(userName, password);
+ if (usr == null) {
+ usr = new User<>(new ConfigPrincipal(userName, password));
+ addUser(usr);
+ }
+ else {
+ usr.principal = new ConfigPrincipal(userName, password);
+ }
+ usr.add(p);
+ access.log(Level.INIT, "Local User:", usr.principal);
+ }
+ }
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalPermission.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalPermission.java
index 8d6f9698..ee7bab9c 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalPermission.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalPermission.java
@@ -24,27 +24,27 @@ package org.onap.aaf.cadi.lur;
import org.onap.aaf.cadi.Permission;
public class LocalPermission implements Permission {
- private String key;
-
- public LocalPermission(String role) {
- this.key = role;
- }
-
- public String getKey() {
- return key;
- }
+ private String key;
+
+ public LocalPermission(String role) {
+ this.key = role;
+ }
+
+ public String getKey() {
+ return key;
+ }
- public String toString() {
- return key;
- }
+ public String toString() {
+ return key;
+ }
- public boolean match(Permission p) {
- return key.equals(p.getKey());
- }
+ public boolean match(Permission p) {
+ return key.equals(p.getKey());
+ }
- public String permType() {
- return "LOCAL";
- }
-
-
+ public String permType() {
+ return "LOCAL";
+ }
+
+
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
index b314f20e..fe9bbd30 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/NullLur.java
@@ -28,60 +28,60 @@ import org.onap.aaf.cadi.Lur;
import org.onap.aaf.cadi.Permission;
public class NullLur implements Lur {
- private static final Permission NULL = new Permission() {
- @Override
- public String permType() {
- return "";
- }
+ private static final Permission NULL = new Permission() {
+ @Override
+ public String permType() {
+ return "";
+ }
- @Override
- public String getKey() {
- return "";
- }
+ @Override
+ public String getKey() {
+ return "";
+ }
- @Override
- public boolean match(Permission p) {
- return false;
- }};
+ @Override
+ public boolean match(Permission p) {
+ return false;
+ }};
- public boolean fish(Principal bait, Permission ... pond) {
- // Well, for Jenkins, this is ok... It finds out it can't do J2EE Security, and then looks at it's own
-// System.err.println("CADI's LUR has not been configured, but is still being called. Access is being denied");
- return false;
- }
+ public boolean fish(Principal bait, Permission ... pond) {
+ // Well, for Jenkins, this is ok... It finds out it can't do J2EE Security, and then looks at it's own
+// System.err.println("CADI's LUR has not been configured, but is still being called. Access is being denied");
+ return false;
+ }
- public void fishAll(Principal bait, List<Permission> permissions) {
- }
+ public void fishAll(Principal bait, List<Permission> permissions) {
+ }
- public void destroy() {
- }
+ public void destroy() {
+ }
- public boolean handlesExclusively(Permission ... pond) {
- return false;
- }
+ public boolean handlesExclusively(Permission ... pond) {
+ return false;
+ }
- public boolean handles(Principal p) {
- return false;
- }
+ public boolean handles(Principal p) {
+ return false;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#createPerm(java.lang.String)
- */
- @Override
- public Permission createPerm(String p) {
- return NULL;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#createPerm(java.lang.String)
+ */
+ @Override
+ public Permission createPerm(String p) {
+ return NULL;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#clear(java.security.Principal, java.lang.StringBuilder)
- */
- @Override
- public void clear(Principal p, StringBuilder report) {
- report.append(NullLur.class.getSimpleName());
- report.append('\n');
- }
-
- public String toString() {
- return NullLur.class.getSimpleName() + '\n';
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#clear(java.security.Principal, java.lang.StringBuilder)
+ */
+ @Override
+ public void clear(Principal p, StringBuilder report) {
+ report.append(NullLur.class.getSimpleName());
+ report.append('\n');
+ }
+
+ public String toString() {
+ return NullLur.class.getSimpleName() + '\n';
+ }
} \ No newline at end of file
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java
index a235f1d4..d3c1e236 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java
@@ -32,102 +32,102 @@ import org.onap.aaf.cadi.GetCred;
import org.onap.aaf.cadi.Symm;
public class BasicPrincipal extends BearerPrincipal implements GetCred {
- private static byte[] basic = "Basic ".getBytes();
+ private static byte[] basic = "Basic ".getBytes();
- private String name = null;
- private String shortName = null;
- private String domain;
- private byte[] cred = null;
- private long created;
+ private String name = null;
+ private String shortName = null;
+ private String domain;
+ private byte[] cred = null;
+ private long created;
- public BasicPrincipal(String content,String defaultDomain) throws IOException {
- created = System.currentTimeMillis();
- ByteArrayInputStream bis = new ByteArrayInputStream(content.getBytes());
- // Read past "Basic ", ensuring it starts with it.
- for(int i=0;i<basic.length;++i) {
- if(bis.read()!=basic[i]) {
- name=content;
- cred = null;
- return;
- }
- }
- BasicOS bos = new BasicOS(content.length());
- Symm.base64.decode(bis,bos); // note: writes directly to name until ':'
- if(name==null) throw new IOException("Invalid Coding");
- else cred = bos.toCred();
- int at;
- if((at=name.indexOf('@'))>0) {
- domain=name.substring(at+1);
- shortName=name.substring(0, at);
- } else {
- shortName = name;
- domain=defaultDomain;
- name = name + '@' + defaultDomain;
- }
- }
-
- public BasicPrincipal(BasicCred bc, String domain) {
- name = bc.getUser();
- cred = bc.getCred();
- this.domain = domain;
- }
+ public BasicPrincipal(String content,String defaultDomain) throws IOException {
+ created = System.currentTimeMillis();
+ ByteArrayInputStream bis = new ByteArrayInputStream(content.getBytes());
+ // Read past "Basic ", ensuring it starts with it.
+ for(int i=0;i<basic.length;++i) {
+ if(bis.read()!=basic[i]) {
+ name=content;
+ cred = null;
+ return;
+ }
+ }
+ BasicOS bos = new BasicOS(content.length());
+ Symm.base64.decode(bis,bos); // note: writes directly to name until ':'
+ if(name==null) throw new IOException("Invalid Coding");
+ else cred = bos.toCred();
+ int at;
+ if((at=name.indexOf('@'))>0) {
+ domain=name.substring(at+1);
+ shortName=name.substring(0, at);
+ } else {
+ shortName = name;
+ domain=defaultDomain;
+ name = name + '@' + defaultDomain;
+ }
+ }
+
+ public BasicPrincipal(BasicCred bc, String domain) {
+ name = bc.getUser();
+ cred = bc.getCred();
+ this.domain = domain;
+ }
- private class BasicOS extends OutputStream {
- private boolean first = true;
- private ByteArrayOutputStream baos;
-
- public BasicOS(int size) {
- baos = new ByteArrayOutputStream(size);
- }
+ private class BasicOS extends OutputStream {
+ private boolean first = true;
+ private ByteArrayOutputStream baos;
+
+ public BasicOS(int size) {
+ baos = new ByteArrayOutputStream(size);
+ }
- @Override
- public void write(int b) throws IOException {
- if(b==':' && first) {
- first = false;
- name = new String(baos.toByteArray());
- baos.reset(); //
- } else {
- baos.write(b);
- }
- }
-
- private byte[] toCred() {
- return baos.toByteArray();
- }
- }
-
- public String getName() {
- return name;
- }
-
- public String getShortName() {
- return shortName;
- }
-
- public String getDomain() {
- return domain;
- }
-
- public byte[] getCred() {
- return cred;
- }
-
- public long created() {
- return created;
- }
+ @Override
+ public void write(int b) throws IOException {
+ if(b==':' && first) {
+ first = false;
+ name = new String(baos.toByteArray());
+ baos.reset(); //
+ } else {
+ baos.write(b);
+ }
+ }
+
+ private byte[] toCred() {
+ return baos.toByteArray();
+ }
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public String getShortName() {
+ return shortName;
+ }
+
+ public String getDomain() {
+ return domain;
+ }
+
+ public byte[] getCred() {
+ return cred;
+ }
+
+ public long created() {
+ return created;
+ }
- public String toString() {
- return "Basic Authorization for " + name + " evaluated on " + new Date(created).toString();
- }
+ public String toString() {
+ return "Basic Authorization for " + name + " evaluated on " + new Date(created).toString();
+ }
- @Override
- public String tag() {
- return "BAth";
- }
+ @Override
+ public String tag() {
+ return "BAth";
+ }
- @Override
- public String personalName() {
- return name; // personalName not available with Basic Auth
- }
+ @Override
+ public String personalName() {
+ return name; // personalName not available with Basic Auth
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BearerPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BearerPrincipal.java
index ea0ff2fe..6fdcdc0d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BearerPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BearerPrincipal.java
@@ -22,12 +22,12 @@
package org.onap.aaf.cadi.principal;
public abstract class BearerPrincipal extends TaggedPrincipal {
- private String bearer = null;
- public BearerPrincipal setBearer(String bearer) {
- this.bearer = bearer;
- return this;
- }
- public String getBearer() {
- return bearer;
- }
+ private String bearer = null;
+ public BearerPrincipal setBearer(String bearer) {
+ this.bearer = bearer;
+ return this;
+ }
+ public String getBearer() {
+ return bearer;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java
index 68229d3d..f81e160d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java
@@ -34,32 +34,32 @@ import org.onap.aaf.cadi.taf.HttpTaf;
*
*/
public class CachedBasicPrincipal extends BasicPrincipal implements CachedPrincipal {
- private final HttpTaf creator;
- private long timeToLive;
- private long expires;
+ private final HttpTaf creator;
+ private long timeToLive;
+ private long expires;
- public CachedBasicPrincipal(HttpTaf creator, BasicCred bc, String domain, long timeToLive) {
- super(bc, domain);
- this.creator = creator;
- this.timeToLive = timeToLive;
- expires = System.currentTimeMillis()+timeToLive;
- }
-
- public CachedBasicPrincipal(HttpTaf creator, String content, String domain, long timeToLive) throws IOException {
- super(content, domain);
- this.creator = creator;
- this.timeToLive = timeToLive;
- expires = System.currentTimeMillis()+timeToLive;
- }
+ public CachedBasicPrincipal(HttpTaf creator, BasicCred bc, String domain, long timeToLive) {
+ super(bc, domain);
+ this.creator = creator;
+ this.timeToLive = timeToLive;
+ expires = System.currentTimeMillis()+timeToLive;
+ }
+
+ public CachedBasicPrincipal(HttpTaf creator, String content, String domain, long timeToLive) throws IOException {
+ super(content, domain);
+ this.creator = creator;
+ this.timeToLive = timeToLive;
+ expires = System.currentTimeMillis()+timeToLive;
+ }
- public CachedPrincipal.Resp revalidate(Object state) {
- Resp resp = creator.revalidate(this, state);
- if(resp.equals(Resp.REVALIDATED))expires = System.currentTimeMillis()+timeToLive;
- return resp;
- }
+ public CachedPrincipal.Resp revalidate(Object state) {
+ Resp resp = creator.revalidate(this, state);
+ if(resp.equals(Resp.REVALIDATED))expires = System.currentTimeMillis()+timeToLive;
+ return resp;
+ }
- public long expires() {
- return expires;
- }
+ public long expires() {
+ return expires;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java
index bb6dc673..8c75701f 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java
@@ -24,30 +24,30 @@ package org.onap.aaf.cadi.principal;
import java.security.Principal;
public class Kind {
- public static final char X509 = 'X';
- public static final char OAUTH = 'O';
- public static final char AAF_OAUTH='A';
- public static final char BASIC_AUTH = 'B';
- public static final char UNKNOWN = 'U';
-
-
- public static char getKind(final Principal principal) {
- Principal check;
- if(principal instanceof TrustPrincipal) {
- check = ((TrustPrincipal)principal).original();
- } else {
- check = principal;
- }
- if(check instanceof X509Principal) {
- return X509;
- }
- if(check instanceof OAuth2FormPrincipal) {
- // Note: if AAF, will turn into 'A'
- return OAUTH;
- }
- if(check instanceof BasicPrincipal) {
- return BASIC_AUTH;
- }
- return UNKNOWN;
- }
+ public static final char X509 = 'X';
+ public static final char OAUTH = 'O';
+ public static final char AAF_OAUTH='A';
+ public static final char BASIC_AUTH = 'B';
+ public static final char UNKNOWN = 'U';
+
+
+ public static char getKind(final Principal principal) {
+ Principal check;
+ if(principal instanceof TrustPrincipal) {
+ check = ((TrustPrincipal)principal).original();
+ } else {
+ check = principal;
+ }
+ if(check instanceof X509Principal) {
+ return X509;
+ }
+ if(check instanceof OAuth2FormPrincipal) {
+ // Note: if AAF, will turn into 'A'
+ return OAUTH;
+ }
+ if(check instanceof BasicPrincipal) {
+ return BASIC_AUTH;
+ }
+ return UNKNOWN;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java
index 1df2bd3e..4d13de87 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java
@@ -22,40 +22,40 @@
package org.onap.aaf.cadi.principal;
public class OAuth2FormPrincipal extends TaggedPrincipal {
- private final String username;
- private final String client_id;
-
- /*
- * Note: client_id and username might be the same, if only authenticating the Client_ID
- */
- public OAuth2FormPrincipal(final String client_id, final String username) {
- this.username = username;
- this.client_id = client_id;
- }
-
- @Override
- public String getName() {
- return username;
- }
-
- public String client_id() {
- return client_id;
- }
+ private final String username;
+ private final String client_id;
+
+ /*
+ * Note: client_id and username might be the same, if only authenticating the Client_ID
+ */
+ public OAuth2FormPrincipal(final String client_id, final String username) {
+ this.username = username;
+ this.client_id = client_id;
+ }
+
+ @Override
+ public String getName() {
+ return username;
+ }
+
+ public String client_id() {
+ return client_id;
+ }
- @Override
- public String tag() {
- return "OAuth";
- }
+ @Override
+ public String tag() {
+ return "OAuth";
+ }
- @Override
- public String personalName() {
- if(username!=null && username!=client_id) {
- StringBuilder sb = new StringBuilder();
- sb.append(username);
- sb.append('|');
- sb.append(client_id);
- return sb.toString();
- }
- return client_id;
- }
+ @Override
+ public String personalName() {
+ if(username!=null && username!=client_id) {
+ StringBuilder sb = new StringBuilder();
+ sb.append(username);
+ sb.append('|');
+ sb.append(client_id);
+ return sb.toString();
+ }
+ return client_id;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/StringTagLookup.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/StringTagLookup.java
index a3927168..04bcf59a 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/StringTagLookup.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/StringTagLookup.java
@@ -24,12 +24,12 @@ import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.principal.TaggedPrincipal.TagLookup;
public class StringTagLookup implements TagLookup {
- private String tag;
- public StringTagLookup(final String tag) {
- this.tag = tag;
- }
- @Override
- public String lookup() throws CadiException {
- return tag;
- }
+ private String tag;
+ public StringTagLookup(final String tag) {
+ this.tag = tag;
+ }
+ @Override
+ public String lookup() throws CadiException {
+ return tag;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java
index a3b07c6c..9dddcd63 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java
@@ -26,35 +26,35 @@ import org.onap.aaf.cadi.CadiException;
public abstract class TaggedPrincipal implements Principal {
- public TaggedPrincipal() {
- tagLookup = null;
- }
-
- public TaggedPrincipal(final TagLookup tl) {
- tagLookup = tl;
- }
-
- public abstract String tag(); // String representing what kind of Authentication occurred.
-
- public interface TagLookup {
- public String lookup() throws CadiException;
- }
-
- private TagLookup tagLookup;
-
- public void setTagLookup(TagLookup tl) {
- tagLookup = tl;
- }
-
- public String personalName() {
- if(tagLookup == null) {
- return getName();
- }
- try {
- return tagLookup.lookup();
- } catch (CadiException e) {
- return getName();
- }
- }
+ public TaggedPrincipal() {
+ tagLookup = null;
+ }
+
+ public TaggedPrincipal(final TagLookup tl) {
+ tagLookup = tl;
+ }
+
+ public abstract String tag(); // String representing what kind of Authentication occurred.
+
+ public interface TagLookup {
+ public String lookup() throws CadiException;
+ }
+
+ private TagLookup tagLookup;
+
+ public void setTagLookup(TagLookup tl) {
+ tagLookup = tl;
+ }
+
+ public String personalName() {
+ if(tagLookup == null) {
+ return getName();
+ }
+ try {
+ return tagLookup.lookup();
+ } catch (CadiException e) {
+ return getName();
+ }
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java
index 09083316..5d4a0586 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java
@@ -26,45 +26,45 @@ import java.security.Principal;
import org.onap.aaf.cadi.UserChain;
public class TrustPrincipal extends BearerPrincipal implements UserChain {
- private final String name;
- private final Principal original;
- private String userChain;
-
- public TrustPrincipal(final Principal actual, final String asName) {
- this.original = actual;
- name = asName.trim();
- if(actual instanceof UserChain) {
- UserChain uc = (UserChain)actual;
- userChain = uc.userChain();
- } else if(actual instanceof TaggedPrincipal) {
- userChain=((TaggedPrincipal)actual).tag();
- } else {
- userChain = actual.getClass().getSimpleName();
- }
- }
-
- @Override
- public String getName() {
- return name;
- }
-
- @Override
- public String userChain() {
- return userChain;
- }
-
- public Principal original() {
- return original;
- }
+ private final String name;
+ private final Principal original;
+ private String userChain;
+
+ public TrustPrincipal(final Principal actual, final String asName) {
+ this.original = actual;
+ name = asName.trim();
+ if(actual instanceof UserChain) {
+ UserChain uc = (UserChain)actual;
+ userChain = uc.userChain();
+ } else if(actual instanceof TaggedPrincipal) {
+ userChain=((TaggedPrincipal)actual).tag();
+ } else {
+ userChain = actual.getClass().getSimpleName();
+ }
+ }
+
+ @Override
+ public String getName() {
+ return name;
+ }
+
+ @Override
+ public String userChain() {
+ return userChain;
+ }
+
+ public Principal original() {
+ return original;
+ }
- @Override
- public String tag() {
- return userChain;
- }
+ @Override
+ public String tag() {
+ return userChain;
+ }
- @Override
- public String personalName() {
- return original.getName() + '[' + userChain + ']';
- }
-
+ @Override
+ public String personalName() {
+ return original.getName() + '[' + userChain + ']';
+ }
+
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/UnAuthPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/UnAuthPrincipal.java
index 52f78e80..f0cacd8d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/UnAuthPrincipal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/UnAuthPrincipal.java
@@ -24,14 +24,14 @@ package org.onap.aaf.cadi.principal;
import java.security.Principal;
public class UnAuthPrincipal implements Principal {
- private String name;
-
- public UnAuthPrincipal(final String name) {
- this.name = name;
- }
- @Override
- public String getName() {
- return name;
- }
+ private String name;
+
+ public UnAuthPrincipal(final String name) {
+ this.name = name;
+ }
+ @Override
+ public String getName() {
+ return name;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java
index 200b8174..1cd114a0 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java
@@ -30,83 +30,83 @@ import org.onap.aaf.cadi.GetCred;
import org.onap.aaf.cadi.taf.basic.BasicHttpTaf;
public class X509Principal extends BearerPrincipal implements GetCred {
- private static final Pattern pattern = Pattern.compile("[a-zA-Z0-9]*\\@[a-zA-Z0-9.]*");
- private final X509Certificate cert;
- private final String name;
- private byte[] content;
- private BasicHttpTaf bht;
+ private static final Pattern pattern = Pattern.compile("[a-zA-Z0-9]*\\@[a-zA-Z0-9.]*");
+ private final X509Certificate cert;
+ private final String name;
+ private byte[] content;
+ private BasicHttpTaf bht;
- public X509Principal(String identity, X509Certificate cert) {
- name = identity;
- content = null;
- this.cert = cert;
- }
+ public X509Principal(String identity, X509Certificate cert) {
+ name = identity;
+ content = null;
+ this.cert = cert;
+ }
- public X509Principal(String identity, X509Certificate cert, byte[] content, BasicHttpTaf bht) {
- name = identity;
- this.content = content;
- this.cert = cert;
- this.bht = bht;
- }
+ public X509Principal(String identity, X509Certificate cert, byte[] content, BasicHttpTaf bht) {
+ name = identity;
+ this.content = content;
+ this.cert = cert;
+ this.bht = bht;
+ }
- public X509Principal(X509Certificate cert, byte[] content, BasicHttpTaf bht) throws IOException {
- this.content=content;
- this.cert = cert;
- String _name = null;
- String subj = cert.getSubjectDN().getName();
- int cn = subj.indexOf("OU=");
- if(cn>=0) {
- cn+=3;
- int space = subj.indexOf(',',cn);
- if(space>=0) {
- String id = subj.substring(cn, space);
- if(pattern.matcher(id).matches()) {
- _name = id;
- }
- }
- }
- if(_name==null) {
- throw new IOException("X509 does not have Identity as CN");
- }
- name = _name;
- this.bht = bht;
- }
-
- public String getAsHeader() throws IOException {
- try {
- if(content==null) {
- content=cert.getEncoded();
- }
- } catch (CertificateEncodingException e) {
- throw new IOException(e);
- }
- return "X509 " + content;
- }
-
- public String toString() {
- return "X509 Authentication for " + name;
- }
+ public X509Principal(X509Certificate cert, byte[] content, BasicHttpTaf bht) throws IOException {
+ this.content=content;
+ this.cert = cert;
+ String _name = null;
+ String subj = cert.getSubjectDN().getName();
+ int cn = subj.indexOf("OU=");
+ if(cn>=0) {
+ cn+=3;
+ int space = subj.indexOf(',',cn);
+ if(space>=0) {
+ String id = subj.substring(cn, space);
+ if(pattern.matcher(id).matches()) {
+ _name = id;
+ }
+ }
+ }
+ if(_name==null) {
+ throw new IOException("X509 does not have Identity as CN");
+ }
+ name = _name;
+ this.bht = bht;
+ }
+
+ public String getAsHeader() throws IOException {
+ try {
+ if(content==null) {
+ content=cert.getEncoded();
+ }
+ } catch (CertificateEncodingException e) {
+ throw new IOException(e);
+ }
+ return "X509 " + content;
+ }
+
+ public String toString() {
+ return "X509 Authentication for " + name;
+ }
- public byte[] getCred() {
- try {
- return content==null?(content=cert.getEncoded()):content;
- } catch (CertificateEncodingException e) {
- return null;
- }
- }
+ public byte[] getCred() {
+ try {
+ return content==null?(content=cert.getEncoded()):content;
+ } catch (CertificateEncodingException e) {
+ return null;
+ }
+ }
- public String getName() {
- return name;
- }
+ public String getName() {
+ return name;
+ }
- @Override
- public String tag() {
- return "x509";
- }
+ @Override
+ public String tag() {
+ return "x509";
+ }
- public BasicHttpTaf getBasicHttpTaf() {
- return bht;
- }
+ public BasicHttpTaf getBasicHttpTaf() {
+ return bht;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java
index fb54abdb..b3ac0945 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java
@@ -35,102 +35,102 @@ import org.onap.aaf.cadi.util.Timing;
*/
public abstract class AbsTafResp implements TafResp {
- protected final Access access;
- protected final String tafName;
- protected final TaggedPrincipal principal;
- protected final String desc;
- private float timing;
+ protected final Access access;
+ protected final String tafName;
+ protected final TaggedPrincipal principal;
+ protected final String desc;
+ private float timing;
- /**
- * AbsTafResp
- *
- * Set and hold
- * Description (for logging)
- * Principal (as created by derived class)
- * Access (for access to underlying container, i.e. for Logging, auditing, ClassLoaders, etc)
- *
- * @param access
- * @param tafname
- * @param principal
- * @param description
- */
- public AbsTafResp(Access access, String tafname, TaggedPrincipal principal, String description) {
- this.access = access;
- this.tafName = tafname;
- this.principal = principal;
- this.desc = description;
- }
+ /**
+ * AbsTafResp
+ *
+ * Set and hold
+ * Description (for logging)
+ * Principal (as created by derived class)
+ * Access (for access to underlying container, i.e. for Logging, auditing, ClassLoaders, etc)
+ *
+ * @param access
+ * @param tafname
+ * @param principal
+ * @param description
+ */
+ public AbsTafResp(Access access, String tafname, TaggedPrincipal principal, String description) {
+ this.access = access;
+ this.tafName = tafname;
+ this.principal = principal;
+ this.desc = description;
+ }
- /**
- * isValid()
- *
- * Respond in the affirmative if the TAF was able to Authenticate
- */
- public boolean isValid() {
- return principal != null;
- }
+ /**
+ * isValid()
+ *
+ * Respond in the affirmative if the TAF was able to Authenticate
+ */
+ public boolean isValid() {
+ return principal != null;
+ }
- /**
- * desc()
- *
- * Respond with description of response as given by the TAF
- */
- public String desc() {
- return desc;
- }
+ /**
+ * desc()
+ *
+ * Respond with description of response as given by the TAF
+ */
+ public String desc() {
+ return desc;
+ }
- /**
- * isAuthenticated()
- *
- * Respond with the TAF's code of whether Authenticated, or suggested next steps
- * default is either IS_AUTHENTICATED, or TRY_ANOTHER_TAF. The TAF can overload
- * and suggest others, such as "NO_FURTHER_PROCESSING", if it can detect that this
- * is some sort of security breach (i.e. Denial of Service)
- */
- public RESP isAuthenticated() {
- return principal==null?RESP.TRY_ANOTHER_TAF:RESP.IS_AUTHENTICATED;
- }
+ /**
+ * isAuthenticated()
+ *
+ * Respond with the TAF's code of whether Authenticated, or suggested next steps
+ * default is either IS_AUTHENTICATED, or TRY_ANOTHER_TAF. The TAF can overload
+ * and suggest others, such as "NO_FURTHER_PROCESSING", if it can detect that this
+ * is some sort of security breach (i.e. Denial of Service)
+ */
+ public RESP isAuthenticated() {
+ return principal==null?RESP.TRY_ANOTHER_TAF:RESP.IS_AUTHENTICATED;
+ }
- /**
- * getPrincipal()
- *
- * Return the principal created by the TAF based on Authentication.
- *
- * Returns "null" if Authentication failed (no principal)
- */
- public TaggedPrincipal getPrincipal() {
- return principal;
- }
+ /**
+ * getPrincipal()
+ *
+ * Return the principal created by the TAF based on Authentication.
+ *
+ * Returns "null" if Authentication failed (no principal)
+ */
+ public TaggedPrincipal getPrincipal() {
+ return principal;
+ }
- /**
- * getAccess()
- *
- * Get the Access object from the TAF, so that appropriate Logging, etc can be coordinated.
- */
- public Access getAccess() {
- return access;
- }
+ /**
+ * getAccess()
+ *
+ * Get the Access object from the TAF, so that appropriate Logging, etc can be coordinated.
+ */
+ public Access getAccess() {
+ return access;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.taf.TafResp#isFailedAttempt()
- */
- public boolean isFailedAttempt() {
- return false;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.taf.TafResp#isFailedAttempt()
+ */
+ public boolean isFailedAttempt() {
+ return false;
+ }
- @Override
- public float timing() {
- return timing;
- }
-
- @Override
- public void timing(final long start) {
- timing = Timing.millis(start);
- }
+ @Override
+ public float timing() {
+ return timing;
+ }
+
+ @Override
+ public void timing(final long start) {
+ timing = Timing.millis(start);
+ }
- @Override
- public String taf() {
- return tafName;
- }
+ @Override
+ public String taf() {
+ return tafName;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java
index d772d493..b248e553 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java
@@ -36,49 +36,49 @@ import org.onap.aaf.cadi.Taf;
*
*/
public class EpiTaf implements Taf {
- private Taf[] tafs;
-
- /**
- * EpiTaf constructor
- *
- * Construct the EpiTaf from variable TAF parameters
- * @param tafs
- * @throws CadiException
- */
- public EpiTaf(Taf ... tafs) throws CadiException{
- this.tafs = tafs;
- if(tafs.length==0) throw new CadiException("Need at least one Taf implementation in constructor");
- }
+ private Taf[] tafs;
+
+ /**
+ * EpiTaf constructor
+ *
+ * Construct the EpiTaf from variable TAF parameters
+ * @param tafs
+ * @throws CadiException
+ */
+ public EpiTaf(Taf ... tafs) throws CadiException{
+ this.tafs = tafs;
+ if(tafs.length==0) throw new CadiException("Need at least one Taf implementation in constructor");
+ }
- /**
- * validate
- *
- * Respond with the first TAF to authenticate user based on variable info and "LifeForm" (is it
- * a human behind an interface, or a server behind a protocol).
- *
- * If there is no TAF that can authenticate, respond with the first TAF that suggests it can
- * establish an Authentication conversation (TRY_AUTHENTICATING).
- *
- * If no TAF declares either, respond with NullTafResp (which denies all questions)
- */
- public TafResp validate(LifeForm reading, String... info) {
- TafResp tresp,firstTryAuth=null;
- for(Taf taf : tafs) {
- tresp = taf.validate(reading, info);
- switch(tresp.isAuthenticated()) {
- case TRY_ANOTHER_TAF:
- break;
- case TRY_AUTHENTICATING:
- if(firstTryAuth==null)firstTryAuth=tresp;
- break;
- default:
- return tresp;
- }
- }
+ /**
+ * validate
+ *
+ * Respond with the first TAF to authenticate user based on variable info and "LifeForm" (is it
+ * a human behind an interface, or a server behind a protocol).
+ *
+ * If there is no TAF that can authenticate, respond with the first TAF that suggests it can
+ * establish an Authentication conversation (TRY_AUTHENTICATING).
+ *
+ * If no TAF declares either, respond with NullTafResp (which denies all questions)
+ */
+ public TafResp validate(LifeForm reading, String... info) {
+ TafResp tresp,firstTryAuth=null;
+ for(Taf taf : tafs) {
+ tresp = taf.validate(reading, info);
+ switch(tresp.isAuthenticated()) {
+ case TRY_ANOTHER_TAF:
+ break;
+ case TRY_AUTHENTICATING:
+ if(firstTryAuth==null)firstTryAuth=tresp;
+ break;
+ default:
+ return tresp;
+ }
+ }
- // No TAFs configured, at this point. It is safer at this point to be "not validated",
- // rather than "let it go"
- return firstTryAuth == null?NullTafResp.singleton():firstTryAuth;
- }
+ // No TAFs configured, at this point. It is safer at this point to be "not validated",
+ // rather than "let it go"
+ return firstTryAuth == null?NullTafResp.singleton():firstTryAuth;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java
index 1d7967e3..b0f56603 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java
@@ -47,168 +47,168 @@ import org.onap.aaf.cadi.TrustChecker;
*
*/
public class HttpEpiTaf implements HttpTaf {
- private HttpTaf[] tafs;
- private Access access;
- private Locator<URI> locator;
- private TrustChecker trustChecker;
-
- /**
- * HttpEpiTaf constructor
- *
- * Construct the HttpEpiTaf from variable Http specific TAF parameters
-
- * @param tafs
- * @throws CadiException
- */
- public HttpEpiTaf(Access access, Locator<URI> locator, TrustChecker tc, HttpTaf ... tafs) throws CadiException{
- this.tafs = tafs;
- this.access = access;
- this.locator = locator;
- this.trustChecker = tc;
- // Establish what Header Property to look for UserChain/Trust Props
-
- if (tafs.length == 0) {
- throw new CadiException("Need at least one HttpTaf implementation in constructor");
- }
- }
-
- /**
- * validate
- *
- * Respond with the first Http specific TAF to authenticate user based on variable info
- * and "LifeForm" (is it a human behind a browser, or a server utilizing HTTP Protocol).
- *
- * If there is no HttpTAF that can authenticate, respond with the first TAF that suggests it can
- * establish an Authentication conversation (TRY_AUTHENTICATING) (Examples include a redirect to CSP
- * Servers for CSP Cookie, or BasicAuth 401 response, suggesting User/Password for given Realm
- * submission
- *
- * If no TAF declares either, respond with NullTafResp (which denies all questions)
- */
- public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
- // Given a LifeForm Neutral, for HTTP, we need to discover true Life-Form Readings
- if (reading == LifeForm.LFN) {
- reading = tricorderScan(req);
- }
- TafResp tresp = null;
- TafResp firstTry = null;
- List<Redirectable> redirectables = null;
- List<TafResp> log;
- if(access.willLog(Level.DEBUG)) {
- log = new ArrayList<>();
- } else {
- log = null;
- }
- try {
- for (HttpTaf taf : tafs) {
- final long start = System.nanoTime();
- tresp = taf.validate(reading, req, resp);
- addToLog(log, tresp, start);
- switch(tresp.isAuthenticated()) {
- case TRY_ANOTHER_TAF:
- break; // and loop
- case TRY_AUTHENTICATING:
- if (tresp instanceof Redirectable) {
- if (redirectables == null) {
- redirectables = new ArrayList<>();
- }
- redirectables.add((Redirectable)tresp);
- } else if (firstTry == null) {
- firstTry = tresp;
- }
- break;
- case IS_AUTHENTICATED:
- tresp = trustChecker.mayTrust(tresp, req);
- return tresp;
- default:
- return tresp;
- }
- }
- } finally {
- printLog(log);
- }
-
- // If No TAFs configured, at this point. It is safer at this point to be "not validated",
- // rather than "let it go"
- // Note: if exists, there will always be more than 0 entries, according to above code
- if (redirectables == null) {
- return (firstTry != null) ? firstTry : NullTafResp.singleton();
- }
-
- // If there is one Tryable entry then return it
- if (redirectables.size() > 1) {
- return LoginPageTafResp.create(access, locator, resp, redirectables);
- } else {
- return redirectables.get(0);
- }
- }
-
- public boolean revalidate(Principal prin) throws Exception {
- return false;
- }
-
- /*
- * Since this is internal, we use a little Star Trek humor to indicate looking in the HTTP Request to see if we can determine what kind
- * of "LifeForm" reading we can determine, i.e. is there a Human (CarbonBasedLifeForm) behind a browser, or is it mechanical
- * id (SiliconBasedLifeForm)? This makes a difference in some Authentication, i.e CSP, which doesn't work well for SBLFs
- */
- private LifeForm tricorderScan(HttpServletRequest req) {
- // For simplicity's sake, we'll say Humans use FQDNs, not IPs.
-
- // Current guess that only Browsers bother to set "Agent" codes that identify the kind of browser they are.
- // If mechanical frameworks are found that populate this, then more advanced analysis may be required
- // Jonathan 1/22/2013
- String agent = req.getHeader("User-Agent");
- if (agent != null && agent.startsWith("Mozilla")) { // covers I.E./Firefox/Safari/probably any other "advanced" Browser see http://en.wikipedia.org/wiki/User_agent
- return LifeForm.CBLF;
- }
- return LifeForm.SBLF; // notably skips "curl","wget", (which is desired behavior. We don't want to try CSP, etc on these)
- }
-
- public Resp revalidate(CachedPrincipal prin, Object state) {
- Resp resp;
- for (HttpTaf taf : tafs) {
- resp = taf.revalidate(prin, state);
- if (resp != Resp.NOT_MINE) {
- return resp;
- }
-// switch(resp) {
-// case NOT_MINE:
-// break;
-// default:
-// return resp;
-// }
- }
- return Resp.NOT_MINE;
- }
-
- private void addToLog(List<TafResp> log, final TafResp tresp, final long start) {
- if (log == null) {
- return;
- }
- tresp.timing(start);
- log.add(tresp);
- }
-
- private void printLog(List<TafResp> log) {
- if (log == null) {
- return;
- }
- for (TafResp tresp : log) {
- access.printf(Level.DEBUG, "%s: %s, ms=%f", tresp.taf(), tresp.desc(), tresp.timing());
- }
- }
-
- /**
- * List HttpTafs with their "toString" representations... primarily useful for Debugging in an IDE
- * like Eclipse.
- */
- public String toString() {
- StringBuilder sb = new StringBuilder();
- for (HttpTaf ht : tafs) {
- sb.append(ht.toString());
- sb.append(". ");
- }
- return sb.toString();
- }
+ private HttpTaf[] tafs;
+ private Access access;
+ private Locator<URI> locator;
+ private TrustChecker trustChecker;
+
+ /**
+ * HttpEpiTaf constructor
+ *
+ * Construct the HttpEpiTaf from variable Http specific TAF parameters
+
+ * @param tafs
+ * @throws CadiException
+ */
+ public HttpEpiTaf(Access access, Locator<URI> locator, TrustChecker tc, HttpTaf ... tafs) throws CadiException{
+ this.tafs = tafs;
+ this.access = access;
+ this.locator = locator;
+ this.trustChecker = tc;
+ // Establish what Header Property to look for UserChain/Trust Props
+
+ if (tafs.length == 0) {
+ throw new CadiException("Need at least one HttpTaf implementation in constructor");
+ }
+ }
+
+ /**
+ * validate
+ *
+ * Respond with the first Http specific TAF to authenticate user based on variable info
+ * and "LifeForm" (is it a human behind a browser, or a server utilizing HTTP Protocol).
+ *
+ * If there is no HttpTAF that can authenticate, respond with the first TAF that suggests it can
+ * establish an Authentication conversation (TRY_AUTHENTICATING) (Examples include a redirect to CSP
+ * Servers for CSP Cookie, or BasicAuth 401 response, suggesting User/Password for given Realm
+ * submission
+ *
+ * If no TAF declares either, respond with NullTafResp (which denies all questions)
+ */
+ public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
+ // Given a LifeForm Neutral, for HTTP, we need to discover true Life-Form Readings
+ if (reading == LifeForm.LFN) {
+ reading = tricorderScan(req);
+ }
+ TafResp tresp = null;
+ TafResp firstTry = null;
+ List<Redirectable> redirectables = null;
+ List<TafResp> log;
+ if(access.willLog(Level.DEBUG)) {
+ log = new ArrayList<>();
+ } else {
+ log = null;
+ }
+ try {
+ for (HttpTaf taf : tafs) {
+ final long start = System.nanoTime();
+ tresp = taf.validate(reading, req, resp);
+ addToLog(log, tresp, start);
+ switch(tresp.isAuthenticated()) {
+ case TRY_ANOTHER_TAF:
+ break; // and loop
+ case TRY_AUTHENTICATING:
+ if (tresp instanceof Redirectable) {
+ if (redirectables == null) {
+ redirectables = new ArrayList<>();
+ }
+ redirectables.add((Redirectable)tresp);
+ } else if (firstTry == null) {
+ firstTry = tresp;
+ }
+ break;
+ case IS_AUTHENTICATED:
+ tresp = trustChecker.mayTrust(tresp, req);
+ return tresp;
+ default:
+ return tresp;
+ }
+ }
+ } finally {
+ printLog(log);
+ }
+
+ // If No TAFs configured, at this point. It is safer at this point to be "not validated",
+ // rather than "let it go"
+ // Note: if exists, there will always be more than 0 entries, according to above code
+ if (redirectables == null) {
+ return (firstTry != null) ? firstTry : NullTafResp.singleton();
+ }
+
+ // If there is one Tryable entry then return it
+ if (redirectables.size() > 1) {
+ return LoginPageTafResp.create(access, locator, resp, redirectables);
+ } else {
+ return redirectables.get(0);
+ }
+ }
+
+ public boolean revalidate(Principal prin) throws Exception {
+ return false;
+ }
+
+ /*
+ * Since this is internal, we use a little Star Trek humor to indicate looking in the HTTP Request to see if we can determine what kind
+ * of "LifeForm" reading we can determine, i.e. is there a Human (CarbonBasedLifeForm) behind a browser, or is it mechanical
+ * id (SiliconBasedLifeForm)? This makes a difference in some Authentication, i.e CSP, which doesn't work well for SBLFs
+ */
+ private LifeForm tricorderScan(HttpServletRequest req) {
+ // For simplicity's sake, we'll say Humans use FQDNs, not IPs.
+
+ // Current guess that only Browsers bother to set "Agent" codes that identify the kind of browser they are.
+ // If mechanical frameworks are found that populate this, then more advanced analysis may be required
+ // Jonathan 1/22/2013
+ String agent = req.getHeader("User-Agent");
+ if (agent != null && agent.startsWith("Mozilla")) { // covers I.E./Firefox/Safari/probably any other "advanced" Browser see http://en.wikipedia.org/wiki/User_agent
+ return LifeForm.CBLF;
+ }
+ return LifeForm.SBLF; // notably skips "curl","wget", (which is desired behavior. We don't want to try CSP, etc on these)
+ }
+
+ public Resp revalidate(CachedPrincipal prin, Object state) {
+ Resp resp;
+ for (HttpTaf taf : tafs) {
+ resp = taf.revalidate(prin, state);
+ if (resp != Resp.NOT_MINE) {
+ return resp;
+ }
+// switch(resp) {
+// case NOT_MINE:
+// break;
+// default:
+// return resp;
+// }
+ }
+ return Resp.NOT_MINE;
+ }
+
+ private void addToLog(List<TafResp> log, final TafResp tresp, final long start) {
+ if (log == null) {
+ return;
+ }
+ tresp.timing(start);
+ log.add(tresp);
+ }
+
+ private void printLog(List<TafResp> log) {
+ if (log == null) {
+ return;
+ }
+ for (TafResp tresp : log) {
+ access.printf(Level.DEBUG, "%s: %s, ms=%f", tresp.taf(), tresp.desc(), tresp.timing());
+ }
+ }
+
+ /**
+ * List HttpTafs with their "toString" representations... primarily useful for Debugging in an IDE
+ * like Eclipse.
+ */
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ for (HttpTaf ht : tafs) {
+ sb.append(ht.toString());
+ sb.append(". ");
+ }
+ return sb.toString();
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpTaf.java
index 9484458c..77976ce2 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpTaf.java
@@ -38,23 +38,23 @@ import org.onap.aaf.cadi.Taf.LifeForm;
*
*/
public interface HttpTaf {
- /**
- * validate
- *
- * Validate the Request, and respond with created TafResp object.
- *
- * @param reading
- * @param req
- * @param resp
- * @return
- */
- public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp);
-
- /**
- * Re-Validate Credential
- *
- * @param prin
- * @return
- */
- public CachedPrincipal.Resp revalidate(CachedPrincipal prin,Object state);
+ /**
+ * validate
+ *
+ * Validate the Request, and respond with created TafResp object.
+ *
+ * @param reading
+ * @param req
+ * @param resp
+ * @return
+ */
+ public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp);
+
+ /**
+ * Re-Validate Credential
+ *
+ * @param prin
+ * @return
+ */
+ public CachedPrincipal.Resp revalidate(CachedPrincipal prin,Object state);
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/LoginPageTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/LoginPageTafResp.java
index c8abec0a..a5ce45b7 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/LoginPageTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/LoginPageTafResp.java
@@ -33,68 +33,68 @@ import org.onap.aaf.cadi.Access.Level;
import org.onap.aaf.cadi.Locator.Item;
public class LoginPageTafResp extends AbsTafResp {
- private final HttpServletResponse httpResp;
- private final String loginPageURL;
+ private final HttpServletResponse httpResp;
+ private final String loginPageURL;
- private LoginPageTafResp(Access access, final HttpServletResponse resp, String loginPageURL) {
- super(access, "LoginPage", null, "Multiple Possible HTTP Logins available. Redirecting to Login Choice Page");
- httpResp = resp;
- this.loginPageURL = loginPageURL;
- }
+ private LoginPageTafResp(Access access, final HttpServletResponse resp, String loginPageURL) {
+ super(access, "LoginPage", null, "Multiple Possible HTTP Logins available. Redirecting to Login Choice Page");
+ httpResp = resp;
+ this.loginPageURL = loginPageURL;
+ }
- @Override
- public RESP authenticate() throws IOException {
- httpResp.sendRedirect(loginPageURL);
- return RESP.HTTP_REDIRECT_INVOKED;
- }
-
- @Override
- public RESP isAuthenticated() {
- return RESP.TRY_AUTHENTICATING;
- }
-
- public static TafResp create(Access access, Locator<URI> locator, final HttpServletResponse resp, List<Redirectable> redirectables) {
- if (locator == null) {
- if (!redirectables.isEmpty()) {
- access.log(Level.DEBUG,"LoginPage Locator is not configured. Taking first Redirectable Taf");
- return redirectables.get(0);
- }
- return NullTafResp.singleton();
- }
+ @Override
+ public RESP authenticate() throws IOException {
+ httpResp.sendRedirect(loginPageURL);
+ return RESP.HTTP_REDIRECT_INVOKED;
+ }
+
+ @Override
+ public RESP isAuthenticated() {
+ return RESP.TRY_AUTHENTICATING;
+ }
+
+ public static TafResp create(Access access, Locator<URI> locator, final HttpServletResponse resp, List<Redirectable> redirectables) {
+ if (locator == null) {
+ if (!redirectables.isEmpty()) {
+ access.log(Level.DEBUG,"LoginPage Locator is not configured. Taking first Redirectable Taf");
+ return redirectables.get(0);
+ }
+ return NullTafResp.singleton();
+ }
- try {
- Item item = locator.best();
- URI uri = locator.get(item);
- if (uri == null) {
- return NullTafResp.singleton();
- }
+ try {
+ Item item = locator.best();
+ URI uri = locator.get(item);
+ if (uri == null) {
+ return NullTafResp.singleton();
+ }
- StringBuilder sb = new StringBuilder(uri.toString());
- String query = uri.getQuery();
- boolean first = ((query == null) || (query.length() == 0));
- for (Redirectable redir : redirectables) {
- if (first) {
- sb.append('?');
- first = false;
- }
- else {
- sb.append('&');
- }
- sb.append(redir.get());
- }
- if (!redirectables.isEmpty()) {
- return new LoginPageTafResp(access, resp, sb.toString());
- }
- } catch (Exception e) {
- access.log(e, "Error deriving Login Page location");
- }
+ StringBuilder sb = new StringBuilder(uri.toString());
+ String query = uri.getQuery();
+ boolean first = ((query == null) || (query.length() == 0));
+ for (Redirectable redir : redirectables) {
+ if (first) {
+ sb.append('?');
+ first = false;
+ }
+ else {
+ sb.append('&');
+ }
+ sb.append(redir.get());
+ }
+ if (!redirectables.isEmpty()) {
+ return new LoginPageTafResp(access, resp, sb.toString());
+ }
+ } catch (Exception e) {
+ access.log(e, "Error deriving Login Page location");
+ }
- return NullTafResp.singleton();
- }
-
- @Override
- public String taf() {
- return "LoginPage";
- }
+ return NullTafResp.singleton();
+ }
+
+ @Override
+ public String taf() {
+ return "LoginPage";
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTaf.java
index e8293faa..7e834794 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTaf.java
@@ -37,28 +37,28 @@ import org.onap.aaf.cadi.CachedPrincipal.Resp;
*
*/
public class NullTaf implements Taf, HttpTaf {
- // Singleton Pattern
- public NullTaf() {}
+ // Singleton Pattern
+ public NullTaf() {}
- /**
- * validate
- *
- * Always Respond with a NullTafResp, which declares it is unauthenticated, and unauthorized
- */
- public TafResp validate(LifeForm reading, String... info) {
- return NullTafResp.singleton();
- }
+ /**
+ * validate
+ *
+ * Always Respond with a NullTafResp, which declares it is unauthenticated, and unauthorized
+ */
+ public TafResp validate(LifeForm reading, String... info) {
+ return NullTafResp.singleton();
+ }
- /**
- * validate
- *
- * Always Respond with a NullTafResp, which declares it is unauthenticated, and unauthorized
- */
- public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
- return NullTafResp.singleton();
- }
+ /**
+ * validate
+ *
+ * Always Respond with a NullTafResp, which declares it is unauthenticated, and unauthorized
+ */
+ public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
+ return NullTafResp.singleton();
+ }
- public Resp revalidate(CachedPrincipal prin, Object state) {
- return Resp.NOT_MINE;
- }
+ public Resp revalidate(CachedPrincipal prin, Object state) {
+ return Resp.NOT_MINE;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java
index af6ef9cc..a3c8f5bb 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java
@@ -32,57 +32,57 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
*
*/
class NullTafResp implements TafResp {
- private NullTafResp(){}
-
- private static TafResp singleton = new NullTafResp();
-
- public static TafResp singleton() {
- return singleton;
- }
-
- public boolean isValid() {
- return false;
- }
-
- public RESP isAuthenticated() {
- return RESP.NO_FURTHER_PROCESSING;
- }
-
- public String desc() {
- return "All Authentication denied";
- }
-
- public RESP authenticate() throws IOException {
- return RESP.NO_FURTHER_PROCESSING;
- }
+ private NullTafResp(){}
+
+ private static TafResp singleton = new NullTafResp();
+
+ public static TafResp singleton() {
+ return singleton;
+ }
+
+ public boolean isValid() {
+ return false;
+ }
+
+ public RESP isAuthenticated() {
+ return RESP.NO_FURTHER_PROCESSING;
+ }
+
+ public String desc() {
+ return "All Authentication denied";
+ }
+
+ public RESP authenticate() throws IOException {
+ return RESP.NO_FURTHER_PROCESSING;
+ }
- public TaggedPrincipal getPrincipal() {
- return null;
- }
+ public TaggedPrincipal getPrincipal() {
+ return null;
+ }
- public Access getAccess() {
- return Access.NULL;
- }
+ public Access getAccess() {
+ return Access.NULL;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.taf.TafResp#isFailedAttempt()
- */
- public boolean isFailedAttempt() {
- return true;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.taf.TafResp#isFailedAttempt()
+ */
+ public boolean isFailedAttempt() {
+ return true;
+ }
- @Override
- public float timing() {
- return 0;
- }
+ @Override
+ public float timing() {
+ return 0;
+ }
- @Override
- public void timing(long start) {
- }
-
- @Override
- public String taf() {
- return "NULL";
- }
+ @Override
+ public void timing(long start) {
+ }
+
+ @Override
+ public String taf() {
+ return "NULL";
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java
index a38c8532..e6555051 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java
@@ -34,56 +34,56 @@ import org.onap.aaf.cadi.util.Timing;
*
*/
public class PuntTafResp implements TafResp {
- private final String name;
- private final String desc;
- private float timing;
+ private final String name;
+ private final String desc;
+ private float timing;
- public PuntTafResp(String name, String explanation) {
- this.name = name;
- desc = "Not processing this transaction: " + explanation;
- }
-
- public boolean isValid() {
- return false;
- }
-
- public RESP isAuthenticated() {
- return RESP.TRY_ANOTHER_TAF;
- }
-
- public String desc() {
- return desc;
- }
-
- public RESP authenticate() throws IOException {
- return RESP.TRY_ANOTHER_TAF;
- }
+ public PuntTafResp(String name, String explanation) {
+ this.name = name;
+ desc = "Not processing this transaction: " + explanation;
+ }
+
+ public boolean isValid() {
+ return false;
+ }
+
+ public RESP isAuthenticated() {
+ return RESP.TRY_ANOTHER_TAF;
+ }
+
+ public String desc() {
+ return desc;
+ }
+
+ public RESP authenticate() throws IOException {
+ return RESP.TRY_ANOTHER_TAF;
+ }
- public TaggedPrincipal getPrincipal() {
- return null;
- }
+ public TaggedPrincipal getPrincipal() {
+ return null;
+ }
- public Access getAccess() {
- return NullTafResp.singleton().getAccess();
- }
+ public Access getAccess() {
+ return NullTafResp.singleton().getAccess();
+ }
- public boolean isFailedAttempt() {
- return false;
- }
+ public boolean isFailedAttempt() {
+ return false;
+ }
- @Override
- public float timing() {
- return timing;
- }
+ @Override
+ public float timing() {
+ return timing;
+ }
- @Override
- public void timing(long start) {
- timing = Timing.millis(start);
- }
-
- @Override
- public String taf() {
- return name;
- }
+ @Override
+ public void timing(long start) {
+ timing = Timing.millis(start);
+ }
+
+ @Override
+ public String taf() {
+ return name;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/Redirectable.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/Redirectable.java
index 8dc5c118..47c262b0 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/Redirectable.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/Redirectable.java
@@ -22,10 +22,10 @@
package org.onap.aaf.cadi.taf;
public interface Redirectable extends TafResp {
- /**
- * Create a Redirectable URL entry prefaced by a URLEncoder.String for a Menu
- * example:
- * "Global Login=https://xxxx....."
- */
- public String get();
+ /**
+ * Create a Redirectable URL entry prefaced by a URLEncoder.String for a Menu
+ * example:
+ * "Global Login=https://xxxx....."
+ */
+ public String get();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TafResp.java
index acade37a..f3afde72 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TafResp.java
@@ -34,78 +34,78 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
*
*/
public interface TafResp {
- public static enum RESP {
- IS_AUTHENTICATED,
- NO_FURTHER_PROCESSING,
- TRY_AUTHENTICATING,
- TRY_ANOTHER_TAF,
- FAIL,
- // A note was made to avoid the response REDIRECT. However, I have deemed that it is
- // unavoidable when the underlying TAF did do a REDIRECT, because it requires a HTTP
- // Service code to exit without modifying the Response any further.
- // Therefore, I have changed this to indicate what HAS happened, with should accommodate
- // both positions. Jonathan 10/18/2012
-// public static final int HTTP_REDIRECT_INVOKED = 11;
- HTTP_REDIRECT_INVOKED,
- HAS_PROCESSED};
-
- /**
- * Basic success check
- * @return
- */
- public boolean isValid();
-
- /**
- * String description of what has occurred (for logging/exceptions)
- * @return
- */
- public String desc();
-
- /**
- * Check Response
- * @return
- */
- public RESP isAuthenticated();
+ public static enum RESP {
+ IS_AUTHENTICATED,
+ NO_FURTHER_PROCESSING,
+ TRY_AUTHENTICATING,
+ TRY_ANOTHER_TAF,
+ FAIL,
+ // A note was made to avoid the response REDIRECT. However, I have deemed that it is
+ // unavoidable when the underlying TAF did do a REDIRECT, because it requires a HTTP
+ // Service code to exit without modifying the Response any further.
+ // Therefore, I have changed this to indicate what HAS happened, with should accommodate
+ // both positions. Jonathan 10/18/2012
+// public static final int HTTP_REDIRECT_INVOKED = 11;
+ HTTP_REDIRECT_INVOKED,
+ HAS_PROCESSED};
+
+ /**
+ * Basic success check
+ * @return
+ */
+ public boolean isValid();
+
+ /**
+ * String description of what has occurred (for logging/exceptions)
+ * @return
+ */
+ public String desc();
+
+ /**
+ * Check Response
+ * @return
+ */
+ public RESP isAuthenticated();
- /**
- * Authenticate, returning FAIL or Other Valid indication
- *
- * HTTP implementations should watch for "HTTP_REDIRECT_INVOKED", and end the HTTP call appropriately.
- * @return
- * @throws CadiException
- */
- public RESP authenticate() throws IOException;
+ /**
+ * Authenticate, returning FAIL or Other Valid indication
+ *
+ * HTTP implementations should watch for "HTTP_REDIRECT_INVOKED", and end the HTTP call appropriately.
+ * @return
+ * @throws CadiException
+ */
+ public RESP authenticate() throws IOException;
- /**
- * Once authenticated, this object should hold a Principal created from the authorization
- * @return
- */
- public TaggedPrincipal getPrincipal();
+ /**
+ * Once authenticated, this object should hold a Principal created from the authorization
+ * @return
+ */
+ public TaggedPrincipal getPrincipal();
- /**
- * get the Access object which created this object, allowing the responder to appropriate Log, etc
- */
- public Access getAccess();
-
- /**
- * Be able to check if part of a Failed attempt
- */
- public boolean isFailedAttempt();
-
- /**
- * report how long this took
- * @return
- */
- public float timing();
+ /**
+ * get the Access object which created this object, allowing the responder to appropriate Log, etc
+ */
+ public Access getAccess();
+
+ /**
+ * Be able to check if part of a Failed attempt
+ */
+ public boolean isFailedAttempt();
+
+ /**
+ * report how long this took
+ * @return
+ */
+ public float timing();
- /**
- * Set end of timing in Millis, given Nanos
- * @param start
- */
- void timing(long start);
-
- /**
- * Support Taf Name
- */
- String taf();
+ /**
+ * Set end of timing in Millis, given Nanos
+ * @param start
+ */
+ void timing(long start);
+
+ /**
+ * Support Taf Name
+ */
+ String taf();
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java
index 98ead3ca..6b8adeb8 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java
@@ -28,67 +28,67 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
import org.onap.aaf.cadi.util.Timing;
public class TrustNotTafResp implements TafResp {
- private final TafResp delegate;
- private final String desc;
- private float timing;
-
- public TrustNotTafResp(final TafResp delegate, final String desc) {
- this.delegate = delegate;
- this.desc = desc;
- }
-
- @Override
- public boolean isValid() {
- return false;
- }
+ private final TafResp delegate;
+ private final String desc;
+ private float timing;
+
+ public TrustNotTafResp(final TafResp delegate, final String desc) {
+ this.delegate = delegate;
+ this.desc = desc;
+ }
+
+ @Override
+ public boolean isValid() {
+ return false;
+ }
- @Override
- public String desc() {
- return desc;
- }
+ @Override
+ public String desc() {
+ return desc;
+ }
- @Override
- public RESP isAuthenticated() {
- return RESP.NO_FURTHER_PROCESSING;
- }
+ @Override
+ public RESP isAuthenticated() {
+ return RESP.NO_FURTHER_PROCESSING;
+ }
- @Override
- public RESP authenticate() throws IOException {
- return RESP.NO_FURTHER_PROCESSING;
- }
+ @Override
+ public RESP authenticate() throws IOException {
+ return RESP.NO_FURTHER_PROCESSING;
+ }
- @Override
- public TaggedPrincipal getPrincipal() {
- return delegate.getPrincipal();
- }
+ @Override
+ public TaggedPrincipal getPrincipal() {
+ return delegate.getPrincipal();
+ }
- @Override
- public Access getAccess() {
- return delegate.getAccess();
- }
+ @Override
+ public Access getAccess() {
+ return delegate.getAccess();
+ }
- @Override
- public boolean isFailedAttempt() {
- return true;
- }
- @Override
- public float timing() {
- return timing;
- }
+ @Override
+ public boolean isFailedAttempt() {
+ return true;
+ }
+ @Override
+ public float timing() {
+ return timing;
+ }
- @Override
- public void timing(long start) {
- timing = Timing.millis(start);
- }
-
- @Override
- public String toString() {
- return desc();
- }
-
- @Override
- public String taf() {
- return "TrustNot";
- }
+ @Override
+ public void timing(long start) {
+ timing = Timing.millis(start);
+ }
+
+ @Override
+ public String toString() {
+ return desc();
+ }
+
+ @Override
+ public String taf() {
+ return "TrustNot";
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java
index 9d3b28ca..91f9f8c4 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java
@@ -28,68 +28,68 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
import org.onap.aaf.cadi.util.Timing;
public class TrustTafResp implements TafResp {
- private final TafResp delegate;
- private final TaggedPrincipal principal;
- private final String desc;
- private float timing;
-
- public TrustTafResp(final TafResp delegate, final TaggedPrincipal principal, final String desc) {
- this.delegate = delegate;
- this.principal = principal;
- this.desc = desc + ' ' + delegate.desc();
- }
-
- @Override
- public boolean isValid() {
- return delegate.isValid();
- }
+ private final TafResp delegate;
+ private final TaggedPrincipal principal;
+ private final String desc;
+ private float timing;
+
+ public TrustTafResp(final TafResp delegate, final TaggedPrincipal principal, final String desc) {
+ this.delegate = delegate;
+ this.principal = principal;
+ this.desc = desc + ' ' + delegate.desc();
+ }
+
+ @Override
+ public boolean isValid() {
+ return delegate.isValid();
+ }
- @Override
- public String desc() {
- return desc;
- }
+ @Override
+ public String desc() {
+ return desc;
+ }
- @Override
- public RESP isAuthenticated() {
- return delegate.isAuthenticated();
- }
+ @Override
+ public RESP isAuthenticated() {
+ return delegate.isAuthenticated();
+ }
- @Override
- public RESP authenticate() throws IOException {
- return delegate.authenticate();
- }
+ @Override
+ public RESP authenticate() throws IOException {
+ return delegate.authenticate();
+ }
- @Override
- public TaggedPrincipal getPrincipal() {
- return principal;
- }
+ @Override
+ public TaggedPrincipal getPrincipal() {
+ return principal;
+ }
- @Override
- public Access getAccess() {
- return delegate.getAccess();
- }
+ @Override
+ public Access getAccess() {
+ return delegate.getAccess();
+ }
- @Override
- public boolean isFailedAttempt() {
- return delegate.isFailedAttempt();
- }
- @Override
- public float timing() {
- return timing;
- }
+ @Override
+ public boolean isFailedAttempt() {
+ return delegate.isFailedAttempt();
+ }
+ @Override
+ public float timing() {
+ return timing;
+ }
- @Override
- public void timing(long start) {
- timing = Timing.millis(start);
- }
-
- public String toString() {
- return principal.getName() + " by trust of " + desc();
- }
-
- @Override
- public String taf() {
- return "Trust";
- }
+ @Override
+ public void timing(long start) {
+ timing = Timing.millis(start);
+ }
+
+ public String toString() {
+ return principal.getName() + " by trust of " + desc();
+ }
+
+ @Override
+ public String taf() {
+ return "Trust";
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java
index 8fc985cf..21830b01 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java
@@ -60,139 +60,139 @@ import org.onap.aaf.cadi.taf.dos.DenialOfServiceTaf;
*
*/
public class BasicHttpTaf implements HttpTaf {
- private Access access;
- private String realm;
- private CredVal rbac;
- private Map<String,CredVal> rbacs = new TreeMap<>();
- private boolean warn;
- private long timeToLive;
-
- public BasicHttpTaf(Access access, CredVal rbac, String realm, long timeToLive, boolean turnOnWarning) {
- this.access = access;
- this.realm = realm;
- this.rbac = rbac;
- this.warn = turnOnWarning;
- this.timeToLive = timeToLive;
- }
+ private Access access;
+ private String realm;
+ private CredVal rbac;
+ private Map<String,CredVal> rbacs = new TreeMap<>();
+ private boolean warn;
+ private long timeToLive;
+
+ public BasicHttpTaf(Access access, CredVal rbac, String realm, long timeToLive, boolean turnOnWarning) {
+ this.access = access;
+ this.realm = realm;
+ this.rbac = rbac;
+ this.warn = turnOnWarning;
+ this.timeToLive = timeToLive;
+ }
- public void add(final CredValDomain cvd) {
- rbacs.put(cvd.domain(), cvd);
- }
-
- /**
- * Note: BasicHttp works for either Carbon Based (Humans) or Silicon Based (machine) Lifeforms.
- * @see Taf
- */
- public TafResp validate(Taf.LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
- // See if Request implements BasicCred (aka CadiWrap or other), and if User/Pass has already been set separately
- if(req instanceof BasicCred) {
- BasicCred bc = (BasicCred)req;
- if(bc.getUser()!=null) { // CadiWrap, if set, makes sure User & Password are both valid, or both null
- if(DenialOfServiceTaf.isDeniedID(bc.getUser())!=null) {
- return DenialOfServiceTaf.respDenyID(access,bc.getUser());
- }
- CachedBasicPrincipal bp = new CachedBasicPrincipal(this,bc,realm,timeToLive);
-
- // Be able to do Organizational specific lookups by Domain
- CredVal cv = rbacs.get(bp.getDomain());
- if(cv==null) {
- cv = rbac;
- }
-
- // ONLY FOR Last Ditch DEBUGGING...
- // access.log(Level.WARN,bp.getName() + ":" + new String(bp.getCred()));
- if(cv.validate(bp.getName(),Type.PASSWORD,bp.getCred(),req)) {
- return new BasicHttpTafResp(access,bp,bp.getName()+" authenticated by password",RESP.IS_AUTHENTICATED,resp,realm,false);
- } else {
- //TODO may need timed retries in a given time period
- return new BasicHttpTafResp(access,null,buildMsg(bp,req,"user/pass combo invalid for ",bc.getUser(),"from",req.getRemoteAddr()),
- RESP.TRY_AUTHENTICATING,resp,realm,true);
- }
- }
- }
- // Get User/Password from Authorization Header value
- String authz = req.getHeader("Authorization");
- if(authz != null && authz.startsWith("Basic ")) {
- if(warn&&!req.isSecure()) {
- access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
- }
- try {
- CachedBasicPrincipal ba = new CachedBasicPrincipal(this,authz,realm,timeToLive);
- if(DenialOfServiceTaf.isDeniedID(ba.getName())!=null) {
- return DenialOfServiceTaf.respDenyID(access,ba.getName());
- }
-
- final int at = ba.getName().indexOf('@');
- CredVal cv = rbacs.get(ba.getName().substring(at+1));
- if(cv==null) {
- cv = rbac; // default
- }
+ public void add(final CredValDomain cvd) {
+ rbacs.put(cvd.domain(), cvd);
+ }
+
+ /**
+ * Note: BasicHttp works for either Carbon Based (Humans) or Silicon Based (machine) Lifeforms.
+ * @see Taf
+ */
+ public TafResp validate(Taf.LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
+ // See if Request implements BasicCred (aka CadiWrap or other), and if User/Pass has already been set separately
+ if(req instanceof BasicCred) {
+ BasicCred bc = (BasicCred)req;
+ if(bc.getUser()!=null) { // CadiWrap, if set, makes sure User & Password are both valid, or both null
+ if(DenialOfServiceTaf.isDeniedID(bc.getUser())!=null) {
+ return DenialOfServiceTaf.respDenyID(access,bc.getUser());
+ }
+ CachedBasicPrincipal bp = new CachedBasicPrincipal(this,bc,realm,timeToLive);
+
+ // Be able to do Organizational specific lookups by Domain
+ CredVal cv = rbacs.get(bp.getDomain());
+ if(cv==null) {
+ cv = rbac;
+ }
+
+ // ONLY FOR Last Ditch DEBUGGING...
+ // access.log(Level.WARN,bp.getName() + ":" + new String(bp.getCred()));
+ if(cv.validate(bp.getName(),Type.PASSWORD,bp.getCred(),req)) {
+ return new BasicHttpTafResp(access,bp,bp.getName()+" authenticated by password",RESP.IS_AUTHENTICATED,resp,realm,false);
+ } else {
+ //TODO may need timed retries in a given time period
+ return new BasicHttpTafResp(access,null,buildMsg(bp,req,"user/pass combo invalid for ",bc.getUser(),"from",req.getRemoteAddr()),
+ RESP.TRY_AUTHENTICATING,resp,realm,true);
+ }
+ }
+ }
+ // Get User/Password from Authorization Header value
+ String authz = req.getHeader("Authorization");
+ if(authz != null && authz.startsWith("Basic ")) {
+ if(warn&&!req.isSecure()) {
+ access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel");
+ }
+ try {
+ CachedBasicPrincipal ba = new CachedBasicPrincipal(this,authz,realm,timeToLive);
+ if(DenialOfServiceTaf.isDeniedID(ba.getName())!=null) {
+ return DenialOfServiceTaf.respDenyID(access,ba.getName());
+ }
+
+ final int at = ba.getName().indexOf('@');
+ CredVal cv = rbacs.get(ba.getName().substring(at+1));
+ if(cv==null) {
+ cv = rbac; // default
+ }
- // ONLY FOR Last Ditch DEBUGGING...
- // access.log(Level.WARN,ba.getName() + ":" + new String(ba.getCred()));
- if(cv.validate(ba.getName(), Type.PASSWORD, ba.getCred(), req)) {
- return new BasicHttpTafResp(access,ba, ba.getName()+" authenticated by BasicAuth password",RESP.IS_AUTHENTICATED,resp,realm,false);
- } else {
- //TODO may need timed retries in a given time period
- return new BasicHttpTafResp(access,null,buildMsg(ba,req,"user/pass combo invalid"),
- RESP.TRY_AUTHENTICATING,resp,realm,true);
- }
- } catch (IOException e) {
- String msg = buildMsg(null,req,"Failed HTTP Basic Authorization (", e.getMessage(), ')');
- access.log(Level.INFO,msg);
- return new BasicHttpTafResp(access,null,msg, RESP.TRY_AUTHENTICATING, resp, realm,true);
- }
- }
- return new BasicHttpTafResp(access,null,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,realm,false);
- }
-
- protected String buildMsg(Principal pr, HttpServletRequest req, Object ... msg) {
- StringBuilder sb = new StringBuilder();
- if(pr!=null) {
- sb.append("user=");
- sb.append(pr.getName());
- sb.append(',');
- }
- sb.append("ip=");
- sb.append(req.getRemoteAddr());
- sb.append(",port=");
- sb.append(req.getRemotePort());
- if(msg.length>0) {
- sb.append(",msg=\"");
- for(Object s : msg) {
- sb.append(s.toString());
- }
- sb.append('"');
- }
- return sb.toString();
- }
-
- public void addCredVal(final String realm, final CredVal cv) {
- rbacs.put(realm, cv);
- }
+ // ONLY FOR Last Ditch DEBUGGING...
+ // access.log(Level.WARN,ba.getName() + ":" + new String(ba.getCred()));
+ if(cv.validate(ba.getName(), Type.PASSWORD, ba.getCred(), req)) {
+ return new BasicHttpTafResp(access,ba, ba.getName()+" authenticated by BasicAuth password",RESP.IS_AUTHENTICATED,resp,realm,false);
+ } else {
+ //TODO may need timed retries in a given time period
+ return new BasicHttpTafResp(access,null,buildMsg(ba,req,"user/pass combo invalid"),
+ RESP.TRY_AUTHENTICATING,resp,realm,true);
+ }
+ } catch (IOException e) {
+ String msg = buildMsg(null,req,"Failed HTTP Basic Authorization (", e.getMessage(), ')');
+ access.log(Level.INFO,msg);
+ return new BasicHttpTafResp(access,null,msg, RESP.TRY_AUTHENTICATING, resp, realm,true);
+ }
+ }
+ return new BasicHttpTafResp(access,null,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,realm,false);
+ }
+
+ protected String buildMsg(Principal pr, HttpServletRequest req, Object ... msg) {
+ StringBuilder sb = new StringBuilder();
+ if(pr!=null) {
+ sb.append("user=");
+ sb.append(pr.getName());
+ sb.append(',');
+ }
+ sb.append("ip=");
+ sb.append(req.getRemoteAddr());
+ sb.append(",port=");
+ sb.append(req.getRemotePort());
+ if(msg.length>0) {
+ sb.append(",msg=\"");
+ for(Object s : msg) {
+ sb.append(s.toString());
+ }
+ sb.append('"');
+ }
+ return sb.toString();
+ }
+
+ public void addCredVal(final String realm, final CredVal cv) {
+ rbacs.put(realm, cv);
+ }
- public CredVal getCredVal(String key) {
- CredVal cv = rbacs.get(key);
- if(cv==null) {
- cv = rbac;
- }
- return cv;
- }
-
- @Override
- public Resp revalidate(CachedPrincipal prin, Object state) {
- if(prin instanceof BasicPrincipal) {
- BasicPrincipal ba = (BasicPrincipal)prin;
- if(DenialOfServiceTaf.isDeniedID(ba.getName())!=null) {
- return Resp.UNVALIDATED;
- }
- return rbac.validate(ba.getName(), Type.PASSWORD, ba.getCred(), state)?Resp.REVALIDATED:Resp.UNVALIDATED;
- }
- return Resp.NOT_MINE;
- }
-
- public String toString() {
- return "Basic Auth enabled on realm: " + realm;
- }
+ public CredVal getCredVal(String key) {
+ CredVal cv = rbacs.get(key);
+ if(cv==null) {
+ cv = rbac;
+ }
+ return cv;
+ }
+
+ @Override
+ public Resp revalidate(CachedPrincipal prin, Object state) {
+ if(prin instanceof BasicPrincipal) {
+ BasicPrincipal ba = (BasicPrincipal)prin;
+ if(DenialOfServiceTaf.isDeniedID(ba.getName())!=null) {
+ return Resp.UNVALIDATED;
+ }
+ return rbac.validate(ba.getName(), Type.PASSWORD, ba.getCred(), state)?Resp.REVALIDATED:Resp.UNVALIDATED;
+ }
+ return Resp.NOT_MINE;
+ }
+
+ public String toString() {
+ return "Basic Auth enabled on realm: " + realm;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTafResp.java
index 643cf29e..d1acf5fe 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTafResp.java
@@ -31,31 +31,31 @@ import org.onap.aaf.cadi.taf.AbsTafResp;
import org.onap.aaf.cadi.taf.TafResp;
public class BasicHttpTafResp extends AbsTafResp implements TafResp {
- private static final String tafName = BasicHttpTaf.class.getSimpleName();
- private HttpServletResponse httpResp;
- private String realm;
- private RESP status;
- private final boolean wasFailed;
-
- public BasicHttpTafResp(Access access, TaggedPrincipal principal, String description, RESP status, HttpServletResponse resp, String realm, boolean wasFailed) {
- super(access, tafName, principal, description);
- httpResp = resp;
- this.realm = realm;
- this.status = status;
- this.wasFailed = wasFailed;
- }
-
- public RESP authenticate() throws IOException {
- httpResp.setStatus(401); // Unauthorized
- httpResp.setHeader("WWW-Authenticate", "Basic realm=\""+realm+'"');
- return RESP.HTTP_REDIRECT_INVOKED;
- }
-
- public RESP isAuthenticated() {
- return status;
- }
-
- public boolean isFailedAttempt() {
- return wasFailed;
- }
+ private static final String tafName = BasicHttpTaf.class.getSimpleName();
+ private HttpServletResponse httpResp;
+ private String realm;
+ private RESP status;
+ private final boolean wasFailed;
+
+ public BasicHttpTafResp(Access access, TaggedPrincipal principal, String description, RESP status, HttpServletResponse resp, String realm, boolean wasFailed) {
+ super(access, tafName, principal, description);
+ httpResp = resp;
+ this.realm = realm;
+ this.status = status;
+ this.wasFailed = wasFailed;
+ }
+
+ public RESP authenticate() throws IOException {
+ httpResp.setStatus(401); // Unauthorized
+ httpResp.setHeader("WWW-Authenticate", "Basic realm=\""+realm+'"');
+ return RESP.HTTP_REDIRECT_INVOKED;
+ }
+
+ public RESP isAuthenticated() {
+ return status;
+ }
+
+ public boolean isFailedAttempt() {
+ return wasFailed;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/CertIdentity.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/CertIdentity.java
index 0da41b81..f597159e 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/CertIdentity.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/CertIdentity.java
@@ -29,18 +29,18 @@ import javax.servlet.http.HttpServletRequest;
import org.onap.aaf.cadi.principal.TaggedPrincipal;
public interface CertIdentity {
- /**
- * identity from X509Certificate Object and/or certBytes
- *
- * If you have both, include them. If you only have one, leave the other null, and it will be generated if needed
- *
- * The Request is there to obtain Header or Attribute info of ultimate user
- *
- * @param req
- * @param cert
- * @param certBytes
- * @return
- * @throws CertificateException
- */
- public TaggedPrincipal identity(HttpServletRequest req, X509Certificate cert, byte[] certBytes) throws CertificateException;
+ /**
+ * identity from X509Certificate Object and/or certBytes
+ *
+ * If you have both, include them. If you only have one, leave the other null, and it will be generated if needed
+ *
+ * The Request is there to obtain Header or Attribute info of ultimate user
+ *
+ * @param req
+ * @param cert
+ * @param certBytes
+ * @return
+ * @throws CertificateException
+ */
+ public TaggedPrincipal identity(HttpServletRequest req, X509Certificate cert, byte[] certBytes) throws CertificateException;
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509HttpTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509HttpTafResp.java
index c18f9036..d51cc86a 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509HttpTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509HttpTafResp.java
@@ -29,25 +29,25 @@ import org.onap.aaf.cadi.taf.AbsTafResp;
import org.onap.aaf.cadi.taf.TafResp;
public class X509HttpTafResp extends AbsTafResp implements TafResp {
- private static final String tafName = X509Taf.class.getSimpleName();
-
- private RESP status;
-
- public X509HttpTafResp(Access access, TaggedPrincipal principal, String description, RESP status) {
- super(access, tafName, principal, description);
- this.status = status;
- }
-
- public RESP authenticate() throws IOException {
- return RESP.TRY_ANOTHER_TAF;
- }
-
- public RESP isAuthenticated() {
- return status;
- }
-
- public String toString() {
- return status.name();
- }
+ private static final String tafName = X509Taf.class.getSimpleName();
+
+ private RESP status;
+
+ public X509HttpTafResp(Access access, TaggedPrincipal principal, String description, RESP status) {
+ super(access, tafName, principal, description);
+ this.status = status;
+ }
+
+ public RESP authenticate() throws IOException {
+ return RESP.TRY_ANOTHER_TAF;
+ }
+
+ public RESP isAuthenticated() {
+ return status;
+ }
+
+ public String toString() {
+ return status.name();
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java
index 77efa956..d0034c76 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java
@@ -56,221 +56,221 @@ import org.onap.aaf.cadi.taf.basic.BasicHttpTaf;
import org.onap.aaf.cadi.util.Split;
public class X509Taf implements HttpTaf {
- private static final String CERTIFICATE_NOT_VALID_FOR_AUTHENTICATION = "Certificate NOT valid for Authentication";
- public static final CertificateFactory certFactory;
- public static final MessageDigest messageDigest;
- public static final TrustManagerFactory tmf;
- private Access access;
- private CertIdentity[] certIdents;
-// private Lur lur;
- private ArrayList<String> cadiIssuers;
- private String env;
- private SecurityInfo si;
- private BasicHttpTaf bht;
+ private static final String CERTIFICATE_NOT_VALID_FOR_AUTHENTICATION = "Certificate NOT valid for Authentication";
+ public static final CertificateFactory certFactory;
+ public static final MessageDigest messageDigest;
+ public static final TrustManagerFactory tmf;
+ private Access access;
+ private CertIdentity[] certIdents;
+// private Lur lur;
+ private ArrayList<String> cadiIssuers;
+ private String env;
+ private SecurityInfo si;
+ private BasicHttpTaf bht;
- static {
- try {
- certFactory = CertificateFactory.getInstance("X.509");
- messageDigest = MessageDigest.getInstance("SHA-256"); // use this to clone
- tmf = TrustManagerFactory.getInstance(SecurityInfoC.SSL_KEY_MANAGER_FACTORY_ALGORITHM);
- } catch (Exception e) {
- throw new RuntimeException("X.509 and SHA-256 are required for X509Taf",e);
- }
- }
-
- public X509Taf(Access access, Lur lur, CertIdentity ... cis) throws CertificateException, NoSuchAlgorithmException, CadiException {
- this.access = access;
- env = access.getProperty(Config.AAF_ENV,null);
- if(env==null) {
- throw new CadiException("X509Taf requires Environment ("+Config.AAF_ENV+") to be set.");
- }
-// this.lur = lur;
- this.cadiIssuers = new ArrayList<>();
- for(String ci : access.getProperty(Config.CADI_X509_ISSUERS, "").split(":")) {
- access.printf(Level.INIT, "Trusting Identity for Certificates signed by \"%s\"",ci);
- cadiIssuers.add(ci);
- }
- try {
- Class<?> dci = access.classLoader().loadClass("org.onap.aaf.auth.direct.DirectCertIdentity");
- if(dci==null) {
- certIdents = cis;
- } else {
- CertIdentity temp[] = new CertIdentity[cis.length+1];
- System.arraycopy(cis, 0, temp, 1, cis.length);
- temp[0] = (CertIdentity) dci.newInstance();
- certIdents=temp;
- }
- } catch (Exception e) {
- certIdents = cis;
- }
-
- si = new SecurityInfo(access);
- }
+ static {
+ try {
+ certFactory = CertificateFactory.getInstance("X.509");
+ messageDigest = MessageDigest.getInstance("SHA-256"); // use this to clone
+ tmf = TrustManagerFactory.getInstance(SecurityInfoC.SSL_KEY_MANAGER_FACTORY_ALGORITHM);
+ } catch (Exception e) {
+ throw new RuntimeException("X.509 and SHA-256 are required for X509Taf",e);
+ }
+ }
+
+ public X509Taf(Access access, Lur lur, CertIdentity ... cis) throws CertificateException, NoSuchAlgorithmException, CadiException {
+ this.access = access;
+ env = access.getProperty(Config.AAF_ENV,null);
+ if(env==null) {
+ throw new CadiException("X509Taf requires Environment ("+Config.AAF_ENV+") to be set.");
+ }
+// this.lur = lur;
+ this.cadiIssuers = new ArrayList<>();
+ for(String ci : access.getProperty(Config.CADI_X509_ISSUERS, "").split(":")) {
+ access.printf(Level.INIT, "Trusting Identity for Certificates signed by \"%s\"",ci);
+ cadiIssuers.add(ci);
+ }
+ try {
+ Class<?> dci = access.classLoader().loadClass("org.onap.aaf.auth.direct.DirectCertIdentity");
+ if(dci==null) {
+ certIdents = cis;
+ } else {
+ CertIdentity temp[] = new CertIdentity[cis.length+1];
+ System.arraycopy(cis, 0, temp, 1, cis.length);
+ temp[0] = (CertIdentity) dci.newInstance();
+ certIdents=temp;
+ }
+ } catch (Exception e) {
+ certIdents = cis;
+ }
+
+ si = new SecurityInfo(access);
+ }
- public static final X509Certificate getCert(byte[] certBytes) throws CertificateException {
- ByteArrayInputStream bais = new ByteArrayInputStream(certBytes);
- return (X509Certificate)certFactory.generateCertificate(bais);
- }
+ public static final X509Certificate getCert(byte[] certBytes) throws CertificateException {
+ ByteArrayInputStream bais = new ByteArrayInputStream(certBytes);
+ return (X509Certificate)certFactory.generateCertificate(bais);
+ }
- public static final byte[] getFingerPrint(byte[] ba) {
- MessageDigest md;
- try {
- md = (MessageDigest)messageDigest.clone();
- } catch (CloneNotSupportedException e) {
- // should never get here
- return new byte[0];
- }
- md.update(ba);
- return md.digest();
- }
+ public static final byte[] getFingerPrint(byte[] ba) {
+ MessageDigest md;
+ try {
+ md = (MessageDigest)messageDigest.clone();
+ } catch (CloneNotSupportedException e) {
+ // should never get here
+ return new byte[0];
+ }
+ md.update(ba);
+ return md.digest();
+ }
- @Override
- public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
- // Check for Mutual SSL
- try {
- X509Certificate[] certarr = (X509Certificate[])req.getAttribute("javax.servlet.request.X509Certificate");
- if(certarr!=null && certarr.length>0) {
- si.checkClientTrusted(certarr);
- // Note: If the Issuer is not in the TrustStore, it's not added to the Cert list
- String issuer = certarr[0].getIssuerDN().toString();
- if(cadiIssuers.contains(issuer)) {
- String subject = certarr[0].getSubjectDN().getName();
- // avoiding extra object creation, since this is validated EVERY transaction with a Cert
- int at = subject.indexOf('@');
- if(at>=0) {
- int start = subject.lastIndexOf(',', at);
- if(start<0) {
- start = 0;
- }
- int end = subject.indexOf(',', at);
- if(end<0) {
- end=subject.length();
- }
- int temp;
- if(((temp=subject.indexOf("OU=",start))>=0 && temp<end) ||
- ((temp=subject.indexOf("CN=",start))>=0 && temp<end)) {
- String[] sa = Split.splitTrim(':', subject, temp+3,end);
- if(sa.length==1 || (sa.length>1 && env!=null && env.equals(sa[1]))) { // Check Environment
- return new X509HttpTafResp(access,
- new X509Principal(sa[0], certarr[0],(byte[])null,bht),
- "X509Taf validated " + sa[0] + (sa.length<2?"":" for aaf_env " + env ), RESP.IS_AUTHENTICATED);
- }
- }
-
- }
- }
- }
-
+ @Override
+ public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
+ // Check for Mutual SSL
+ try {
+ X509Certificate[] certarr = (X509Certificate[])req.getAttribute("javax.servlet.request.X509Certificate");
+ if(certarr!=null && certarr.length>0) {
+ si.checkClientTrusted(certarr);
+ // Note: If the Issuer is not in the TrustStore, it's not added to the Cert list
+ String issuer = certarr[0].getIssuerDN().toString();
+ if(cadiIssuers.contains(issuer)) {
+ String subject = certarr[0].getSubjectDN().getName();
+ // avoiding extra object creation, since this is validated EVERY transaction with a Cert
+ int at = subject.indexOf('@');
+ if(at>=0) {
+ int start = subject.lastIndexOf(',', at);
+ if(start<0) {
+ start = 0;
+ }
+ int end = subject.indexOf(',', at);
+ if(end<0) {
+ end=subject.length();
+ }
+ int temp;
+ if(((temp=subject.indexOf("OU=",start))>=0 && temp<end) ||
+ ((temp=subject.indexOf("CN=",start))>=0 && temp<end)) {
+ String[] sa = Split.splitTrim(':', subject, temp+3,end);
+ if(sa.length==1 || (sa.length>1 && env!=null && env.equals(sa[1]))) { // Check Environment
+ return new X509HttpTafResp(access,
+ new X509Principal(sa[0], certarr[0],(byte[])null,bht),
+ "X509Taf validated " + sa[0] + (sa.length<2?"":" for aaf_env " + env ), RESP.IS_AUTHENTICATED);
+ }
+ }
+
+ }
+ }
+ }
+
- byte[] array = null;
- byte[] certBytes = null;
- X509Certificate cert=null;
- String responseText=null;
- String authHeader = req.getHeader("Authorization");
+ byte[] array = null;
+ byte[] certBytes = null;
+ X509Certificate cert=null;
+ String responseText=null;
+ String authHeader = req.getHeader("Authorization");
- if(certarr!=null) { // If cert !=null, Cert is Tested by Mutual Protocol.
- if(authHeader!=null) { // This is only intended to be a Secure Connection, not an Identity
- for(String auth : Split.split(',',authHeader)) {
- if(auth.startsWith("Bearer ")) { // Bearer = OAuth... Don't use as Authenication
- return new X509HttpTafResp(access, null, "Certificate verified, but Bearer Token is presented", RESP.TRY_ANOTHER_TAF);
- }
- }
- }
- cert = certarr[0];
- responseText = ", validated by Mutual SSL Protocol";
- } else { // If cert == null, Get Declared Cert (in header), but validate by having them sign something
- if(authHeader != null) {
- for(String auth : Split.splitTrim(',',authHeader)) {
- if(auth.startsWith("x509 ")) {
- ByteArrayOutputStream baos = new ByteArrayOutputStream(auth.length());
- try {
- array = auth.getBytes();
- ByteArrayInputStream bais = new ByteArrayInputStream(array);
- Symm.base64noSplit.decode(bais, baos, 5);
- certBytes = baos.toByteArray();
- cert = getCert(certBytes);
-
- /**
- * Identity from CERT if well know CA and specific encoded information
- */
- // If found Identity doesn't work, try SignedStuff Protocol
- // cert.checkValidity();
- // cert.--- GET FINGERPRINT?
- String stuff = req.getHeader("Signature");
- if(stuff==null)
- return new X509HttpTafResp(access, null, "Header entry 'Signature' required to validate One way X509 Certificate", RESP.TRY_ANOTHER_TAF);
- String data = req.getHeader("Data");
- // if(data==null)
- // return new X509HttpTafResp(access, null, "No signed Data to validate with X509 Certificate", RESP.TRY_ANOTHER_TAF);
-
- // Note: Data Pos shows is "<signatureType> <data>"
- // int dataPos = (stuff.indexOf(' ')); // determine what is Algorithm
- // Get Signature
- bais = new ByteArrayInputStream(stuff.getBytes());
- baos = new ByteArrayOutputStream(stuff.length());
- Symm.base64noSplit.decode(bais, baos);
- array = baos.toByteArray();
- // Signature sig = Signature.getInstance(stuff.substring(0, dataPos)); // get Algorithm from first part of Signature
-
- Signature sig = Signature.getInstance(cert.getSigAlgName());
- sig.initVerify(cert.getPublicKey());
- sig.update(data.getBytes());
- if(!sig.verify(array)) {
- access.log(Level.ERROR, "Signature doesn't Match");
- return new X509HttpTafResp(access, null, CERTIFICATE_NOT_VALID_FOR_AUTHENTICATION, RESP.TRY_ANOTHER_TAF);
- }
- responseText = ", validated by Signed Data";
- } catch (Exception e) {
- access.log(e, "Exception while validating Cert");
- return new X509HttpTafResp(access, null, CERTIFICATE_NOT_VALID_FOR_AUTHENTICATION, RESP.TRY_ANOTHER_TAF);
- }
- }
- }
- }
- if(cert==null) {
- return new X509HttpTafResp(access, null, "No Certificate Info on Transaction", RESP.TRY_ANOTHER_TAF);
- }
-
- // A cert has been found, match Identify
- TaggedPrincipal prin=null;
-
- for(int i=0;prin==null && i<certIdents.length;++i) {
- if((prin=certIdents[i].identity(req, cert, certBytes))!=null) {
- responseText = prin.getName() + " matches Certificate " + cert.getSubjectX500Principal().getName() + responseText;
- }
- }
-
- // if Principal is found, check for "AS_USER" and whether this entity is trusted to declare
- if(prin!=null) {
- return new X509HttpTafResp(
- access,
- prin,
- responseText,
- RESP.IS_AUTHENTICATED);
- }
- }
- } catch(Exception e) {
- return new X509HttpTafResp(access, null, e.getMessage(), RESP.TRY_ANOTHER_TAF);
- }
-
- return new X509HttpTafResp(access, null, "Certificate cannot be used for authentication", RESP.TRY_ANOTHER_TAF);
- }
+ if(certarr!=null) { // If cert !=null, Cert is Tested by Mutual Protocol.
+ if(authHeader!=null) { // This is only intended to be a Secure Connection, not an Identity
+ for(String auth : Split.split(',',authHeader)) {
+ if(auth.startsWith("Bearer ")) { // Bearer = OAuth... Don't use as Authenication
+ return new X509HttpTafResp(access, null, "Certificate verified, but Bearer Token is presented", RESP.TRY_ANOTHER_TAF);
+ }
+ }
+ }
+ cert = certarr[0];
+ responseText = ", validated by Mutual SSL Protocol";
+ } else { // If cert == null, Get Declared Cert (in header), but validate by having them sign something
+ if(authHeader != null) {
+ for(String auth : Split.splitTrim(',',authHeader)) {
+ if(auth.startsWith("x509 ")) {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream(auth.length());
+ try {
+ array = auth.getBytes();
+ ByteArrayInputStream bais = new ByteArrayInputStream(array);
+ Symm.base64noSplit.decode(bais, baos, 5);
+ certBytes = baos.toByteArray();
+ cert = getCert(certBytes);
+
+ /**
+ * Identity from CERT if well know CA and specific encoded information
+ */
+ // If found Identity doesn't work, try SignedStuff Protocol
+ // cert.checkValidity();
+ // cert.--- GET FINGERPRINT?
+ String stuff = req.getHeader("Signature");
+ if(stuff==null)
+ return new X509HttpTafResp(access, null, "Header entry 'Signature' required to validate One way X509 Certificate", RESP.TRY_ANOTHER_TAF);
+ String data = req.getHeader("Data");
+ // if(data==null)
+ // return new X509HttpTafResp(access, null, "No signed Data to validate with X509 Certificate", RESP.TRY_ANOTHER_TAF);
+
+ // Note: Data Pos shows is "<signatureType> <data>"
+ // int dataPos = (stuff.indexOf(' ')); // determine what is Algorithm
+ // Get Signature
+ bais = new ByteArrayInputStream(stuff.getBytes());
+ baos = new ByteArrayOutputStream(stuff.length());
+ Symm.base64noSplit.decode(bais, baos);
+ array = baos.toByteArray();
+ // Signature sig = Signature.getInstance(stuff.substring(0, dataPos)); // get Algorithm from first part of Signature
+
+ Signature sig = Signature.getInstance(cert.getSigAlgName());
+ sig.initVerify(cert.getPublicKey());
+ sig.update(data.getBytes());
+ if(!sig.verify(array)) {
+ access.log(Level.ERROR, "Signature doesn't Match");
+ return new X509HttpTafResp(access, null, CERTIFICATE_NOT_VALID_FOR_AUTHENTICATION, RESP.TRY_ANOTHER_TAF);
+ }
+ responseText = ", validated by Signed Data";
+ } catch (Exception e) {
+ access.log(e, "Exception while validating Cert");
+ return new X509HttpTafResp(access, null, CERTIFICATE_NOT_VALID_FOR_AUTHENTICATION, RESP.TRY_ANOTHER_TAF);
+ }
+ }
+ }
+ }
+ if(cert==null) {
+ return new X509HttpTafResp(access, null, "No Certificate Info on Transaction", RESP.TRY_ANOTHER_TAF);
+ }
+
+ // A cert has been found, match Identify
+ TaggedPrincipal prin=null;
+
+ for(int i=0;prin==null && i<certIdents.length;++i) {
+ if((prin=certIdents[i].identity(req, cert, certBytes))!=null) {
+ responseText = prin.getName() + " matches Certificate " + cert.getSubjectX500Principal().getName() + responseText;
+ }
+ }
+
+ // if Principal is found, check for "AS_USER" and whether this entity is trusted to declare
+ if(prin!=null) {
+ return new X509HttpTafResp(
+ access,
+ prin,
+ responseText,
+ RESP.IS_AUTHENTICATED);
+ }
+ }
+ } catch(Exception e) {
+ return new X509HttpTafResp(access, null, e.getMessage(), RESP.TRY_ANOTHER_TAF);
+ }
+
+ return new X509HttpTafResp(access, null, "Certificate cannot be used for authentication", RESP.TRY_ANOTHER_TAF);
+ }
- @Override
- public Resp revalidate(CachedPrincipal prin, Object state) {
- return null;
- }
+ @Override
+ public Resp revalidate(CachedPrincipal prin, Object state) {
+ return null;
+ }
- public void add(BasicHttpTaf bht) {
- this.bht = bht;
- }
-
- public CredVal getCredVal(final String key) {
- if(bht==null) {
- return null;
- } else {
- return bht.getCredVal(key);
- }
- }
-
+ public void add(BasicHttpTaf bht) {
+ this.bht = bht;
+ }
+
+ public CredVal getCredVal(final String key) {
+ if(bht==null) {
+ return null;
+ } else {
+ return bht.getCredVal(key);
+ }
+ }
+
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java
index a0d56f67..4154e50e 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java
@@ -48,328 +48,328 @@ import org.onap.aaf.cadi.taf.TafResp;
import org.onap.aaf.cadi.taf.TafResp.RESP;
public class DenialOfServiceTaf implements HttpTaf {
- private static Map<String, Counter> deniedIP=null, deniedID=null;
- private Access access;
- private final TafResp puntNotDenied;
- private static File dosIP, dosID;
-
- /**
- *
- * @param hostname
- * @param prod
- * @throws CadiException
- */
- public DenialOfServiceTaf(Access access) throws CadiException {
- puntNotDenied = new PuntTafResp("DenialOfServiceTaf", "This Transaction is not denied");
- this.access = access;
- if(dosIP==null || dosID == null) {
- String dirStr;
- if((dirStr = access.getProperty(Config.AAF_DATA_DIR, null))!=null) {
- dosIP = new File(dirStr+"/dosIP");
- readIP();
- dosID = new File(dirStr+"/dosID");
- readID();
- }
- }
- }
+ private static Map<String, Counter> deniedIP=null, deniedID=null;
+ private Access access;
+ private final TafResp puntNotDenied;
+ private static File dosIP, dosID;
+
+ /**
+ *
+ * @param hostname
+ * @param prod
+ * @throws CadiException
+ */
+ public DenialOfServiceTaf(Access access) throws CadiException {
+ puntNotDenied = new PuntTafResp("DenialOfServiceTaf", "This Transaction is not denied");
+ this.access = access;
+ if(dosIP==null || dosID == null) {
+ String dirStr;
+ if((dirStr = access.getProperty(Config.AAF_DATA_DIR, null))!=null) {
+ dosIP = new File(dirStr+"/dosIP");
+ readIP();
+ dosID = new File(dirStr+"/dosID");
+ readID();
+ }
+ }
+ }
- @Override
- public TafResp validate(LifeForm reading, HttpServletRequest req, final HttpServletResponse resp) {
- // Performance, when not needed
- if(deniedIP != null) {
- String ip;
- Counter c = deniedIP.get(ip=req.getRemoteAddr());
- if(c!=null) {
- c.inc();
- return respDenyIP(access,ip);
- }
- }
-
- // Note: Can't process Principal, because this is the first TAF, and no Principal is created.
- // Other TAFs use "isDenied()" on this Object to validate.
- return puntNotDenied;
- }
+ @Override
+ public TafResp validate(LifeForm reading, HttpServletRequest req, final HttpServletResponse resp) {
+ // Performance, when not needed
+ if(deniedIP != null) {
+ String ip;
+ Counter c = deniedIP.get(ip=req.getRemoteAddr());
+ if(c!=null) {
+ c.inc();
+ return respDenyIP(access,ip);
+ }
+ }
+
+ // Note: Can't process Principal, because this is the first TAF, and no Principal is created.
+ // Other TAFs use "isDenied()" on this Object to validate.
+ return puntNotDenied;
+ }
- @Override
- public Resp revalidate(CachedPrincipal prin, Object state) {
- // We always return NOT MINE, because DOS Taf does not ever validate
- return Resp.NOT_MINE;
- }
+ @Override
+ public Resp revalidate(CachedPrincipal prin, Object state) {
+ // We always return NOT MINE, because DOS Taf does not ever validate
+ return Resp.NOT_MINE;
+ }
- /*
- * for use in Other TAFs, before they attempt backend validation of
- */
- public static Counter isDeniedID(String identity) {
- if(deniedID!=null) {
- return deniedID.get(identity);
- }
- return null;
- }
-
- /**
- *
- */
- public static Counter isDeniedIP(String ipvX) {
- if(deniedIP!=null) {
- return deniedIP.get(ipvX);
- }
- return null;
- }
+ /*
+ * for use in Other TAFs, before they attempt backend validation of
+ */
+ public static Counter isDeniedID(String identity) {
+ if(deniedID!=null) {
+ return deniedID.get(identity);
+ }
+ return null;
+ }
+
+ /**
+ *
+ */
+ public static Counter isDeniedIP(String ipvX) {
+ if(deniedIP!=null) {
+ return deniedIP.get(ipvX);
+ }
+ return null;
+ }
- /**
- * Return of "True" means IP has been added.
- * Return of "False" means IP already added.
- *
- * @param ip
- * @return
- */
- public static synchronized boolean denyIP(String ip) {
- boolean rv = false;
- if(deniedIP==null) {
- deniedIP = new HashMap<>();
- deniedIP.put(ip, new Counter(ip)); // Noted duplicated for minimum time spent
- rv= true;
- } else if(deniedIP.get(ip)==null) {
- deniedIP.put(ip, new Counter(ip));
- rv = true;
- }
- if(rv) {
- writeIP();
- }
- return rv;
- }
-
- private static void writeIP() {
- if(dosIP!=null && deniedIP!=null) {
- if(deniedIP.isEmpty()) {
- if(dosIP.exists()) {
- dosIP.delete();
- }
- } else {
- PrintStream fos;
- try {
- fos = new PrintStream(new FileOutputStream(dosIP,false));
- try {
- for(String ip: deniedIP.keySet()) {
- fos.println(ip);
- }
- } finally {
- fos.close();
- }
- } catch (IOException e) {
- e.printStackTrace(System.err);
- }
- }
- }
- }
-
- private static void readIP() {
- if(dosIP!=null && dosIP.exists()) {
- BufferedReader br;
- try {
- br = new BufferedReader(new FileReader(dosIP));
- try {
- if(deniedIP==null) {
- deniedIP=new HashMap<>();
- }
+ /**
+ * Return of "True" means IP has been added.
+ * Return of "False" means IP already added.
+ *
+ * @param ip
+ * @return
+ */
+ public static synchronized boolean denyIP(String ip) {
+ boolean rv = false;
+ if(deniedIP==null) {
+ deniedIP = new HashMap<>();
+ deniedIP.put(ip, new Counter(ip)); // Noted duplicated for minimum time spent
+ rv= true;
+ } else if(deniedIP.get(ip)==null) {
+ deniedIP.put(ip, new Counter(ip));
+ rv = true;
+ }
+ if(rv) {
+ writeIP();
+ }
+ return rv;
+ }
+
+ private static void writeIP() {
+ if(dosIP!=null && deniedIP!=null) {
+ if(deniedIP.isEmpty()) {
+ if(dosIP.exists()) {
+ dosIP.delete();
+ }
+ } else {
+ PrintStream fos;
+ try {
+ fos = new PrintStream(new FileOutputStream(dosIP,false));
+ try {
+ for(String ip: deniedIP.keySet()) {
+ fos.println(ip);
+ }
+ } finally {
+ fos.close();
+ }
+ } catch (IOException e) {
+ e.printStackTrace(System.err);
+ }
+ }
+ }
+ }
+
+ private static void readIP() {
+ if(dosIP!=null && dosIP.exists()) {
+ BufferedReader br;
+ try {
+ br = new BufferedReader(new FileReader(dosIP));
+ try {
+ if(deniedIP==null) {
+ deniedIP=new HashMap<>();
+ }
- String line;
- while((line=br.readLine())!=null) {
- deniedIP.put(line, new Counter(line));
- }
- } finally {
- br.close();
- }
- } catch (IOException e) {
- e.printStackTrace(System.err);
- }
- }
- }
+ String line;
+ while((line=br.readLine())!=null) {
+ deniedIP.put(line, new Counter(line));
+ }
+ } finally {
+ br.close();
+ }
+ } catch (IOException e) {
+ e.printStackTrace(System.err);
+ }
+ }
+ }
- /**
- * Return of "True" means IP has was removed.
- * Return of "False" means IP wasn't being denied.
- *
- * @param ip
- * @return
- */
- public static synchronized boolean removeDenyIP(String ip) {
- if(deniedIP!=null && deniedIP.remove(ip)!=null) {
- writeIP();
- if(deniedIP.isEmpty()) {
- deniedIP=null;
- }
- return true;
- }
- return false;
- }
+ /**
+ * Return of "True" means IP has was removed.
+ * Return of "False" means IP wasn't being denied.
+ *
+ * @param ip
+ * @return
+ */
+ public static synchronized boolean removeDenyIP(String ip) {
+ if(deniedIP!=null && deniedIP.remove(ip)!=null) {
+ writeIP();
+ if(deniedIP.isEmpty()) {
+ deniedIP=null;
+ }
+ return true;
+ }
+ return false;
+ }
- /**
- * Return of "True" means ID has been added.
- * Return of "False" means ID already added.
- *
- * @param ip
- * @return
- */
- public static synchronized boolean denyID(String id) {
- boolean rv = false;
- if(deniedID==null) {
- deniedID = new HashMap<>();
- deniedID.put(id, new Counter(id)); // Noted duplicated for minimum time spent
- rv = true;
- } else if(deniedID.get(id)==null) {
- deniedID.put(id, new Counter(id));
- rv = true;
- }
- if(rv) {
- writeID();
- }
- return rv;
+ /**
+ * Return of "True" means ID has been added.
+ * Return of "False" means ID already added.
+ *
+ * @param ip
+ * @return
+ */
+ public static synchronized boolean denyID(String id) {
+ boolean rv = false;
+ if(deniedID==null) {
+ deniedID = new HashMap<>();
+ deniedID.put(id, new Counter(id)); // Noted duplicated for minimum time spent
+ rv = true;
+ } else if(deniedID.get(id)==null) {
+ deniedID.put(id, new Counter(id));
+ rv = true;
+ }
+ if(rv) {
+ writeID();
+ }
+ return rv;
- }
+ }
- private static void writeID() {
- if(dosID!=null && deniedID!=null) {
- if(deniedID.isEmpty()) {
- if(dosID.exists()) {
- dosID.delete();
- }
- } else {
- PrintStream fos;
- try {
- fos = new PrintStream(new FileOutputStream(dosID,false));
- try {
- for(String ip: deniedID.keySet()) {
- fos.println(ip);
- }
- } finally {
- fos.close();
- }
- } catch (IOException e) {
- e.printStackTrace(System.err);
- }
- }
- }
- }
+ private static void writeID() {
+ if(dosID!=null && deniedID!=null) {
+ if(deniedID.isEmpty()) {
+ if(dosID.exists()) {
+ dosID.delete();
+ }
+ } else {
+ PrintStream fos;
+ try {
+ fos = new PrintStream(new FileOutputStream(dosID,false));
+ try {
+ for(String ip: deniedID.keySet()) {
+ fos.println(ip);
+ }
+ } finally {
+ fos.close();
+ }
+ } catch (IOException e) {
+ e.printStackTrace(System.err);
+ }
+ }
+ }
+ }
- private static void readID() {
- if(dosID!=null && dosID.exists()) {
- BufferedReader br;
- try {
- br = new BufferedReader(new FileReader(dosID));
- try {
- if(deniedID==null) {
- deniedID=new HashMap<>();
- }
-
- String line;
- while((line=br.readLine())!=null) {
- deniedID.put(line, new Counter(line));
- }
- } finally {
- br.close();
- }
- } catch (IOException e) {
- e.printStackTrace(System.err);
- }
- }
- }
+ private static void readID() {
+ if(dosID!=null && dosID.exists()) {
+ BufferedReader br;
+ try {
+ br = new BufferedReader(new FileReader(dosID));
+ try {
+ if(deniedID==null) {
+ deniedID=new HashMap<>();
+ }
+
+ String line;
+ while((line=br.readLine())!=null) {
+ deniedID.put(line, new Counter(line));
+ }
+ } finally {
+ br.close();
+ }
+ } catch (IOException e) {
+ e.printStackTrace(System.err);
+ }
+ }
+ }
- /**
- * Return of "True" means ID has was removed.
- * Return of "False" means ID wasn't being denied.
- *
- * @param ip
- * @return
- */
- public static synchronized boolean removeDenyID(String id) {
- if(deniedID!=null && deniedID.remove(id)!=null) {
- writeID();
- if(deniedID.isEmpty()) {
- deniedID=null;
- }
+ /**
+ * Return of "True" means ID has was removed.
+ * Return of "False" means ID wasn't being denied.
+ *
+ * @param ip
+ * @return
+ */
+ public static synchronized boolean removeDenyID(String id) {
+ if(deniedID!=null && deniedID.remove(id)!=null) {
+ writeID();
+ if(deniedID.isEmpty()) {
+ deniedID=null;
+ }
- return true;
- }
- return false;
- }
-
- public List<String> report() {
- int initSize = 0;
- if(deniedIP!=null)initSize+=deniedIP.size();
- if(deniedID!=null)initSize+=deniedID.size();
- ArrayList<String> al = new ArrayList<>(initSize);
- if(deniedID!=null) {
- for(Counter c : deniedID.values()) {
- al.add(c.toString());
- }
- }
- if(deniedIP!=null) {
- for(Counter c : deniedIP.values()) {
- al.add(c.toString());
- }
- }
- return al;
- }
-
- public static class Counter {
- private final String name;
- private int count = 0;
- private Date first;
- private long last; // note, we use "last" as long, to avoid popping useless dates on Heap.
-
- public Counter(String name) {
- this.name = name;
- first = null;
- last = 0L;
- count = 0;
- }
-
- public String getName() {
- return name;
- }
-
- public int getCount() {
- return count;
- }
+ return true;
+ }
+ return false;
+ }
+
+ public List<String> report() {
+ int initSize = 0;
+ if(deniedIP!=null)initSize+=deniedIP.size();
+ if(deniedID!=null)initSize+=deniedID.size();
+ ArrayList<String> al = new ArrayList<>(initSize);
+ if(deniedID!=null) {
+ for(Counter c : deniedID.values()) {
+ al.add(c.toString());
+ }
+ }
+ if(deniedIP!=null) {
+ for(Counter c : deniedIP.values()) {
+ al.add(c.toString());
+ }
+ }
+ return al;
+ }
+
+ public static class Counter {
+ private final String name;
+ private int count = 0;
+ private Date first;
+ private long last; // note, we use "last" as long, to avoid popping useless dates on Heap.
+
+ public Counter(String name) {
+ this.name = name;
+ first = null;
+ last = 0L;
+ count = 0;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public int getCount() {
+ return count;
+ }
- public long getLast() {
- return last;
- }
-
- /*
- * Only allow Denial of ServiceTaf to increment
- */
- private synchronized void inc() {
- ++count;
- last = System.currentTimeMillis();
- if(first==null) {
- first = new Date(last);
- }
- }
-
- public String toString() {
- if(count==0)
- return name + " is on the denied list, but has not attempted Access";
- else
- return
- name +
- " has been denied " +
- count +
- " times since " +
- first +
- ". Last denial was " +
- new Date(last);
- }
- }
+ public long getLast() {
+ return last;
+ }
+
+ /*
+ * Only allow Denial of ServiceTaf to increment
+ */
+ private synchronized void inc() {
+ ++count;
+ last = System.currentTimeMillis();
+ if(first==null) {
+ first = new Date(last);
+ }
+ }
+
+ public String toString() {
+ if(count==0)
+ return name + " is on the denied list, but has not attempted Access";
+ else
+ return
+ name +
+ " has been denied " +
+ count +
+ " times since " +
+ first +
+ ". Last denial was " +
+ new Date(last);
+ }
+ }
- public static TafResp respDenyID(Access access, String identity) {
- return new DenialOfServiceTafResp(access, RESP.NO_FURTHER_PROCESSING, identity + " is on the Identity Denial list");
- }
-
- public static TafResp respDenyIP(Access access, String ip) {
- return new DenialOfServiceTafResp(access, RESP.NO_FURTHER_PROCESSING, ip + " is on the IP Denial list");
- }
+ public static TafResp respDenyID(Access access, String identity) {
+ return new DenialOfServiceTafResp(access, RESP.NO_FURTHER_PROCESSING, identity + " is on the Identity Denial list");
+ }
+
+ public static TafResp respDenyIP(Access access, String ip) {
+ return new DenialOfServiceTafResp(access, RESP.NO_FURTHER_PROCESSING, ip + " is on the IP Denial list");
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTafResp.java
index e5a336f7..2fcd1553 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTafResp.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTafResp.java
@@ -27,29 +27,29 @@ import org.onap.aaf.cadi.Access;
import org.onap.aaf.cadi.taf.AbsTafResp;
public class DenialOfServiceTafResp extends AbsTafResp {
- private static final String tafName = DenialOfServiceTaf.class.getSimpleName();
-
- private RESP ect; // Homage to Arethra Franklin
-
- public DenialOfServiceTafResp(Access access, RESP resp, String description ) {
- super(access, tafName, null, description);
- ect = resp;
- }
-
- // Override base behavior of checking Principal and trying another TAF
- @Override
- public RESP isAuthenticated() {
- return ect;
- }
-
-
- public RESP authenticate() throws IOException {
- return ect;
- }
-
- @Override
- public String taf() {
- return "DOS";
- }
+ private static final String tafName = DenialOfServiceTaf.class.getSimpleName();
+
+ private RESP ect; // Homage to Arethra Franklin
+
+ public DenialOfServiceTafResp(Access access, RESP resp, String description ) {
+ super(access, tafName, null, description);
+ ect = resp;
+ }
+
+ // Override base behavior of checking Principal and trying another TAF
+ @Override
+ public RESP isAuthenticated() {
+ return ect;
+ }
+
+
+ public RESP authenticate() throws IOException {
+ return ect;
+ }
+
+ @Override
+ public String taf() {
+ return "DOS";
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Chmod.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Chmod.java
index 74bf805d..70fabd82 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Chmod.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Chmod.java
@@ -25,38 +25,38 @@ import java.io.File;
import java.io.IOException;
public interface Chmod {
- public void chmod(File f) throws IOException;
-
- public static final Chmod to755 = new Chmod() {
- public void chmod(File f) throws IOException {
- f.setExecutable(true, false);
- f.setExecutable(true, true);
- f.setReadable(true, false);
- f.setReadable(true, true);
- f.setWritable(false, false);
- f.setWritable(true, true);
- }
- };
+ public void chmod(File f) throws IOException;
+
+ public static final Chmod to755 = new Chmod() {
+ public void chmod(File f) throws IOException {
+ f.setExecutable(true, false);
+ f.setExecutable(true, true);
+ f.setReadable(true, false);
+ f.setReadable(true, true);
+ f.setWritable(false, false);
+ f.setWritable(true, true);
+ }
+ };
- public static final Chmod to644 = new Chmod() {
- public void chmod(File f) throws IOException {
- f.setExecutable(false, false);
- f.setExecutable(false, true);
- f.setReadable(true, false);
- f.setReadable(true, true);
- f.setWritable(false, false);
- f.setWritable(true, true);
- }
- };
+ public static final Chmod to644 = new Chmod() {
+ public void chmod(File f) throws IOException {
+ f.setExecutable(false, false);
+ f.setExecutable(false, true);
+ f.setReadable(true, false);
+ f.setReadable(true, true);
+ f.setWritable(false, false);
+ f.setWritable(true, true);
+ }
+ };
- public static final Chmod to400 = new Chmod() {
- public void chmod(File f) throws IOException {
- f.setExecutable(false, false);
- f.setExecutable(false, true);
- f.setReadable(false, false);
- f.setReadable(true, true);
- f.setWritable(false, false);
- f.setWritable(false, true);
- }
- };
+ public static final Chmod to400 = new Chmod() {
+ public void chmod(File f) throws IOException {
+ f.setExecutable(false, false);
+ f.setExecutable(false, true);
+ f.setReadable(false, false);
+ f.setReadable(true, true);
+ f.setWritable(false, false);
+ f.setWritable(false, true);
+ }
+ };
} \ No newline at end of file
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java
index 4ea50a10..f0b8d38d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java
@@ -22,30 +22,30 @@
package org.onap.aaf.cadi.util;
public class FQI {
- /**
- * Take a Fully Qualified User, and get a Namespace from it.
- * @param fqi
- * @return
- */
- public final static String reverseDomain(final String fqi) {
- StringBuilder sb = null;
- String[] split = Split.split('.',fqi);
- int at;
- for(int i=split.length-1;i>=0;--i) {
- if(sb == null) {
- sb = new StringBuilder();
- } else {
- sb.append('.');
- }
+ /**
+ * Take a Fully Qualified User, and get a Namespace from it.
+ * @param fqi
+ * @return
+ */
+ public final static String reverseDomain(final String fqi) {
+ StringBuilder sb = null;
+ String[] split = Split.split('.',fqi);
+ int at;
+ for(int i=split.length-1;i>=0;--i) {
+ if(sb == null) {
+ sb = new StringBuilder();
+ } else {
+ sb.append('.');
+ }
- if((at = split[i].indexOf('@'))>0) {
- sb.append(split[i].subSequence(at+1, split[i].length()));
- } else {
- sb.append(split[i]);
- }
- }
-
- return sb==null?"":sb.toString();
- }
+ if((at = split[i].indexOf('@'))>0) {
+ sb.append(split[i].subSequence(at+1, split[i].length()));
+ } else {
+ sb.append(split[i]);
+ }
+ }
+
+ return sb==null?"":sb.toString();
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java
index 7b04942f..7c3ac30d 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java
@@ -25,65 +25,65 @@ import java.io.IOException;
import java.io.OutputStream;
public class JsonOutputStream extends OutputStream {
- private static final byte[] TWO_SPACE = " ".getBytes();
- private OutputStream os;
- private boolean closeable;
- private int indent = 0;
- private int prev,ret=0;
+ private static final byte[] TWO_SPACE = " ".getBytes();
+ private OutputStream os;
+ private boolean closeable;
+ private int indent = 0;
+ private int prev,ret=0;
- public JsonOutputStream(OutputStream os) {
- // Don't close these, or dire consequences.
- closeable = !os.equals(System.out) && !os.equals(System.err);
- this.os = os;
- }
+ public JsonOutputStream(OutputStream os) {
+ // Don't close these, or dire consequences.
+ closeable = !os.equals(System.out) && !os.equals(System.err);
+ this.os = os;
+ }
- @Override
- public void write(int b) throws IOException {
- if(ret=='\n') {
- ret = 0;
- if(prev!=',' || (b!='{' && b!='[')) {
- os.write('\n');
- for(int i=0;i<indent;++i) {
- os.write(TWO_SPACE);
- }
- }
- }
- switch(b) {
- case '{':
- case '[':
- ret = '\n';
- ++indent;
- break;
- case '}':
- case ']':
- --indent;
- os.write('\n');
- for(int i=0;i<indent;++i) {
- os.write(TWO_SPACE);
- }
- break;
- case ',':
- ret = '\n';
- break;
-
- }
- os.write(b);
- prev = b;
- }
- public void resetIndent() {
- indent = 1;
- }
+ @Override
+ public void write(int b) throws IOException {
+ if(ret=='\n') {
+ ret = 0;
+ if(prev!=',' || (b!='{' && b!='[')) {
+ os.write('\n');
+ for(int i=0;i<indent;++i) {
+ os.write(TWO_SPACE);
+ }
+ }
+ }
+ switch(b) {
+ case '{':
+ case '[':
+ ret = '\n';
+ ++indent;
+ break;
+ case '}':
+ case ']':
+ --indent;
+ os.write('\n');
+ for(int i=0;i<indent;++i) {
+ os.write(TWO_SPACE);
+ }
+ break;
+ case ',':
+ ret = '\n';
+ break;
+
+ }
+ os.write(b);
+ prev = b;
+ }
+ public void resetIndent() {
+ indent = 1;
+ }
- @Override
- public void flush() throws IOException {
- os.flush();
- }
+ @Override
+ public void flush() throws IOException {
+ os.flush();
+ }
- @Override
- public void close() throws IOException {
- if(closeable) {
- os.close();
- }
- }
+ @Override
+ public void close() throws IOException {
+ if(closeable) {
+ os.close();
+ }
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/MaskFormatException.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/MaskFormatException.java
index 7dd51c0a..15390285 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/MaskFormatException.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/MaskFormatException.java
@@ -24,8 +24,8 @@ package org.onap.aaf.cadi.util;
@SuppressWarnings("serial")
public class MaskFormatException extends Exception {
- public MaskFormatException(String string) {
- super(string);
- }
+ public MaskFormatException(String string) {
+ super(string);
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/MyConsole.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/MyConsole.java
index 2312d00b..b930bc28 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/MyConsole.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/MyConsole.java
@@ -22,7 +22,7 @@
package org.onap.aaf.cadi.util;
public interface MyConsole {
- public String readLine(String fmt, Object ... args);
- public char[] readPassword(String fmt, Object ... args);
- public void printf(String fmt, Object ...args);
+ public String readLine(String fmt, Object ... args);
+ public char[] readPassword(String fmt, Object ... args);
+ public void printf(String fmt, Object ...args);
} \ No newline at end of file
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java
index fccb04fc..2a3d75ff 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java
@@ -27,73 +27,73 @@ package org.onap.aaf.cadi.util;
* Needs the IPV6 Mask Builder.
*/
public class NetMask {
- private long mask;
+ private long mask;
- public NetMask(byte[] inBytes) {
- mask = derive(inBytes);
- }
-
- public NetMask(String string) throws MaskFormatException {
- mask = derive(string,true);
- }
-
- public boolean isInNet(byte[] inBytes) {
- long addr = derive(inBytes);
- return (mask & addr) == addr;
- }
-
- public boolean isInNet(String str) {
- long addr;
- try {
- addr = derive(str,false);
- return (mask & addr) == addr;
- } catch (MaskFormatException e) {
- // will not hit this code;
- return false;
- }
- }
+ public NetMask(byte[] inBytes) {
+ mask = derive(inBytes);
+ }
+
+ public NetMask(String string) throws MaskFormatException {
+ mask = derive(string,true);
+ }
+
+ public boolean isInNet(byte[] inBytes) {
+ long addr = derive(inBytes);
+ return (mask & addr) == addr;
+ }
+
+ public boolean isInNet(String str) {
+ long addr;
+ try {
+ addr = derive(str,false);
+ return (mask & addr) == addr;
+ } catch (MaskFormatException e) {
+ // will not hit this code;
+ return false;
+ }
+ }
- public static long derive(byte[] inBytes) {
- long addr = 0L;
- int offset = inBytes.length*8;
- for(int i=0;i<inBytes.length;++i) {
- addr&=(inBytes[i]<<offset);
- offset-=8;
- }
- return addr;
- }
+ public static long derive(byte[] inBytes) {
+ long addr = 0L;
+ int offset = inBytes.length*8;
+ for(int i=0;i<inBytes.length;++i) {
+ addr&=(inBytes[i]<<offset);
+ offset-=8;
+ }
+ return addr;
+ }
- public static long derive(String str, boolean check) throws MaskFormatException {
- long rv=0L;
- int idx=str.indexOf(':');
- int slash = str.indexOf('/');
+ public static long derive(String str, boolean check) throws MaskFormatException {
+ long rv=0L;
+ int idx=str.indexOf(':');
+ int slash = str.indexOf('/');
- if(idx<0) { // Not IPV6, so it's IPV4... Is there a mask of 123/254?
- idx=str.indexOf('.');
- int offset = 24;
- int end = slash>=0?slash:str.length();
- int bits = slash>=0?Integer.parseInt(str.substring(slash+1)):32;
- if(check && bits>32) {
- throw new MaskFormatException("Invalid Mask Offset in IPV4 Address");
- }
- int prev = 0;
- long lbyte;
- while(prev<end) {
- if(idx<0) {
- idx = end;
- }
- lbyte = Long.parseLong(str.substring(prev, idx));
- if(check && (lbyte>255 || lbyte<0)) {
- throw new MaskFormatException("Invalid Byte in IPV4 Address");
- }
- rv|=lbyte<<offset;
- prev = ++idx;
- idx=str.indexOf('.',prev);
- offset-=8;
- }
- rv|=0x00000000FFFFFFFFL>>bits;
- }
- return rv;
- }
+ if(idx<0) { // Not IPV6, so it's IPV4... Is there a mask of 123/254?
+ idx=str.indexOf('.');
+ int offset = 24;
+ int end = slash>=0?slash:str.length();
+ int bits = slash>=0?Integer.parseInt(str.substring(slash+1)):32;
+ if(check && bits>32) {
+ throw new MaskFormatException("Invalid Mask Offset in IPV4 Address");
+ }
+ int prev = 0;
+ long lbyte;
+ while(prev<end) {
+ if(idx<0) {
+ idx = end;
+ }
+ lbyte = Long.parseLong(str.substring(prev, idx));
+ if(check && (lbyte>255 || lbyte<0)) {
+ throw new MaskFormatException("Invalid Byte in IPV4 Address");
+ }
+ rv|=lbyte<<offset;
+ prev = ++idx;
+ idx=str.indexOf('.',prev);
+ offset-=8;
+ }
+ rv|=0x00000000FFFFFFFFL>>bits;
+ }
+ return rv;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java
index 7cd7a633..156397b6 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Pool.java
@@ -61,322 +61,322 @@ import org.onap.aaf.cadi.CadiException;
* @param <T>
*/
public class Pool<T> {
- /**
- * This is a constant which specified the default maximum number of unused
- * objects to be held at any given time.
- */
- private static final int MAX_RANGE = 6; // safety
+ /**
+ * This is a constant which specified the default maximum number of unused
+ * objects to be held at any given time.
+ */
+ private static final int MAX_RANGE = 6; // safety
- /**
- * only Simple List needed.
- *
- * NOTE TO MAINTAINERS: THIS OBJECT DOES IT'S OWN SYNCHRONIZATION. All
- * changes that touch list must account for correctly synchronizing list.
- */
- private LinkedList<Pooled<T>> list;
+ /**
+ * only Simple List needed.
+ *
+ * NOTE TO MAINTAINERS: THIS OBJECT DOES IT'S OWN SYNCHRONIZATION. All
+ * changes that touch list must account for correctly synchronizing list.
+ */
+ private LinkedList<Pooled<T>> list;
- /**
- * keep track of how many elements exist, to avoid asking list.
- */
- private int count;
+ /**
+ * keep track of how many elements exist, to avoid asking list.
+ */
+ private int count;
- /**
- * Spares are those Object that are primed and ready to go.
- */
- private int spares;
+ /**
+ * Spares are those Object that are primed and ready to go.
+ */
+ private int spares;
- /**
- * Actual MAX number of spares allowed to hang around. Can be set to
- * something besides the default MAX_RANGE.
- */
- private int max_range = MAX_RANGE;
+ /**
+ * Actual MAX number of spares allowed to hang around. Can be set to
+ * something besides the default MAX_RANGE.
+ */
+ private int max_range = MAX_RANGE;
- /**
- * The Creator for this particular pool. It must work for type T.
- */
- private Creator<T> creator;
+ /**
+ * The Creator for this particular pool. It must work for type T.
+ */
+ private Creator<T> creator;
- private Log logger;
+ private Log logger;
- /**
- * Create a new Pool, given the implementation of Creator<T>, which must be
- * able to create/destroy T objects at will.
- *
- * @param creator
- */
- public Pool(Creator<T> creator) {
- count = spares = 0;
- this.creator = creator;
- list = new LinkedList<>();
- logger = Log.NULL;
- }
-
- /**
- * Attach Pool Logging activities to any other Logging Mechanism.
- * @param logger
- */
- public void setLogger(Log logger) {
- this.logger = logger;
- }
-
- public void log(Object ...objects) {
- logger.log(objects);
- }
+ /**
+ * Create a new Pool, given the implementation of Creator<T>, which must be
+ * able to create/destroy T objects at will.
+ *
+ * @param creator
+ */
+ public Pool(Creator<T> creator) {
+ count = spares = 0;
+ this.creator = creator;
+ list = new LinkedList<>();
+ logger = Log.NULL;
+ }
+
+ /**
+ * Attach Pool Logging activities to any other Logging Mechanism.
+ * @param logger
+ */
+ public void setLogger(Log logger) {
+ this.logger = logger;
+ }
+
+ public void log(Object ...objects) {
+ logger.log(objects);
+ }
- /**
- * Preallocate a certain number of T Objects. Useful for services so that
- * the first transactions don't get hit with all the Object creation costs
- *
- * @param lt
- * @param prime
- * @throws CadiException
- */
- public void prime(int prime) throws CadiException {
- for (int i = 0; i < prime; ++i) {
- Pooled<T> pt = new Pooled<T>(creator.create(), this);
- synchronized (list) {
- list.addFirst(pt);
- ++count;
- }
- }
+ /**
+ * Preallocate a certain number of T Objects. Useful for services so that
+ * the first transactions don't get hit with all the Object creation costs
+ *
+ * @param lt
+ * @param prime
+ * @throws CadiException
+ */
+ public void prime(int prime) throws CadiException {
+ for (int i = 0; i < prime; ++i) {
+ Pooled<T> pt = new Pooled<T>(creator.create(), this);
+ synchronized (list) {
+ list.addFirst(pt);
+ ++count;
+ }
+ }
- }
+ }
- /**
- * Destroy and remove all remaining objects. This is valuable for closing
- * down all Allocated objects cleanly for exiting. It is also a good method
- * for removing objects when, for instance, all Objects are invalid because
- * of broken connections, etc.
- */
- public void drain() {
- synchronized (list) {
- for (int i = 0; i < list.size(); ++i) {
- Pooled<T> pt = list.remove();
- creator.destroy(pt.content);
- logger.log("Pool drained ", creator.toString());
- }
- count = spares = 0;
- }
+ /**
+ * Destroy and remove all remaining objects. This is valuable for closing
+ * down all Allocated objects cleanly for exiting. It is also a good method
+ * for removing objects when, for instance, all Objects are invalid because
+ * of broken connections, etc.
+ */
+ public void drain() {
+ synchronized (list) {
+ for (int i = 0; i < list.size(); ++i) {
+ Pooled<T> pt = list.remove();
+ creator.destroy(pt.content);
+ logger.log("Pool drained ", creator.toString());
+ }
+ count = spares = 0;
+ }
- }
+ }
- /**
- * This is the essential function for Pool. Get an Object "T" inside a
- * "Pooled<T>" object. If there is a spare Object, then use it. If not, then
- * create and pass back.
- *
- * This one uses a Null LogTarget
- *
- * IMPORTANT: When the use of this object is done (and the object is still
- * in a valid state), then "done()" should be called immediately to allow
- * the object to be reused. That is the point of the Pool...
- *
- * If the Object is in an invalid state, then "toss()" should be used so the
- * Pool doesn't pass on invalid objects to others.
- *
- * @param lt
- * @return
- * @throws CadiException
- */
- public Pooled<T> get() throws CadiException {
- Pooled<T> pt;
- synchronized (list) {
- if (list.isEmpty()) {
- pt = null;
- } else {
- pt = list.removeLast();
- --count;
- creator.reuse(pt.content);
- }
- }
- if (pt == null) {
- if (spares < max_range)
- ++spares;
- pt = new Pooled<T>(creator.create(), this);
- } else {
- if (spares > 1)
- --spares;
- }
- return pt;
- }
+ /**
+ * This is the essential function for Pool. Get an Object "T" inside a
+ * "Pooled<T>" object. If there is a spare Object, then use it. If not, then
+ * create and pass back.
+ *
+ * This one uses a Null LogTarget
+ *
+ * IMPORTANT: When the use of this object is done (and the object is still
+ * in a valid state), then "done()" should be called immediately to allow
+ * the object to be reused. That is the point of the Pool...
+ *
+ * If the Object is in an invalid state, then "toss()" should be used so the
+ * Pool doesn't pass on invalid objects to others.
+ *
+ * @param lt
+ * @return
+ * @throws CadiException
+ */
+ public Pooled<T> get() throws CadiException {
+ Pooled<T> pt;
+ synchronized (list) {
+ if (list.isEmpty()) {
+ pt = null;
+ } else {
+ pt = list.removeLast();
+ --count;
+ creator.reuse(pt.content);
+ }
+ }
+ if (pt == null) {
+ if (spares < max_range)
+ ++spares;
+ pt = new Pooled<T>(creator.create(), this);
+ } else {
+ if (spares > 1)
+ --spares;
+ }
+ return pt;
+ }
- /**
- * This function will validate whether the Objects are still in a usable
- * state. If not, they are tossed from the Pool. This is valuable to have
- * when Remote Connections go down, and there is a question on whether the
- * Pooled Objects are still functional.
- *
- * @return
- */
- public boolean validate() {
- boolean rv = true;
- synchronized (list) {
- for (Iterator<Pooled<T>> iter = list.iterator(); iter.hasNext();) {
- Pooled<T> t = iter.next();
- if (!creator.isValid(t.content)) {
- rv = false;
- t.toss();
- iter.remove();
- }
- }
- }
- return rv;
- }
+ /**
+ * This function will validate whether the Objects are still in a usable
+ * state. If not, they are tossed from the Pool. This is valuable to have
+ * when Remote Connections go down, and there is a question on whether the
+ * Pooled Objects are still functional.
+ *
+ * @return
+ */
+ public boolean validate() {
+ boolean rv = true;
+ synchronized (list) {
+ for (Iterator<Pooled<T>> iter = list.iterator(); iter.hasNext();) {
+ Pooled<T> t = iter.next();
+ if (!creator.isValid(t.content)) {
+ rv = false;
+ t.toss();
+ iter.remove();
+ }
+ }
+ }
+ return rv;
+ }
- /**
- * This is an internal method, used only by the Internal Pooled<T> class.
- *
- * The Pooled<T> class "offers" it's Object back after use. It is an
- * "offer", because Pool will simply destroy and remove the object if it has
- * more than enough spares.
- *
- * @param lt
- * @param used
- * @return
- */
- // Used only by Pooled<T>
- private boolean offer(Pooled<T> used) {
- if (count < spares) {
- synchronized (list) {
- list.addFirst(used);
- ++count;
- }
- logger.log("Pool recovered ", creator);
- } else {
- logger.log("Pool destroyed ", creator);
- creator.destroy(used.content);
- }
- return false;
- }
+ /**
+ * This is an internal method, used only by the Internal Pooled<T> class.
+ *
+ * The Pooled<T> class "offers" it's Object back after use. It is an
+ * "offer", because Pool will simply destroy and remove the object if it has
+ * more than enough spares.
+ *
+ * @param lt
+ * @param used
+ * @return
+ */
+ // Used only by Pooled<T>
+ private boolean offer(Pooled<T> used) {
+ if (count < spares) {
+ synchronized (list) {
+ list.addFirst(used);
+ ++count;
+ }
+ logger.log("Pool recovered ", creator);
+ } else {
+ logger.log("Pool destroyed ", creator);
+ creator.destroy(used.content);
+ }
+ return false;
+ }
- /**
- * The Creator Interface give the Pool the ability to Create, Destroy and
- * Validate the Objects it is maintaining. Thus, it is a specially written
- * Implementation for each type.
- *
- * @author Jonathan
- *
- * @param <T>
- */
- public interface Creator<T> {
- public T create() throws CadiException;
+ /**
+ * The Creator Interface give the Pool the ability to Create, Destroy and
+ * Validate the Objects it is maintaining. Thus, it is a specially written
+ * Implementation for each type.
+ *
+ * @author Jonathan
+ *
+ * @param <T>
+ */
+ public interface Creator<T> {
+ public T create() throws CadiException;
- public void destroy(T t);
+ public void destroy(T t);
- public boolean isValid(T t);
+ public boolean isValid(T t);
- public void reuse(T t);
- }
+ public void reuse(T t);
+ }
- public interface Log {
- public void log(Object ... o);
-
- public final static Log NULL = new Log() {
- @Override
- public void log(Object ... o) {
- }
- };
- }
- /**
- * The "Pooled<T>" class is the transient class that wraps the actual Object
- * T for API use/ It gives the ability to return ("done()", or "toss()") the
- * Object to the Pool when processing is finished.
- *
- * For Safety, i.e. to avoid memory leaks and invalid Object States, there
- * is a "finalize" method. It is strictly for when coder forgets to return
- * the object, or perhaps hasn't covered the case during Exceptions or
- * Runtime Exceptions with finally (preferred). This should not be
- * considered normal procedure, as finalize() is called at an undetermined
- * time during garbage collection, and is thus rather useless for a Pool.
- * However, we don't want Coding Mistakes to put the whole program in an
- * invalid state, so if something happened such that "done()" or "toss()"
- * were not called, the resource is still cleaned up as well as possible.
- *
- * @author Jonathan
- *
- * @param <T>
- */
- public static class Pooled<T> {
- public final T content;
- private Pool<T> pool;
+ public interface Log {
+ public void log(Object ... o);
+
+ public final static Log NULL = new Log() {
+ @Override
+ public void log(Object ... o) {
+ }
+ };
+ }
+ /**
+ * The "Pooled<T>" class is the transient class that wraps the actual Object
+ * T for API use/ It gives the ability to return ("done()", or "toss()") the
+ * Object to the Pool when processing is finished.
+ *
+ * For Safety, i.e. to avoid memory leaks and invalid Object States, there
+ * is a "finalize" method. It is strictly for when coder forgets to return
+ * the object, or perhaps hasn't covered the case during Exceptions or
+ * Runtime Exceptions with finally (preferred). This should not be
+ * considered normal procedure, as finalize() is called at an undetermined
+ * time during garbage collection, and is thus rather useless for a Pool.
+ * However, we don't want Coding Mistakes to put the whole program in an
+ * invalid state, so if something happened such that "done()" or "toss()"
+ * were not called, the resource is still cleaned up as well as possible.
+ *
+ * @author Jonathan
+ *
+ * @param <T>
+ */
+ public static class Pooled<T> {
+ public final T content;
+ private Pool<T> pool;
- /**
- * Create the Wrapping Object Pooled<T>.
- *
- * @param t
- * @param pool
- * @param logTarget
- */
- public Pooled(T t, Pool<T> pool) {
- content = t;
- this.pool = pool;
+ /**
+ * Create the Wrapping Object Pooled<T>.
+ *
+ * @param t
+ * @param pool
+ * @param logTarget
+ */
+ public Pooled(T t, Pool<T> pool) {
+ content = t;
+ this.pool = pool;
- }
+ }
- /**
- * This is the key API for the Pool, as calling "done()" offers this
- * object back to the Pool for reuse.
- *
- * Do not use the Pooled<T> object again after calling "done()".
- */
- public void done() {
- if (pool != null) {
- pool.offer(this);
- }
- }
+ /**
+ * This is the key API for the Pool, as calling "done()" offers this
+ * object back to the Pool for reuse.
+ *
+ * Do not use the Pooled<T> object again after calling "done()".
+ */
+ public void done() {
+ if (pool != null) {
+ pool.offer(this);
+ }
+ }
- /**
- * The user of the Object may discover that the Object t is no longer in
- * a valid state. Don't put Garbage back in the Refrigerator... Toss it,
- * if it's no longer valid.
- *
- * toss() is also used for draining the Pool, etc.
- *
- * toss() will attempt to destroy the Object by using the Creator
- * Interface.
- *
- */
- public void toss() {
- if (pool != null) {
- pool.creator.destroy(content);
- }
- // Don't allow finalize to put it back in.
- pool = null;
- }
+ /**
+ * The user of the Object may discover that the Object t is no longer in
+ * a valid state. Don't put Garbage back in the Refrigerator... Toss it,
+ * if it's no longer valid.
+ *
+ * toss() is also used for draining the Pool, etc.
+ *
+ * toss() will attempt to destroy the Object by using the Creator
+ * Interface.
+ *
+ */
+ public void toss() {
+ if (pool != null) {
+ pool.creator.destroy(content);
+ }
+ // Don't allow finalize to put it back in.
+ pool = null;
+ }
- /**
- * Just in case someone neglected to offer back object... Do not rely on
- * this, as there is no specific time when finalize is called, which
- * rather defeats the purpose of a Pool.
- */
- @Override
- protected void finalize() throws Throwable {
- if (pool != null) {
- done();
- pool = null;
- }
- }
- }
+ /**
+ * Just in case someone neglected to offer back object... Do not rely on
+ * this, as there is no specific time when finalize is called, which
+ * rather defeats the purpose of a Pool.
+ */
+ @Override
+ protected void finalize() throws Throwable {
+ if (pool != null) {
+ done();
+ pool = null;
+ }
+ }
+ }
- /**
- * Get the maximum number of spare objects allowed at any moment
- *
- * @return
- */
- public int getMaxRange() {
- return max_range;
- }
+ /**
+ * Get the maximum number of spare objects allowed at any moment
+ *
+ * @return
+ */
+ public int getMaxRange() {
+ return max_range;
+ }
- /**
- * Set a Max Range for numbers of spare objects waiting to be used.
- *
- * No negative numbers are allowed
- *
- * @return
- */
- public void setMaxRange(int max_range) {
- // Do not allow negative numbers
- this.max_range = Math.max(0, max_range);
- }
+ /**
+ * Set a Max Range for numbers of spare objects waiting to be used.
+ *
+ * No negative numbers are allowed
+ *
+ * @return
+ */
+ public void setMaxRange(int max_range) {
+ // Do not allow negative numbers
+ this.max_range = Math.max(0, max_range);
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java
index 3fa9a3f1..a2c76967 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java
@@ -31,84 +31,84 @@ package org.onap.aaf.cadi.util;
*/
public class Split {
- public static String[] split(char c, String value) {
- return split(c,value,0,value.length());
- }
+ public static String[] split(char c, String value) {
+ return split(c,value,0,value.length());
+ }
- public static String[] split(char c, String value, int start, int end) {
- if(value==null) {
- return new String[0];
- }
+ public static String[] split(char c, String value, int start, int end) {
+ if(value==null) {
+ return new String[0];
+ }
- // Count items to preallocate Array (memory alloc is more expensive than counting twice)
- int count,idx;
- for(count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count);
- String[] rv = new String[count];
- if(count==1) {
- rv[0]=value.substring(start,end);
- } else {
- int last=0;
- count=-1;
- for(idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) {
- rv[++count]=value.substring(last,idx);
- last = ++idx;
- }
- rv[++count]=value.substring(last,end);
- }
- return rv;
- }
+ // Count items to preallocate Array (memory alloc is more expensive than counting twice)
+ int count,idx;
+ for(count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count);
+ String[] rv = new String[count];
+ if(count==1) {
+ rv[0]=value.substring(start,end);
+ } else {
+ int last=0;
+ count=-1;
+ for(idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) {
+ rv[++count]=value.substring(last,idx);
+ last = ++idx;
+ }
+ rv[++count]=value.substring(last,end);
+ }
+ return rv;
+ }
- public static String[] splitTrim(char c, String value, int start, int end) {
- if(value==null) {
- return new String[0];
- }
+ public static String[] splitTrim(char c, String value, int start, int end) {
+ if(value==null) {
+ return new String[0];
+ }
- // Count items to preallocate Array (memory alloc is more expensive than counting twice)
- int count,idx;
- for(count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count);
- String[] rv = new String[count];
- if(count==1) {
- rv[0]=value.substring(start,end).trim();
- } else {
- int last=0;
- count=-1;
- for(idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) {
- rv[++count]=value.substring(last,idx).trim();
- last = ++idx;
- }
- rv[++count]=value.substring(last,end).trim();
- }
- return rv;
- }
+ // Count items to preallocate Array (memory alloc is more expensive than counting twice)
+ int count,idx;
+ for(count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count);
+ String[] rv = new String[count];
+ if(count==1) {
+ rv[0]=value.substring(start,end).trim();
+ } else {
+ int last=0;
+ count=-1;
+ for(idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) {
+ rv[++count]=value.substring(last,idx).trim();
+ last = ++idx;
+ }
+ rv[++count]=value.substring(last,end).trim();
+ }
+ return rv;
+ }
- public static String[] splitTrim(char c, String value) {
- return splitTrim(c,value,0,value.length());
- }
+ public static String[] splitTrim(char c, String value) {
+ return splitTrim(c,value,0,value.length());
+ }
- public static String[] splitTrim(char c, String value, int size) {
- if(value==null) {
- return new String[0];
- }
+ public static String[] splitTrim(char c, String value, int size) {
+ if(value==null) {
+ return new String[0];
+ }
- int idx;
- String[] rv = new String[size];
- if(size==1) {
- rv[0]=value.trim();
- } else {
- int last=0;
- int count=-1;
- size-=2;
- for(idx=value.indexOf(c);idx>=0 && count<size;idx=value.indexOf(c,idx)) {
- rv[++count]=value.substring(last,idx).trim();
- last = ++idx;
- }
- if(idx>0) {
- rv[++count]=value.substring(last,idx).trim();
- } else {
- rv[++count]=value.substring(last).trim();
- }
- }
- return rv;
- }
+ int idx;
+ String[] rv = new String[size];
+ if(size==1) {
+ rv[0]=value.trim();
+ } else {
+ int last=0;
+ int count=-1;
+ size-=2;
+ for(idx=value.indexOf(c);idx>=0 && count<size;idx=value.indexOf(c,idx)) {
+ rv[++count]=value.substring(last,idx).trim();
+ last = ++idx;
+ }
+ if(idx>0) {
+ rv[++count]=value.substring(last,idx).trim();
+ } else {
+ rv[++count]=value.substring(last).trim();
+ }
+ }
+ return rv;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java
index b7dd0148..5cab15f6 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java
@@ -27,44 +27,44 @@ import java.io.InputStreamReader;
// Substandard, because System.in doesn't do Passwords..
public class SubStandardConsole implements MyConsole {
- private final static char[] BLANK = new char[0];
- private final BufferedReader br;
+ private final static char[] BLANK = new char[0];
+ private final BufferedReader br;
- public SubStandardConsole() {
- br = new BufferedReader(new InputStreamReader(System.in));
- }
-
- @Override
- public String readLine(String fmt, Object... args) {
- String rv;
- try {
- System.out.printf(fmt,args);
- rv = br.readLine();
- if(args.length==1 && rv.length()==0) {
- rv = args[0].toString();
- }
- } catch (IOException e) {
- System.err.println("uh oh...");
- rv = "";
- }
- return rv;
- }
+ public SubStandardConsole() {
+ br = new BufferedReader(new InputStreamReader(System.in));
+ }
+
+ @Override
+ public String readLine(String fmt, Object... args) {
+ String rv;
+ try {
+ System.out.printf(fmt,args);
+ rv = br.readLine();
+ if(args.length==1 && rv.length()==0) {
+ rv = args[0].toString();
+ }
+ } catch (IOException e) {
+ System.err.println("uh oh...");
+ rv = "";
+ }
+ return rv;
+ }
- @Override
- public char[] readPassword(String fmt, Object... args) {
- try {
- System.out.printf(fmt,args);
- String response = br.readLine();
- return response==null?BLANK:response.toCharArray();
+ @Override
+ public char[] readPassword(String fmt, Object... args) {
+ try {
+ System.out.printf(fmt,args);
+ String response = br.readLine();
+ return response==null?BLANK:response.toCharArray();
- } catch (IOException e) {
- System.err.println("uh oh...");
- return BLANK;
- }
- }
+ } catch (IOException e) {
+ System.err.println("uh oh...");
+ return BLANK;
+ }
+ }
- @Override
- public void printf(String fmt, Object... args) {
- System.out.printf(fmt, args);
- }
+ @Override
+ public void printf(String fmt, Object... args) {
+ System.out.printf(fmt, args);
+ }
} \ No newline at end of file
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java
index 4c5d35b7..9ddd0626 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java
@@ -22,26 +22,26 @@
package org.onap.aaf.cadi.util;
public class TheConsole implements MyConsole {
- @Override
- public String readLine(String fmt, Object... args) {
- String rv = System.console().readLine(fmt, args);
- if(args.length>0 && args[0]!=null && rv.length()==0) {
- rv = args[0].toString();
- }
- return rv;
- }
+ @Override
+ public String readLine(String fmt, Object... args) {
+ String rv = System.console().readLine(fmt, args);
+ if(args.length>0 && args[0]!=null && rv.length()==0) {
+ rv = args[0].toString();
+ }
+ return rv;
+ }
- @Override
- public char[] readPassword(String fmt, Object... args) {
- return System.console().readPassword(fmt, args);
- }
-
- public static boolean implemented() {
- return System.console()!=null;
- }
+ @Override
+ public char[] readPassword(String fmt, Object... args) {
+ return System.console().readPassword(fmt, args);
+ }
+
+ public static boolean implemented() {
+ return System.console()!=null;
+ }
- @Override
- public void printf(String fmt, Object... args) {
- System.console().printf(fmt, args);
- }
+ @Override
+ public void printf(String fmt, Object... args) {
+ System.console().printf(fmt, args);
+ }
} \ No newline at end of file
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Timing.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Timing.java
index 82bd389a..529849de 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Timing.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Timing.java
@@ -21,7 +21,7 @@
package org.onap.aaf.cadi.util;
public class Timing {
- public static float millis(final long start) {
- return (System.nanoTime() - start) / 1000000f;
- }
+ public static float millis(final long start) {
+ return (System.nanoTime() - start) / 1000000f;
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java
index a8c0690f..ff74f39c 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java
@@ -24,54 +24,54 @@ package org.onap.aaf.cadi.util;
import org.onap.aaf.cadi.UserChain;
public class UserChainManip {
- /**
- Build an element in the correct format for UserChain.
- Format:<APP>:<ID>:<protocol>[:AS][,<APP>:<ID>:<protocol>]*
- @see UserChain
- */
- public static StringBuilder build(StringBuilder sb, String app, String id, UserChain.Protocol proto, boolean as) {
- boolean mayAs;
- if(!(mayAs=sb.length()==0)) {
- sb.append(',');
- }
- sb.append(app);
- sb.append(':');
- sb.append(id);
- sb.append(':');
- sb.append(proto.name());
- if(as && mayAs) {
- sb.append(":AS");
- }
- return sb;
- }
-
- public static String idToNS(String id) {
- if(id==null) {
- return "";
- } else {
- StringBuilder sb = new StringBuilder();
- char c;
- int end;
- boolean first = true;
- for(int idx = end = id.length()-1;idx>=0;--idx) {
- if((c = id.charAt(idx))=='@' || c=='.') {
- if(idx<end) {
- if(first) {
- first = false;
- } else {
- sb.append('.');
- }
- for(int i=idx+1;i<=end;++i) {
- sb.append(id.charAt(i));
- }
- }
- end=idx-1;
- if(c=='@') {
- break;
- }
- }
- }
- return sb.toString();
- }
- }
+ /**
+ Build an element in the correct format for UserChain.
+ Format:<APP>:<ID>:<protocol>[:AS][,<APP>:<ID>:<protocol>]*
+ @see UserChain
+ */
+ public static StringBuilder build(StringBuilder sb, String app, String id, UserChain.Protocol proto, boolean as) {
+ boolean mayAs;
+ if(!(mayAs=sb.length()==0)) {
+ sb.append(',');
+ }
+ sb.append(app);
+ sb.append(':');
+ sb.append(id);
+ sb.append(':');
+ sb.append(proto.name());
+ if(as && mayAs) {
+ sb.append(":AS");
+ }
+ return sb;
+ }
+
+ public static String idToNS(String id) {
+ if(id==null) {
+ return "";
+ } else {
+ StringBuilder sb = new StringBuilder();
+ char c;
+ int end;
+ boolean first = true;
+ for(int idx = end = id.length()-1;idx>=0;--idx) {
+ if((c = id.charAt(idx))=='@' || c=='.') {
+ if(idx<end) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append('.');
+ }
+ for(int i=idx+1;i<=end;++i) {
+ sb.append(id.charAt(i));
+ }
+ }
+ end=idx-1;
+ if(c=='@') {
+ break;
+ }
+ }
+ }
+ return sb.toString();
+ }
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java
index 55470f99..b8468129 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java
@@ -24,97 +24,97 @@ package org.onap.aaf.cadi.util;
import java.util.List;
public class Vars {
- /**
- * Simplified Conversion based on typical use of getting AT&T style RESTful Error Messages
- * @param text
- * @param vars
- * @return
- */
- public static String convert(final String text, final List<String> vars) {
- String[] array = new String[vars.size()];
- StringBuilder sb = new StringBuilder();
- convert(sb,text,vars.toArray(array));
- return sb.toString();
- }
- /**
- * Convert a format string with "%s" into AT&T RESTful Error %1 %2 (number) format
- * If "holder" is passed in, it is built with full Message extracted (typically for Logging)
- * @param holder
- * @param text
- * @param vars
- * @return
- */
- public static String convert(final StringBuilder holder, final String text, final String ... vars) {
- StringBuilder sb = null;
- int idx,index=0,prev = 0;
-
- if(text.contains("%s")) {
- sb = new StringBuilder();
- }
-
- StringBuilder[] sbs = new StringBuilder[] {sb,holder};
- boolean replace, clearIndex = false;
- int c;
- while((idx=text.indexOf('%',prev))>=0) {
- replace = false;
- if(clearIndex) {
- index=0;
- }
- if(sb!=null) {
- sb.append(text,prev,idx);
- }
- if(holder!=null) {
- holder.append(text,prev,idx);
- }
-
- boolean go = true;
- while(go) {
- if(text.length()>++idx) {
- switch(c=text.charAt(idx)) {
- case '0': case '1': case '2': case '3': case '4':
- case '5': case '6': case '7': case '8': case '9':
- index *=10;
- index +=(c-'0');
- clearIndex=replace=true;
- continue;
- case 's':
- ++index;
- replace = true;
- continue;
- default:
- break;
- }
- }
- prev = idx;
- go=false;
- if(replace) {
- if(sb!=null) {
- sb.append('%');
- sb.append(index);
- }
- if(index<=vars.length) {
- if(holder!=null) {
- holder.append(vars[index-1]);
- }
- }
- } else {
- for(StringBuilder s : sbs) {
- if(s!=null) {
- s.append("%");
- }
- }
- }
- }
- }
-
- if(sb!=null) {
- sb.append(text,prev,text.length());
- }
- if(holder!=null) {
- holder.append(text,prev,text.length());
- }
+ /**
+ * Simplified Conversion based on typical use of getting AT&T style RESTful Error Messages
+ * @param text
+ * @param vars
+ * @return
+ */
+ public static String convert(final String text, final List<String> vars) {
+ String[] array = new String[vars.size()];
+ StringBuilder sb = new StringBuilder();
+ convert(sb,text,vars.toArray(array));
+ return sb.toString();
+ }
+ /**
+ * Convert a format string with "%s" into AT&T RESTful Error %1 %2 (number) format
+ * If "holder" is passed in, it is built with full Message extracted (typically for Logging)
+ * @param holder
+ * @param text
+ * @param vars
+ * @return
+ */
+ public static String convert(final StringBuilder holder, final String text, final String ... vars) {
+ StringBuilder sb = null;
+ int idx,index=0,prev = 0;
+
+ if(text.contains("%s")) {
+ sb = new StringBuilder();
+ }
+
+ StringBuilder[] sbs = new StringBuilder[] {sb,holder};
+ boolean replace, clearIndex = false;
+ int c;
+ while((idx=text.indexOf('%',prev))>=0) {
+ replace = false;
+ if(clearIndex) {
+ index=0;
+ }
+ if(sb!=null) {
+ sb.append(text,prev,idx);
+ }
+ if(holder!=null) {
+ holder.append(text,prev,idx);
+ }
+
+ boolean go = true;
+ while(go) {
+ if(text.length()>++idx) {
+ switch(c=text.charAt(idx)) {
+ case '0': case '1': case '2': case '3': case '4':
+ case '5': case '6': case '7': case '8': case '9':
+ index *=10;
+ index +=(c-'0');
+ clearIndex=replace=true;
+ continue;
+ case 's':
+ ++index;
+ replace = true;
+ continue;
+ default:
+ break;
+ }
+ }
+ prev = idx;
+ go=false;
+ if(replace) {
+ if(sb!=null) {
+ sb.append('%');
+ sb.append(index);
+ }
+ if(index<=vars.length) {
+ if(holder!=null) {
+ holder.append(vars[index-1]);
+ }
+ }
+ } else {
+ for(StringBuilder s : sbs) {
+ if(s!=null) {
+ s.append("%");
+ }
+ }
+ }
+ }
+ }
+
+ if(sb!=null) {
+ sb.append(text,prev,text.length());
+ }
+ if(holder!=null) {
+ holder.append(text,prev,text.length());
+ }
- return sb==null?text:sb.toString();
- }
+ return sb==null?text:sb.toString();
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Action.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Action.java
index dff18acd..ebcfa9f7 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Action.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Action.java
@@ -33,5 +33,5 @@ package org.onap.aaf.cadi.wsse;
* @param <OUTPUT>
*/
interface Action<OUTPUT> {
- public boolean content(OUTPUT output, String text);
+ public boolean content(OUTPUT output, String text);
} \ No newline at end of file
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java
index 2582bc17..38322307 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java
@@ -44,87 +44,87 @@ import javax.xml.stream.events.XMLEvent;
*/
//@SuppressWarnings("restriction")
public class Match<OUTPUT> {
- private QName qname;
- private Match<OUTPUT>[] next;
- private Match<OUTPUT> prev;
- private Action<OUTPUT> action = null;
- private boolean stopAfter;
- private boolean exclusive;
-
+ private QName qname;
+ private Match<OUTPUT>[] next;
+ private Match<OUTPUT> prev;
+ private Action<OUTPUT> action = null;
+ private boolean stopAfter;
+ private boolean exclusive;
+
- @SafeVarargs
- public Match(String ns, String name, Match<OUTPUT> ... next) {
- this.qname = new QName(ns,name);
- this.next = next;
- stopAfter = exclusive = false;
- for(Match<OUTPUT> m : next) { // add the possible tags to look for
- if(!m.stopAfter)m.prev = this;
- }
- }
-
- public Match<OUTPUT> onMatch(OUTPUT output, XReader reader) throws XMLStreamException {
- while(reader.hasNext()) {
- XEvent event = reader.nextEvent();
- switch(event.getEventType()) {
- case XMLEvent.START_ELEMENT:
- QName e_qname = event.asStartElement().getName();
- //System.out.println("Start - " + e_qname);
- boolean match = false;
- for(Match<OUTPUT> m : next) {
- if(e_qname.equals(m.qname)) {
- match=true;
- if(m.onMatch(output, reader)==null) {
- return null; // short circuit Parsing
- }
- break;
- }
- }
- if(exclusive && !match) // When Tag MUST be present, i.e. the Root Tag, versus info we're not interested in
- return null;
- break;
- case XMLEvent.CHARACTERS:
- //System.out.println("Data - " +event.asCharacters().getData());
- if(action!=null) {
- if(!action.content(output,event.asCharacters().getData())) {
- return null;
- }
- }
- break;
- case XMLEvent.END_ELEMENT:
- //System.out.println("End - " + event.asEndElement().getName());
- if(event.asEndElement().getName().equals(qname)) {
- return prev;
- }
- break;
- case XMLEvent.END_DOCUMENT:
- return null; // Exit Chain
- }
- }
- return this;
- }
+ @SafeVarargs
+ public Match(String ns, String name, Match<OUTPUT> ... next) {
+ this.qname = new QName(ns,name);
+ this.next = next;
+ stopAfter = exclusive = false;
+ for(Match<OUTPUT> m : next) { // add the possible tags to look for
+ if(!m.stopAfter)m.prev = this;
+ }
+ }
+
+ public Match<OUTPUT> onMatch(OUTPUT output, XReader reader) throws XMLStreamException {
+ while(reader.hasNext()) {
+ XEvent event = reader.nextEvent();
+ switch(event.getEventType()) {
+ case XMLEvent.START_ELEMENT:
+ QName e_qname = event.asStartElement().getName();
+ //System.out.println("Start - " + e_qname);
+ boolean match = false;
+ for(Match<OUTPUT> m : next) {
+ if(e_qname.equals(m.qname)) {
+ match=true;
+ if(m.onMatch(output, reader)==null) {
+ return null; // short circuit Parsing
+ }
+ break;
+ }
+ }
+ if(exclusive && !match) // When Tag MUST be present, i.e. the Root Tag, versus info we're not interested in
+ return null;
+ break;
+ case XMLEvent.CHARACTERS:
+ //System.out.println("Data - " +event.asCharacters().getData());
+ if(action!=null) {
+ if(!action.content(output,event.asCharacters().getData())) {
+ return null;
+ }
+ }
+ break;
+ case XMLEvent.END_ELEMENT:
+ //System.out.println("End - " + event.asEndElement().getName());
+ if(event.asEndElement().getName().equals(qname)) {
+ return prev;
+ }
+ break;
+ case XMLEvent.END_DOCUMENT:
+ return null; // Exit Chain
+ }
+ }
+ return this;
+ }
- /**
- * When this Matched Tag has completed, Stop parsing and end
- * @return
- */
- public Match<OUTPUT> stopAfter() {
- stopAfter = true;
- return this;
- }
-
- /**
- * Mark that this Object MUST be matched at this level or stop parsing and end
- *
- * @param action
- * @return
- */
- public Match<OUTPUT> exclusive() {
- exclusive = true;
- return this;
- }
+ /**
+ * When this Matched Tag has completed, Stop parsing and end
+ * @return
+ */
+ public Match<OUTPUT> stopAfter() {
+ stopAfter = true;
+ return this;
+ }
+
+ /**
+ * Mark that this Object MUST be matched at this level or stop parsing and end
+ *
+ * @param action
+ * @return
+ */
+ public Match<OUTPUT> exclusive() {
+ exclusive = true;
+ return this;
+ }
- public Match<OUTPUT> set(Action<OUTPUT> action) {
- this.action = action;
- return this;
- }
+ public Match<OUTPUT> set(Action<OUTPUT> action) {
+ this.action = action;
+ return this;
+ }
} \ No newline at end of file
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java
index 017337b1..787f1b4b 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/WSSEParser.java
@@ -42,42 +42,42 @@ import org.onap.aaf.cadi.BasicCred;
* @author Jonathan
*/
public class WSSEParser {
- private static final String SOAP_NS = "http://schemas.xmlsoap.org/soap/envelope/";
- private static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
- private Match<BasicCred> parseTree;
+ private static final String SOAP_NS = "http://schemas.xmlsoap.org/soap/envelope/";
+ private static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
+ private Match<BasicCred> parseTree;
- public WSSEParser() {
- // soap:Envelope/soap:Header/wsse:Security/wsse:UsernameToken/[wsse:Password&wsse:Username]
- parseTree = new Match<BasicCred>(SOAP_NS,"root", // need a root level to start from... Doesn't matter what the tag is
- new Match<BasicCred>(SOAP_NS,"Envelope",
- new Match<BasicCred>(SOAP_NS,"Header",
- new Match<BasicCred>(WSSE_NS,"Security",
- new Match<BasicCred>(WSSE_NS,"UsernameToken",
- new Match<BasicCred>(WSSE_NS,"Password").set(new Action<BasicCred>() {
- public boolean content(BasicCred bc,String text) {
- bc.setCred(text.getBytes());
- return true;
- }
- }),
- new Match<BasicCred>(WSSE_NS,"Username").set(new Action<BasicCred>() {
- public boolean content(BasicCred bc,String text) {
- bc.setUser(text);
- return true;
- }
- })
- ).stopAfter() // if found, end when UsernameToken ends (no further processing needed)
- )
- ).stopAfter() // Stop Processing when Header Ends
- ).exclusive()// Envelope must match Header, and no other. FYI, Body comes after Header short circuits (see above), so it's ok
- ).exclusive(); // root must be Envelope
- }
-
- public XMLStreamException parse(BasicCred bc, InputStream is) {
- try {
- parseTree.onMatch(bc, new XReader(is));
- return null;
- } catch (XMLStreamException e) {
- return e;
- }
- }
+ public WSSEParser() {
+ // soap:Envelope/soap:Header/wsse:Security/wsse:UsernameToken/[wsse:Password&wsse:Username]
+ parseTree = new Match<BasicCred>(SOAP_NS,"root", // need a root level to start from... Doesn't matter what the tag is
+ new Match<BasicCred>(SOAP_NS,"Envelope",
+ new Match<BasicCred>(SOAP_NS,"Header",
+ new Match<BasicCred>(WSSE_NS,"Security",
+ new Match<BasicCred>(WSSE_NS,"UsernameToken",
+ new Match<BasicCred>(WSSE_NS,"Password").set(new Action<BasicCred>() {
+ public boolean content(BasicCred bc,String text) {
+ bc.setCred(text.getBytes());
+ return true;
+ }
+ }),
+ new Match<BasicCred>(WSSE_NS,"Username").set(new Action<BasicCred>() {
+ public boolean content(BasicCred bc,String text) {
+ bc.setUser(text);
+ return true;
+ }
+ })
+ ).stopAfter() // if found, end when UsernameToken ends (no further processing needed)
+ )
+ ).stopAfter() // Stop Processing when Header Ends
+ ).exclusive()// Envelope must match Header, and no other. FYI, Body comes after Header short circuits (see above), so it's ok
+ ).exclusive(); // root must be Envelope
+ }
+
+ public XMLStreamException parse(BasicCred bc, InputStream is) {
+ try {
+ parseTree.onMatch(bc, new XReader(is));
+ return null;
+ } catch (XMLStreamException e) {
+ return e;
+ }
+ }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XEvent.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XEvent.java
index 12de366e..187d5b1e 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XEvent.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XEvent.java
@@ -38,98 +38,98 @@ import javax.xml.stream.events.XMLEvent;
// @SuppressWarnings("restriction")
public abstract class XEvent {
- public abstract int getEventType();
+ public abstract int getEventType();
- public StartElement asStartElement() {
- return (StartElement)this;
- }
+ public StartElement asStartElement() {
+ return (StartElement)this;
+ }
- public Characters asCharacters() {
- return (Characters)this;
- }
+ public Characters asCharacters() {
+ return (Characters)this;
+ }
- public EndElement asEndElement() {
- return (EndElement)this;
- }
+ public EndElement asEndElement() {
+ return (EndElement)this;
+ }
public static abstract class NamedXEvent extends XEvent {
- private QName qname;
-
- public NamedXEvent(QName qname) {
- this.qname = qname;
- }
-
- public QName getName() {
- return qname;
- }
+ private QName qname;
+
+ public NamedXEvent(QName qname) {
+ this.qname = qname;
+ }
+
+ public QName getName() {
+ return qname;
+ }
+ }
+ public static class StartElement extends NamedXEvent {
+
+ public StartElement(String ns, String tag) {
+ super(new QName(ns,tag));
+ }
+
+ @Override
+ public int getEventType() {
+ return XMLEvent.START_ELEMENT;
+ }
+ }
+
+ public static class EndElement extends NamedXEvent {
+ public EndElement(String ns, String tag) {
+ super(new QName(ns,tag));
+ }
+
+ @Override
+ public int getEventType() {
+ return XMLEvent.END_ELEMENT;
+ }
+ }
+
+ public static class Characters extends XEvent {
+ private String data;
+
+ public Characters(String data) {
+ this.data = data;
+ }
+ @Override
+ public int getEventType() {
+ return XMLEvent.CHARACTERS;
+ }
+
+ public String getData() {
+ return data;
+ }
+ }
+
+ public static class StartDocument extends XEvent {
+
+ @Override
+ public int getEventType() {
+ return XMLEvent.START_DOCUMENT;
+ }
+
+ }
+
+ public static class EndDocument extends XEvent {
+
+ @Override
+ public int getEventType() {
+ return XMLEvent.END_DOCUMENT;
+ }
+
+ }
+ public static class Comment extends XEvent {
+ public final String value;
+ public Comment(String value) {
+ this.value = value;
+ }
+
+ @Override
+ public int getEventType() {
+ return XMLEvent.COMMENT;
+ }
+
}
- public static class StartElement extends NamedXEvent {
-
- public StartElement(String ns, String tag) {
- super(new QName(ns,tag));
- }
-
- @Override
- public int getEventType() {
- return XMLEvent.START_ELEMENT;
- }
- }
-
- public static class EndElement extends NamedXEvent {
- public EndElement(String ns, String tag) {
- super(new QName(ns,tag));
- }
-
- @Override
- public int getEventType() {
- return XMLEvent.END_ELEMENT;
- }
- }
-
- public static class Characters extends XEvent {
- private String data;
-
- public Characters(String data) {
- this.data = data;
- }
- @Override
- public int getEventType() {
- return XMLEvent.CHARACTERS;
- }
-
- public String getData() {
- return data;
- }
- }
-
- public static class StartDocument extends XEvent {
-
- @Override
- public int getEventType() {
- return XMLEvent.START_DOCUMENT;
- }
-
- }
-
- public static class EndDocument extends XEvent {
-
- @Override
- public int getEventType() {
- return XMLEvent.END_DOCUMENT;
- }
-
- }
- public static class Comment extends XEvent {
- public final String value;
- public Comment(String value) {
- this.value = value;
- }
-
- @Override
- public int getEventType() {
- return XMLEvent.COMMENT;
- }
-
- }
}
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java
index 78265e4b..b7cc40ad 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java
@@ -49,379 +49,379 @@ import javax.xml.stream.XMLStreamException;
*/
// @SuppressWarnings("restriction")
public class XReader {
- private XEvent curr,another;
- private InputStream is;
- private ByteArrayOutputStream baos;
- private int state, count, last;
-
- private Stack<Map<String,String>> nsses;
-
- public XReader(InputStream is) {
- this.is = is;
- curr = another = null;
- baos = new ByteArrayOutputStream();
- state = BEGIN_DOC;
- count = 0;
- nsses = new Stack<Map<String,String>>();
- }
-
- public boolean hasNext() throws XMLStreamException {
- if(curr==null) {
- curr = parse();
- }
- return curr!=null;
- }
+ private XEvent curr,another;
+ private InputStream is;
+ private ByteArrayOutputStream baos;
+ private int state, count, last;
+
+ private Stack<Map<String,String>> nsses;
+
+ public XReader(InputStream is) {
+ this.is = is;
+ curr = another = null;
+ baos = new ByteArrayOutputStream();
+ state = BEGIN_DOC;
+ count = 0;
+ nsses = new Stack<Map<String,String>>();
+ }
+
+ public boolean hasNext() throws XMLStreamException {
+ if(curr==null) {
+ curr = parse();
+ }
+ return curr!=null;
+ }
- public XEvent nextEvent() {
- XEvent xe = curr;
- curr = null;
- return xe;
- }
+ public XEvent nextEvent() {
+ XEvent xe = curr;
+ curr = null;
+ return xe;
+ }
- //
- // State Flags
- //
- // Note: The State of parsing XML can be complicated. There are too many to cleanly keep in "booleans". Additionally,
- // there are certain checks that can be better made with Bitwise operations within switches
- // Keeping track of state this way also helps us to accomplish logic without storing any back characters except one
- private final static int BEGIN_DOC= 0x000001;
- private final static int DOC_TYPE= 0x000002;
- private final static int QUESTION_F= 0x000004;
- private final static int QUESTION = 0x000008;
- private final static int START_TAG = 0x000010;
- private final static int END_TAG = 0x000020;
- private final static int VALUE= 0x000040;
- private final static int COMMENT = 0x001000;
- private final static int COMMENT_E = 0x002000;
- private final static int COMMENT_D1 =0x010000;
- private final static int COMMENT_D2 =0x020000;
- private final static int COMMENT_D3 =0x040000;
- private final static int COMMENT_D4 =0x080000;
- // useful combined Comment states
- private final static int IN_COMMENT=COMMENT|COMMENT_E|COMMENT_D1|COMMENT_D2;
- private final static int COMPLETE_COMMENT = COMMENT|COMMENT_E|COMMENT_D1|COMMENT_D2|COMMENT_D3|COMMENT_D4;
-
-
- private XEvent parse() throws XMLStreamException {
- Map<String,String> nss = nsses.isEmpty()?null:nsses.peek();
+ //
+ // State Flags
+ //
+ // Note: The State of parsing XML can be complicated. There are too many to cleanly keep in "booleans". Additionally,
+ // there are certain checks that can be better made with Bitwise operations within switches
+ // Keeping track of state this way also helps us to accomplish logic without storing any back characters except one
+ private final static int BEGIN_DOC= 0x000001;
+ private final static int DOC_TYPE= 0x000002;
+ private final static int QUESTION_F= 0x000004;
+ private final static int QUESTION = 0x000008;
+ private final static int START_TAG = 0x000010;
+ private final static int END_TAG = 0x000020;
+ private final static int VALUE= 0x000040;
+ private final static int COMMENT = 0x001000;
+ private final static int COMMENT_E = 0x002000;
+ private final static int COMMENT_D1 =0x010000;
+ private final static int COMMENT_D2 =0x020000;
+ private final static int COMMENT_D3 =0x040000;
+ private final static int COMMENT_D4 =0x080000;
+ // useful combined Comment states
+ private final static int IN_COMMENT=COMMENT|COMMENT_E|COMMENT_D1|COMMENT_D2;
+ private final static int COMPLETE_COMMENT = COMMENT|COMMENT_E|COMMENT_D1|COMMENT_D2|COMMENT_D3|COMMENT_D4;
+
+
+ private XEvent parse() throws XMLStreamException {
+ Map<String,String> nss = nsses.isEmpty()?null:nsses.peek();
- XEvent rv;
- if((rv=another)!=null) { // "another" is a tag that may have needed to be created, but not
- // immediately returned. Save for next parse. If necessary, this could be turned into
- // a FIFO storage, but a single reference is enough for now.
- another = null; // "rv" is now set for the Event, and will be returned. Set to Null.
- } else {
- boolean go = true;
- int c=0;
-
- try {
- while(go && (c=is.read())>=0) {
- ++count;
- switch(c) {
- case '<': // Tag is opening
- state|=~BEGIN_DOC; // remove BEGIN_DOC flag, this is possibly an XML Doc
- XEvent cxe = null;
- if(baos.size()>0) { // If there are any characters between tags, we send as Character Event
- String chars = baos.toString().trim(); // Trim out WhiteSpace before and after
- if(chars.length()>0) { // don't send if Characters were only whitespace
- cxe = new XEvent.Characters(chars);
- baos.reset();
- go = false;
- }
- }
- last = c; // make sure "last" character is set for use in "ParseTag"
- Tag t = parseTag(); // call subroutine to process the tag as a unit
- String ns;
- switch(t.state&(START_TAG|END_TAG)) {
- case START_TAG:
- nss = getNss(nss,t); // Only Start Tags might have NS Attributes
- // Get any NameSpace elements from tag. If there are, nss will become
- // a new Map with all the previous NSs plus the new. This provides
- // scoping behavior when used with the Stack
- // drop through on purpose
- case END_TAG:
- ns = t.prefix==null||nss==null?"":nss.get(t.prefix); // Get the namespace from prefix (if exists)
- break;
- default:
- ns = "";
- }
- if(ns==null)
- throw new XMLStreamException("Invalid Namespace Prefix at " + count);
- go = false;
- switch(t.state) { // based on
- case DOC_TYPE:
- rv = new XEvent.StartDocument();
- break;
- case COMMENT:
- rv = new XEvent.Comment(t.value);
- break;
- case START_TAG:
- rv = new XEvent.StartElement(ns,t.name);
- nsses.push(nss); // Change potential scope for Namespace
- break;
- case END_TAG:
- rv = new XEvent.EndElement(ns,t.name);
- nss = nsses.pop(); // End potential scope for Namespace
- break;
- case START_TAG|END_TAG: // This tag is both start/end aka <myTag/>
- rv = new XEvent.StartElement(ns,t.name);
- if(last=='/')another = new XEvent.EndElement(ns,t.name);
- }
- if(cxe!=null) { // if there is a Character Event, it actually should go first. ow.
- another = rv; // Make current Event the "another" or next event, and
- rv = cxe; // send Character Event now
- }
- break;
- case ' ':
- case '\t':
- case '\n':
- if((state&BEGIN_DOC)==BEGIN_DOC) { // if Whitespace before doc, just ignore
- break;
- }
- // fallthrough on purpose
- default:
- if((state&BEGIN_DOC)==BEGIN_DOC) { // if there is any data at the start other than XML Tag, it's not XML
- throw new XMLStreamException("Parse Error: This is not an XML Doc");
- }
- baos.write(c); // save off Characters
- }
- last = c; // Some processing needs to know what the last character was, aka Escaped characters... ex \"
- }
- } catch (IOException e) {
- throw new XMLStreamException(e); // all errors parsing will be treated as XMLStreamErrors (like StAX)
- }
- if(c==-1 && (state&BEGIN_DOC)==BEGIN_DOC) { // Normally, end of stream is ok, however, we need to know if the
- throw new XMLStreamException("Premature End of File"); // document isn't an XML document, so we throw exception if it
- } // hasn't yet been determined to be an XML Doc
- }
- return rv;
- }
-
- /**
- * parseTag
- *
- * Parsing a Tag is somewhat complicated, so it's helpful to separate this process from the
- * higher level Parsing effort
- * @return
- * @throws IOException
- * @throws XMLStreamException
- */
- private Tag parseTag() throws IOException, XMLStreamException {
- Tag tag = null;
- boolean go = true;
- state = 0;
- int c, quote=0; // If "quote" is 0, then we're not in a quote. We set ' (in pretag) or " in attribs accordingly to denote quoted
- String prefix=null,name=null,value=null;
- baos.reset();
-
- while(go && (c=is.read())>=0) {
- ++count;
- if(quote!=0) { // If we're in a quote, we only end if we hit another quote of the same time, not preceded by \
- if(c==quote && last!='\\') {
- quote=0;
- } else {
- baos.write(c);
- }
- } else if((state&COMMENT)==COMMENT) { // similar to Quote is being in a comment
- switch(c) {
- case '-':
- switch(state) { // XML has a complicated Quote set... <!-- --> ... we keep track if each has been met with flags.
- case COMMENT|COMMENT_E:
- state|=COMMENT_D1;
- break;
- case COMMENT|COMMENT_E|COMMENT_D1:
- state|=COMMENT_D2;
- baos.reset(); // clear out "!--", it's a Comment
- break;
- case COMMENT|COMMENT_E|COMMENT_D1|COMMENT_D2:
- state|=COMMENT_D3;
- baos.write(c);
- break;
- case COMMENT|COMMENT_E|COMMENT_D1|COMMENT_D2|COMMENT_D3:
- state|=COMMENT_D4;
- baos.write(c);
- break;
- }
- break;
- case '>': // Tag indicator has been found, do we have all the comment characters in line?
- if((state&COMPLETE_COMMENT)==COMPLETE_COMMENT) {
- byte ba[] = baos.toByteArray();
- tag = new Tag(null,null, new String(ba,0,ba.length-2));
- baos.reset();
- go = false;
- break;
- }
- // fall through on purpose
- default:
- state&=~(COMMENT_D3|COMMENT_D4);
- if((state&IN_COMMENT)!=IN_COMMENT) state&=~IN_COMMENT; // false alarm, it's not actually a comment
- baos.write(c);
- }
- } else { // Normal Tag Processing loop
- switch(c) {
- case '?':
- switch(state & (QUESTION_F|QUESTION)) { // Validate the state of Doc tag... <?xml ... ?>
- case QUESTION_F:
- state |= DOC_TYPE;
- state &= ~QUESTION_F;
- break;
- case 0:
- state |=QUESTION_F;
- break;
- default:
- throw new IOException("Bad character [?] at " + count);
- }
- break;
- case '!':
- if(last=='<') {
- state|=COMMENT|COMMENT_E; // likely a comment, continue processing in Comment Loop
- }
- baos.write(c);
- break;
- case '/':
- state|=(last=='<'?END_TAG:(END_TAG|START_TAG)); // end tag indicator </xxx>, ,or both <xxx/>
- break;
- case ':':
- prefix=baos.toString(); // prefix indicator
- baos.reset();
- break;
- case '=': // used in Attributes
- name=baos.toString();
- baos.reset();
- state|=VALUE;
- break;
- case '>': // end the tag, which causes end of this subprocess as well as formulation of the found data
- go = false;
- // passthrough on purpose
- case ' ':
- case '\t':
- case '\n': // white space indicates change in internal tag state, ex between name and between attributes
- if((state&VALUE)==VALUE) {
- value = baos.toString(); // we're in VALUE state, add characters to Value
- } else if(name==null) {
- name = baos.toString(); // we're in Name state (default) add characters to Name
- }
- baos.reset(); // we've assigned chars, reset buffer
- if(name!=null) { // Name is not null, there's a tag in the offing here...
- Tag t = new Tag(prefix,name,value);
- if(tag==null) { // Set as the tag to return, if not exists
- tag = t;
- } else { // if we already have a Tag, then we'll treat this one as an attribute
- tag.add(t);
- }
- }
- prefix=name=value=null; // reset these values in case we loop for attributes.
- break;
- case '\'': // is the character one of two kinds of quote?
- case '"':
- if(last!='\\') {
- quote=c;
- break;
- }
- // Fallthrough ok
- default:
- baos.write(c); // write any unprocessed bytes into buffer
-
- }
- }
- last = c;
- }
- int type = state&(DOC_TYPE|COMMENT|END_TAG|START_TAG); // get just the Tag states and turn into Type for Tag
- if(type==0) {
- type=START_TAG;
- }
- if(tag!=null) {
- tag.state|=type; // add the appropriate Tag States
- }
- return tag;
- }
+ XEvent rv;
+ if((rv=another)!=null) { // "another" is a tag that may have needed to be created, but not
+ // immediately returned. Save for next parse. If necessary, this could be turned into
+ // a FIFO storage, but a single reference is enough for now.
+ another = null; // "rv" is now set for the Event, and will be returned. Set to Null.
+ } else {
+ boolean go = true;
+ int c=0;
+
+ try {
+ while(go && (c=is.read())>=0) {
+ ++count;
+ switch(c) {
+ case '<': // Tag is opening
+ state|=~BEGIN_DOC; // remove BEGIN_DOC flag, this is possibly an XML Doc
+ XEvent cxe = null;
+ if(baos.size()>0) { // If there are any characters between tags, we send as Character Event
+ String chars = baos.toString().trim(); // Trim out WhiteSpace before and after
+ if(chars.length()>0) { // don't send if Characters were only whitespace
+ cxe = new XEvent.Characters(chars);
+ baos.reset();
+ go = false;
+ }
+ }
+ last = c; // make sure "last" character is set for use in "ParseTag"
+ Tag t = parseTag(); // call subroutine to process the tag as a unit
+ String ns;
+ switch(t.state&(START_TAG|END_TAG)) {
+ case START_TAG:
+ nss = getNss(nss,t); // Only Start Tags might have NS Attributes
+ // Get any NameSpace elements from tag. If there are, nss will become
+ // a new Map with all the previous NSs plus the new. This provides
+ // scoping behavior when used with the Stack
+ // drop through on purpose
+ case END_TAG:
+ ns = t.prefix==null||nss==null?"":nss.get(t.prefix); // Get the namespace from prefix (if exists)
+ break;
+ default:
+ ns = "";
+ }
+ if(ns==null)
+ throw new XMLStreamException("Invalid Namespace Prefix at " + count);
+ go = false;
+ switch(t.state) { // based on
+ case DOC_TYPE:
+ rv = new XEvent.StartDocument();
+ break;
+ case COMMENT:
+ rv = new XEvent.Comment(t.value);
+ break;
+ case START_TAG:
+ rv = new XEvent.StartElement(ns,t.name);
+ nsses.push(nss); // Change potential scope for Namespace
+ break;
+ case END_TAG:
+ rv = new XEvent.EndElement(ns,t.name);
+ nss = nsses.pop(); // End potential scope for Namespace
+ break;
+ case START_TAG|END_TAG: // This tag is both start/end aka <myTag/>
+ rv = new XEvent.StartElement(ns,t.name);
+ if(last=='/')another = new XEvent.EndElement(ns,t.name);
+ }
+ if(cxe!=null) { // if there is a Character Event, it actually should go first. ow.
+ another = rv; // Make current Event the "another" or next event, and
+ rv = cxe; // send Character Event now
+ }
+ break;
+ case ' ':
+ case '\t':
+ case '\n':
+ if((state&BEGIN_DOC)==BEGIN_DOC) { // if Whitespace before doc, just ignore
+ break;
+ }
+ // fallthrough on purpose
+ default:
+ if((state&BEGIN_DOC)==BEGIN_DOC) { // if there is any data at the start other than XML Tag, it's not XML
+ throw new XMLStreamException("Parse Error: This is not an XML Doc");
+ }
+ baos.write(c); // save off Characters
+ }
+ last = c; // Some processing needs to know what the last character was, aka Escaped characters... ex \"
+ }
+ } catch (IOException e) {
+ throw new XMLStreamException(e); // all errors parsing will be treated as XMLStreamErrors (like StAX)
+ }
+ if(c==-1 && (state&BEGIN_DOC)==BEGIN_DOC) { // Normally, end of stream is ok, however, we need to know if the
+ throw new XMLStreamException("Premature End of File"); // document isn't an XML document, so we throw exception if it
+ } // hasn't yet been determined to be an XML Doc
+ }
+ return rv;
+ }
+
+ /**
+ * parseTag
+ *
+ * Parsing a Tag is somewhat complicated, so it's helpful to separate this process from the
+ * higher level Parsing effort
+ * @return
+ * @throws IOException
+ * @throws XMLStreamException
+ */
+ private Tag parseTag() throws IOException, XMLStreamException {
+ Tag tag = null;
+ boolean go = true;
+ state = 0;
+ int c, quote=0; // If "quote" is 0, then we're not in a quote. We set ' (in pretag) or " in attribs accordingly to denote quoted
+ String prefix=null,name=null,value=null;
+ baos.reset();
+
+ while(go && (c=is.read())>=0) {
+ ++count;
+ if(quote!=0) { // If we're in a quote, we only end if we hit another quote of the same time, not preceded by \
+ if(c==quote && last!='\\') {
+ quote=0;
+ } else {
+ baos.write(c);
+ }
+ } else if((state&COMMENT)==COMMENT) { // similar to Quote is being in a comment
+ switch(c) {
+ case '-':
+ switch(state) { // XML has a complicated Quote set... <!-- --> ... we keep track if each has been met with flags.
+ case COMMENT|COMMENT_E:
+ state|=COMMENT_D1;
+ break;
+ case COMMENT|COMMENT_E|COMMENT_D1:
+ state|=COMMENT_D2;
+ baos.reset(); // clear out "!--", it's a Comment
+ break;
+ case COMMENT|COMMENT_E|COMMENT_D1|COMMENT_D2:
+ state|=COMMENT_D3;
+ baos.write(c);
+ break;
+ case COMMENT|COMMENT_E|COMMENT_D1|COMMENT_D2|COMMENT_D3:
+ state|=COMMENT_D4;
+ baos.write(c);
+ break;
+ }
+ break;
+ case '>': // Tag indicator has been found, do we have all the comment characters in line?
+ if((state&COMPLETE_COMMENT)==COMPLETE_COMMENT) {
+ byte ba[] = baos.toByteArray();
+ tag = new Tag(null,null, new String(ba,0,ba.length-2));
+ baos.reset();
+ go = false;
+ break;
+ }
+ // fall through on purpose
+ default:
+ state&=~(COMMENT_D3|COMMENT_D4);
+ if((state&IN_COMMENT)!=IN_COMMENT) state&=~IN_COMMENT; // false alarm, it's not actually a comment
+ baos.write(c);
+ }
+ } else { // Normal Tag Processing loop
+ switch(c) {
+ case '?':
+ switch(state & (QUESTION_F|QUESTION)) { // Validate the state of Doc tag... <?xml ... ?>
+ case QUESTION_F:
+ state |= DOC_TYPE;
+ state &= ~QUESTION_F;
+ break;
+ case 0:
+ state |=QUESTION_F;
+ break;
+ default:
+ throw new IOException("Bad character [?] at " + count);
+ }
+ break;
+ case '!':
+ if(last=='<') {
+ state|=COMMENT|COMMENT_E; // likely a comment, continue processing in Comment Loop
+ }
+ baos.write(c);
+ break;
+ case '/':
+ state|=(last=='<'?END_TAG:(END_TAG|START_TAG)); // end tag indicator </xxx>, ,or both <xxx/>
+ break;
+ case ':':
+ prefix=baos.toString(); // prefix indicator
+ baos.reset();
+ break;
+ case '=': // used in Attributes
+ name=baos.toString();
+ baos.reset();
+ state|=VALUE;
+ break;
+ case '>': // end the tag, which causes end of this subprocess as well as formulation of the found data
+ go = false;
+ // passthrough on purpose
+ case ' ':
+ case '\t':
+ case '\n': // white space indicates change in internal tag state, ex between name and between attributes
+ if((state&VALUE)==VALUE) {
+ value = baos.toString(); // we're in VALUE state, add characters to Value
+ } else if(name==null) {
+ name = baos.toString(); // we're in Name state (default) add characters to Name
+ }
+ baos.reset(); // we've assigned chars, reset buffer
+ if(name!=null) { // Name is not null, there's a tag in the offing here...
+ Tag t = new Tag(prefix,name,value);
+ if(tag==null) { // Set as the tag to return, if not exists
+ tag = t;
+ } else { // if we already have a Tag, then we'll treat this one as an attribute
+ tag.add(t);
+ }
+ }
+ prefix=name=value=null; // reset these values in case we loop for attributes.
+ break;
+ case '\'': // is the character one of two kinds of quote?
+ case '"':
+ if(last!='\\') {
+ quote=c;
+ break;
+ }
+ // Fallthrough ok
+ default:
+ baos.write(c); // write any unprocessed bytes into buffer
+
+ }
+ }
+ last = c;
+ }
+ int type = state&(DOC_TYPE|COMMENT|END_TAG|START_TAG); // get just the Tag states and turn into Type for Tag
+ if(type==0) {
+ type=START_TAG;
+ }
+ if(tag!=null) {
+ tag.state|=type; // add the appropriate Tag States
+ }
+ return tag;
+ }
- /**
- * getNSS
- *
- * If the tag contains some Namespace attributes, create a new nss from the passed in one, copy all into it, then add
- * This provides Scoping behavior
- *
- * if Nss is null in the first place, create an new nss, so we don't have to deal with null Maps.
- *
- * @param nss
- * @param t
- * @return
- */
- private Map<String, String> getNss(Map<String, String> nss, Tag t) {
- Map<String,String> newnss = null;
- if(t.attribs!=null) {
- for(Tag tag : t.attribs) {
- if("xmlns".equals(tag.prefix)) {
- if(newnss==null) {
- newnss = new HashMap<>();
- if(nss!=null)newnss.putAll(nss);
- }
- newnss.put(tag.name, tag.value);
- }
- }
- }
- //return newnss==null?(nss==null?new HashMap<String,String>():nss):newnss;
- if(newnss==null) {
- if(nss==null) {
- newnss = new HashMap<>();
- } else {
- newnss = nss;
- }
- }
- return newnss;
- }
+ /**
+ * getNSS
+ *
+ * If the tag contains some Namespace attributes, create a new nss from the passed in one, copy all into it, then add
+ * This provides Scoping behavior
+ *
+ * if Nss is null in the first place, create an new nss, so we don't have to deal with null Maps.
+ *
+ * @param nss
+ * @param t
+ * @return
+ */
+ private Map<String, String> getNss(Map<String, String> nss, Tag t) {
+ Map<String,String> newnss = null;
+ if(t.attribs!=null) {
+ for(Tag tag : t.attribs) {
+ if("xmlns".equals(tag.prefix)) {
+ if(newnss==null) {
+ newnss = new HashMap<>();
+ if(nss!=null)newnss.putAll(nss);
+ }
+ newnss.put(tag.name, tag.value);
+ }
+ }
+ }
+ //return newnss==null?(nss==null?new HashMap<String,String>():nss):newnss;
+ if(newnss==null) {
+ if(nss==null) {
+ newnss = new HashMap<>();
+ } else {
+ newnss = nss;
+ }
+ }
+ return newnss;
+ }
- /**
- * The result of the parseTag method
- *
- * Data is split up into prefix, name and value portions. "Tags" with Values that are inside a Tag are known in XLM
- * as Attributes.
- *
- * @author Jonathan
- *
- */
- public class Tag {
- public int state;
- public String prefix,name,value;
- public List<Tag> attribs;
+ /**
+ * The result of the parseTag method
+ *
+ * Data is split up into prefix, name and value portions. "Tags" with Values that are inside a Tag are known in XLM
+ * as Attributes.
+ *
+ * @author Jonathan
+ *
+ */
+ public class Tag {
+ public int state;
+ public String prefix,name,value;
+ public List<Tag> attribs;
- public Tag(String prefix, String name, String value) {
- this.prefix = prefix;
- this.name = name;
- this.value = value;
- attribs = null;
- }
+ public Tag(String prefix, String name, String value) {
+ this.prefix = prefix;
+ this.name = name;
+ this.value = value;
+ attribs = null;
+ }
- /**
- * add an attribute
- * Not all tags need attributes... lazy instantiate to save time and memory
- * @param tag
- */
- public void add(Tag attrib) {
- if(attribs == null) {
- attribs = new ArrayList<>();
- }
- attribs.add(attrib);
- }
-
- public String toString() {
- StringBuffer sb = new StringBuffer();
- if(prefix!=null) {
- sb.append(prefix);
- sb.append(':');
- }
- sb.append(name==null?"!!ERROR!!":name);
+ /**
+ * add an attribute
+ * Not all tags need attributes... lazy instantiate to save time and memory
+ * @param tag
+ */
+ public void add(Tag attrib) {
+ if(attribs == null) {
+ attribs = new ArrayList<>();
+ }
+ attribs.add(attrib);
+ }
+
+ public String toString() {
+ StringBuffer sb = new StringBuffer();
+ if(prefix!=null) {
+ sb.append(prefix);
+ sb.append(':');
+ }
+ sb.append(name==null?"!!ERROR!!":name);
- char quote = ((state&DOC_TYPE)==DOC_TYPE)?'\'':'"';
- if(value!=null) {
- sb.append('=');
- sb.append(quote);
- sb.append(value);
- sb.append(quote);
- }
- return sb.toString();
- }
- }
+ char quote = ((state&DOC_TYPE)==DOC_TYPE)?'\'':'"';
+ if(value!=null) {
+ sb.append('=');
+ sb.append(quote);
+ sb.append(value);
+ sb.append(quote);
+ }
+ return sb.toString();
+ }
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_Get.java b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_Get.java
index eaa3376d..982a29e5 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_Get.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_Get.java
@@ -33,84 +33,84 @@ import org.onap.aaf.cadi.config.Get;
public class JU_Get {
- private String defaultVal = "some default value";
+ private String defaultVal = "some default value";
- private ByteArrayOutputStream outStream;
+ private ByteArrayOutputStream outStream;
- private TestBean tb;
+ private TestBean tb;
- @Before
- public void setup() {
- outStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
- }
+ @Before
+ public void setup() {
+ outStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
+ }
- @After
- public void tearDown() {
- System.setOut(System.out);
- }
+ @After
+ public void tearDown() {
+ System.setOut(System.out);
+ }
- @Test
- public void beanTest() {
- tb = new TestBean();
- tb.setProperty1("prop1");
+ @Test
+ public void beanTest() {
+ tb = new TestBean();
+ tb.setProperty1("prop1");
- Get.Bean testBean = new Get.Bean(tb);
- assertThat(testBean.get("property1", defaultVal, true), is("prop1"));
- assertThat(testBean.get("property2", defaultVal, true), is(defaultVal));
- assertThat(testBean.get("thrower", defaultVal, true), is(defaultVal));
- }
+ Get.Bean testBean = new Get.Bean(tb);
+ assertThat(testBean.get("property1", defaultVal, true), is("prop1"));
+ assertThat(testBean.get("property2", defaultVal, true), is(defaultVal));
+ assertThat(testBean.get("thrower", defaultVal, true), is(defaultVal));
+ }
- @Test
- public void nullTest() {
- assertThat(Get.NULL.get("name", defaultVal, true), is(defaultVal));
- }
+ @Test
+ public void nullTest() {
+ assertThat(Get.NULL.get("name", defaultVal, true), is(defaultVal));
+ }
- @Test
- public void accessTest() {
- String output;
+ @Test
+ public void accessTest() {
+ String output;
- PropAccess access = new PropAccess();
- access.setProperty("tag", "value");
- Get.AccessGet accessGet = new Get.AccessGet(access);
+ PropAccess access = new PropAccess();
+ access.setProperty("tag", "value");
+ Get.AccessGet accessGet = new Get.AccessGet(access);
- assertThat(accessGet.get("tag", defaultVal, true), is("value"));
- output = outStream.toString().split(" ", 2)[1];
- assertThat(output, is("INIT [cadi] tag is set to value" + System.lineSeparator()));
+ assertThat(accessGet.get("tag", defaultVal, true), is("value"));
+ output = outStream.toString().split(" ", 2)[1];
+ assertThat(output, is("INIT [cadi] tag is set to value" + System.lineSeparator()));
- outStream.reset();
+ outStream.reset();
- assertThat(accessGet.get("not a real tag", defaultVal, true), is(defaultVal));
- output = outStream.toString().split(" ", 2)[1];
- assertThat(output, is("INIT [cadi] not a real tag is set to " + defaultVal + System.lineSeparator()));
+ assertThat(accessGet.get("not a real tag", defaultVal, true), is(defaultVal));
+ output = outStream.toString().split(" ", 2)[1];
+ assertThat(output, is("INIT [cadi] not a real tag is set to " + defaultVal + System.lineSeparator()));
- outStream.reset();
+ outStream.reset();
- assertThat(accessGet.get("not a real tag", null, true), is(nullValue()));
- output = outStream.toString().split(" ", 2)[1];
- assertThat(output, is("INIT [cadi] not a real tag is not set" + System.lineSeparator()));
+ assertThat(accessGet.get("not a real tag", null, true), is(nullValue()));
+ output = outStream.toString().split(" ", 2)[1];
+ assertThat(output, is("INIT [cadi] not a real tag is not set" + System.lineSeparator()));
- outStream.reset();
+ outStream.reset();
- assertThat(accessGet.get("tag", defaultVal, false), is("value"));
- assertThat(outStream.toString(), is(""));
- }
+ assertThat(accessGet.get("tag", defaultVal, false), is("value"));
+ assertThat(outStream.toString(), is(""));
+ }
- public class TestBean implements java.io.Serializable {
+ public class TestBean implements java.io.Serializable {
- private static final long serialVersionUID = 1L;
- private String property1 = null;
- private String property2 = null;
- @SuppressWarnings("unused")
- private String thrower = null;
+ private static final long serialVersionUID = 1L;
+ private String property1 = null;
+ private String property2 = null;
+ @SuppressWarnings("unused")
+ private String thrower = null;
- public TestBean() { }
- public String getProperty1() { return property1; }
- public void setProperty1(final String value) { this.property1 = value; }
- public String getProperty2() { return property2; }
- public void setProperty2(final String value) { this.property2 = value; }
- public String getThrower() throws Exception { throw new Exception(); }
- public void setThrower(final String value) { this.thrower = value; }
+ public TestBean() { }
+ public String getProperty1() { return property1; }
+ public void setProperty1(final String value) { this.property1 = value; }
+ public String getProperty2() { return property2; }
+ public void setProperty2(final String value) { this.property2 = value; }
+ public String getThrower() throws Exception { throw new Exception(); }
+ public void setThrower(final String value) { this.thrower = value; }
- }
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_GetAccess.java b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_GetAccess.java
index d50f9e8c..568a820c 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_GetAccess.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_GetAccess.java
@@ -36,72 +36,72 @@ import org.onap.aaf.cadi.config.GetAccess;
public class JU_GetAccess {
- private String defaultVal = "some default value";
+ private String defaultVal = "some default value";
- private ByteArrayOutputStream outStream;
+ private ByteArrayOutputStream outStream;
- private PropAccess access;
- private Get.AccessGet accessGet;
- private File file;
- private String filePath;
+ private PropAccess access;
+ private Get.AccessGet accessGet;
+ private File file;
+ private String filePath;
- @Before
- public void setup() throws IOException {
- outStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
+ @Before
+ public void setup() throws IOException {
+ outStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
- file = File.createTempFile("GetAccess_test", "");
- filePath = file.getAbsolutePath();
+ file = File.createTempFile("GetAccess_test", "");
+ filePath = file.getAbsolutePath();
- access = new PropAccess();
+ access = new PropAccess();
access.setProperty("cadi_prop_files", filePath);
- accessGet = new Get.AccessGet(access);
+ accessGet = new Get.AccessGet(access);
- }
+ }
- @After
- public void tearDown() {
- System.setOut(System.out);
+ @After
+ public void tearDown() {
+ System.setOut(System.out);
- file.delete();
- }
+ file.delete();
+ }
@Test
public void constructorTest() {
String output;
@SuppressWarnings("unused")
- GetAccess getAccess = new GetAccess(accessGet);
- String[] lines = outStream.toString().split(System.lineSeparator());
- assertThat(lines.length, is(2));
+ GetAccess getAccess = new GetAccess(accessGet);
+ String[] lines = outStream.toString().split(System.lineSeparator());
+ assertThat(lines.length, is(2));
output = lines[0].split(" ", 2)[1];
assertThat(output, is("INIT [cadi] cadi_prop_files is set to " + filePath));
- output = lines[1].split(" ", 2)[1];
+ output = lines[1].split(" ", 2)[1];
assertThat(output, is("INIT [cadi] Loading CADI Properties from " + filePath));
- }
+ }
@Test
public void getPropertyTest1() {
GetAccess getAccess = new GetAccess(accessGet);
- getAccess.setProperty("tag", "value");
- assertThat(getAccess.getProperty("tag", defaultVal), is("value"));
- assertThat(getAccess.getProperty("not_a_tag", defaultVal), is(defaultVal));
- }
+ getAccess.setProperty("tag", "value");
+ assertThat(getAccess.getProperty("tag", defaultVal), is("value"));
+ assertThat(getAccess.getProperty("not_a_tag", defaultVal), is(defaultVal));
+ }
@Test
public void getPropertyTest2() {
GetAccess getAccess = new GetAccess(accessGet);
- getAccess.setProperty("tag", "value");
- assertThat(getAccess.getProperty("tag"), is("value"));
- assertThat(getAccess.getProperty("not_a_tag"), is(nullValue()));
- }
+ getAccess.setProperty("tag", "value");
+ assertThat(getAccess.getProperty("tag"), is("value"));
+ assertThat(getAccess.getProperty("not_a_tag"), is(nullValue()));
+ }
- @Test
- public void getTest() {
+ @Test
+ public void getTest() {
GetAccess getAccess = new GetAccess(accessGet);
- assertThat((Get.AccessGet)getAccess.get(), is(accessGet));
- }
+ assertThat((Get.AccessGet)getAccess.get(), is(accessGet));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_MultiGet.java b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_MultiGet.java
index 6510bdcd..3fbae769 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_MultiGet.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_MultiGet.java
@@ -35,34 +35,34 @@ import org.onap.aaf.cadi.config.MultiGet;
public class JU_MultiGet {
- private String defaultVal = "some default value";
+ private String defaultVal = "some default value";
- private ByteArrayOutputStream outStream;
+ private ByteArrayOutputStream outStream;
- private MultiGet multiGet;
- private Get.AccessGet accessGet;
- private PropAccess access;
+ private MultiGet multiGet;
+ private Get.AccessGet accessGet;
+ private PropAccess access;
- @Before
- public void setup() throws IOException {
- outStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
+ @Before
+ public void setup() throws IOException {
+ outStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
- access = new PropAccess();
- access.setProperty("tag", "value");
- accessGet = new Get.AccessGet(access);
- multiGet = new MultiGet(accessGet, Get.NULL);
- }
+ access = new PropAccess();
+ access.setProperty("tag", "value");
+ accessGet = new Get.AccessGet(access);
+ multiGet = new MultiGet(accessGet, Get.NULL);
+ }
- @After
- public void tearDown() {
- System.setOut(System.out);
- }
+ @After
+ public void tearDown() {
+ System.setOut(System.out);
+ }
@Test
public void getTest() {
- assertThat(multiGet.get("tag", defaultVal, false), is("value"));
- assertThat(multiGet.get("not_a_tag", defaultVal, false), is(defaultVal));
- }
+ assertThat(multiGet.get("tag", defaultVal, false), is("value"));
+ assertThat(multiGet.get("not_a_tag", defaultVal, false), is(defaultVal));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_SecurityInfo.java b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_SecurityInfo.java
index 001d0fe6..98c1a292 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_SecurityInfo.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_SecurityInfo.java
@@ -45,92 +45,92 @@ import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.cadi.config.SecurityInfo;
public class JU_SecurityInfo {
-
- private static PropAccess access;
-
- private static final String keyStoreFileName = "src/test/resources/keystore.p12";
- private static final String keyStorePassword = "Password for the keystore";
- private static final String keyPassword = "Password for the key";
-
- private static final String trustStoreFileName = "src/test/resources/truststore.jks";
- private static final String trustStorePasswd = "Password for the truststore";
-
- @BeforeClass
- public static void setupOnce() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException {
- KeyStore keyStore = KeyStore.getInstance("PKCS12");
- keyStore.load(null, null);
- keyStore.store(new FileOutputStream(keyStoreFileName), keyStorePassword.toCharArray());
-
- KeyStore trustStore = KeyStore.getInstance("JKS");
- trustStore.load(null, null);
- trustStore.store(new FileOutputStream(trustStoreFileName), trustStorePasswd.toCharArray());
- }
-
- @Before
- public void setup() throws IOException {
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
-
- access.setProperty(Config.CADI_KEYSTORE, keyStoreFileName);
- access.setProperty(Config.CADI_KEYSTORE_PASSWORD, access.encrypt(keyStorePassword));
- access.setProperty(Config.CADI_KEY_PASSWORD, access.encrypt(keyPassword));
-
- access.setProperty(Config.CADI_TRUSTSTORE, trustStoreFileName);
- access.setProperty(Config.CADI_TRUSTSTORE_PASSWORD, access.encrypt(trustStorePasswd));
- }
-
- @AfterClass
- public static void tearDownOnce() {
- File keyStoreFile = new File(keyStoreFileName);
- if (keyStoreFile.exists()) {
- keyStoreFile.delete();
- }
- File trustStoreFile = new File(trustStoreFileName);
- if (trustStoreFile.exists()) {
- trustStoreFile.delete();
- }
- }
-
- @Test
- public void test() throws CadiException {
- SecurityInfo si = new SecurityInfo(access);
-
- assertNotNull(si.getSSLSocketFactory());
- assertNotNull(si.getSSLContext());
- assertNotNull(si.getKeyManagers());
-
- access.setProperty(Config.CADI_TRUST_MASKS, "123.123.123.123");
- si = new SecurityInfo(access);
- }
-
- @Test(expected = CadiException.class)
- public void nullkeyStoreTest() throws CadiException {
- access.setProperty(Config.CADI_KEYSTORE, "passwords.txt");
- @SuppressWarnings("unused")
- SecurityInfo si = new SecurityInfo(access);
- }
-
- @Test(expected = CadiException.class)
- public void nullTrustStoreTest() throws CadiException {
- access.setProperty(Config.CADI_TRUSTSTORE, "passwords.txt");
- @SuppressWarnings("unused")
- SecurityInfo si = new SecurityInfo(access);
- }
-
-
- @Test(expected = NumberFormatException.class)
- public void badTrustMaskTest() throws CadiException {
- access.setProperty(Config.CADI_TRUST_MASKS, "trustMask");
- @SuppressWarnings("unused")
- SecurityInfo si = new SecurityInfo(access);
- }
-
- @Test
- public void coverageTest() throws CadiException {
- PropAccess badAccess = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- @SuppressWarnings("unused")
- SecurityInfo si = new SecurityInfo(badAccess);
- badAccess.setProperty(Config.CADI_KEYSTORE, keyStoreFileName);
- si = new SecurityInfo(badAccess);
- }
+
+ private static PropAccess access;
+
+ private static final String keyStoreFileName = "src/test/resources/keystore.p12";
+ private static final String keyStorePassword = "Password for the keystore";
+ private static final String keyPassword = "Password for the key";
+
+ private static final String trustStoreFileName = "src/test/resources/truststore.jks";
+ private static final String trustStorePasswd = "Password for the truststore";
+
+ @BeforeClass
+ public static void setupOnce() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException {
+ KeyStore keyStore = KeyStore.getInstance("PKCS12");
+ keyStore.load(null, null);
+ keyStore.store(new FileOutputStream(keyStoreFileName), keyStorePassword.toCharArray());
+
+ KeyStore trustStore = KeyStore.getInstance("JKS");
+ trustStore.load(null, null);
+ trustStore.store(new FileOutputStream(trustStoreFileName), trustStorePasswd.toCharArray());
+ }
+
+ @Before
+ public void setup() throws IOException {
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+
+ access.setProperty(Config.CADI_KEYSTORE, keyStoreFileName);
+ access.setProperty(Config.CADI_KEYSTORE_PASSWORD, access.encrypt(keyStorePassword));
+ access.setProperty(Config.CADI_KEY_PASSWORD, access.encrypt(keyPassword));
+
+ access.setProperty(Config.CADI_TRUSTSTORE, trustStoreFileName);
+ access.setProperty(Config.CADI_TRUSTSTORE_PASSWORD, access.encrypt(trustStorePasswd));
+ }
+
+ @AfterClass
+ public static void tearDownOnce() {
+ File keyStoreFile = new File(keyStoreFileName);
+ if (keyStoreFile.exists()) {
+ keyStoreFile.delete();
+ }
+ File trustStoreFile = new File(trustStoreFileName);
+ if (trustStoreFile.exists()) {
+ trustStoreFile.delete();
+ }
+ }
+
+ @Test
+ public void test() throws CadiException {
+ SecurityInfo si = new SecurityInfo(access);
+
+ assertNotNull(si.getSSLSocketFactory());
+ assertNotNull(si.getSSLContext());
+ assertNotNull(si.getKeyManagers());
+
+ access.setProperty(Config.CADI_TRUST_MASKS, "123.123.123.123");
+ si = new SecurityInfo(access);
+ }
+
+ @Test(expected = CadiException.class)
+ public void nullkeyStoreTest() throws CadiException {
+ access.setProperty(Config.CADI_KEYSTORE, "passwords.txt");
+ @SuppressWarnings("unused")
+ SecurityInfo si = new SecurityInfo(access);
+ }
+
+ @Test(expected = CadiException.class)
+ public void nullTrustStoreTest() throws CadiException {
+ access.setProperty(Config.CADI_TRUSTSTORE, "passwords.txt");
+ @SuppressWarnings("unused")
+ SecurityInfo si = new SecurityInfo(access);
+ }
+
+
+ @Test(expected = NumberFormatException.class)
+ public void badTrustMaskTest() throws CadiException {
+ access.setProperty(Config.CADI_TRUST_MASKS, "trustMask");
+ @SuppressWarnings("unused")
+ SecurityInfo si = new SecurityInfo(access);
+ }
+
+ @Test
+ public void coverageTest() throws CadiException {
+ PropAccess badAccess = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ @SuppressWarnings("unused")
+ SecurityInfo si = new SecurityInfo(badAccess);
+ badAccess.setProperty(Config.CADI_KEYSTORE, keyStoreFileName);
+ si = new SecurityInfo(badAccess);
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_SecurityInfoC.java b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_SecurityInfoC.java
index 111f8769..735edef9 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_SecurityInfoC.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_SecurityInfoC.java
@@ -39,71 +39,71 @@ import org.onap.aaf.cadi.config.SecurityInfoC;
public class JU_SecurityInfoC {
- ByteArrayOutputStream outStream;
- ByteArrayOutputStream errStream;
+ ByteArrayOutputStream outStream;
+ ByteArrayOutputStream errStream;
- @Before
- public void setup() {
- outStream = new ByteArrayOutputStream();
- errStream = new ByteArrayOutputStream();
+ @Before
+ public void setup() {
+ outStream = new ByteArrayOutputStream();
+ errStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
- System.setErr(new PrintStream(errStream));
- }
+ System.setOut(new PrintStream(outStream));
+ System.setErr(new PrintStream(errStream));
+ }
- @After
- public void tearDown() {
- System.setOut(System.out);
- System.setErr(System.err);
- }
+ @After
+ public void tearDown() {
+ System.setOut(System.out);
+ System.setErr(System.err);
+ }
-// @Test
-// public void instanceTest() throws CadiException, MalformedURLException {
-// SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(new PropAccess(), HttpURLConnection.class );
-// assertThat(si.defSS.getID(), is(SecurityInfoC.DEF_ID));
-// try {
-// si.defSS.setSecurity(new HttpURLConnectionStub());
-// fail("Should have thrown an exception");
-// } catch (CadiException e) {
-// assertTrue(e instanceof CadiException);
-// assertThat(e.getMessage(), is("No Client Credentials set."));
-// }
-// assertThat(si.defSS.setLastResponse(0), is(0));
+// @Test
+// public void instanceTest() throws CadiException, MalformedURLException {
+// SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(new PropAccess(), HttpURLConnection.class );
+// assertThat(si.defSS.getID(), is(SecurityInfoC.DEF_ID));
+// try {
+// si.defSS.setSecurity(new HttpURLConnectionStub());
+// fail("Should have thrown an exception");
+// } catch (CadiException e) {
+// assertTrue(e instanceof CadiException);
+// assertThat(e.getMessage(), is("No Client Credentials set."));
+// }
+// assertThat(si.defSS.setLastResponse(0), is(0));
//
-// // Try it again for coverage
-// SecurityInfoC<HttpURLConnection> siClone = SecurityInfoC.instance(new PropAccess(), HttpURLConnection.class);
-// assertThat(siClone, is(si));
-// }
-
- @Test
- public void setTest() throws MalformedURLException, CadiException {
- SecurityInfoC<HttpURLConnectionStub> si = SecurityInfoC.instance(new PropAccess(), HttpURLConnectionStub.class);
- SecuritySetter<HttpURLConnectionStub> ss = new SecuritySetterStub<HttpURLConnectionStub>();
- assertThat(si.set(ss), is(si));
- assertThat(si.defSS.getID(), is("Example ID"));
- try {
- si.defSS.setSecurity(new HttpURLConnectionStub());
- fail("Should have thrown an exception");
- } catch (CadiException e) {
- assertTrue(e instanceof CadiException);
- assertThat(e.getMessage(), is("Example exception"));
- }
- assertThat(si.defSS.setLastResponse(0), is(0));
- assertThat(si.defSS.setLastResponse(1), is(1));
- assertThat(si.defSS.setLastResponse(-1), is(-1));
- }
+// // Try it again for coverage
+// SecurityInfoC<HttpURLConnection> siClone = SecurityInfoC.instance(new PropAccess(), HttpURLConnection.class);
+// assertThat(siClone, is(si));
+// }
+
+ @Test
+ public void setTest() throws MalformedURLException, CadiException {
+ SecurityInfoC<HttpURLConnectionStub> si = SecurityInfoC.instance(new PropAccess(), HttpURLConnectionStub.class);
+ SecuritySetter<HttpURLConnectionStub> ss = new SecuritySetterStub<HttpURLConnectionStub>();
+ assertThat(si.set(ss), is(si));
+ assertThat(si.defSS.getID(), is("Example ID"));
+ try {
+ si.defSS.setSecurity(new HttpURLConnectionStub());
+ fail("Should have thrown an exception");
+ } catch (CadiException e) {
+ assertTrue(e instanceof CadiException);
+ assertThat(e.getMessage(), is("Example exception"));
+ }
+ assertThat(si.defSS.setLastResponse(0), is(0));
+ assertThat(si.defSS.setLastResponse(1), is(1));
+ assertThat(si.defSS.setLastResponse(-1), is(-1));
+ }
- public static class HttpURLConnectionStub extends HttpURLConnection {
- public HttpURLConnectionStub() throws MalformedURLException { super(new URL("http://www.example.com")); }
- @Override public void disconnect() { }
- @Override public boolean usingProxy() { return false; }
- @Override public void connect() throws IOException { }
- }
+ public static class HttpURLConnectionStub extends HttpURLConnection {
+ public HttpURLConnectionStub() throws MalformedURLException { super(new URL("http://www.example.com")); }
+ @Override public void disconnect() { }
+ @Override public boolean usingProxy() { return false; }
+ @Override public void connect() throws IOException { }
+ }
- private class SecuritySetterStub<CT> implements SecuritySetter<CT> {
- public String getID() { return "Example ID"; }
- public void setSecurity(CT client) throws CadiException { throw new CadiException("Example exception"); }
- public int setLastResponse(int respCode) { return respCode; }
- }
+ private class SecuritySetterStub<CT> implements SecuritySetter<CT> {
+ public String getID() { return "Example ID"; }
+ public void setSecurity(CT client) throws CadiException { throw new CadiException("Example exception"); }
+ public int setLastResponse(int respCode) { return respCode; }
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_UsersDump.java b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_UsersDump.java
index 7d7ca77c..86a12ca0 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_UsersDump.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_UsersDump.java
@@ -43,103 +43,103 @@ import org.onap.aaf.cadi.util.Split;
public class JU_UsersDump {
- private ByteArrayOutputStream outStream;
- private ByteArrayOutputStream stdoutSuppressor;
-
- private static final String expected = "<?xml version='1.0' encoding='utf-8'?>\n" +
- "<!--\n" +
- " Code Generated Tomcat Users and Roles from AT&T LUR on ...\n" +
- "-->\n" +
- "<tomcat-users>\n" +
- " <role rolename=\"suser\"/>\n" +
- " <role rolename=\"admin\"/>\n" +
- " <role rolename=\"groupB\"/>\n" +
- " <role rolename=\"groupA\"/>\n" +
- " \n" +
- " <user username=\"yourname@none\" roles=\"admin\"/>\n" +
- " <user username=\"m1234@none\" roles=\"suser\"/>\n" +
- " <user username=\"hisname@none\" roles=\"suser\"/>\n" +
- " <user username=\"hername@none\" roles=\"suser\"/>\n" +
- " <user username=\"myname\" roles=\"groupB,groupA\"/>\n" +
- " <user username=\"myname@none\" roles=\"admin\"/>\n" +
- "</tomcat-users>\n";
-
- private final static String groups = "myname:groupA,groupB";
- private final static String names = "admin:myname,yourname;suser:hisname,hername,m1234";
-
- private AbsUserCache<LocalPermission> lur;
-
- @Before
- public void setup() throws IOException {
- outStream = new ByteArrayOutputStream();
- stdoutSuppressor = new ByteArrayOutputStream();
-
- System.setOut(new PrintStream(stdoutSuppressor));
-
- lur = new LocalLur(new PropAccess(), groups, names);
- }
-
- @After
- public void tearDown() {
- System.setOut(System.out);
- }
-
- @Test
- public void writeTest() throws IOException {
- UsersDump.write(outStream, lur);
- String[] actualLines = Split.splitTrim('\n', outStream.toString());
- String[] expectedLines = Split.splitTrim('\n', expected);
- for (String s : actualLines) {
- System.out.println(s);
- }
-
- assertThat(actualLines.length, is(expectedLines.length));
-
- // Check that the output starts with an XML tag
- assertThat(actualLines[0], is(expectedLines[0]));
- // Check that lines 2-4 are a comment
- assertThat(actualLines[1], is(expectedLines[1]));
- assertThat(actualLines[3], is(expectedLines[3]));
-
- // Check that the rest of the output matches the expected output
- for (int i = 4; i < actualLines.length; i++) {
- assertThat(actualLines[i], is(expectedLines[i]));
- }
-
- // Run the test again with outStream as a PrintStream (for coverage)
- outStream.reset();
- UsersDump.write(new PrintStream(outStream), lur);
- actualLines = Split.splitTrim('\n', outStream.toString());
-
- assertThat(actualLines.length, is(expectedLines.length));
-
- // Check that the output starts with an XML tag
- assertThat(actualLines[0], is(expectedLines[0]));
- // Check that lines 2-4 are a comment
- assertThat(actualLines[1], is(expectedLines[1]));
- assertThat(actualLines[3], is(expectedLines[3]));
-
- // Check that the rest of the output matches the expected output
- for (int i = 4; i < actualLines.length; i++) {
- assertThat(actualLines[i], is(expectedLines[i]));
- }
- }
-
- @Test
- public void updateUsersTest() {
- String output;
- File outputFile = new File("src/test/resources/userdump.xml");
- assertThat(outputFile.exists(), is(false));
-
- output = UsersDump.updateUsers("src/test/resources/userdump.xml", (LocalLur) lur);
- assertThat(output, is(nullValue()));
- assertThat(outputFile.exists(), is(true));
-
- output = UsersDump.updateUsers("src/test/resources/userdump.xml", (LocalLur) lur);
- assertThat(output, is(nullValue()));
- assertThat(outputFile.exists(), is(true));
-
- outputFile.delete();
- }
+ private ByteArrayOutputStream outStream;
+ private ByteArrayOutputStream stdoutSuppressor;
+
+ private static final String expected = "<?xml version='1.0' encoding='utf-8'?>\n" +
+ "<!--\n" +
+ " Code Generated Tomcat Users and Roles from AT&T LUR on ...\n" +
+ "-->\n" +
+ "<tomcat-users>\n" +
+ " <role rolename=\"suser\"/>\n" +
+ " <role rolename=\"admin\"/>\n" +
+ " <role rolename=\"groupB\"/>\n" +
+ " <role rolename=\"groupA\"/>\n" +
+ " \n" +
+ " <user username=\"yourname@none\" roles=\"admin\"/>\n" +
+ " <user username=\"m1234@none\" roles=\"suser\"/>\n" +
+ " <user username=\"hisname@none\" roles=\"suser\"/>\n" +
+ " <user username=\"hername@none\" roles=\"suser\"/>\n" +
+ " <user username=\"myname\" roles=\"groupB,groupA\"/>\n" +
+ " <user username=\"myname@none\" roles=\"admin\"/>\n" +
+ "</tomcat-users>\n";
+
+ private final static String groups = "myname:groupA,groupB";
+ private final static String names = "admin:myname,yourname;suser:hisname,hername,m1234";
+
+ private AbsUserCache<LocalPermission> lur;
+
+ @Before
+ public void setup() throws IOException {
+ outStream = new ByteArrayOutputStream();
+ stdoutSuppressor = new ByteArrayOutputStream();
+
+ System.setOut(new PrintStream(stdoutSuppressor));
+
+ lur = new LocalLur(new PropAccess(), groups, names);
+ }
+
+ @After
+ public void tearDown() {
+ System.setOut(System.out);
+ }
+
+ @Test
+ public void writeTest() throws IOException {
+ UsersDump.write(outStream, lur);
+ String[] actualLines = Split.splitTrim('\n', outStream.toString());
+ String[] expectedLines = Split.splitTrim('\n', expected);
+ for (String s : actualLines) {
+ System.out.println(s);
+ }
+
+ assertThat(actualLines.length, is(expectedLines.length));
+
+ // Check that the output starts with an XML tag
+ assertThat(actualLines[0], is(expectedLines[0]));
+ // Check that lines 2-4 are a comment
+ assertThat(actualLines[1], is(expectedLines[1]));
+ assertThat(actualLines[3], is(expectedLines[3]));
+
+ // Check that the rest of the output matches the expected output
+ for (int i = 4; i < actualLines.length; i++) {
+ assertThat(actualLines[i], is(expectedLines[i]));
+ }
+
+ // Run the test again with outStream as a PrintStream (for coverage)
+ outStream.reset();
+ UsersDump.write(new PrintStream(outStream), lur);
+ actualLines = Split.splitTrim('\n', outStream.toString());
+
+ assertThat(actualLines.length, is(expectedLines.length));
+
+ // Check that the output starts with an XML tag
+ assertThat(actualLines[0], is(expectedLines[0]));
+ // Check that lines 2-4 are a comment
+ assertThat(actualLines[1], is(expectedLines[1]));
+ assertThat(actualLines[3], is(expectedLines[3]));
+
+ // Check that the rest of the output matches the expected output
+ for (int i = 4; i < actualLines.length; i++) {
+ assertThat(actualLines[i], is(expectedLines[i]));
+ }
+ }
+
+ @Test
+ public void updateUsersTest() {
+ String output;
+ File outputFile = new File("src/test/resources/userdump.xml");
+ assertThat(outputFile.exists(), is(false));
+
+ output = UsersDump.updateUsers("src/test/resources/userdump.xml", (LocalLur) lur);
+ assertThat(output, is(nullValue()));
+ assertThat(outputFile.exists(), is(true));
+
+ output = UsersDump.updateUsers("src/test/resources/userdump.xml", (LocalLur) lur);
+ assertThat(output, is(nullValue()));
+ assertThat(outputFile.exists(), is(true));
+
+ outputFile.delete();
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java
index 6daa2720..f57bb93e 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java
@@ -44,64 +44,64 @@ import javax.servlet.http.HttpServletResponse;
public class JU_AUTHZServlet {
- @Mock private Servlet servletMock;
- @Mock private ServletConfig servletConfigMock;
- @Mock private HttpServletRequest reqMock;
- @Mock private HttpServletResponse respMock;
- @Mock private ServletRequestWrapper servletWrapperMock;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- }
-
- @Test
- public void test() throws ServletException, IOException {
- AUTHZServletStub servlet = new AUTHZServletStub(Servlet.class);
-
- try {
- servlet.init(servletConfigMock);
- fail("Should've thrown an exception");
- } catch (ServletException e) {
- assertThat(e.getMessage(), is("Invalid Servlet Delegate"));
- }
-
- setPrivateField(AUTHZServlet.class, "delegate", servlet, servletMock);
- servlet.init(servletConfigMock);
- servlet.getServletConfig();
- servlet.getServletInfo();
-
- servlet.service(reqMock, respMock);
-
- String[] roles = new String[] {"role1", "role2"};
- setPrivateField(AUTHZServlet.class, "roles", servlet, roles);
- servlet.service(reqMock, respMock);
-
- when(reqMock.isUserInRole("role1")).thenReturn(true);
- servlet.service(reqMock, respMock);
-
- try {
- servlet.service(servletWrapperMock, respMock);
- fail("Should've thrown an exception");
- } catch (ServletException e) {
- assertThat(e.getMessage(), is("JASPIServlet only supports HTTPServletRequest/HttpServletResponse"));
- }
- servlet.destroy();
- }
-
- private class AUTHZServletStub extends AUTHZServlet<Servlet> {
- public AUTHZServletStub(Class<Servlet> cls) { super(cls); }
- }
-
- private void setPrivateField(Class<?> clazz, String fieldName, Object target, Object value) {
- try {
- Field field = clazz.getDeclaredField(fieldName);
- field.setAccessible(true);
- field.set(target, value);
- field.setAccessible(false);
- } catch(Exception e) {
- System.err.println("Could not set field [" + fieldName + "] to " + value);
- }
- }
+ @Mock private Servlet servletMock;
+ @Mock private ServletConfig servletConfigMock;
+ @Mock private HttpServletRequest reqMock;
+ @Mock private HttpServletResponse respMock;
+ @Mock private ServletRequestWrapper servletWrapperMock;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ }
+
+ @Test
+ public void test() throws ServletException, IOException {
+ AUTHZServletStub servlet = new AUTHZServletStub(Servlet.class);
+
+ try {
+ servlet.init(servletConfigMock);
+ fail("Should've thrown an exception");
+ } catch (ServletException e) {
+ assertThat(e.getMessage(), is("Invalid Servlet Delegate"));
+ }
+
+ setPrivateField(AUTHZServlet.class, "delegate", servlet, servletMock);
+ servlet.init(servletConfigMock);
+ servlet.getServletConfig();
+ servlet.getServletInfo();
+
+ servlet.service(reqMock, respMock);
+
+ String[] roles = new String[] {"role1", "role2"};
+ setPrivateField(AUTHZServlet.class, "roles", servlet, roles);
+ servlet.service(reqMock, respMock);
+
+ when(reqMock.isUserInRole("role1")).thenReturn(true);
+ servlet.service(reqMock, respMock);
+
+ try {
+ servlet.service(servletWrapperMock, respMock);
+ fail("Should've thrown an exception");
+ } catch (ServletException e) {
+ assertThat(e.getMessage(), is("JASPIServlet only supports HTTPServletRequest/HttpServletResponse"));
+ }
+ servlet.destroy();
+ }
+
+ private class AUTHZServletStub extends AUTHZServlet<Servlet> {
+ public AUTHZServletStub(Class<Servlet> cls) { super(cls); }
+ }
+
+ private void setPrivateField(Class<?> clazz, String fieldName, Object target, Object value) {
+ try {
+ Field field = clazz.getDeclaredField(fieldName);
+ field.setAccessible(true);
+ field.set(target, value);
+ field.setAccessible(false);
+ } catch(Exception e) {
+ System.err.println("Could not set field [" + fieldName + "] to " + value);
+ }
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AccessGetter.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AccessGetter.java
index b53a9ea9..d3b28dc4 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AccessGetter.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AccessGetter.java
@@ -34,21 +34,21 @@ import org.onap.aaf.cadi.filter.AccessGetter;
public class JU_AccessGetter {
- private static final String tag = "tag";
- private static final String value = "value";
-
- private PropAccess access;
-
- @Before
- public void setup() {
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- access.setProperty(tag, value);
- }
-
- @Test
- public void test() {
- AccessGetter getter = new AccessGetter(access);
- assertThat(getter.get(tag, null, false), is(value));
- }
+ private static final String tag = "tag";
+ private static final String value = "value";
+
+ private PropAccess access;
+
+ @Before
+ public void setup() {
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ access.setProperty(tag, value);
+ }
+
+ @Test
+ public void test() {
+ AccessGetter getter = new AccessGetter(access);
+ assertThat(getter.get(tag, null, false), is(value));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_MapPermConverter.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_MapPermConverter.java
index 9fb951a2..397424a0 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_MapPermConverter.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_MapPermConverter.java
@@ -29,17 +29,17 @@ import org.onap.aaf.cadi.filter.MapPermConverter;
public class JU_MapPermConverter {
- private static final String tag = "tag";
- private static final String value = "value";
- private static final String nontag = "nontag";
+ private static final String tag = "tag";
+ private static final String value = "value";
+ private static final String nontag = "nontag";
- @Test
- public void test() {
- MapPermConverter converter = new MapPermConverter();
- assertThat(converter.map().isEmpty(), is(true));
- converter.map().put(tag, value);
- assertThat(converter.convert(tag), is(value));
- assertThat(converter.convert(nontag), is(nontag));
- }
+ @Test
+ public void test() {
+ MapPermConverter converter = new MapPermConverter();
+ assertThat(converter.map().isEmpty(), is(true));
+ converter.map().put(tag, value);
+ assertThat(converter.convert(tag), is(value));
+ assertThat(converter.convert(nontag), is(nontag));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_NullPermConverter.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_NullPermConverter.java
index 0a6dc2d5..fd6d22e9 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_NullPermConverter.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_NullPermConverter.java
@@ -29,10 +29,10 @@ import org.onap.aaf.cadi.filter.NullPermConverter;
public class JU_NullPermConverter {
- @Test
- public void test() {
- NullPermConverter converter = NullPermConverter.singleton();
- assertThat(converter.convert("test"), is("test"));
- }
+ @Test
+ public void test() {
+ NullPermConverter converter = NullPermConverter.singleton();
+ assertThat(converter.convert("test"), is("test"));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_PathFilter.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_PathFilter.java
index a36dd462..78b0fbc6 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_PathFilter.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_PathFilter.java
@@ -48,58 +48,58 @@ import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.cadi.filter.PathFilter;
public class JU_PathFilter {
-
- private PropAccess access;
-
- @Mock private FilterConfig filterConfigMock;
- @Mock private ServletContext contextMock;
- @Mock private HttpServletRequest reqMock;
- @Mock private HttpServletResponse respMock;
- @Mock private FilterChain chainMock;
- @Mock private Principal princMock;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- when(filterConfigMock.getServletContext()).thenReturn(contextMock);
- when(reqMock.getUserPrincipal()).thenReturn(princMock);
- when(princMock.getName()).thenReturn("name");
+
+ private PropAccess access;
+
+ @Mock private FilterConfig filterConfigMock;
+ @Mock private ServletContext contextMock;
+ @Mock private HttpServletRequest reqMock;
+ @Mock private HttpServletResponse respMock;
+ @Mock private FilterChain chainMock;
+ @Mock private Principal princMock;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ when(filterConfigMock.getServletContext()).thenReturn(contextMock);
+ when(reqMock.getUserPrincipal()).thenReturn(princMock);
+ when(princMock.getName()).thenReturn("name");
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- }
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ }
- @Test
- public void test() throws ServletException, IOException {
- PathFilter pathFilter = new PathFilter(access);
- try {
- pathFilter.init(filterConfigMock);
- fail("Should've thrown an exception");
- } catch (ServletException e) {
- assertThat(e.getMessage(), is("PathFilter - pathfilter_ns is not set"));
- }
-
- when(contextMock.getAttribute(Config.PATHFILTER_NS)).thenReturn(5);
- when(contextMock.getAttribute(Config.PATHFILTER_STACK)).thenReturn(5);
- when(contextMock.getAttribute(Config.PATHFILTER_URLPATTERN)).thenReturn(5);
- when(contextMock.getAttribute(Config.PATHFILTER_NOT_AUTHORIZED_MSG)).thenReturn(5);
- pathFilter.init(filterConfigMock);
-
- pathFilter.doFilter(reqMock, respMock, chainMock);
+ @Test
+ public void test() throws ServletException, IOException {
+ PathFilter pathFilter = new PathFilter(access);
+ try {
+ pathFilter.init(filterConfigMock);
+ fail("Should've thrown an exception");
+ } catch (ServletException e) {
+ assertThat(e.getMessage(), is("PathFilter - pathfilter_ns is not set"));
+ }
+
+ when(contextMock.getAttribute(Config.PATHFILTER_NS)).thenReturn(5);
+ when(contextMock.getAttribute(Config.PATHFILTER_STACK)).thenReturn(5);
+ when(contextMock.getAttribute(Config.PATHFILTER_URLPATTERN)).thenReturn(5);
+ when(contextMock.getAttribute(Config.PATHFILTER_NOT_AUTHORIZED_MSG)).thenReturn(5);
+ pathFilter.init(filterConfigMock);
+
+ pathFilter.doFilter(reqMock, respMock, chainMock);
- when(reqMock.isUserInRole(anyString())).thenReturn(true);
- pathFilter.doFilter(reqMock, respMock, chainMock);
-
- pathFilter.destroy();
+ when(reqMock.isUserInRole(anyString())).thenReturn(true);
+ pathFilter.doFilter(reqMock, respMock, chainMock);
+
+ pathFilter.destroy();
- pathFilter = new PathFilter();
- pathFilter.init(filterConfigMock);
-
- pathFilter.doFilter(reqMock, respMock, chainMock);
+ pathFilter = new PathFilter();
+ pathFilter.init(filterConfigMock);
+
+ pathFilter.doFilter(reqMock, respMock, chainMock);
- when(reqMock.isUserInRole(anyString())).thenReturn(false);
- pathFilter.doFilter(reqMock, respMock, chainMock);
-
- pathFilter.destroy();
- }
+ when(reqMock.isUserInRole(anyString())).thenReturn(false);
+ pathFilter.doFilter(reqMock, respMock, chainMock);
+
+ pathFilter.destroy();
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_ConfigPrincipal.java b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_ConfigPrincipal.java
index 9853f88e..88301a6c 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_ConfigPrincipal.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_ConfigPrincipal.java
@@ -32,48 +32,48 @@ import org.onap.aaf.cadi.lur.ConfigPrincipal;
public class JU_ConfigPrincipal {
- private final String name = "User";
- private final String pass = "pass";
+ private final String name = "User";
+ private final String pass = "pass";
- // Expected output of base64("User:pass")
- private final String b64encoded = "VXNlcjpwYXNz";
+ // Expected output of base64("User:pass")
+ private final String b64encoded = "VXNlcjpwYXNz";
- private Field content_field;
-
- @Before
- public void setup() throws NoSuchFieldException {
- content_field = ConfigPrincipal.class.getDeclaredField("content");
- content_field.setAccessible(true);
- }
+ private Field content_field;
+
+ @Before
+ public void setup() throws NoSuchFieldException {
+ content_field = ConfigPrincipal.class.getDeclaredField("content");
+ content_field.setAccessible(true);
+ }
- @Test
- public void testConfigPrincipalStringString() throws IOException, IllegalArgumentException, IllegalAccessException {
- ConfigPrincipal p = new ConfigPrincipal(name, pass);
-
- assertThat(p.getName(), is(name));
- assertThat(p.toString(), is(name));
- assertThat(p.getCred(), is(pass.getBytes()));
- assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
- content_field.set(p, "pass");
- assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
+ @Test
+ public void testConfigPrincipalStringString() throws IOException, IllegalArgumentException, IllegalAccessException {
+ ConfigPrincipal p = new ConfigPrincipal(name, pass);
+
+ assertThat(p.getName(), is(name));
+ assertThat(p.toString(), is(name));
+ assertThat(p.getCred(), is(pass.getBytes()));
+ assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
+ content_field.set(p, "pass");
+ assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
- // One more time for coverage purposes
- assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
- }
+ // One more time for coverage purposes
+ assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
+ }
- @Test
- public void testConfigPrincipalStringByteArray() throws IOException, IllegalArgumentException, IllegalAccessException {
- ConfigPrincipal p = new ConfigPrincipal(name, pass.getBytes());
-
- assertThat(p.getName(), is(name));
- assertThat(p.toString(), is(name));
- assertThat(p.getCred(), is(pass.getBytes()));
- assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
- content_field.set(p, "pass");
- assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
+ @Test
+ public void testConfigPrincipalStringByteArray() throws IOException, IllegalArgumentException, IllegalAccessException {
+ ConfigPrincipal p = new ConfigPrincipal(name, pass.getBytes());
+
+ assertThat(p.getName(), is(name));
+ assertThat(p.toString(), is(name));
+ assertThat(p.getCred(), is(pass.getBytes()));
+ assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
+ content_field.set(p, "pass");
+ assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
- // One more time for coverage purposes
- assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
- }
-
+ // One more time for coverage purposes
+ assertThat(p.getAsBasicAuthHeader(), is("Basic " + b64encoded));
+ }
+
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_EpiLur.java b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_EpiLur.java
index b99030eb..c1a43f0d 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_EpiLur.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_EpiLur.java
@@ -45,84 +45,84 @@ import org.onap.aaf.cadi.lur.EpiLur;
public class JU_EpiLur {
- private ArrayList<Permission> perms;
- private CredValStub lurMock3;
+ private ArrayList<Permission> perms;
+ private CredValStub lurMock3;
- @Mock private Lur lurMock1;
- @Mock private CachingLur<?> lurMock2;
- @Mock private Principal princMock;
- @Mock private Permission permMock;
+ @Mock private Lur lurMock1;
+ @Mock private CachingLur<?> lurMock2;
+ @Mock private Principal princMock;
+ @Mock private Permission permMock;
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
- perms = new ArrayList<>();
- perms.add(permMock);
+ perms = new ArrayList<>();
+ perms.add(permMock);
- lurMock3 = new CredValStub();
- }
+ lurMock3 = new CredValStub();
+ }
- @Test
- public void test() throws CadiException {
- EpiLur lur;
- try {
- lur = new EpiLur();
- } catch (CadiException e) {
- assertThat(e.getMessage(), is("Need at least one Lur implementation in constructor"));
- }
- lur = new EpiLur(lurMock1, lurMock2, lurMock3);
- assertThat(lur.fish(null, null), is(false));
+ @Test
+ public void test() throws CadiException {
+ EpiLur lur;
+ try {
+ lur = new EpiLur();
+ } catch (CadiException e) {
+ assertThat(e.getMessage(), is("Need at least one Lur implementation in constructor"));
+ }
+ lur = new EpiLur(lurMock1, lurMock2, lurMock3);
+ assertThat(lur.fish(null, null), is(false));
- assertThat(lur.fish(princMock, permMock), is(false));
+ assertThat(lur.fish(princMock, permMock), is(false));
- when(lurMock2.handlesExclusively(permMock)).thenReturn(true);
- assertThat(lur.fish(princMock, permMock), is(false));
+ when(lurMock2.handlesExclusively(permMock)).thenReturn(true);
+ assertThat(lur.fish(princMock, permMock), is(false));
- when(lurMock2.fish(princMock, permMock)).thenReturn(true);
- assertThat(lur.fish(princMock, permMock), is(true));
+ when(lurMock2.fish(princMock, permMock)).thenReturn(true);
+ assertThat(lur.fish(princMock, permMock), is(true));
- lur.fishAll(princMock, perms);
+ lur.fishAll(princMock, perms);
- assertThat(lur.handlesExclusively(permMock), is(false));
+ assertThat(lur.handlesExclusively(permMock), is(false));
- assertThat(lur.get(-1), is(nullValue()));
- assertThat(lur.get(0), is(lurMock1));
- assertThat(lur.get(1), is((Lur)lurMock2));
- assertThat(lur.get(2), is((Lur)lurMock3));
- assertThat(lur.get(3), is(nullValue()));
+ assertThat(lur.get(-1), is(nullValue()));
+ assertThat(lur.get(0), is(lurMock1));
+ assertThat(lur.get(1), is((Lur)lurMock2));
+ assertThat(lur.get(2), is((Lur)lurMock3));
+ assertThat(lur.get(3), is(nullValue()));
- assertThat(lur.handles(princMock), is(false));
- when(lurMock2.handles(princMock)).thenReturn(true);
- assertThat(lur.handles(princMock), is(true));
+ assertThat(lur.handles(princMock), is(false));
+ when(lurMock2.handles(princMock)).thenReturn(true);
+ assertThat(lur.handles(princMock), is(true));
- lur.remove("id");
+ lur.remove("id");
- lur.clear(princMock, null);
+ lur.clear(princMock, null);
- assertThat(lur.createPerm("perm"), is(not(nullValue())));
+ assertThat(lur.createPerm("perm"), is(not(nullValue())));
- lur.getUserPassImpl();
- assertThat(lur.getUserPassImpl(), is((CredVal)lurMock3));
+ lur.getUserPassImpl();
+ assertThat(lur.getUserPassImpl(), is((CredVal)lurMock3));
- lur.toString();
- lur.destroy();
+ lur.toString();
+ lur.destroy();
- lur = new EpiLur(lurMock1, lurMock2);
- assertThat(lur.getUserPassImpl(), is(nullValue()));
+ lur = new EpiLur(lurMock1, lurMock2);
+ assertThat(lur.getUserPassImpl(), is(nullValue()));
- assertThat(lur.subLur(Lur.class), is(nullValue()));
- }
+ assertThat(lur.subLur(Lur.class), is(nullValue()));
+ }
- private class CredValStub implements Lur, CredVal {
- @Override public boolean validate(String user, Type type, byte[] cred, Object state) { return false; }
- @Override public Permission createPerm(String p) { return null; }
- @Override public boolean fish(Principal bait, Permission ... pond) { return false; }
- @Override public void fishAll(Principal bait, List<Permission> permissions) { }
- @Override public void destroy() { }
- @Override public boolean handlesExclusively(Permission ... pond) { return false; }
- @Override public boolean handles(Principal principal) { return false; }
- @Override public void clear(Principal p, StringBuilder report) { }
- }
+ private class CredValStub implements Lur, CredVal {
+ @Override public boolean validate(String user, Type type, byte[] cred, Object state) { return false; }
+ @Override public Permission createPerm(String p) { return null; }
+ @Override public boolean fish(Principal bait, Permission ... pond) { return false; }
+ @Override public void fishAll(Principal bait, List<Permission> permissions) { }
+ @Override public void destroy() { }
+ @Override public boolean handlesExclusively(Permission ... pond) { return false; }
+ @Override public boolean handles(Principal principal) { return false; }
+ @Override public void clear(Principal p, StringBuilder report) { }
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalLur.java b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalLur.java
index f35f81c1..e291cd20 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalLur.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalLur.java
@@ -47,126 +47,126 @@ import org.onap.aaf.cadi.lur.LocalPermission;
public class JU_LocalLur {
- private PropAccess access;
- private ByteArrayOutputStream outStream;
-
- @Mock Permission permMock;
-
- @Before
- public void setup() throws IOException {
- MockitoAnnotations.initMocks(this);
-
- outStream = new ByteArrayOutputStream();
- access = new PropAccess(new PrintStream(outStream), new String[0]) {
- @Override public String decrypt(String encrypted, boolean anytext) throws IOException {
- return rot13(encrypted);
- }
- @Override public String encrypt(String unencrypted) throws IOException {
- return rot13(unencrypted);
- }
- };
-
- }
-
- @Test
- public void test() throws IOException {
- final String password = "<pass>";
- final String encrypted = rot13(password);
-
- LocalLur lur;
- List<AbsUserCache<LocalPermission>.DumpInfo> info;
-
- lur = new LocalLur(access, null, null);
- assertThat(lur.dumpInfo().size(), is(0));
-
- lur = new LocalLur(access, "user1", null);
- info = lur.dumpInfo();
- assertThat(info.size(), is(1));
- assertThat(info.get(0).user, is("user1"));
-
- lur.clearAll();
- assertThat(lur.dumpInfo().size(), is(0));
-
- lur = new LocalLur(access, "user1%" + encrypted, null);
- info = lur.dumpInfo();
- assertThat(info.size(), is(1));
- assertThat(info.get(0).user, is("user1@none"));
-
- lur.clearAll();
- assertThat(lur.dumpInfo().size(), is(0));
-
- lur = new LocalLur(access, "user1@domain%" + encrypted, null);
- info = lur.dumpInfo();
- assertThat(info.size(), is(1));
- assertThat(info.get(0).user, is("user1@domain"));
-
- lur = new LocalLur(access, "user1@domain%" + encrypted + ":groupA", null);
- info = lur.dumpInfo();
- assertThat(info.size(), is(1));
- assertThat(info.get(0).user, is("user1@domain"));
-
- when(permMock.getKey()).thenReturn("groupA");
- assertThat(lur.handlesExclusively(permMock), is(true));
- when(permMock.getKey()).thenReturn("groupB");
- assertThat(lur.handlesExclusively(permMock), is(false));
-
- assertThat(lur.fish(null, null), is(false));
-
- Principal princ = new ConfigPrincipal("user1@localized", encrypted);
-
- lur = new LocalLur(access, "user1@localized%" + password + ":groupA", null);
- assertThat(lur.fish(princ, lur.createPerm("groupA")), is(true));
- assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
- assertThat(lur.fish(princ, permMock), is(false));
-
- princ = new ConfigPrincipal("user1@domain", encrypted);
- assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
-
- princ = new ConfigPrincipal("user1@localized", "badpass");
- assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
-
- assertThat(lur.handles(null), is(false));
-
- lur.fishAll(null, null);
-
- List<Permission> perms = new ArrayList<>();
- perms.add(lur.createPerm("groupB"));
- perms.add(lur.createPerm("groupA"));
- princ = new ConfigPrincipal("user1@localized", encrypted);
- lur.fishAll(princ, perms);
- princ = new ConfigPrincipal("user1@localized", "badpass");
- lur.fishAll(princ, perms);
-
- assertThat(lur.validate(null, null, null, null), is(false));
- assertThat(lur.validate("user", null, "badpass".getBytes(), null), is(false));
- assertThat(lur.validate("user1@localized", null, encrypted.getBytes(), null), is(false));
-
- lur = new LocalLur(access, "user1@localized%" + password + ":groupA", null);
- assertThat(lur.validate("user1@localized", Type.PASSWORD, encrypted.getBytes(), null), is(true));
-
- lur = new LocalLur(access, null, "admin");
- lur = new LocalLur(access, null, "admin:user1");
- lur = new LocalLur(access, null, "admin:user1@localized");
- lur = new LocalLur(access, null, "admin:user1@localized,user2@localized%" + password + ";user:user1@localized");
- }
-
- public static String rot13(String input) {
- StringBuilder sb = new StringBuilder();
- for (int i = 0; i < input.length(); i++) {
- char c = input.charAt(i);
- if (c >= 'a' && c <= 'm') {
- c += 13;
- } else if (c >= 'A' && c <= 'M') {
- c += 13;
- } else if (c >= 'n' && c <= 'z') {
- c -= 13;
- } else if (c >= 'N' && c <= 'Z') {
- c -= 13;
- }
- sb.append(c);
- }
- return sb.toString();
- }
+ private PropAccess access;
+ private ByteArrayOutputStream outStream;
+
+ @Mock Permission permMock;
+
+ @Before
+ public void setup() throws IOException {
+ MockitoAnnotations.initMocks(this);
+
+ outStream = new ByteArrayOutputStream();
+ access = new PropAccess(new PrintStream(outStream), new String[0]) {
+ @Override public String decrypt(String encrypted, boolean anytext) throws IOException {
+ return rot13(encrypted);
+ }
+ @Override public String encrypt(String unencrypted) throws IOException {
+ return rot13(unencrypted);
+ }
+ };
+
+ }
+
+ @Test
+ public void test() throws IOException {
+ final String password = "<pass>";
+ final String encrypted = rot13(password);
+
+ LocalLur lur;
+ List<AbsUserCache<LocalPermission>.DumpInfo> info;
+
+ lur = new LocalLur(access, null, null);
+ assertThat(lur.dumpInfo().size(), is(0));
+
+ lur = new LocalLur(access, "user1", null);
+ info = lur.dumpInfo();
+ assertThat(info.size(), is(1));
+ assertThat(info.get(0).user, is("user1"));
+
+ lur.clearAll();
+ assertThat(lur.dumpInfo().size(), is(0));
+
+ lur = new LocalLur(access, "user1%" + encrypted, null);
+ info = lur.dumpInfo();
+ assertThat(info.size(), is(1));
+ assertThat(info.get(0).user, is("user1@none"));
+
+ lur.clearAll();
+ assertThat(lur.dumpInfo().size(), is(0));
+
+ lur = new LocalLur(access, "user1@domain%" + encrypted, null);
+ info = lur.dumpInfo();
+ assertThat(info.size(), is(1));
+ assertThat(info.get(0).user, is("user1@domain"));
+
+ lur = new LocalLur(access, "user1@domain%" + encrypted + ":groupA", null);
+ info = lur.dumpInfo();
+ assertThat(info.size(), is(1));
+ assertThat(info.get(0).user, is("user1@domain"));
+
+ when(permMock.getKey()).thenReturn("groupA");
+ assertThat(lur.handlesExclusively(permMock), is(true));
+ when(permMock.getKey()).thenReturn("groupB");
+ assertThat(lur.handlesExclusively(permMock), is(false));
+
+ assertThat(lur.fish(null, null), is(false));
+
+ Principal princ = new ConfigPrincipal("user1@localized", encrypted);
+
+ lur = new LocalLur(access, "user1@localized%" + password + ":groupA", null);
+ assertThat(lur.fish(princ, lur.createPerm("groupA")), is(true));
+ assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
+ assertThat(lur.fish(princ, permMock), is(false));
+
+ princ = new ConfigPrincipal("user1@domain", encrypted);
+ assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
+
+ princ = new ConfigPrincipal("user1@localized", "badpass");
+ assertThat(lur.fish(princ, lur.createPerm("groupB")), is(false));
+
+ assertThat(lur.handles(null), is(false));
+
+ lur.fishAll(null, null);
+
+ List<Permission> perms = new ArrayList<>();
+ perms.add(lur.createPerm("groupB"));
+ perms.add(lur.createPerm("groupA"));
+ princ = new ConfigPrincipal("user1@localized", encrypted);
+ lur.fishAll(princ, perms);
+ princ = new ConfigPrincipal("user1@localized", "badpass");
+ lur.fishAll(princ, perms);
+
+ assertThat(lur.validate(null, null, null, null), is(false));
+ assertThat(lur.validate("user", null, "badpass".getBytes(), null), is(false));
+ assertThat(lur.validate("user1@localized", null, encrypted.getBytes(), null), is(false));
+
+ lur = new LocalLur(access, "user1@localized%" + password + ":groupA", null);
+ assertThat(lur.validate("user1@localized", Type.PASSWORD, encrypted.getBytes(), null), is(true));
+
+ lur = new LocalLur(access, null, "admin");
+ lur = new LocalLur(access, null, "admin:user1");
+ lur = new LocalLur(access, null, "admin:user1@localized");
+ lur = new LocalLur(access, null, "admin:user1@localized,user2@localized%" + password + ";user:user1@localized");
+ }
+
+ public static String rot13(String input) {
+ StringBuilder sb = new StringBuilder();
+ for (int i = 0; i < input.length(); i++) {
+ char c = input.charAt(i);
+ if (c >= 'a' && c <= 'm') {
+ c += 13;
+ } else if (c >= 'A' && c <= 'M') {
+ c += 13;
+ } else if (c >= 'n' && c <= 'z') {
+ c -= 13;
+ } else if (c >= 'N' && c <= 'Z') {
+ c -= 13;
+ }
+ sb.append(c);
+ }
+ return sb.toString();
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalPermission.java b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalPermission.java
index f4b051a8..4e378cb9 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalPermission.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_LocalPermission.java
@@ -34,38 +34,38 @@ import org.onap.aaf.cadi.Permission;
public class JU_LocalPermission {
- @Mock
- Permission perm;
+ @Mock
+ Permission perm;
- private LocalPermission localPerm;
- private String role = "Fake Role";
+ private LocalPermission localPerm;
+ private String role = "Fake Role";
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- when(perm.getKey()).thenReturn(role);
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ when(perm.getKey()).thenReturn(role);
- localPerm = new LocalPermission(role);
- }
+ localPerm = new LocalPermission(role);
+ }
- @Test
- public void getKeyTest() {
- assertThat(localPerm.getKey(), is(role));
- }
+ @Test
+ public void getKeyTest() {
+ assertThat(localPerm.getKey(), is(role));
+ }
- @Test
- public void toStringTest() {
- assertThat(localPerm.toString(), is(role));
- }
+ @Test
+ public void toStringTest() {
+ assertThat(localPerm.toString(), is(role));
+ }
- @Test
- public void matchTest() {
- assertTrue(localPerm.match(perm));
- }
+ @Test
+ public void matchTest() {
+ assertTrue(localPerm.match(perm));
+ }
- @Test
- public void permTypeTest() {
- assertThat(localPerm.permType(), is("LOCAL"));
- }
+ @Test
+ public void permTypeTest() {
+ assertThat(localPerm.permType(), is("LOCAL"));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_NullLur.java b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_NullLur.java
index 1a7293d3..c88a608b 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_NullLur.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/lur/test/JU_NullLur.java
@@ -36,45 +36,45 @@ import org.onap.aaf.cadi.lur.NullLur;
public class JU_NullLur {
- @Mock
- Principal p;
+ @Mock
+ Principal p;
- @Mock
- Permission perm;
+ @Mock
+ Permission perm;
- @Mock
- List<Permission> perms;
+ @Mock
+ List<Permission> perms;
- private NullLur nullLur;
+ private NullLur nullLur;
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
- nullLur = new NullLur();
- }
+ nullLur = new NullLur();
+ }
- @Test
- public void coverageTests() throws Exception {
+ @Test
+ public void coverageTests() throws Exception {
- Field nullClass = NullLur.class.getDeclaredField("NULL");
- nullClass.setAccessible(true);
- assertThat(((Permission) nullClass.get(NullLur.class)).permType(), is(""));
- assertThat(((Permission) nullClass.get(NullLur.class)).getKey(), is(""));
- assertFalse(((Permission) nullClass.get(NullLur.class)).match(perm));
+ Field nullClass = NullLur.class.getDeclaredField("NULL");
+ nullClass.setAccessible(true);
+ assertThat(((Permission) nullClass.get(NullLur.class)).permType(), is(""));
+ assertThat(((Permission) nullClass.get(NullLur.class)).getKey(), is(""));
+ assertFalse(((Permission) nullClass.get(NullLur.class)).match(perm));
- nullLur.fishAll(p, perms);
- nullLur.destroy();
+ nullLur.fishAll(p, perms);
+ nullLur.destroy();
- assertFalse(nullLur.fish(p, perm));
- assertFalse(nullLur.handlesExclusively(perm));
- assertFalse(nullLur.handles(p));
- assertThat(nullLur.createPerm(""), is(nullClass.get(NullLur.class)));
+ assertFalse(nullLur.fish(p, perm));
+ assertFalse(nullLur.handlesExclusively(perm));
+ assertFalse(nullLur.handles(p));
+ assertThat(nullLur.createPerm(""), is(nullClass.get(NullLur.class)));
- StringBuilder sb = new StringBuilder();
- nullLur.clear(p, sb);
- assertThat(sb.toString(), is("NullLur\n"));
- assertThat(nullLur.toString(), is("NullLur\n"));
- }
+ StringBuilder sb = new StringBuilder();
+ nullLur.clear(p, sb);
+ assertThat(sb.toString(), is("NullLur\n"));
+ assertThat(nullLur.toString(), is("NullLur\n"));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java
index 32d6cd0a..e67e096f 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_BasicPrincipal.java
@@ -40,85 +40,85 @@ import org.onap.aaf.cadi.principal.BasicPrincipal;
public class JU_BasicPrincipal {
- @Test
- public void Constructor1Test() throws Exception {
- // Test that everything works when the content doesn't contain "Basic"
- BasicPrincipal bp = new BasicPrincipal("content", "domain");
- assertThat(bp.getName(), is("content"));
- assertThat(bp.getCred(), is(nullValue()));
-
- // Test sending a user without an implicit domain
- String name = "User";
- String password = "password";
- String content = name + ":" + password;
- String domain = "exampledomain.com";
- String encrypted = new String(Symm.base64.encode(content.getBytes()));
- bp = new BasicPrincipal("Basic " + encrypted, domain);
- assertThat(bp.getShortName(), is(name));
- assertThat(bp.getName(), is(name + "@" + domain));
- assertThat(bp.getCred(), is(password.getBytes()));
-
- // Test sending a user with an implicit domain
- String longName = name + "@" + domain + ":" + password;
- encrypted = new String(Symm.base64.encode(longName.getBytes()));
- bp = new BasicPrincipal("Basic " + encrypted, domain);
- assertThat(bp.getShortName(), is(name));
- assertThat(bp.getName(), is(name + "@" + domain));
- assertThat(bp.getCred(), is(password.getBytes()));
-
- // Check that an exception is throw if no name is given in the content
- try {
- bp = new BasicPrincipal("Basic " + new String(Symm.base64.encode("no name".getBytes())), "");
- fail("Should have thrown an exception");
- } catch (IOException e) {
- assertThat(e.getMessage(), is("Invalid Coding"));
- }
- }
-
- @Test
- public void Constructor2Test() {
- String name = "User";
- String password = "password";
- BasicCred bc = mock(BasicCred.class);
- when(bc.getUser()).thenReturn(name);
- when(bc.getCred()).thenReturn(password.getBytes());
-
- BasicPrincipal bp = new BasicPrincipal(bc, "domain");
- assertThat(bp.getName(), is(name));
- assertThat(bp.getCred(), is(password.getBytes()));
- }
-
- @Test
- public void accessorsTest() throws IOException {
- String name = "User";
- String password = "password";
- String content = name + ":" + password;
- String domain = "exampledomain.com";
- String encrypted = new String(Symm.base64.encode(content.getBytes()));
- String bearer = "bearer";
- long created = System.currentTimeMillis();
- BasicPrincipal bp = new BasicPrincipal("Basic " + encrypted, domain);
- bp.setBearer(bearer);
-
- String expected = "Basic Authorization for " + name + "@" + domain + " evaluated on " + new Date(bp.created()).toString();
- assertTrue(Math.abs(bp.created() - created) < 10);
- assertThat(bp.toString(), is(expected));
- assertThat(bp.tag(), is("BAth"));
- assertThat(bp.personalName(), is(bp.getName()));
-
- // This test hits the abstract class BearerPrincipal
- assertThat(bp.getBearer(), is(bearer));
- }
-
-
- @Test
- public void coverageTest() throws IOException {
- String name = "User";
- String password = "password:with:colons";
- String content = name + ":" + password;
- String encrypted = new String(Symm.base64.encode(content.getBytes()));
- @SuppressWarnings("unused")
- BasicPrincipal bp = new BasicPrincipal("Basic " + encrypted, "domain");
- }
+ @Test
+ public void Constructor1Test() throws Exception {
+ // Test that everything works when the content doesn't contain "Basic"
+ BasicPrincipal bp = new BasicPrincipal("content", "domain");
+ assertThat(bp.getName(), is("content"));
+ assertThat(bp.getCred(), is(nullValue()));
+
+ // Test sending a user without an implicit domain
+ String name = "User";
+ String password = "password";
+ String content = name + ":" + password;
+ String domain = "exampledomain.com";
+ String encrypted = new String(Symm.base64.encode(content.getBytes()));
+ bp = new BasicPrincipal("Basic " + encrypted, domain);
+ assertThat(bp.getShortName(), is(name));
+ assertThat(bp.getName(), is(name + "@" + domain));
+ assertThat(bp.getCred(), is(password.getBytes()));
+
+ // Test sending a user with an implicit domain
+ String longName = name + "@" + domain + ":" + password;
+ encrypted = new String(Symm.base64.encode(longName.getBytes()));
+ bp = new BasicPrincipal("Basic " + encrypted, domain);
+ assertThat(bp.getShortName(), is(name));
+ assertThat(bp.getName(), is(name + "@" + domain));
+ assertThat(bp.getCred(), is(password.getBytes()));
+
+ // Check that an exception is throw if no name is given in the content
+ try {
+ bp = new BasicPrincipal("Basic " + new String(Symm.base64.encode("no name".getBytes())), "");
+ fail("Should have thrown an exception");
+ } catch (IOException e) {
+ assertThat(e.getMessage(), is("Invalid Coding"));
+ }
+ }
+
+ @Test
+ public void Constructor2Test() {
+ String name = "User";
+ String password = "password";
+ BasicCred bc = mock(BasicCred.class);
+ when(bc.getUser()).thenReturn(name);
+ when(bc.getCred()).thenReturn(password.getBytes());
+
+ BasicPrincipal bp = new BasicPrincipal(bc, "domain");
+ assertThat(bp.getName(), is(name));
+ assertThat(bp.getCred(), is(password.getBytes()));
+ }
+
+ @Test
+ public void accessorsTest() throws IOException {
+ String name = "User";
+ String password = "password";
+ String content = name + ":" + password;
+ String domain = "exampledomain.com";
+ String encrypted = new String(Symm.base64.encode(content.getBytes()));
+ String bearer = "bearer";
+ long created = System.currentTimeMillis();
+ BasicPrincipal bp = new BasicPrincipal("Basic " + encrypted, domain);
+ bp.setBearer(bearer);
+
+ String expected = "Basic Authorization for " + name + "@" + domain + " evaluated on " + new Date(bp.created()).toString();
+ assertTrue(Math.abs(bp.created() - created) < 10);
+ assertThat(bp.toString(), is(expected));
+ assertThat(bp.tag(), is("BAth"));
+ assertThat(bp.personalName(), is(bp.getName()));
+
+ // This test hits the abstract class BearerPrincipal
+ assertThat(bp.getBearer(), is(bearer));
+ }
+
+
+ @Test
+ public void coverageTest() throws IOException {
+ String name = "User";
+ String password = "password:with:colons";
+ String content = name + ":" + password;
+ String encrypted = new String(Symm.base64.encode(content.getBytes()));
+ @SuppressWarnings("unused")
+ BasicPrincipal bp = new BasicPrincipal("Basic " + encrypted, "domain");
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_CachedBasicPrincipal.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_CachedBasicPrincipal.java
index 20e1d4d9..5b780c9a 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_CachedBasicPrincipal.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_CachedBasicPrincipal.java
@@ -43,82 +43,82 @@ import org.onap.aaf.cadi.principal.CachedBasicPrincipal;
import org.onap.aaf.cadi.taf.HttpTaf;
public class JU_CachedBasicPrincipal {
- private Field creatorField;
- private Field timeToLiveField;
-
- @Mock
- private HttpTaf creator;
-
- private CachedPrincipal.Resp resp;
-
- @Before
- public void setup() throws NoSuchFieldException, SecurityException {
- MockitoAnnotations.initMocks(this);
-
- creatorField = CachedBasicPrincipal.class.getDeclaredField("creator");
- timeToLiveField = CachedBasicPrincipal.class.getDeclaredField("timeToLive");
-
- creatorField.setAccessible(true);
- timeToLiveField.setAccessible(true);
- }
-
- @Test
- public void Constructor1Test() throws IllegalArgumentException, IllegalAccessException {
- String name = "User";
- String password = "password";
- BasicCred bc = mock(BasicCred.class);
- when(bc.getUser()).thenReturn(name);
- when(bc.getCred()).thenReturn(password.getBytes());
-
- long timeToLive = 10000L;
- long expires = System.currentTimeMillis() + timeToLive;
- CachedBasicPrincipal cbp = new CachedBasicPrincipal(creator, bc, "domain", timeToLive);
-
- assertThat((HttpTaf)creatorField.get(cbp), is(creator));
- assertThat((Long)timeToLiveField.get(cbp), is(timeToLive));
- assertTrue(Math.abs(cbp.expires() - expires) < 10);
- }
-
- @Test
- public void Constructor2Test() throws Exception {
- String name = "User";
- String password = "password";
- String content = name + ":" + password;
- long timeToLive = 10000L;
- long expires = System.currentTimeMillis() + timeToLive;
- CachedBasicPrincipal cbp = new CachedBasicPrincipal(creator, content, "domain", timeToLive);
-
- assertThat((HttpTaf)creatorField.get(cbp), is(creator));
- assertThat((Long)timeToLiveField.get(cbp), is(timeToLive));
- assertTrue(Math.abs(cbp.expires() - expires) < 10);
- }
-
- @Test
- public void revalidateTest() throws IOException, IllegalArgumentException, IllegalAccessException, InterruptedException {
- resp = CachedPrincipal.Resp.REVALIDATED;
- when(creator.revalidate((CachedPrincipal)any(), any())).thenReturn(resp);
-
- String name = "User";
- String password = "password";
- String content = name + ":" + password;
- long timeToLive = 10000L;
- long expires = System.currentTimeMillis() + timeToLive;
- CachedBasicPrincipal cbp = new CachedBasicPrincipal(creator, content, "domain", timeToLive);
-
- assertTrue(Math.abs(cbp.expires() - expires) < 10);
-
- Thread.sleep(1);
- expires = System.currentTimeMillis() + timeToLive;
- assertThat(cbp.revalidate(new Object()), is(resp));
- assertTrue(Math.abs(cbp.expires() - expires) < 10);
-
- resp = CachedPrincipal.Resp.UNVALIDATED;
- when(creator.revalidate((CachedPrincipal)any(), any())).thenReturn(resp);
- expires = System.currentTimeMillis() + timeToLive;
- cbp = new CachedBasicPrincipal(creator, content, "domain", timeToLive);
-
- assertThat(cbp.revalidate(new Object()), is(resp));
- assertTrue(Math.abs(cbp.expires() - expires) < 10);
- }
+ private Field creatorField;
+ private Field timeToLiveField;
+
+ @Mock
+ private HttpTaf creator;
+
+ private CachedPrincipal.Resp resp;
+
+ @Before
+ public void setup() throws NoSuchFieldException, SecurityException {
+ MockitoAnnotations.initMocks(this);
+
+ creatorField = CachedBasicPrincipal.class.getDeclaredField("creator");
+ timeToLiveField = CachedBasicPrincipal.class.getDeclaredField("timeToLive");
+
+ creatorField.setAccessible(true);
+ timeToLiveField.setAccessible(true);
+ }
+
+ @Test
+ public void Constructor1Test() throws IllegalArgumentException, IllegalAccessException {
+ String name = "User";
+ String password = "password";
+ BasicCred bc = mock(BasicCred.class);
+ when(bc.getUser()).thenReturn(name);
+ when(bc.getCred()).thenReturn(password.getBytes());
+
+ long timeToLive = 10000L;
+ long expires = System.currentTimeMillis() + timeToLive;
+ CachedBasicPrincipal cbp = new CachedBasicPrincipal(creator, bc, "domain", timeToLive);
+
+ assertThat((HttpTaf)creatorField.get(cbp), is(creator));
+ assertThat((Long)timeToLiveField.get(cbp), is(timeToLive));
+ assertTrue(Math.abs(cbp.expires() - expires) < 10);
+ }
+
+ @Test
+ public void Constructor2Test() throws Exception {
+ String name = "User";
+ String password = "password";
+ String content = name + ":" + password;
+ long timeToLive = 10000L;
+ long expires = System.currentTimeMillis() + timeToLive;
+ CachedBasicPrincipal cbp = new CachedBasicPrincipal(creator, content, "domain", timeToLive);
+
+ assertThat((HttpTaf)creatorField.get(cbp), is(creator));
+ assertThat((Long)timeToLiveField.get(cbp), is(timeToLive));
+ assertTrue(Math.abs(cbp.expires() - expires) < 10);
+ }
+
+ @Test
+ public void revalidateTest() throws IOException, IllegalArgumentException, IllegalAccessException, InterruptedException {
+ resp = CachedPrincipal.Resp.REVALIDATED;
+ when(creator.revalidate((CachedPrincipal)any(), any())).thenReturn(resp);
+
+ String name = "User";
+ String password = "password";
+ String content = name + ":" + password;
+ long timeToLive = 10000L;
+ long expires = System.currentTimeMillis() + timeToLive;
+ CachedBasicPrincipal cbp = new CachedBasicPrincipal(creator, content, "domain", timeToLive);
+
+ assertTrue(Math.abs(cbp.expires() - expires) < 10);
+
+ Thread.sleep(1);
+ expires = System.currentTimeMillis() + timeToLive;
+ assertThat(cbp.revalidate(new Object()), is(resp));
+ assertTrue(Math.abs(cbp.expires() - expires) < 10);
+
+ resp = CachedPrincipal.Resp.UNVALIDATED;
+ when(creator.revalidate((CachedPrincipal)any(), any())).thenReturn(resp);
+ expires = System.currentTimeMillis() + timeToLive;
+ cbp = new CachedBasicPrincipal(creator, content, "domain", timeToLive);
+
+ assertThat(cbp.revalidate(new Object()), is(resp));
+ assertTrue(Math.abs(cbp.expires() - expires) < 10);
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_Kind.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_Kind.java
index e9bd799c..04b9367b 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_Kind.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_Kind.java
@@ -36,35 +36,35 @@ import org.onap.aaf.cadi.principal.X509Principal;
public class JU_Kind {
- @Mock
- private TrustPrincipal trust;
+ @Mock
+ private TrustPrincipal trust;
- @Mock
- private X509Principal x509;
+ @Mock
+ private X509Principal x509;
- @Mock
- private OAuth2FormPrincipal oauth;
+ @Mock
+ private OAuth2FormPrincipal oauth;
- @Mock
- private BasicPrincipal basic;
+ @Mock
+ private BasicPrincipal basic;
- @Before
- public void setup() throws SecurityException {
- MockitoAnnotations.initMocks(this);
- }
+ @Before
+ public void setup() throws SecurityException {
+ MockitoAnnotations.initMocks(this);
+ }
- @Test
- public void getKind() {
- assertThat(Kind.getKind(trust), is('U'));
- assertThat(Kind.getKind(x509), is('X'));
- assertThat(Kind.getKind(oauth), is('O'));
- assertThat(Kind.getKind(basic), is('B'));
- }
+ @Test
+ public void getKind() {
+ assertThat(Kind.getKind(trust), is('U'));
+ assertThat(Kind.getKind(x509), is('X'));
+ assertThat(Kind.getKind(oauth), is('O'));
+ assertThat(Kind.getKind(basic), is('B'));
+ }
- @Test
- public void coverageTest() {
- @SuppressWarnings("unused")
- Kind kind = new Kind();
- }
+ @Test
+ public void coverageTest() {
+ @SuppressWarnings("unused")
+ Kind kind = new Kind();
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_OAuth2FormPrincipal.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_OAuth2FormPrincipal.java
index c0b1c2af..c9623fb9 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_OAuth2FormPrincipal.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_OAuth2FormPrincipal.java
@@ -30,27 +30,27 @@ import org.onap.aaf.cadi.principal.OAuth2FormPrincipal;
public class JU_OAuth2FormPrincipal {
- private String username = "user";
- private String id = "id";
-
- @Test
- public void accessorsTest() {
- OAuth2FormPrincipal oauth = new OAuth2FormPrincipal(id, username);
- assertThat(oauth.getName(), is(username));
- assertThat(oauth.client_id(), is(id));
- assertThat(oauth.tag(), is("OAuth"));
- }
-
- @Test
- public void personalNameTest() {
- OAuth2FormPrincipal oauth = new OAuth2FormPrincipal(id, username);
- assertThat(oauth.personalName(), is(username + "|" + id));
-
- oauth = new OAuth2FormPrincipal(id, null);
- assertThat(oauth.personalName(), is(id));
-
- oauth = new OAuth2FormPrincipal(id, id);
- assertThat(oauth.personalName(), is(id));
- }
+ private String username = "user";
+ private String id = "id";
+
+ @Test
+ public void accessorsTest() {
+ OAuth2FormPrincipal oauth = new OAuth2FormPrincipal(id, username);
+ assertThat(oauth.getName(), is(username));
+ assertThat(oauth.client_id(), is(id));
+ assertThat(oauth.tag(), is("OAuth"));
+ }
+
+ @Test
+ public void personalNameTest() {
+ OAuth2FormPrincipal oauth = new OAuth2FormPrincipal(id, username);
+ assertThat(oauth.personalName(), is(username + "|" + id));
+
+ oauth = new OAuth2FormPrincipal(id, null);
+ assertThat(oauth.personalName(), is(id));
+
+ oauth = new OAuth2FormPrincipal(id, id);
+ assertThat(oauth.personalName(), is(id));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_StringTagLookup.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_StringTagLookup.java
index cce86255..a76e01f7 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_StringTagLookup.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_StringTagLookup.java
@@ -30,11 +30,11 @@ import org.onap.aaf.cadi.principal.StringTagLookup;
public class JU_StringTagLookup {
- @Test
- public void accessorsTest() throws Exception {
- String tag = "tag";
- StringTagLookup stl = new StringTagLookup(tag);
- assertThat(stl.lookup(), is(tag));
- }
+ @Test
+ public void accessorsTest() throws Exception {
+ String tag = "tag";
+ StringTagLookup stl = new StringTagLookup(tag);
+ assertThat(stl.lookup(), is(tag));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_TaggedPrincipal.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_TaggedPrincipal.java
index 2bbfee23..3dfe8d86 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_TaggedPrincipal.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_TaggedPrincipal.java
@@ -33,36 +33,36 @@ import org.onap.aaf.cadi.principal.StringTagLookup;
public class JU_TaggedPrincipal {
- private final String name = "stubbedName";
- private final String tag = "tag";
+ private final String name = "stubbedName";
+ private final String tag = "tag";
- private class TaggedPrincipalStub extends TaggedPrincipal {
- public TaggedPrincipalStub() { super(); }
- public TaggedPrincipalStub(final TagLookup tl) { super(tl); }
- @Override public String getName() { return name; }
- @Override public String tag() { return null; }
- }
+ private class TaggedPrincipalStub extends TaggedPrincipal {
+ public TaggedPrincipalStub() { super(); }
+ public TaggedPrincipalStub(final TagLookup tl) { super(tl); }
+ @Override public String getName() { return name; }
+ @Override public String tag() { return null; }
+ }
- private class WhinyTagLookup implements TagLookup {
- public WhinyTagLookup(final String tag) { }
- @Override
- public String lookup() throws CadiException {
- throw new CadiException();
- }
- }
+ private class WhinyTagLookup implements TagLookup {
+ public WhinyTagLookup(final String tag) { }
+ @Override
+ public String lookup() throws CadiException {
+ throw new CadiException();
+ }
+ }
- @Test
- public void personalNameTest() {
- TaggedPrincipal tp = new TaggedPrincipalStub();
- assertThat(tp.personalName(), is(name));
+ @Test
+ public void personalNameTest() {
+ TaggedPrincipal tp = new TaggedPrincipalStub();
+ assertThat(tp.personalName(), is(name));
- StringTagLookup stl = new StringTagLookup(tag);
- tp = new TaggedPrincipalStub(stl);
- assertThat(tp.personalName(), is(tag));
+ StringTagLookup stl = new StringTagLookup(tag);
+ tp = new TaggedPrincipalStub(stl);
+ assertThat(tp.personalName(), is(tag));
- WhinyTagLookup wtl = new WhinyTagLookup(tag);
- tp.setTagLookup(wtl);
- assertThat(tp.personalName(), is(name));
- }
+ WhinyTagLookup wtl = new WhinyTagLookup(tag);
+ tp.setTagLookup(wtl);
+ assertThat(tp.personalName(), is(name));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_TrustPrincipal.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_TrustPrincipal.java
index 12b4bc9f..ed1ae4c9 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_TrustPrincipal.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_TrustPrincipal.java
@@ -34,58 +34,58 @@ import org.onap.aaf.cadi.principal.TrustPrincipal;
public class JU_TrustPrincipal {
- private final String ucName = "UserChain";
- private final String uc = "This is a UserChain";
- private final String taggedName = "TaggedPrincipal";
- private final String tag = "tag";
- private final String pName = "Principal";
+ private final String ucName = "UserChain";
+ private final String uc = "This is a UserChain";
+ private final String taggedName = "TaggedPrincipal";
+ private final String tag = "tag";
+ private final String pName = "Principal";
- private class UserChainPrincipalStub implements Principal, UserChain {
- @Override public String userChain() { return uc; }
- @Override public String getName() { return ucName; }
- }
+ private class UserChainPrincipalStub implements Principal, UserChain {
+ @Override public String userChain() { return uc; }
+ @Override public String getName() { return ucName; }
+ }
- private class TaggedPrincipalStub extends TaggedPrincipal {
- public TaggedPrincipalStub() { super(); }
- @Override public String getName() { return taggedName; }
- @Override public String tag() { return tag; }
- }
+ private class TaggedPrincipalStub extends TaggedPrincipal {
+ public TaggedPrincipalStub() { super(); }
+ @Override public String getName() { return taggedName; }
+ @Override public String tag() { return tag; }
+ }
- private class PrincipalStub implements Principal {
- @Override public String getName() { return pName; }
- }
+ private class PrincipalStub implements Principal {
+ @Override public String getName() { return pName; }
+ }
- @Test
- public void userChainConstructorTest() {
- UserChainPrincipalStub ucps = new UserChainPrincipalStub();
- TrustPrincipal tp = new TrustPrincipal(ucps, taggedName);
- assertThat(tp.getName(), is(taggedName));
- assertThat(tp.userChain(), is(uc));
- assertSame(tp.original(), ucps);
- assertThat(tp.tag(), is(uc));
- assertThat(tp.personalName(), is(ucName + '[' + uc + ']'));
- }
+ @Test
+ public void userChainConstructorTest() {
+ UserChainPrincipalStub ucps = new UserChainPrincipalStub();
+ TrustPrincipal tp = new TrustPrincipal(ucps, taggedName);
+ assertThat(tp.getName(), is(taggedName));
+ assertThat(tp.userChain(), is(uc));
+ assertSame(tp.original(), ucps);
+ assertThat(tp.tag(), is(uc));
+ assertThat(tp.personalName(), is(ucName + '[' + uc + ']'));
+ }
- @Test
- public void taggedPrincipalConstructorTest() {
- TaggedPrincipal tagged = new TaggedPrincipalStub();
- TrustPrincipal tp = new TrustPrincipal(tagged, taggedName);
- assertThat(tp.getName(), is(taggedName));
- assertThat(tp.userChain(), is(tag));
- assertSame(tp.original(), tagged);
- assertThat(tp.tag(), is(tag));
- assertThat(tp.personalName(), is(taggedName + '[' + tag + ']'));
- }
+ @Test
+ public void taggedPrincipalConstructorTest() {
+ TaggedPrincipal tagged = new TaggedPrincipalStub();
+ TrustPrincipal tp = new TrustPrincipal(tagged, taggedName);
+ assertThat(tp.getName(), is(taggedName));
+ assertThat(tp.userChain(), is(tag));
+ assertSame(tp.original(), tagged);
+ assertThat(tp.tag(), is(tag));
+ assertThat(tp.personalName(), is(taggedName + '[' + tag + ']'));
+ }
- @Test
- public void principalConstructorTest() {
- Principal principal = new PrincipalStub();
- TrustPrincipal tp = new TrustPrincipal(principal, pName);
- assertThat(tp.getName(), is(pName));
- assertThat(tp.userChain(), is(principal.getClass().getSimpleName()));
- assertSame(tp.original(), principal);
- assertThat(tp.tag(), is(principal.getClass().getSimpleName()));
- assertThat(tp.personalName(), is(pName + '[' + principal.getClass().getSimpleName() + ']'));
- }
+ @Test
+ public void principalConstructorTest() {
+ Principal principal = new PrincipalStub();
+ TrustPrincipal tp = new TrustPrincipal(principal, pName);
+ assertThat(tp.getName(), is(pName));
+ assertThat(tp.userChain(), is(principal.getClass().getSimpleName()));
+ assertSame(tp.original(), principal);
+ assertThat(tp.tag(), is(principal.getClass().getSimpleName()));
+ assertThat(tp.personalName(), is(pName + '[' + principal.getClass().getSimpleName() + ']'));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_UnAuthPrincipal.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_UnAuthPrincipal.java
index c0095131..60fc88e2 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_UnAuthPrincipal.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_UnAuthPrincipal.java
@@ -30,12 +30,12 @@ import org.onap.aaf.cadi.principal.UnAuthPrincipal;
public class JU_UnAuthPrincipal {
- private final String name = "name";
+ private final String name = "name";
- @Test
- public void accessorsTest() {
- UnAuthPrincipal up = new UnAuthPrincipal(name);
- assertThat(up.getName(), is(name));
- }
+ @Test
+ public void accessorsTest() {
+ UnAuthPrincipal up = new UnAuthPrincipal(name);
+ assertThat(up.getName(), is(name));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_X509Principal.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_X509Principal.java
index 0857a870..a8839f2c 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_X509Principal.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_X509Principal.java
@@ -38,103 +38,103 @@ import org.onap.aaf.cadi.principal.X509Principal;
public class JU_X509Principal {
- private final String name = "x509 name";
- private final byte[] cred = "super duper secret password".getBytes();
-
- @Mock
- X509Certificate cert;
-
- @Mock
- Principal subject;
-
- @Before
- public void setup() throws CertificateEncodingException {
- MockitoAnnotations.initMocks(this);
- when(cert.getEncoded()).thenReturn(cred);
- }
-
- @Test
- public void constructor1Test() throws IOException {
- X509Principal x509 = new X509Principal(name, cert);
- // Call twice to hit both branches
- assertThat(x509.getAsHeader(), is("X509 " + cred));
- assertThat(x509.getAsHeader(), is("X509 " + cred));
- assertThat(x509.toString(), is("X509 Authentication for " + name));
- assertTrue(x509.getCred().equals(cred));
- assertThat(x509.getName(), is(name));
- assertThat(x509.tag(), is("x509"));
- }
-
- @Test
- public void constructor2Test() throws IOException {
- X509Principal x509 = new X509Principal(name, cert, cred,null);
- // Call twice to hit both branches
- assertThat(x509.getAsHeader(), is("X509 " + cred));
- assertThat(x509.toString(), is("X509 Authentication for " + name));
- assertTrue(x509.getCred().equals(cred));
- assertThat(x509.getName(), is(name));
- assertThat(x509.tag(), is("x509"));
- }
-
- @Test
- public void constructor3Test() throws IOException {
- final String longName = "name@domain";
- when(subject.getName()).thenReturn("OU=" + longName + ",extra");
- when(cert.getSubjectDN()).thenReturn(subject);
- X509Principal x509 = new X509Principal(cert, cred,null);
- // Call twice to hit both branches
- assertThat(x509.getAsHeader(), is("X509 " + cred));
- assertThat(x509.toString(), is("X509 Authentication for " + longName));
- assertTrue(x509.getCred().equals(cred));
- assertThat(x509.getName(), is(longName));
-
- when(subject.getName()).thenReturn(longName + ",extra");
- when(cert.getSubjectDN()).thenReturn(subject);
- try {
- x509 = new X509Principal(cert, cred, null);
- fail("Should have thrown an Exception");
- } catch(IOException e) {
- assertThat(e.getMessage(), is("X509 does not have Identity as CN"));
- }
-
- when(subject.getName()).thenReturn("OU=" + longName);
- when(cert.getSubjectDN()).thenReturn(subject);
- try {
- x509 = new X509Principal(cert, cred, null);
- fail("Should have thrown an Exception");
- } catch(IOException e) {
- assertThat(e.getMessage(), is("X509 does not have Identity as CN"));
- }
-
- when(subject.getName()).thenReturn("OU=" + name + ",exta");
- when(cert.getSubjectDN()).thenReturn(subject);
- try {
- x509 = new X509Principal(cert, cred, null);
- fail("Should have thrown an Exception");
- } catch(IOException e) {
- assertThat(e.getMessage(), is("X509 does not have Identity as CN"));
- }
-
- }
-
- @Test
- public void throwsTest() throws CertificateEncodingException {
- when(cert.getEncoded()).thenThrow(new CertificateEncodingException());
- X509Principal x509 = new X509Principal(name, cert);
- assertThat(x509.getCred(), is(nullValue()));
- try {
- x509.getAsHeader();
- fail("Should have thrown an Exception");
- } catch (IOException e) {
- }
- }
-
- @Test
- public void getCredTest() {
- X509Principal x509 = new X509Principal(name, cert);
- // Call twice to hit both branches
- assertTrue(x509.getCred().equals(cred));
- assertTrue(x509.getCred().equals(cred));
- }
+ private final String name = "x509 name";
+ private final byte[] cred = "super duper secret password".getBytes();
+
+ @Mock
+ X509Certificate cert;
+
+ @Mock
+ Principal subject;
+
+ @Before
+ public void setup() throws CertificateEncodingException {
+ MockitoAnnotations.initMocks(this);
+ when(cert.getEncoded()).thenReturn(cred);
+ }
+
+ @Test
+ public void constructor1Test() throws IOException {
+ X509Principal x509 = new X509Principal(name, cert);
+ // Call twice to hit both branches
+ assertThat(x509.getAsHeader(), is("X509 " + cred));
+ assertThat(x509.getAsHeader(), is("X509 " + cred));
+ assertThat(x509.toString(), is("X509 Authentication for " + name));
+ assertTrue(x509.getCred().equals(cred));
+ assertThat(x509.getName(), is(name));
+ assertThat(x509.tag(), is("x509"));
+ }
+
+ @Test
+ public void constructor2Test() throws IOException {
+ X509Principal x509 = new X509Principal(name, cert, cred,null);
+ // Call twice to hit both branches
+ assertThat(x509.getAsHeader(), is("X509 " + cred));
+ assertThat(x509.toString(), is("X509 Authentication for " + name));
+ assertTrue(x509.getCred().equals(cred));
+ assertThat(x509.getName(), is(name));
+ assertThat(x509.tag(), is("x509"));
+ }
+
+ @Test
+ public void constructor3Test() throws IOException {
+ final String longName = "name@domain";
+ when(subject.getName()).thenReturn("OU=" + longName + ",extra");
+ when(cert.getSubjectDN()).thenReturn(subject);
+ X509Principal x509 = new X509Principal(cert, cred,null);
+ // Call twice to hit both branches
+ assertThat(x509.getAsHeader(), is("X509 " + cred));
+ assertThat(x509.toString(), is("X509 Authentication for " + longName));
+ assertTrue(x509.getCred().equals(cred));
+ assertThat(x509.getName(), is(longName));
+
+ when(subject.getName()).thenReturn(longName + ",extra");
+ when(cert.getSubjectDN()).thenReturn(subject);
+ try {
+ x509 = new X509Principal(cert, cred, null);
+ fail("Should have thrown an Exception");
+ } catch(IOException e) {
+ assertThat(e.getMessage(), is("X509 does not have Identity as CN"));
+ }
+
+ when(subject.getName()).thenReturn("OU=" + longName);
+ when(cert.getSubjectDN()).thenReturn(subject);
+ try {
+ x509 = new X509Principal(cert, cred, null);
+ fail("Should have thrown an Exception");
+ } catch(IOException e) {
+ assertThat(e.getMessage(), is("X509 does not have Identity as CN"));
+ }
+
+ when(subject.getName()).thenReturn("OU=" + name + ",exta");
+ when(cert.getSubjectDN()).thenReturn(subject);
+ try {
+ x509 = new X509Principal(cert, cred, null);
+ fail("Should have thrown an Exception");
+ } catch(IOException e) {
+ assertThat(e.getMessage(), is("X509 does not have Identity as CN"));
+ }
+
+ }
+
+ @Test
+ public void throwsTest() throws CertificateEncodingException {
+ when(cert.getEncoded()).thenThrow(new CertificateEncodingException());
+ X509Principal x509 = new X509Principal(name, cert);
+ assertThat(x509.getCred(), is(nullValue()));
+ try {
+ x509.getAsHeader();
+ fail("Should have thrown an Exception");
+ } catch (IOException e) {
+ }
+ }
+
+ @Test
+ public void getCredTest() {
+ X509Principal x509 = new X509Principal(name, cert);
+ // Call twice to hit both branches
+ assertTrue(x509.getCred().equals(cred));
+ assertTrue(x509.getCred().equals(cred));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/basic/test/JU_BasicHttpTaf.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/basic/test/JU_BasicHttpTaf.java
index 137eab3b..b5f019d4 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/basic/test/JU_BasicHttpTaf.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/basic/test/JU_BasicHttpTaf.java
@@ -67,121 +67,121 @@ import org.onap.aaf.cadi.taf.basic.BasicHttpTaf;
public class JU_BasicHttpTaf {
- private final static String realm = "realm";
- private final static String id = "id";
- private final static String addr = "addr";
-
- private final static String name = "User";
- private final static String password = "password";
- private final static String content = name + ":" + password;
- private static String encrypted;
-
- private final static long timeToLive = 10000L;
-
- private PropAccess access;
-
- @Mock private HttpServletResponse respMock;
- @Mock private HttpServletRequest reqMock;
- @Mock private CredVal rbacMock;
- @Mock private CachedPrincipal princMock;
-
- @Before
- public void setup() throws IOException {
- MockitoAnnotations.initMocks(this);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- encrypted = new String(Symm.base64.encode(content.getBytes()));
- }
-
- @Test
- public void test() {
- BasicHttpTaf taf = new BasicHttpTaf(access, rbacMock, realm, timeToLive, true);
- BasicCredStub bcstub = new BasicCredStub();
- assertThat(taf.validate(LifeForm.SBLF, bcstub, respMock), is(not(nullValue())));
-
- assertThat(taf.validate(LifeForm.SBLF, reqMock, respMock), is(not(nullValue())));
-
- when(reqMock.getHeader("Authorization")).thenReturn("test");
- assertThat(taf.validate(LifeForm.SBLF, reqMock, respMock), is(not(nullValue())));
-
- when(reqMock.getHeader("Authorization")).thenReturn("Basic " + encrypted);
- assertThat(taf.validate(LifeForm.SBLF, reqMock, respMock), is(not(nullValue())));
-
- assertThat(taf.revalidate(princMock, "state"), is(Resp.NOT_MINE));
-
- assertThat(taf.toString(), is("Basic Auth enabled on realm: " + realm));
- }
-
- private class BasicCredStub implements HttpServletRequest, BasicCred {
- @Override public String getUser() { return id; }
- @Override public String getRemoteAddr() { return addr; }
-
- @Override public AsyncContext getAsyncContext() { return null; }
- @Override public Object getAttribute(String arg0) { return null; }
- @Override public Enumeration<String> getAttributeNames() { return null; }
- @Override public String getCharacterEncoding() { return null; }
- @Override public int getContentLength() { return 0; }
- @Override public String getContentType() { return null; }
- @Override public DispatcherType getDispatcherType() { return null; }
- @Override public ServletInputStream getInputStream() throws IOException { return null; }
- @Override public String getLocalAddr() { return null; }
- @Override public String getLocalName() { return null; }
- @Override public int getLocalPort() { return 0; }
- @Override public Locale getLocale() { return null; }
- @Override public Enumeration<Locale> getLocales() { return null; }
- @Override public String getParameter(String arg0) { return null; }
- @Override public Map<String, String[]> getParameterMap() { return null; }
- @Override public Enumeration<String> getParameterNames() { return null; }
- @Override public String[] getParameterValues(String arg0) { return null; }
- @Override public String getProtocol() { return null; }
- @Override public BufferedReader getReader() throws IOException { return null; }
- @Override public String getRealPath(String arg0) { return null; }
- @Override public String getRemoteHost() { return null; }
- @Override public int getRemotePort() { return 0; }
- @Override public RequestDispatcher getRequestDispatcher(String arg0) { return null; }
- @Override public String getScheme() { return null; }
- @Override public String getServerName() { return null; }
- @Override public int getServerPort() { return 0; }
- @Override public ServletContext getServletContext() { return null; }
- @Override public boolean isAsyncStarted() { return false; }
- @Override public boolean isAsyncSupported() { return false; }
- @Override public boolean isSecure() { return false; }
- @Override public void removeAttribute(String arg0) { }
- @Override public void setAttribute(String arg0, Object arg1) { }
- @Override public void setCharacterEncoding(String arg0) throws UnsupportedEncodingException { }
- @Override public AsyncContext startAsync() throws IllegalStateException { return null; }
- @Override public AsyncContext startAsync(ServletRequest arg0, ServletResponse arg1) throws IllegalStateException { return null; }
- @Override public byte[] getCred() { return null; }
- @Override public void setUser(String user) { }
- @Override public void setCred(byte[] passwd) { }
- @Override public boolean authenticate(HttpServletResponse arg0) throws IOException, ServletException { return false; }
- @Override public String getAuthType() { return null; }
- @Override public String getContextPath() { return null; }
- @Override public Cookie[] getCookies() { return null; }
- @Override public long getDateHeader(String arg0) { return 0; }
- @Override public String getHeader(String arg0) { return null; }
- @Override public Enumeration<String> getHeaderNames() { return null; }
- @Override public Enumeration<String> getHeaders(String arg0) { return null; }
- @Override public int getIntHeader(String arg0) { return 0; }
- @Override public String getMethod() { return null; }
- @Override public Part getPart(String arg0) throws IOException, ServletException { return null; }
- @Override public Collection<Part> getParts() throws IOException, ServletException { return null; }
- @Override public String getPathInfo() { return null; }
- @Override public String getPathTranslated() { return null; }
- @Override public String getQueryString() { return null; }
- @Override public String getRemoteUser() { return null; }
- @Override public String getRequestURI() { return null; }
- @Override public StringBuffer getRequestURL() { return null; }
- @Override public String getRequestedSessionId() { return null; }
- @Override public String getServletPath() { return null; }
- @Override public HttpSession getSession() { return null; }
- @Override public HttpSession getSession(boolean arg0) { return null; }
- @Override public Principal getUserPrincipal() { return null; }
- @Override public boolean isRequestedSessionIdFromCookie() { return false; }
- @Override public boolean isRequestedSessionIdFromURL() { return false; }
- @Override public boolean isRequestedSessionIdFromUrl() { return false; }
- @Override public boolean isRequestedSessionIdValid() { return false; }
- @Override public boolean isUserInRole(String arg0) { return false; }
- @Override public void login(String arg0, String arg1) throws ServletException { }
- @Override public void logout() throws ServletException { }
- }
+ private final static String realm = "realm";
+ private final static String id = "id";
+ private final static String addr = "addr";
+
+ private final static String name = "User";
+ private final static String password = "password";
+ private final static String content = name + ":" + password;
+ private static String encrypted;
+
+ private final static long timeToLive = 10000L;
+
+ private PropAccess access;
+
+ @Mock private HttpServletResponse respMock;
+ @Mock private HttpServletRequest reqMock;
+ @Mock private CredVal rbacMock;
+ @Mock private CachedPrincipal princMock;
+
+ @Before
+ public void setup() throws IOException {
+ MockitoAnnotations.initMocks(this);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ encrypted = new String(Symm.base64.encode(content.getBytes()));
+ }
+
+ @Test
+ public void test() {
+ BasicHttpTaf taf = new BasicHttpTaf(access, rbacMock, realm, timeToLive, true);
+ BasicCredStub bcstub = new BasicCredStub();
+ assertThat(taf.validate(LifeForm.SBLF, bcstub, respMock), is(not(nullValue())));
+
+ assertThat(taf.validate(LifeForm.SBLF, reqMock, respMock), is(not(nullValue())));
+
+ when(reqMock.getHeader("Authorization")).thenReturn("test");
+ assertThat(taf.validate(LifeForm.SBLF, reqMock, respMock), is(not(nullValue())));
+
+ when(reqMock.getHeader("Authorization")).thenReturn("Basic " + encrypted);
+ assertThat(taf.validate(LifeForm.SBLF, reqMock, respMock), is(not(nullValue())));
+
+ assertThat(taf.revalidate(princMock, "state"), is(Resp.NOT_MINE));
+
+ assertThat(taf.toString(), is("Basic Auth enabled on realm: " + realm));
+ }
+
+ private class BasicCredStub implements HttpServletRequest, BasicCred {
+ @Override public String getUser() { return id; }
+ @Override public String getRemoteAddr() { return addr; }
+
+ @Override public AsyncContext getAsyncContext() { return null; }
+ @Override public Object getAttribute(String arg0) { return null; }
+ @Override public Enumeration<String> getAttributeNames() { return null; }
+ @Override public String getCharacterEncoding() { return null; }
+ @Override public int getContentLength() { return 0; }
+ @Override public String getContentType() { return null; }
+ @Override public DispatcherType getDispatcherType() { return null; }
+ @Override public ServletInputStream getInputStream() throws IOException { return null; }
+ @Override public String getLocalAddr() { return null; }
+ @Override public String getLocalName() { return null; }
+ @Override public int getLocalPort() { return 0; }
+ @Override public Locale getLocale() { return null; }
+ @Override public Enumeration<Locale> getLocales() { return null; }
+ @Override public String getParameter(String arg0) { return null; }
+ @Override public Map<String, String[]> getParameterMap() { return null; }
+ @Override public Enumeration<String> getParameterNames() { return null; }
+ @Override public String[] getParameterValues(String arg0) { return null; }
+ @Override public String getProtocol() { return null; }
+ @Override public BufferedReader getReader() throws IOException { return null; }
+ @Override public String getRealPath(String arg0) { return null; }
+ @Override public String getRemoteHost() { return null; }
+ @Override public int getRemotePort() { return 0; }
+ @Override public RequestDispatcher getRequestDispatcher(String arg0) { return null; }
+ @Override public String getScheme() { return null; }
+ @Override public String getServerName() { return null; }
+ @Override public int getServerPort() { return 0; }
+ @Override public ServletContext getServletContext() { return null; }
+ @Override public boolean isAsyncStarted() { return false; }
+ @Override public boolean isAsyncSupported() { return false; }
+ @Override public boolean isSecure() { return false; }
+ @Override public void removeAttribute(String arg0) { }
+ @Override public void setAttribute(String arg0, Object arg1) { }
+ @Override public void setCharacterEncoding(String arg0) throws UnsupportedEncodingException { }
+ @Override public AsyncContext startAsync() throws IllegalStateException { return null; }
+ @Override public AsyncContext startAsync(ServletRequest arg0, ServletResponse arg1) throws IllegalStateException { return null; }
+ @Override public byte[] getCred() { return null; }
+ @Override public void setUser(String user) { }
+ @Override public void setCred(byte[] passwd) { }
+ @Override public boolean authenticate(HttpServletResponse arg0) throws IOException, ServletException { return false; }
+ @Override public String getAuthType() { return null; }
+ @Override public String getContextPath() { return null; }
+ @Override public Cookie[] getCookies() { return null; }
+ @Override public long getDateHeader(String arg0) { return 0; }
+ @Override public String getHeader(String arg0) { return null; }
+ @Override public Enumeration<String> getHeaderNames() { return null; }
+ @Override public Enumeration<String> getHeaders(String arg0) { return null; }
+ @Override public int getIntHeader(String arg0) { return 0; }
+ @Override public String getMethod() { return null; }
+ @Override public Part getPart(String arg0) throws IOException, ServletException { return null; }
+ @Override public Collection<Part> getParts() throws IOException, ServletException { return null; }
+ @Override public String getPathInfo() { return null; }
+ @Override public String getPathTranslated() { return null; }
+ @Override public String getQueryString() { return null; }
+ @Override public String getRemoteUser() { return null; }
+ @Override public String getRequestURI() { return null; }
+ @Override public StringBuffer getRequestURL() { return null; }
+ @Override public String getRequestedSessionId() { return null; }
+ @Override public String getServletPath() { return null; }
+ @Override public HttpSession getSession() { return null; }
+ @Override public HttpSession getSession(boolean arg0) { return null; }
+ @Override public Principal getUserPrincipal() { return null; }
+ @Override public boolean isRequestedSessionIdFromCookie() { return false; }
+ @Override public boolean isRequestedSessionIdFromURL() { return false; }
+ @Override public boolean isRequestedSessionIdFromUrl() { return false; }
+ @Override public boolean isRequestedSessionIdValid() { return false; }
+ @Override public boolean isUserInRole(String arg0) { return false; }
+ @Override public void login(String arg0, String arg1) throws ServletException { }
+ @Override public void logout() throws ServletException { }
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/basic/test/JU_BasicHttpTafResp.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/basic/test/JU_BasicHttpTafResp.java
index 8eba1faf..641545ca 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/basic/test/JU_BasicHttpTafResp.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/basic/test/JU_BasicHttpTafResp.java
@@ -41,27 +41,27 @@ import org.onap.aaf.cadi.taf.basic.BasicHttpTafResp;
public class JU_BasicHttpTafResp {
- private final static String realm = "realm";
- private final static String description = "description";
+ private final static String realm = "realm";
+ private final static String description = "description";
- private PropAccess access;
+ private PropAccess access;
- @Mock private HttpServletResponse respMock;
- @Mock private TaggedPrincipal princMock;
+ @Mock private HttpServletResponse respMock;
+ @Mock private TaggedPrincipal princMock;
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- }
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ }
- @Test
- public void test() throws IOException {
- BasicHttpTafResp tafResp = new BasicHttpTafResp(access, princMock, description, RESP.IS_AUTHENTICATED, respMock, realm, false);
+ @Test
+ public void test() throws IOException {
+ BasicHttpTafResp tafResp = new BasicHttpTafResp(access, princMock, description, RESP.IS_AUTHENTICATED, respMock, realm, false);
- assertThat(tafResp.authenticate(), is(RESP.HTTP_REDIRECT_INVOKED));
- assertThat(tafResp.isAuthenticated(), is (RESP.IS_AUTHENTICATED));
- assertThat(tafResp.isFailedAttempt(), is(false));
- }
+ assertThat(tafResp.authenticate(), is(RESP.HTTP_REDIRECT_INVOKED));
+ assertThat(tafResp.isAuthenticated(), is (RESP.IS_AUTHENTICATED));
+ assertThat(tafResp.isFailedAttempt(), is(false));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/cert/test/JU_X509HttpTafResp.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/cert/test/JU_X509HttpTafResp.java
index 36f17ef1..83c93210 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/cert/test/JU_X509HttpTafResp.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/cert/test/JU_X509HttpTafResp.java
@@ -39,25 +39,25 @@ import org.onap.aaf.cadi.taf.cert.X509HttpTafResp;
public class JU_X509HttpTafResp {
- private final static String description = "description";
- private final static RESP status = RESP.IS_AUTHENTICATED;
-
- private PropAccess access;
-
- @Mock private TaggedPrincipal princMock;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- }
-
- @Test
- public void test() throws IOException {
- X509HttpTafResp resp = new X509HttpTafResp(access, princMock, description, status);
- assertThat(resp.authenticate(), is(RESP.TRY_ANOTHER_TAF));
- assertThat(resp.isAuthenticated(), is(status));
- assertThat(resp.toString(), is(status.name()));
- }
+ private final static String description = "description";
+ private final static RESP status = RESP.IS_AUTHENTICATED;
+
+ private PropAccess access;
+
+ @Mock private TaggedPrincipal princMock;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ }
+
+ @Test
+ public void test() throws IOException {
+ X509HttpTafResp resp = new X509HttpTafResp(access, princMock, description, status);
+ assertThat(resp.authenticate(), is(RESP.TRY_ANOTHER_TAF));
+ assertThat(resp.isAuthenticated(), is(status));
+ assertThat(resp.toString(), is(status.name()));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTaf.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTaf.java
index 997ebced..0f337d1b 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTaf.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTaf.java
@@ -48,324 +48,324 @@ import org.onap.aaf.cadi.taf.dos.DenialOfServiceTaf.Counter;
public class JU_DenialOfServiceTaf {
- @Mock
- HttpServletResponse respMock;
-
- @Mock
- HttpServletRequest reqMock1;
-
- @Mock
- HttpServletRequest reqMock2;
-
- @Mock
- HttpServletRequest reqMock3;
-
- @Mock
- Access accessMock;
-
- private File dosIPFile;
- private File dosIDFile;
- private File dosDir;
- private final String dosDirName = "test";
-
- private final String id1 = "id1";
- private final String id2 = "id2";
-
- private final String ip1 = "111.111.111.111";
- private final String ip2 = "222.222.222.222";
-
- @Before
- public void setup() throws IOException {
- MockitoAnnotations.initMocks(this);
-
- dosDir = new File(dosDirName);
- dosDir.mkdirs();
- dosIPFile = new File(dosDirName, "/dosIP");
- dosIDFile = new File(dosDirName, "/dosID");
- dosIPFile.delete();
- dosIDFile.delete();
-
- when(accessMock.getProperty(Config.AAF_DATA_DIR, null)).thenReturn(dosDirName);
- when(reqMock1.getRemoteAddr()).thenReturn(ip1);
- when(reqMock2.getRemoteAddr()).thenReturn(ip2);
-
- setPrivateField(DenialOfServiceTaf.class, "deniedIP", null);
- setPrivateField(DenialOfServiceTaf.class, "deniedID", null);
- setPrivateField(DenialOfServiceTaf.class, "dosIP", null);
- setPrivateField(DenialOfServiceTaf.class, "dosID", null);
- }
-
- @After
- public void tearDown() {
- dosIPFile = new File(dosDirName, "/dosIP");
- dosIDFile = new File(dosDirName, "/dosID");
- dosIPFile.delete();
- dosIDFile.delete();
- }
-
- @Test
- public void constructorTest() throws CadiException {
- @SuppressWarnings("unused")
- DenialOfServiceTaf dost;
-
- // coverage...
- when(accessMock.getProperty(Config.AAF_DATA_DIR, null)).thenReturn(null);
- dost = new DenialOfServiceTaf(accessMock);
-
- when(accessMock.getProperty(Config.AAF_DATA_DIR, null)).thenReturn(dosDirName);
- dost = new DenialOfServiceTaf(accessMock);
-
- // more coverage...
- dost = new DenialOfServiceTaf(accessMock);
-
- // more coverage...
- setPrivateField(DenialOfServiceTaf.class, "dosID", null);
- dost = new DenialOfServiceTaf(accessMock);
- }
-
- @Test
- public void validateTest() throws CadiException {
- DenialOfServiceTaf dost;
- TafResp tafResp;
-
- dost = new DenialOfServiceTaf(accessMock);
- tafResp = dost.validate(LifeForm.SBLF, reqMock1, respMock);
-
- assertThat(tafResp.desc(), is("Not processing this transaction: This Transaction is not denied"));
- assertThat(tafResp.taf(), is("DenialOfServiceTaf"));
-
- assertThat(DenialOfServiceTaf.denyIP(ip1), is(true));
-
- tafResp = dost.validate(LifeForm.SBLF, reqMock1, respMock);
- assertThat(tafResp.desc(), is(ip1 + " is on the IP Denial list"));
-
- tafResp = dost.validate(LifeForm.SBLF, reqMock2, respMock);
- assertThat(tafResp.desc(), is("Not processing this transaction: This Transaction is not denied"));
- assertThat(tafResp.taf(), is("DenialOfServiceTaf"));
- }
-
- @Test
- public void revalidateTest() throws CadiException {
- DenialOfServiceTaf dost = new DenialOfServiceTaf(accessMock);
- Resp resp = dost.revalidate(null, null);
- assertThat(resp, is(Resp.NOT_MINE));
- }
-
- @Test
- public void denyIPTest() throws CadiException {
- assertThat(DenialOfServiceTaf.isDeniedIP(ip1), is(nullValue()));
- assertThat(DenialOfServiceTaf.denyIP(ip1), is(true)); // true because it's been added
- assertThat(DenialOfServiceTaf.denyIP(ip2), is(true)); // true because it's been added
- assertThat(DenialOfServiceTaf.denyIP(ip1), is(false)); // false because it's already been added
- assertThat(DenialOfServiceTaf.denyIP(ip2), is(false)); // false because it's already been added
-
- Counter counter;
- counter = DenialOfServiceTaf.isDeniedIP(ip1);
- assertThat(counter.getName(), is(ip1));
- assertThat(counter.getCount(), is(0));
- assertThat(counter.getLast(), is(0L));
- assertThat(counter.toString(), is(ip1 + " is on the denied list, but has not attempted Access" ));
-
- DenialOfServiceTaf dost = new DenialOfServiceTaf(accessMock);
- dost.validate(LifeForm.SBLF, reqMock1, respMock);
- long approxTime = System.currentTimeMillis();
-
- counter = DenialOfServiceTaf.isDeniedIP(ip1);
- assertThat(counter.getName(), is(ip1));
- assertThat(counter.getCount(), is(1));
- assertThat((Math.abs(approxTime - counter.getLast()) < 10), is(true));
- assertThat(counter.toString().contains(ip1), is(true));
- assertThat(counter.toString().contains(" has been denied 1 times since "), is(true));
- assertThat(counter.toString().contains(". Last denial was "), is(true));
-
- // coverage...
- dost.validate(LifeForm.SBLF, reqMock1, respMock);
-
- assertThat(DenialOfServiceTaf.removeDenyIP(ip1), is(true));
- assertThat(DenialOfServiceTaf.removeDenyIP(ip1), is(false));
- assertThat(DenialOfServiceTaf.removeDenyIP(ip2), is(true));
- assertThat(DenialOfServiceTaf.removeDenyIP(ip2), is(false));
- }
-
- @Test
- public void denyIDTest() throws CadiException {
- assertThat(DenialOfServiceTaf.isDeniedID(id1), is(nullValue()));
- assertThat(DenialOfServiceTaf.denyID(id1), is(true)); // true because it's been added
- assertThat(DenialOfServiceTaf.denyID(id2), is(true)); // true because it's been added
- assertThat(DenialOfServiceTaf.denyID(id1), is(false)); // false because it's already been added
- assertThat(DenialOfServiceTaf.denyID(id2), is(false)); // false because it's already been added
-
- Counter counter;
- counter = DenialOfServiceTaf.isDeniedID(id1);
- assertThat(counter.getName(), is(id1));
- assertThat(counter.getCount(), is(0));
- assertThat(counter.getLast(), is(0L));
-
- assertThat(DenialOfServiceTaf.removeDenyID(id1), is(true));
- assertThat(DenialOfServiceTaf.removeDenyID(id1), is(false));
- assertThat(DenialOfServiceTaf.removeDenyID(id2), is(true));
- assertThat(DenialOfServiceTaf.removeDenyID(id2), is(false));
- }
-
- @Test
- public void reportTest() throws CadiException {
- DenialOfServiceTaf dost = new DenialOfServiceTaf(accessMock);
- List<String> denials = dost.report();
- assertThat(denials.size(), is(0));
-
- DenialOfServiceTaf.denyID(id1);
- DenialOfServiceTaf.denyID(id2);
-
- DenialOfServiceTaf.denyIP(ip1);
- DenialOfServiceTaf.denyIP(ip2);
-
- denials = dost.report();
- assertThat(denials.size(), is(4));
- for (String denied : denials) {
- switch (denied.split(" ", 2)[0]) {
- case ip1:
- case ip2:
- case id1:
- case id2:
- break;
- default:
- fail("The line: [" + denied + "] shouldn't be in the report");
- }
- }
- }
-
- @Test
- public void respDenyIDTest() {
- TafResp tafResp = DenialOfServiceTaf.respDenyID(accessMock, id1);
- assertThat(tafResp.desc(), is(id1 + " is on the Identity Denial list"));
- }
-
- @Test
- public void ipFileIOTest() throws CadiException, IOException {
- @SuppressWarnings("unused")
- DenialOfServiceTaf dost;
-
- dosIPFile.createNewFile();
-
- // coverage...
- DenialOfServiceTaf.denyIP(ip1);
- DenialOfServiceTaf.removeDenyIP(ip1);
-
- dost = new DenialOfServiceTaf(accessMock);
- DenialOfServiceTaf.denyIP(ip1);
- DenialOfServiceTaf.denyIP(ip2);
- // coverage...
- DenialOfServiceTaf.denyIP(ip2);
-
- String contents = readContentsFromFile(dosIPFile);
- assertThat(contents.contains(ip1), is(true));
- assertThat(contents.contains(ip2), is(true));
-
- // Removing all ips should delete the file
- assertThat(dosIPFile.exists(), is(true));
- DenialOfServiceTaf.removeDenyIP(ip1);
- DenialOfServiceTaf.removeDenyIP(ip2);
- assertThat(dosIPFile.exists(), is(false));
-
- dosIPFile.createNewFile();
-
- DenialOfServiceTaf.denyIP(ip1);
- DenialOfServiceTaf.denyIP(ip2);
-
- setPrivateField(DenialOfServiceTaf.class, "dosIP", null);
- dost = new DenialOfServiceTaf(accessMock);
-
- contents = readContentsFromFile(dosIPFile);
- assertThat(contents.contains(ip1), is(true));
- assertThat(contents.contains(ip2), is(true));
-
- dosIPFile.delete();
-
- // coverage...
- setPrivateField(DenialOfServiceTaf.class, "deniedIP", null);
- DenialOfServiceTaf.denyIP(ip1);
- dosIPFile.delete();
- DenialOfServiceTaf.removeDenyIP(ip1);
-
- // coverage...
- dosIPFile.delete();
- setPrivateField(DenialOfServiceTaf.class, "dosIP", null);
- dost = new DenialOfServiceTaf(accessMock);
- }
-
- @Test
- public void idFileIOTest() throws CadiException, IOException {
- @SuppressWarnings("unused")
- DenialOfServiceTaf dost;
-
- dosIDFile.createNewFile();
-
- // coverage...
- DenialOfServiceTaf.denyID(id1);
- DenialOfServiceTaf.removeDenyID(id1);
-
- dost = new DenialOfServiceTaf(accessMock);
- DenialOfServiceTaf.denyID(id1);
- DenialOfServiceTaf.denyID(id2);
- // coverage...
- DenialOfServiceTaf.denyID(id2);
-
- String contents = readContentsFromFile(dosIDFile);
- assertThat(contents.contains(id1), is(true));
- assertThat(contents.contains(id2), is(true));
-
- // Removing all ids should delete the file
- assertThat(dosIDFile.exists(), is(true));
- DenialOfServiceTaf.removeDenyID(id1);
- DenialOfServiceTaf.removeDenyID(id2);
- assertThat(dosIDFile.exists(), is(false));
-
- dosIDFile.createNewFile();
-
- DenialOfServiceTaf.denyID(id1);
- DenialOfServiceTaf.denyID(id2);
-
- setPrivateField(DenialOfServiceTaf.class, "dosID", null);
- dost = new DenialOfServiceTaf(accessMock);
-
- contents = readContentsFromFile(dosIDFile);
- assertThat(contents.contains(id1), is(true));
- assertThat(contents.contains(id2), is(true));
-
- dosIDFile.delete();
-
- // coverage...
- setPrivateField(DenialOfServiceTaf.class, "deniedID", null);
- DenialOfServiceTaf.denyID(id1);
- dosIDFile.delete();
- DenialOfServiceTaf.removeDenyID(id1);
-
- // coverage...
- dosIDFile.delete();
- setPrivateField(DenialOfServiceTaf.class, "dosID", null);
- dost = new DenialOfServiceTaf(accessMock);
- }
-
- private void setPrivateField(Class<?> clazz, String fieldName, Object value) {
- try {
- Field field = clazz.getDeclaredField(fieldName);
- field.setAccessible(true);
- field.set(null, value);
- field.setAccessible(false);
- } catch(Exception e) {
- System.err.println("Could not set field [" + fieldName + "] to " + value);
- }
- }
-
- private String readContentsFromFile(File file) throws IOException {
- BufferedReader br = new BufferedReader(new FileReader(file));
- StringBuilder sb = new StringBuilder();
- String line;
- while ((line = br.readLine()) != null) {
- sb.append(line);
- }
- br.close();
- return sb.toString();
- }
+ @Mock
+ HttpServletResponse respMock;
+
+ @Mock
+ HttpServletRequest reqMock1;
+
+ @Mock
+ HttpServletRequest reqMock2;
+
+ @Mock
+ HttpServletRequest reqMock3;
+
+ @Mock
+ Access accessMock;
+
+ private File dosIPFile;
+ private File dosIDFile;
+ private File dosDir;
+ private final String dosDirName = "test";
+
+ private final String id1 = "id1";
+ private final String id2 = "id2";
+
+ private final String ip1 = "111.111.111.111";
+ private final String ip2 = "222.222.222.222";
+
+ @Before
+ public void setup() throws IOException {
+ MockitoAnnotations.initMocks(this);
+
+ dosDir = new File(dosDirName);
+ dosDir.mkdirs();
+ dosIPFile = new File(dosDirName, "/dosIP");
+ dosIDFile = new File(dosDirName, "/dosID");
+ dosIPFile.delete();
+ dosIDFile.delete();
+
+ when(accessMock.getProperty(Config.AAF_DATA_DIR, null)).thenReturn(dosDirName);
+ when(reqMock1.getRemoteAddr()).thenReturn(ip1);
+ when(reqMock2.getRemoteAddr()).thenReturn(ip2);
+
+ setPrivateField(DenialOfServiceTaf.class, "deniedIP", null);
+ setPrivateField(DenialOfServiceTaf.class, "deniedID", null);
+ setPrivateField(DenialOfServiceTaf.class, "dosIP", null);
+ setPrivateField(DenialOfServiceTaf.class, "dosID", null);
+ }
+
+ @After
+ public void tearDown() {
+ dosIPFile = new File(dosDirName, "/dosIP");
+ dosIDFile = new File(dosDirName, "/dosID");
+ dosIPFile.delete();
+ dosIDFile.delete();
+ }
+
+ @Test
+ public void constructorTest() throws CadiException {
+ @SuppressWarnings("unused")
+ DenialOfServiceTaf dost;
+
+ // coverage...
+ when(accessMock.getProperty(Config.AAF_DATA_DIR, null)).thenReturn(null);
+ dost = new DenialOfServiceTaf(accessMock);
+
+ when(accessMock.getProperty(Config.AAF_DATA_DIR, null)).thenReturn(dosDirName);
+ dost = new DenialOfServiceTaf(accessMock);
+
+ // more coverage...
+ dost = new DenialOfServiceTaf(accessMock);
+
+ // more coverage...
+ setPrivateField(DenialOfServiceTaf.class, "dosID", null);
+ dost = new DenialOfServiceTaf(accessMock);
+ }
+
+ @Test
+ public void validateTest() throws CadiException {
+ DenialOfServiceTaf dost;
+ TafResp tafResp;
+
+ dost = new DenialOfServiceTaf(accessMock);
+ tafResp = dost.validate(LifeForm.SBLF, reqMock1, respMock);
+
+ assertThat(tafResp.desc(), is("Not processing this transaction: This Transaction is not denied"));
+ assertThat(tafResp.taf(), is("DenialOfServiceTaf"));
+
+ assertThat(DenialOfServiceTaf.denyIP(ip1), is(true));
+
+ tafResp = dost.validate(LifeForm.SBLF, reqMock1, respMock);
+ assertThat(tafResp.desc(), is(ip1 + " is on the IP Denial list"));
+
+ tafResp = dost.validate(LifeForm.SBLF, reqMock2, respMock);
+ assertThat(tafResp.desc(), is("Not processing this transaction: This Transaction is not denied"));
+ assertThat(tafResp.taf(), is("DenialOfServiceTaf"));
+ }
+
+ @Test
+ public void revalidateTest() throws CadiException {
+ DenialOfServiceTaf dost = new DenialOfServiceTaf(accessMock);
+ Resp resp = dost.revalidate(null, null);
+ assertThat(resp, is(Resp.NOT_MINE));
+ }
+
+ @Test
+ public void denyIPTest() throws CadiException {
+ assertThat(DenialOfServiceTaf.isDeniedIP(ip1), is(nullValue()));
+ assertThat(DenialOfServiceTaf.denyIP(ip1), is(true)); // true because it's been added
+ assertThat(DenialOfServiceTaf.denyIP(ip2), is(true)); // true because it's been added
+ assertThat(DenialOfServiceTaf.denyIP(ip1), is(false)); // false because it's already been added
+ assertThat(DenialOfServiceTaf.denyIP(ip2), is(false)); // false because it's already been added
+
+ Counter counter;
+ counter = DenialOfServiceTaf.isDeniedIP(ip1);
+ assertThat(counter.getName(), is(ip1));
+ assertThat(counter.getCount(), is(0));
+ assertThat(counter.getLast(), is(0L));
+ assertThat(counter.toString(), is(ip1 + " is on the denied list, but has not attempted Access" ));
+
+ DenialOfServiceTaf dost = new DenialOfServiceTaf(accessMock);
+ dost.validate(LifeForm.SBLF, reqMock1, respMock);
+ long approxTime = System.currentTimeMillis();
+
+ counter = DenialOfServiceTaf.isDeniedIP(ip1);
+ assertThat(counter.getName(), is(ip1));
+ assertThat(counter.getCount(), is(1));
+ assertThat((Math.abs(approxTime - counter.getLast()) < 10), is(true));
+ assertThat(counter.toString().contains(ip1), is(true));
+ assertThat(counter.toString().contains(" has been denied 1 times since "), is(true));
+ assertThat(counter.toString().contains(". Last denial was "), is(true));
+
+ // coverage...
+ dost.validate(LifeForm.SBLF, reqMock1, respMock);
+
+ assertThat(DenialOfServiceTaf.removeDenyIP(ip1), is(true));
+ assertThat(DenialOfServiceTaf.removeDenyIP(ip1), is(false));
+ assertThat(DenialOfServiceTaf.removeDenyIP(ip2), is(true));
+ assertThat(DenialOfServiceTaf.removeDenyIP(ip2), is(false));
+ }
+
+ @Test
+ public void denyIDTest() throws CadiException {
+ assertThat(DenialOfServiceTaf.isDeniedID(id1), is(nullValue()));
+ assertThat(DenialOfServiceTaf.denyID(id1), is(true)); // true because it's been added
+ assertThat(DenialOfServiceTaf.denyID(id2), is(true)); // true because it's been added
+ assertThat(DenialOfServiceTaf.denyID(id1), is(false)); // false because it's already been added
+ assertThat(DenialOfServiceTaf.denyID(id2), is(false)); // false because it's already been added
+
+ Counter counter;
+ counter = DenialOfServiceTaf.isDeniedID(id1);
+ assertThat(counter.getName(), is(id1));
+ assertThat(counter.getCount(), is(0));
+ assertThat(counter.getLast(), is(0L));
+
+ assertThat(DenialOfServiceTaf.removeDenyID(id1), is(true));
+ assertThat(DenialOfServiceTaf.removeDenyID(id1), is(false));
+ assertThat(DenialOfServiceTaf.removeDenyID(id2), is(true));
+ assertThat(DenialOfServiceTaf.removeDenyID(id2), is(false));
+ }
+
+ @Test
+ public void reportTest() throws CadiException {
+ DenialOfServiceTaf dost = new DenialOfServiceTaf(accessMock);
+ List<String> denials = dost.report();
+ assertThat(denials.size(), is(0));
+
+ DenialOfServiceTaf.denyID(id1);
+ DenialOfServiceTaf.denyID(id2);
+
+ DenialOfServiceTaf.denyIP(ip1);
+ DenialOfServiceTaf.denyIP(ip2);
+
+ denials = dost.report();
+ assertThat(denials.size(), is(4));
+ for (String denied : denials) {
+ switch (denied.split(" ", 2)[0]) {
+ case ip1:
+ case ip2:
+ case id1:
+ case id2:
+ break;
+ default:
+ fail("The line: [" + denied + "] shouldn't be in the report");
+ }
+ }
+ }
+
+ @Test
+ public void respDenyIDTest() {
+ TafResp tafResp = DenialOfServiceTaf.respDenyID(accessMock, id1);
+ assertThat(tafResp.desc(), is(id1 + " is on the Identity Denial list"));
+ }
+
+ @Test
+ public void ipFileIOTest() throws CadiException, IOException {
+ @SuppressWarnings("unused")
+ DenialOfServiceTaf dost;
+
+ dosIPFile.createNewFile();
+
+ // coverage...
+ DenialOfServiceTaf.denyIP(ip1);
+ DenialOfServiceTaf.removeDenyIP(ip1);
+
+ dost = new DenialOfServiceTaf(accessMock);
+ DenialOfServiceTaf.denyIP(ip1);
+ DenialOfServiceTaf.denyIP(ip2);
+ // coverage...
+ DenialOfServiceTaf.denyIP(ip2);
+
+ String contents = readContentsFromFile(dosIPFile);
+ assertThat(contents.contains(ip1), is(true));
+ assertThat(contents.contains(ip2), is(true));
+
+ // Removing all ips should delete the file
+ assertThat(dosIPFile.exists(), is(true));
+ DenialOfServiceTaf.removeDenyIP(ip1);
+ DenialOfServiceTaf.removeDenyIP(ip2);
+ assertThat(dosIPFile.exists(), is(false));
+
+ dosIPFile.createNewFile();
+
+ DenialOfServiceTaf.denyIP(ip1);
+ DenialOfServiceTaf.denyIP(ip2);
+
+ setPrivateField(DenialOfServiceTaf.class, "dosIP", null);
+ dost = new DenialOfServiceTaf(accessMock);
+
+ contents = readContentsFromFile(dosIPFile);
+ assertThat(contents.contains(ip1), is(true));
+ assertThat(contents.contains(ip2), is(true));
+
+ dosIPFile.delete();
+
+ // coverage...
+ setPrivateField(DenialOfServiceTaf.class, "deniedIP", null);
+ DenialOfServiceTaf.denyIP(ip1);
+ dosIPFile.delete();
+ DenialOfServiceTaf.removeDenyIP(ip1);
+
+ // coverage...
+ dosIPFile.delete();
+ setPrivateField(DenialOfServiceTaf.class, "dosIP", null);
+ dost = new DenialOfServiceTaf(accessMock);
+ }
+
+ @Test
+ public void idFileIOTest() throws CadiException, IOException {
+ @SuppressWarnings("unused")
+ DenialOfServiceTaf dost;
+
+ dosIDFile.createNewFile();
+
+ // coverage...
+ DenialOfServiceTaf.denyID(id1);
+ DenialOfServiceTaf.removeDenyID(id1);
+
+ dost = new DenialOfServiceTaf(accessMock);
+ DenialOfServiceTaf.denyID(id1);
+ DenialOfServiceTaf.denyID(id2);
+ // coverage...
+ DenialOfServiceTaf.denyID(id2);
+
+ String contents = readContentsFromFile(dosIDFile);
+ assertThat(contents.contains(id1), is(true));
+ assertThat(contents.contains(id2), is(true));
+
+ // Removing all ids should delete the file
+ assertThat(dosIDFile.exists(), is(true));
+ DenialOfServiceTaf.removeDenyID(id1);
+ DenialOfServiceTaf.removeDenyID(id2);
+ assertThat(dosIDFile.exists(), is(false));
+
+ dosIDFile.createNewFile();
+
+ DenialOfServiceTaf.denyID(id1);
+ DenialOfServiceTaf.denyID(id2);
+
+ setPrivateField(DenialOfServiceTaf.class, "dosID", null);
+ dost = new DenialOfServiceTaf(accessMock);
+
+ contents = readContentsFromFile(dosIDFile);
+ assertThat(contents.contains(id1), is(true));
+ assertThat(contents.contains(id2), is(true));
+
+ dosIDFile.delete();
+
+ // coverage...
+ setPrivateField(DenialOfServiceTaf.class, "deniedID", null);
+ DenialOfServiceTaf.denyID(id1);
+ dosIDFile.delete();
+ DenialOfServiceTaf.removeDenyID(id1);
+
+ // coverage...
+ dosIDFile.delete();
+ setPrivateField(DenialOfServiceTaf.class, "dosID", null);
+ dost = new DenialOfServiceTaf(accessMock);
+ }
+
+ private void setPrivateField(Class<?> clazz, String fieldName, Object value) {
+ try {
+ Field field = clazz.getDeclaredField(fieldName);
+ field.setAccessible(true);
+ field.set(null, value);
+ field.setAccessible(false);
+ } catch(Exception e) {
+ System.err.println("Could not set field [" + fieldName + "] to " + value);
+ }
+ }
+
+ private String readContentsFromFile(File file) throws IOException {
+ BufferedReader br = new BufferedReader(new FileReader(file));
+ StringBuilder sb = new StringBuilder();
+ String line;
+ while ((line = br.readLine()) != null) {
+ sb.append(line);
+ }
+ br.close();
+ return sb.toString();
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTafResp.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTafResp.java
index 34b2a513..b9b7b16d 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTafResp.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTafResp.java
@@ -37,21 +37,21 @@ import org.onap.aaf.cadi.taf.dos.DenialOfServiceTafResp;
public class JU_DenialOfServiceTafResp {
- private final static String description = "description";
- private final static RESP status = RESP.IS_AUTHENTICATED;
-
- private PropAccess access;
-
- @Before
- public void setup() {
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- }
-
- @Test
- public void test() throws IOException {
- DenialOfServiceTafResp resp = new DenialOfServiceTafResp(access, status, description);
- assertThat(resp.isAuthenticated(), is(status));
- assertThat(resp.authenticate(), is(status));
- }
+ private final static String description = "description";
+ private final static RESP status = RESP.IS_AUTHENTICATED;
+
+ private PropAccess access;
+
+ @Before
+ public void setup() {
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ }
+
+ @Test
+ public void test() throws IOException {
+ DenialOfServiceTafResp resp = new DenialOfServiceTafResp(access, status, description);
+ assertThat(resp.isAuthenticated(), is(status));
+ assertThat(resp.authenticate(), is(status));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_AbsTafResp.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_AbsTafResp.java
index e4469d30..bf5a15fb 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_AbsTafResp.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_AbsTafResp.java
@@ -39,52 +39,52 @@ import org.onap.aaf.cadi.taf.AbsTafResp;
import org.onap.aaf.cadi.taf.TafResp.RESP;
public class JU_AbsTafResp {
-
- private static final String JUNIT = "Junit";
- private static final String name = "name";
- private static final String tag = "tag";
- private static final String description = "description";
-
- private Access access;
- private TaggedPrincipal taggedPrinc;
-
- @Before
- public void setup() {
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- taggedPrinc = new TaggedPrincipal() {
- @Override public String getName() { return name; }
- @Override public String tag() { return tag; }
- };
- }
+
+ private static final String JUNIT = "Junit";
+ private static final String name = "name";
+ private static final String tag = "tag";
+ private static final String description = "description";
+
+ private Access access;
+ private TaggedPrincipal taggedPrinc;
+
+ @Before
+ public void setup() {
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ taggedPrinc = new TaggedPrincipal() {
+ @Override public String getName() { return name; }
+ @Override public String tag() { return tag; }
+ };
+ }
- @Test
- public void test() {
- AbsTafResp tafResp = new AbsTafResp(access, JUNIT, taggedPrinc, description) {
- @Override public RESP authenticate() throws IOException {
- return null;
- }
- };
+ @Test
+ public void test() {
+ AbsTafResp tafResp = new AbsTafResp(access, JUNIT, taggedPrinc, description) {
+ @Override public RESP authenticate() throws IOException {
+ return null;
+ }
+ };
- assertThat(tafResp.isValid(), is(true));
- assertThat(tafResp.desc(), is(description));
- assertThat(tafResp.taf(), is(JUNIT));
- assertThat(tafResp.isAuthenticated(), is(RESP.IS_AUTHENTICATED));
- assertThat(tafResp.getPrincipal(), is(taggedPrinc));
- assertThat(tafResp.getAccess(), is(access));
- assertThat(tafResp.isFailedAttempt(), is(false));
+ assertThat(tafResp.isValid(), is(true));
+ assertThat(tafResp.desc(), is(description));
+ assertThat(tafResp.taf(), is(JUNIT));
+ assertThat(tafResp.isAuthenticated(), is(RESP.IS_AUTHENTICATED));
+ assertThat(tafResp.getPrincipal(), is(taggedPrinc));
+ assertThat(tafResp.getAccess(), is(access));
+ assertThat(tafResp.isFailedAttempt(), is(false));
- tafResp = new AbsTafResp(null, JUNIT, null, null) {
- @Override public RESP authenticate() throws IOException {
- return null;
- }
- };
+ tafResp = new AbsTafResp(null, JUNIT, null, null) {
+ @Override public RESP authenticate() throws IOException {
+ return null;
+ }
+ };
- assertThat(tafResp.isValid(), is(false));
- assertThat(tafResp.isAuthenticated(), is(RESP.TRY_ANOTHER_TAF));
- assertThat(tafResp.getPrincipal(), is(nullValue()));
- assertThat(tafResp.getAccess(), is(nullValue()));
- assertThat(tafResp.taf(), is(JUNIT));
- assertThat(tafResp.isFailedAttempt(), is(false));
- }
+ assertThat(tafResp.isValid(), is(false));
+ assertThat(tafResp.isAuthenticated(), is(RESP.TRY_ANOTHER_TAF));
+ assertThat(tafResp.getPrincipal(), is(nullValue()));
+ assertThat(tafResp.getAccess(), is(nullValue()));
+ assertThat(tafResp.taf(), is(JUNIT));
+ assertThat(tafResp.isFailedAttempt(), is(false));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_EpiTaf.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_EpiTaf.java
index f8e20cbf..cb96f87b 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_EpiTaf.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_EpiTaf.java
@@ -40,71 +40,71 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
public class JU_EpiTaf {
- @Test(expected = CadiException.class)
- @SuppressWarnings("unused")
- public void constructorTest() throws CadiException {
- EpiTaf et = new EpiTaf();
- }
+ @Test(expected = CadiException.class)
+ @SuppressWarnings("unused")
+ public void constructorTest() throws CadiException {
+ EpiTaf et = new EpiTaf();
+ }
- @Test
- public void validateTryAnotherTest() throws CadiException {
- EpiTaf et = new EpiTaf(new TryAnotherTaf());
- TafResp output = et.validate(LifeForm.CBLF);
- assertThat(output.isAuthenticated(), is(RESP.NO_FURTHER_PROCESSING));
- }
+ @Test
+ public void validateTryAnotherTest() throws CadiException {
+ EpiTaf et = new EpiTaf(new TryAnotherTaf());
+ TafResp output = et.validate(LifeForm.CBLF);
+ assertThat(output.isAuthenticated(), is(RESP.NO_FURTHER_PROCESSING));
+ }
- @Test
- public void validateTryAuthenticatingTest() throws CadiException {
- EpiTaf et = new EpiTaf(new TryAuthenticatingTaf(), new TryAuthenticatingTaf());
- TafResp output = et.validate(LifeForm.CBLF);
- assertThat(output.isAuthenticated(), is(RESP.TRY_AUTHENTICATING));
- output = et.validate(LifeForm.CBLF);
- assertThat(output.isAuthenticated(), is(RESP.TRY_AUTHENTICATING));
- }
+ @Test
+ public void validateTryAuthenticatingTest() throws CadiException {
+ EpiTaf et = new EpiTaf(new TryAuthenticatingTaf(), new TryAuthenticatingTaf());
+ TafResp output = et.validate(LifeForm.CBLF);
+ assertThat(output.isAuthenticated(), is(RESP.TRY_AUTHENTICATING));
+ output = et.validate(LifeForm.CBLF);
+ assertThat(output.isAuthenticated(), is(RESP.TRY_AUTHENTICATING));
+ }
- @Test
- public void validateDefaultCaseTest() throws CadiException {
- EpiTaf et = new EpiTaf(new NullTaf());
- TafResp output = et.validate(LifeForm.CBLF);
- assertThat(output.isAuthenticated(), is(RESP.NO_FURTHER_PROCESSING));
- }
+ @Test
+ public void validateDefaultCaseTest() throws CadiException {
+ EpiTaf et = new EpiTaf(new NullTaf());
+ TafResp output = et.validate(LifeForm.CBLF);
+ assertThat(output.isAuthenticated(), is(RESP.NO_FURTHER_PROCESSING));
+ }
- class TryAnotherTafResp implements TafResp {
- @Override public boolean isValid() { return false; }
- @Override public String desc() { return null; }
- @Override public RESP isAuthenticated() { return RESP.TRY_ANOTHER_TAF; }
- @Override public RESP authenticate() throws IOException { return null; }
- @Override public TaggedPrincipal getPrincipal() { return null; }
- @Override public Access getAccess() { return null; }
- @Override public boolean isFailedAttempt() { return false; }
- @Override public float timing() { return 0; }
- @Override public void timing(long start) {}
- @Override public String taf() {return "JUnit";}
- }
+ class TryAnotherTafResp implements TafResp {
+ @Override public boolean isValid() { return false; }
+ @Override public String desc() { return null; }
+ @Override public RESP isAuthenticated() { return RESP.TRY_ANOTHER_TAF; }
+ @Override public RESP authenticate() throws IOException { return null; }
+ @Override public TaggedPrincipal getPrincipal() { return null; }
+ @Override public Access getAccess() { return null; }
+ @Override public boolean isFailedAttempt() { return false; }
+ @Override public float timing() { return 0; }
+ @Override public void timing(long start) {}
+ @Override public String taf() {return "JUnit";}
+ }
- class TryAnotherTaf implements Taf {
- @Override public TafResp validate(LifeForm reading, String ... info) { return new TryAnotherTafResp(); }
- }
+ class TryAnotherTaf implements Taf {
+ @Override public TafResp validate(LifeForm reading, String ... info) { return new TryAnotherTafResp(); }
+ }
- class TryAuthenticatingResp implements TafResp {
- @Override public boolean isValid() { return false; }
- @Override public String desc() { return null; }
- @Override public RESP isAuthenticated() { return RESP.TRY_AUTHENTICATING; }
- @Override public RESP authenticate() throws IOException { return null; }
- @Override public TaggedPrincipal getPrincipal() { return null; }
- @Override public Access getAccess() { return null; }
- @Override public boolean isFailedAttempt() { return false; }
- @Override public float timing() { return 0; }
- @Override public void timing(long start) {}
- @Override public String taf() {return "JUnit";}
- }
+ class TryAuthenticatingResp implements TafResp {
+ @Override public boolean isValid() { return false; }
+ @Override public String desc() { return null; }
+ @Override public RESP isAuthenticated() { return RESP.TRY_AUTHENTICATING; }
+ @Override public RESP authenticate() throws IOException { return null; }
+ @Override public TaggedPrincipal getPrincipal() { return null; }
+ @Override public Access getAccess() { return null; }
+ @Override public boolean isFailedAttempt() { return false; }
+ @Override public float timing() { return 0; }
+ @Override public void timing(long start) {}
+ @Override public String taf() {return "JUnit";}
+ }
- class TryAuthenticatingTaf implements Taf {
- @Override public TafResp validate(LifeForm reading, String ... info) { return new TryAuthenticatingResp(); }
- }
+ class TryAuthenticatingTaf implements Taf {
+ @Override public TafResp validate(LifeForm reading, String ... info) { return new TryAuthenticatingResp(); }
+ }
- class EpiTafStub extends EpiTaf {
- public EpiTafStub() throws CadiException { }
- }
+ class EpiTafStub extends EpiTaf {
+ public EpiTafStub() throws CadiException { }
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_HttpEpiTaf.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_HttpEpiTaf.java
index 93a20474..6952a042 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_HttpEpiTaf.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_HttpEpiTaf.java
@@ -54,92 +54,92 @@ import org.onap.aaf.cadi.taf.TafResp.RESP;
public class JU_HttpEpiTaf {
- private PropAccess access;
-
- @Mock private Locator<URI> locMock;
- @Mock private TrustChecker trustCheckerMock;
- @Mock private HttpServletRequest reqMock;
- @Mock private HttpServletResponse respMock;
- @Mock private HttpTaf tafMock;
- @Mock private TafResp trespMock;
- @Mock private Redirectable redirMock;
-
- @Before
- public void setup() throws URISyntaxException {
- MockitoAnnotations.initMocks(this);
-
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- }
-
- @Test
- public void test() throws Exception {
- HttpEpiTaf taf;
- try {
- taf = new HttpEpiTaf(access, locMock, trustCheckerMock);
- fail("Should've thrown an exception");
- } catch (CadiException e) {
- assertThat(e.getMessage(), is("Need at least one HttpTaf implementation in constructor"));
- }
-
- taf = new HttpEpiTaf(access, locMock, trustCheckerMock, new NullTaf());
- taf.validate(LifeForm.CBLF, reqMock, respMock);
-
- // Coverage of tricorderScan
- taf.validate(LifeForm.LFN, reqMock, respMock);
- when(reqMock.getHeader("User-Agent")).thenReturn("Non-mozilla-header");
- taf.validate(LifeForm.LFN, reqMock, respMock);
- when(reqMock.getHeader("User-Agent")).thenReturn("Mozilla-header");
- taf.validate(LifeForm.LFN, reqMock, respMock);
-
- access.setLogLevel(Level.DEBUG);
- taf.validate(LifeForm.CBLF, reqMock, respMock);
-
- when(tafMock.validate(LifeForm.CBLF, reqMock, respMock)).thenReturn(trespMock);
- when(trespMock.isAuthenticated()).thenReturn(RESP.TRY_ANOTHER_TAF);
- taf = new HttpEpiTaf(access, locMock, trustCheckerMock, tafMock);
- taf.validate(LifeForm.CBLF, reqMock, respMock);
-
- when(trespMock.isAuthenticated()).thenReturn(RESP.IS_AUTHENTICATED);
- taf.validate(LifeForm.CBLF, reqMock, respMock);
-
- when(trespMock.isAuthenticated()).thenReturn(RESP.TRY_AUTHENTICATING);
- taf.validate(LifeForm.CBLF, reqMock, respMock);
-
- taf = new HttpEpiTaf(access, locMock, trustCheckerMock, tafMock, tafMock);
- taf.validate(LifeForm.CBLF, reqMock, respMock);
-
- when(tafMock.validate(LifeForm.CBLF, reqMock, respMock)).thenReturn(redirMock);
- when(redirMock.isAuthenticated()).thenReturn(RESP.TRY_AUTHENTICATING);
- taf.validate(LifeForm.CBLF, reqMock, respMock);
-
- taf = new HttpEpiTaf(access, locMock, trustCheckerMock, tafMock, tafMock);
- taf.validate(LifeForm.CBLF, reqMock, respMock);
-
- taf = new HttpEpiTaf(access, locMock, trustCheckerMock, tafMock);
- taf.validate(LifeForm.CBLF, reqMock, respMock);
-
- taf = new HttpEpiTaf(access, locMock, null, tafMock);
- when(redirMock.isAuthenticated()).thenReturn(RESP.IS_AUTHENTICATED);
- try {
- taf.validate(LifeForm.CBLF, reqMock, respMock);
- fail("Should've thrown an exception");
- } catch (Exception e) {
- }
-
- assertThat(taf.revalidate(null), is(false));
- assertThat(taf.revalidate(null), is(false));
-
- when(tafMock.revalidate(null, null)).thenReturn(Resp.NOT_MINE);
- assertThat(taf.revalidate(null, null), is(Resp.NOT_MINE));
- when(tafMock.revalidate(null, null)).thenReturn(Resp.REVALIDATED);
- assertThat(taf.revalidate(null, null), is(Resp.REVALIDATED));
-
- when(tafMock.revalidate(null, null)).thenReturn(Resp.NOT_MINE).thenReturn(Resp.NOT_MINE).thenReturn(Resp.REVALIDATED);
- taf = new HttpEpiTaf(access, locMock, trustCheckerMock, tafMock, tafMock, tafMock);
- assertThat(taf.revalidate(null, null), is(Resp.REVALIDATED));
-
- taf.toString();
-
- }
+ private PropAccess access;
+
+ @Mock private Locator<URI> locMock;
+ @Mock private TrustChecker trustCheckerMock;
+ @Mock private HttpServletRequest reqMock;
+ @Mock private HttpServletResponse respMock;
+ @Mock private HttpTaf tafMock;
+ @Mock private TafResp trespMock;
+ @Mock private Redirectable redirMock;
+
+ @Before
+ public void setup() throws URISyntaxException {
+ MockitoAnnotations.initMocks(this);
+
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ }
+
+ @Test
+ public void test() throws Exception {
+ HttpEpiTaf taf;
+ try {
+ taf = new HttpEpiTaf(access, locMock, trustCheckerMock);
+ fail("Should've thrown an exception");
+ } catch (CadiException e) {
+ assertThat(e.getMessage(), is("Need at least one HttpTaf implementation in constructor"));
+ }
+
+ taf = new HttpEpiTaf(access, locMock, trustCheckerMock, new NullTaf());
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
+
+ // Coverage of tricorderScan
+ taf.validate(LifeForm.LFN, reqMock, respMock);
+ when(reqMock.getHeader("User-Agent")).thenReturn("Non-mozilla-header");
+ taf.validate(LifeForm.LFN, reqMock, respMock);
+ when(reqMock.getHeader("User-Agent")).thenReturn("Mozilla-header");
+ taf.validate(LifeForm.LFN, reqMock, respMock);
+
+ access.setLogLevel(Level.DEBUG);
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
+
+ when(tafMock.validate(LifeForm.CBLF, reqMock, respMock)).thenReturn(trespMock);
+ when(trespMock.isAuthenticated()).thenReturn(RESP.TRY_ANOTHER_TAF);
+ taf = new HttpEpiTaf(access, locMock, trustCheckerMock, tafMock);
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
+
+ when(trespMock.isAuthenticated()).thenReturn(RESP.IS_AUTHENTICATED);
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
+
+ when(trespMock.isAuthenticated()).thenReturn(RESP.TRY_AUTHENTICATING);
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
+
+ taf = new HttpEpiTaf(access, locMock, trustCheckerMock, tafMock, tafMock);
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
+
+ when(tafMock.validate(LifeForm.CBLF, reqMock, respMock)).thenReturn(redirMock);
+ when(redirMock.isAuthenticated()).thenReturn(RESP.TRY_AUTHENTICATING);
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
+
+ taf = new HttpEpiTaf(access, locMock, trustCheckerMock, tafMock, tafMock);
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
+
+ taf = new HttpEpiTaf(access, locMock, trustCheckerMock, tafMock);
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
+
+ taf = new HttpEpiTaf(access, locMock, null, tafMock);
+ when(redirMock.isAuthenticated()).thenReturn(RESP.IS_AUTHENTICATED);
+ try {
+ taf.validate(LifeForm.CBLF, reqMock, respMock);
+ fail("Should've thrown an exception");
+ } catch (Exception e) {
+ }
+
+ assertThat(taf.revalidate(null), is(false));
+ assertThat(taf.revalidate(null), is(false));
+
+ when(tafMock.revalidate(null, null)).thenReturn(Resp.NOT_MINE);
+ assertThat(taf.revalidate(null, null), is(Resp.NOT_MINE));
+ when(tafMock.revalidate(null, null)).thenReturn(Resp.REVALIDATED);
+ assertThat(taf.revalidate(null, null), is(Resp.REVALIDATED));
+
+ when(tafMock.revalidate(null, null)).thenReturn(Resp.NOT_MINE).thenReturn(Resp.NOT_MINE).thenReturn(Resp.REVALIDATED);
+ taf = new HttpEpiTaf(access, locMock, trustCheckerMock, tafMock, tafMock, tafMock);
+ assertThat(taf.revalidate(null, null), is(Resp.REVALIDATED));
+
+ taf.toString();
+
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_LoginPageTafResp.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_LoginPageTafResp.java
index 3124bbd4..05944e5c 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_LoginPageTafResp.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_LoginPageTafResp.java
@@ -52,50 +52,50 @@ import org.onap.aaf.cadi.taf.TafResp.RESP;
public class JU_LoginPageTafResp {
- private static final String uriString = "example.com";
+ private static final String uriString = "example.com";
- private URI uri;
- private Access access;
- private List<Redirectable> redirectables;
+ private URI uri;
+ private Access access;
+ private List<Redirectable> redirectables;
- @Mock private HttpServletResponse respMock;
- @Mock private Locator<URI> locatorMock;
- @Mock private Redirectable redirMock;
+ @Mock private HttpServletResponse respMock;
+ @Mock private Locator<URI> locatorMock;
+ @Mock private Redirectable redirMock;
- @Before
- public void setup() throws URISyntaxException {
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setup() throws URISyntaxException {
+ MockitoAnnotations.initMocks(this);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- redirectables = new ArrayList<>();
- uri = new URI(uriString);
- }
+ redirectables = new ArrayList<>();
+ uri = new URI(uriString);
+ }
- @Test
- public void test() throws LocatorException, IOException {
- TafResp resp;
- resp = LoginPageTafResp.create(access, null, respMock, redirectables);
- assertThat(resp.desc(), is("All Authentication denied"));
+ @Test
+ public void test() throws LocatorException, IOException {
+ TafResp resp;
+ resp = LoginPageTafResp.create(access, null, respMock, redirectables);
+ assertThat(resp.desc(), is("All Authentication denied"));
- redirectables.add(redirMock);
- redirectables.add(redirMock);
- resp = LoginPageTafResp.create(access, null, respMock, redirectables);
- assertThat((Redirectable)resp, is(redirMock));
+ redirectables.add(redirMock);
+ redirectables.add(redirMock);
+ resp = LoginPageTafResp.create(access, null, respMock, redirectables);
+ assertThat((Redirectable)resp, is(redirMock));
- resp = LoginPageTafResp.create(access, locatorMock, respMock, redirectables);
- assertThat(resp.desc(), is("All Authentication denied"));
+ resp = LoginPageTafResp.create(access, locatorMock, respMock, redirectables);
+ assertThat(resp.desc(), is("All Authentication denied"));
- when(locatorMock.get((Item)any())).thenReturn(uri);
- resp = LoginPageTafResp.create(access, locatorMock, respMock, redirectables);
- assertThat(resp.desc(), is("Multiple Possible HTTP Logins available. Redirecting to Login Choice Page"));
- assertThat(resp.authenticate(), is(RESP.HTTP_REDIRECT_INVOKED));
- assertThat(resp.isAuthenticated(), is(RESP.TRY_AUTHENTICATING));
+ when(locatorMock.get((Item)any())).thenReturn(uri);
+ resp = LoginPageTafResp.create(access, locatorMock, respMock, redirectables);
+ assertThat(resp.desc(), is("Multiple Possible HTTP Logins available. Redirecting to Login Choice Page"));
+ assertThat(resp.authenticate(), is(RESP.HTTP_REDIRECT_INVOKED));
+ assertThat(resp.isAuthenticated(), is(RESP.TRY_AUTHENTICATING));
- redirectables = new ArrayList<>();
- resp = LoginPageTafResp.create(access, locatorMock, respMock, redirectables);
- assertThat(resp.desc(), is("All Authentication denied"));
+ redirectables = new ArrayList<>();
+ resp = LoginPageTafResp.create(access, locatorMock, respMock, redirectables);
+ assertThat(resp.desc(), is("All Authentication denied"));
- }
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_NullTaf.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_NullTaf.java
index f42184df..83bc8167 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_NullTaf.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_NullTaf.java
@@ -36,30 +36,30 @@ import org.onap.aaf.cadi.taf.NullTaf;
public class JU_NullTaf {
- @Test
- public void test() throws IOException {
- NullTaf nt = new NullTaf();
- TafResp singleton1 = nt.validate(null);
- TafResp singleton2 = nt.validate(null, null, null);
- Resp singleton3 = nt.revalidate(null, null);
-
- assertThat(singleton1, is(singleton2));
-
- assertFalse(singleton1.isValid());
-
- assertThat(singleton1.isAuthenticated(), is(RESP.NO_FURTHER_PROCESSING));
-
- assertThat(singleton1.desc(), is("All Authentication denied"));
-
- assertThat(singleton1.authenticate(), is(RESP.NO_FURTHER_PROCESSING));
-
- assertThat(singleton1.getPrincipal(), is(nullValue()));
-
- assertThat(singleton1.getAccess(), is(Access.NULL));
-
- assertTrue(singleton1.isFailedAttempt());
+ @Test
+ public void test() throws IOException {
+ NullTaf nt = new NullTaf();
+ TafResp singleton1 = nt.validate(null);
+ TafResp singleton2 = nt.validate(null, null, null);
+ Resp singleton3 = nt.revalidate(null, null);
+
+ assertThat(singleton1, is(singleton2));
+
+ assertFalse(singleton1.isValid());
+
+ assertThat(singleton1.isAuthenticated(), is(RESP.NO_FURTHER_PROCESSING));
+
+ assertThat(singleton1.desc(), is("All Authentication denied"));
+
+ assertThat(singleton1.authenticate(), is(RESP.NO_FURTHER_PROCESSING));
+
+ assertThat(singleton1.getPrincipal(), is(nullValue()));
+
+ assertThat(singleton1.getAccess(), is(Access.NULL));
+
+ assertTrue(singleton1.isFailedAttempt());
- assertThat(singleton3, is(Resp.NOT_MINE));
- }
+ assertThat(singleton3, is(Resp.NOT_MINE));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_PuntTafResp.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_PuntTafResp.java
index aacce522..a6b3bd2a 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_PuntTafResp.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_PuntTafResp.java
@@ -35,21 +35,21 @@ import org.onap.aaf.cadi.taf.PuntTafResp;
public class JU_PuntTafResp {
- @Test
- public void test() throws IOException {
- String name = "name";
- String explanation = "example explanation";
-
- PuntTafResp punt = new PuntTafResp(name, explanation);
-
- assertFalse(punt.isValid());
- assertThat(punt.isAuthenticated(), is(RESP.TRY_ANOTHER_TAF));
- assertThat(punt.desc(), is("Not processing this transaction: " + explanation));
- assertThat(punt.taf(), is(name));
- assertThat(punt.authenticate(), is(RESP.TRY_ANOTHER_TAF));
- assertThat(punt.getPrincipal(), is(nullValue()));
- assertThat(punt.getAccess(), is(Access.NULL));
- assertFalse(punt.isFailedAttempt());
- }
+ @Test
+ public void test() throws IOException {
+ String name = "name";
+ String explanation = "example explanation";
+
+ PuntTafResp punt = new PuntTafResp(name, explanation);
+
+ assertFalse(punt.isValid());
+ assertThat(punt.isAuthenticated(), is(RESP.TRY_ANOTHER_TAF));
+ assertThat(punt.desc(), is("Not processing this transaction: " + explanation));
+ assertThat(punt.taf(), is(name));
+ assertThat(punt.authenticate(), is(RESP.TRY_ANOTHER_TAF));
+ assertThat(punt.getPrincipal(), is(nullValue()));
+ assertThat(punt.getAccess(), is(Access.NULL));
+ assertFalse(punt.isFailedAttempt());
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_TrustNotTafResp.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_TrustNotTafResp.java
index b032c020..9945bfbe 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_TrustNotTafResp.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_TrustNotTafResp.java
@@ -37,36 +37,36 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
public class JU_TrustNotTafResp {
- @Mock
- TafResp delegateMock;
+ @Mock
+ TafResp delegateMock;
- @Mock
- TaggedPrincipal principalMock;
+ @Mock
+ TaggedPrincipal principalMock;
- @Mock
- Access accessMock;
+ @Mock
+ Access accessMock;
- private final String description = "Example Description";
+ private final String description = "Example Description";
- @Before
- public void setup() throws IOException {
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setup() throws IOException {
+ MockitoAnnotations.initMocks(this);
- when(delegateMock.getPrincipal()).thenReturn(principalMock);
- when(delegateMock.getAccess()).thenReturn(accessMock);
- }
+ when(delegateMock.getPrincipal()).thenReturn(principalMock);
+ when(delegateMock.getAccess()).thenReturn(accessMock);
+ }
- @Test
- public void test() throws IOException {
- TrustNotTafResp ttr = new TrustNotTafResp(delegateMock, description);
- assertThat(ttr.isValid(), is(false));
- assertThat(ttr.desc(), is(description));
- assertThat(ttr.authenticate(), is(RESP.NO_FURTHER_PROCESSING));
- assertThat(ttr.isAuthenticated(), is(RESP.NO_FURTHER_PROCESSING));
- assertThat(ttr.getPrincipal(), is(principalMock));
- assertThat(ttr.getAccess(), is(accessMock));
- assertThat(ttr.isFailedAttempt(), is(true));
- assertThat(ttr.toString(), is(description));
- }
+ @Test
+ public void test() throws IOException {
+ TrustNotTafResp ttr = new TrustNotTafResp(delegateMock, description);
+ assertThat(ttr.isValid(), is(false));
+ assertThat(ttr.desc(), is(description));
+ assertThat(ttr.authenticate(), is(RESP.NO_FURTHER_PROCESSING));
+ assertThat(ttr.isAuthenticated(), is(RESP.NO_FURTHER_PROCESSING));
+ assertThat(ttr.getPrincipal(), is(principalMock));
+ assertThat(ttr.getAccess(), is(accessMock));
+ assertThat(ttr.isFailedAttempt(), is(true));
+ assertThat(ttr.toString(), is(description));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_TrustTafResp.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_TrustTafResp.java
index 10b5f146..5fa1a4d9 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_TrustTafResp.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/test/JU_TrustTafResp.java
@@ -37,46 +37,46 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
public class JU_TrustTafResp {
- @Mock
- TafResp delegateMock;
+ @Mock
+ TafResp delegateMock;
- @Mock
- TaggedPrincipal principalMock;
+ @Mock
+ TaggedPrincipal principalMock;
- @Mock
- Access accessMock;
+ @Mock
+ Access accessMock;
- private final String description = "Example Description";
- private final String anotherDescription = "Another Description";
- private final String name = "name";
+ private final String description = "Example Description";
+ private final String anotherDescription = "Another Description";
+ private final String name = "name";
- private final RESP resp = RESP.IS_AUTHENTICATED;
+ private final RESP resp = RESP.IS_AUTHENTICATED;
- @Before
- public void setup() throws IOException {
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setup() throws IOException {
+ MockitoAnnotations.initMocks(this);
- when(delegateMock.desc()).thenReturn(anotherDescription);
- when(delegateMock.isValid()).thenReturn(true);
- when(delegateMock.isAuthenticated()).thenReturn(resp);
- when(delegateMock.authenticate()).thenReturn(resp);
- when(delegateMock.getAccess()).thenReturn(accessMock);
- when(delegateMock.isFailedAttempt()).thenReturn(true);
+ when(delegateMock.desc()).thenReturn(anotherDescription);
+ when(delegateMock.isValid()).thenReturn(true);
+ when(delegateMock.isAuthenticated()).thenReturn(resp);
+ when(delegateMock.authenticate()).thenReturn(resp);
+ when(delegateMock.getAccess()).thenReturn(accessMock);
+ when(delegateMock.isFailedAttempt()).thenReturn(true);
- when(principalMock.getName()).thenReturn(name);
- }
+ when(principalMock.getName()).thenReturn(name);
+ }
- @Test
- public void test() throws IOException {
- TrustTafResp ttr = new TrustTafResp(delegateMock, principalMock, description);
- assertThat(ttr.isValid(), is(true));
- assertThat(ttr.desc(), is(description + ' ' + anotherDescription));
- assertThat(ttr.authenticate(), is(resp));
- assertThat(ttr.isAuthenticated(), is(resp));
- assertThat(ttr.getPrincipal(), is(principalMock));
- assertThat(ttr.getAccess(), is(accessMock));
- assertThat(ttr.isFailedAttempt(), is(true));
- assertThat(ttr.toString(), is(name + " by trust of " + description + ' ' + anotherDescription));
- }
+ @Test
+ public void test() throws IOException {
+ TrustTafResp ttr = new TrustTafResp(delegateMock, principalMock, description);
+ assertThat(ttr.isValid(), is(true));
+ assertThat(ttr.desc(), is(description + ' ' + anotherDescription));
+ assertThat(ttr.authenticate(), is(resp));
+ assertThat(ttr.isAuthenticated(), is(resp));
+ assertThat(ttr.getPrincipal(), is(principalMock));
+ assertThat(ttr.getAccess(), is(accessMock));
+ assertThat(ttr.isFailedAttempt(), is(true));
+ assertThat(ttr.toString(), is(name + " by trust of " + description + ' ' + anotherDescription));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AES.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AES.java
index d78706dc..67dcb397 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AES.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AES.java
@@ -46,149 +46,149 @@ import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.Symm;
public class JU_AES {
- private AES aes;
- private ByteArrayInputStream baisEncrypt;
- private ByteArrayInputStream baisDecrypt;
- private ByteArrayOutputStream baosEncrypt;
- private ByteArrayOutputStream baosDecrypt;
-
- private ByteArrayOutputStream errStream;
-
- @Before
- public void setup() throws Exception {
- byte[] keyBytes = new byte[AES.AES_KEY_SIZE/8];
- char[] codeset = Symm.base64.codeset;
- int offset = (Math.abs(codeset[0]) + 47) % (codeset.length - keyBytes.length);
- for(int i = 0; i < keyBytes.length; ++i) {
- keyBytes[i] = (byte)codeset[i+offset];
- }
- aes = new AES(keyBytes, 0, keyBytes.length);
-
- errStream = new ByteArrayOutputStream();
- System.setErr(new PrintStream(errStream));
- }
-
- @After
- public void tearDown() {
- System.setErr(System.err);
- }
-
- @Test
- public void newKeyTest() throws Exception {
- SecretKey secretKey = AES.newKey();
- assertThat(secretKey.getAlgorithm(), is(AES.class.getSimpleName()));
- }
-
- @Test
- public void encryptDecrpytFromBytes() throws Exception {
- String orig = "I'm a password, really";
- byte[] encrypted = aes.encrypt(orig.getBytes());
- byte[] decrypted = aes.decrypt(encrypted);
- assertThat(new String(decrypted), is(orig));
+ private AES aes;
+ private ByteArrayInputStream baisEncrypt;
+ private ByteArrayInputStream baisDecrypt;
+ private ByteArrayOutputStream baosEncrypt;
+ private ByteArrayOutputStream baosDecrypt;
+
+ private ByteArrayOutputStream errStream;
+
+ @Before
+ public void setup() throws Exception {
+ byte[] keyBytes = new byte[AES.AES_KEY_SIZE/8];
+ char[] codeset = Symm.base64.codeset;
+ int offset = (Math.abs(codeset[0]) + 47) % (codeset.length - keyBytes.length);
+ for(int i = 0; i < keyBytes.length; ++i) {
+ keyBytes[i] = (byte)codeset[i+offset];
+ }
+ aes = new AES(keyBytes, 0, keyBytes.length);
+
+ errStream = new ByteArrayOutputStream();
+ System.setErr(new PrintStream(errStream));
+ }
+
+ @After
+ public void tearDown() {
+ System.setErr(System.err);
+ }
+
+ @Test
+ public void newKeyTest() throws Exception {
+ SecretKey secretKey = AES.newKey();
+ assertThat(secretKey.getAlgorithm(), is(AES.class.getSimpleName()));
+ }
+
+ @Test
+ public void encryptDecrpytFromBytes() throws Exception {
+ String orig = "I'm a password, really";
+ byte[] encrypted = aes.encrypt(orig.getBytes());
+ byte[] decrypted = aes.decrypt(encrypted);
+ assertThat(new String(decrypted), is(orig));
- Field aeskeySpec_field = AES.class.getDeclaredField("aeskeySpec");
- aeskeySpec_field.setAccessible(true);
- aeskeySpec_field.set(aes, null);
-
- try {
- aes.encrypt(orig.getBytes());
- fail("Should have thrown an exception");
- } catch (CadiException e) {
- }
- try {
- aes.decrypt(encrypted);
- fail("Should have thrown an exception");
- } catch (CadiException e) {
- }
- }
-
- @Test
- public void saveToFileTest() throws Exception {
- String filePath = "src/test/resources/output_key";
- File keyfile = new File(filePath);
- aes.save(keyfile);
- assertTrue(Files.isReadable(Paths.get(filePath)));
- assertFalse(Files.isWritable(Paths.get(filePath)));
- assertFalse(Files.isExecutable(Paths.get(filePath)));
- keyfile.delete();
- }
-
- @Test
- public void encryptDecryptFromInputStream() throws Exception {
- String orig = "I'm a password, really";
- byte[] b64encrypted;
- String output;
-
- CipherInputStream cisEncrypt;
- CipherInputStream cisDecrypt;
-
- // Test CipherInputStream
- baisEncrypt = new ByteArrayInputStream(orig.getBytes());
- cisEncrypt = aes.inputStream(baisEncrypt, true);
- baosEncrypt = new ByteArrayOutputStream();
- transferFromInputStreamToOutputStream(cisEncrypt, baosEncrypt);
- cisEncrypt.close();
-
- b64encrypted = baosEncrypt.toByteArray();
-
- baisDecrypt = new ByteArrayInputStream(b64encrypted);
- cisDecrypt = aes.inputStream(baisDecrypt, false);
- baosDecrypt = new ByteArrayOutputStream();
- transferFromInputStreamToOutputStream(cisDecrypt, baosDecrypt);
- cisDecrypt.close();
-
- output = new String(baosDecrypt.toByteArray());
- assertThat(output, is(orig));
-
- Field aeskeySpec_field = AES.class.getDeclaredField("aeskeySpec");
- aeskeySpec_field.setAccessible(true);
- aeskeySpec_field.set(aes, null);
-
- assertNull(aes.inputStream(baisEncrypt, true));
- assertThat(errStream.toString(), is("Error creating Aes CipherInputStream\n"));
- }
-
- @Test
- public void encryptDecryptFromOutputStream() throws Exception {
- String orig = "I'm a password, really";
- byte[] b64encrypted;
- String output;
-
- CipherOutputStream cosEncrypt;
- CipherOutputStream cosDecrypt;
-
- // Test CipherOutputStream
- baisEncrypt = new ByteArrayInputStream(orig.getBytes());
- baosEncrypt = new ByteArrayOutputStream();
- cosEncrypt = aes.outputStream(baosEncrypt, true);
- transferFromInputStreamToOutputStream(baisEncrypt, cosEncrypt);
- cosEncrypt.close();
-
- b64encrypted = baosEncrypt.toByteArray();
-
- baosDecrypt = new ByteArrayOutputStream();
- cosDecrypt = aes.outputStream(baosDecrypt, false);
- baisDecrypt = new ByteArrayInputStream(b64encrypted);
- transferFromInputStreamToOutputStream(baisDecrypt, cosDecrypt);
- cosDecrypt.close();
-
- output = new String(baosDecrypt.toByteArray());
- assertThat(output, is(orig));
-
- Field aeskeySpec_field = AES.class.getDeclaredField("aeskeySpec");
- aeskeySpec_field.setAccessible(true);
- aeskeySpec_field.set(aes, null);
-
- assertNull(aes.outputStream(baosEncrypt, true));
- assertThat(errStream.toString(), is("Error creating Aes CipherOutputStream\n"));
- }
-
- public void transferFromInputStreamToOutputStream(InputStream is, OutputStream os) throws IOException {
- byte[] buffer = new byte[200];
- int len;
- while ((len = is.read(buffer)) != -1) {
- os.write(buffer, 0, len);
- }
- }
-
+ Field aeskeySpec_field = AES.class.getDeclaredField("aeskeySpec");
+ aeskeySpec_field.setAccessible(true);
+ aeskeySpec_field.set(aes, null);
+
+ try {
+ aes.encrypt(orig.getBytes());
+ fail("Should have thrown an exception");
+ } catch (CadiException e) {
+ }
+ try {
+ aes.decrypt(encrypted);
+ fail("Should have thrown an exception");
+ } catch (CadiException e) {
+ }
+ }
+
+ @Test
+ public void saveToFileTest() throws Exception {
+ String filePath = "src/test/resources/output_key";
+ File keyfile = new File(filePath);
+ aes.save(keyfile);
+ assertTrue(Files.isReadable(Paths.get(filePath)));
+ assertFalse(Files.isWritable(Paths.get(filePath)));
+ assertFalse(Files.isExecutable(Paths.get(filePath)));
+ keyfile.delete();
+ }
+
+ @Test
+ public void encryptDecryptFromInputStream() throws Exception {
+ String orig = "I'm a password, really";
+ byte[] b64encrypted;
+ String output;
+
+ CipherInputStream cisEncrypt;
+ CipherInputStream cisDecrypt;
+
+ // Test CipherInputStream
+ baisEncrypt = new ByteArrayInputStream(orig.getBytes());
+ cisEncrypt = aes.inputStream(baisEncrypt, true);
+ baosEncrypt = new ByteArrayOutputStream();
+ transferFromInputStreamToOutputStream(cisEncrypt, baosEncrypt);
+ cisEncrypt.close();
+
+ b64encrypted = baosEncrypt.toByteArray();
+
+ baisDecrypt = new ByteArrayInputStream(b64encrypted);
+ cisDecrypt = aes.inputStream(baisDecrypt, false);
+ baosDecrypt = new ByteArrayOutputStream();
+ transferFromInputStreamToOutputStream(cisDecrypt, baosDecrypt);
+ cisDecrypt.close();
+
+ output = new String(baosDecrypt.toByteArray());
+ assertThat(output, is(orig));
+
+ Field aeskeySpec_field = AES.class.getDeclaredField("aeskeySpec");
+ aeskeySpec_field.setAccessible(true);
+ aeskeySpec_field.set(aes, null);
+
+ assertNull(aes.inputStream(baisEncrypt, true));
+ assertThat(errStream.toString(), is("Error creating Aes CipherInputStream\n"));
+ }
+
+ @Test
+ public void encryptDecryptFromOutputStream() throws Exception {
+ String orig = "I'm a password, really";
+ byte[] b64encrypted;
+ String output;
+
+ CipherOutputStream cosEncrypt;
+ CipherOutputStream cosDecrypt;
+
+ // Test CipherOutputStream
+ baisEncrypt = new ByteArrayInputStream(orig.getBytes());
+ baosEncrypt = new ByteArrayOutputStream();
+ cosEncrypt = aes.outputStream(baosEncrypt, true);
+ transferFromInputStreamToOutputStream(baisEncrypt, cosEncrypt);
+ cosEncrypt.close();
+
+ b64encrypted = baosEncrypt.toByteArray();
+
+ baosDecrypt = new ByteArrayOutputStream();
+ cosDecrypt = aes.outputStream(baosDecrypt, false);
+ baisDecrypt = new ByteArrayInputStream(b64encrypted);
+ transferFromInputStreamToOutputStream(baisDecrypt, cosDecrypt);
+ cosDecrypt.close();
+
+ output = new String(baosDecrypt.toByteArray());
+ assertThat(output, is(orig));
+
+ Field aeskeySpec_field = AES.class.getDeclaredField("aeskeySpec");
+ aeskeySpec_field.setAccessible(true);
+ aeskeySpec_field.set(aes, null);
+
+ assertNull(aes.outputStream(baosEncrypt, true));
+ assertThat(errStream.toString(), is("Error creating Aes CipherOutputStream\n"));
+ }
+
+ public void transferFromInputStreamToOutputStream(InputStream is, OutputStream os) throws IOException {
+ byte[] buffer = new byte[200];
+ int len;
+ while ((len = is.read(buffer)) != -1) {
+ os.write(buffer, 0, len);
+ }
+ }
+
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AbsUserCache.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AbsUserCache.java
index b34e90ab..8305be83 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AbsUserCache.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AbsUserCache.java
@@ -56,310 +56,310 @@ import org.onap.aaf.cadi.principal.CachedBasicPrincipal;
public class JU_AbsUserCache {
- @Mock private CachingLur<Permission> cl;
- @Mock private Principal principal;
- @Mock private CachedBasicPrincipal cbp;
- @Mock private LocalPermission permission1;
- @Mock private LocalPermission permission2;
-
- private Access access;
-
- private ByteArrayOutputStream outStream;
-
- private String name1 = "name1";
- private String name2 = "name2";
- private byte[] password = "password".getBytes();
-
- private static Field timerField;
-
- @BeforeClass
- public static void setupOnce() throws Exception {
- timerField = AbsUserCache.class.getDeclaredField("timer");
- timerField.setAccessible(true);
- }
-
- @Before
- public void setup() throws Exception {
- MockitoAnnotations.initMocks(this);
-
- outStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
-
- // This must happen after changing System.out
- access = new PropAccess();
-
- when(permission1.getKey()).thenReturn("NewKey1");
- when(permission2.getKey()).thenReturn("NewKey2");
-
- timerField.set(null, null);
- }
-
- @After
- public void tearDown() throws Exception {
- System.setOut(System.out);
- timerField.set(null, null);
- }
-
- @SuppressWarnings("unused")
- @Test
- public void constructorTest() {
- int cleanInterval = 65000;
- int maxInterval = 70000;
-
- AbsUserCacheStub<Permission> aucs1 = new AbsUserCacheStub<Permission>(access, cleanInterval, maxInterval, Integer.MAX_VALUE);
- String output = outStream.toString().split(" ", 2)[1];
- StringBuilder expected = new StringBuilder();
- expected.append("INIT [cadi] Cleaning Thread initialized with interval of ");
- expected.append(String.valueOf(cleanInterval));
- expected.append(" ms and max objects of ");
- expected.append(String.valueOf(maxInterval));
- expected.append(System.lineSeparator());
- assertThat(output, is(expected.toString()));
-
- outStream.reset();
- AbsUserCacheStub<Permission> aucs2 = new AbsUserCacheStub<Permission>(access, cleanInterval, maxInterval, Integer.MAX_VALUE);
- output = outStream.toString().split(" ", 2)[1];
- expected = new StringBuilder();
- expected.append("INIT [cadi] Cleaning Thread initialized with interval of ");
- expected.append(String.valueOf(cleanInterval));
- expected.append(" ms and max objects of ");
- expected.append(String.valueOf(maxInterval));
- expected.append(System.lineSeparator());
- assertThat(output, is(expected.toString()));
-
- AbsUserCacheStub<Permission> aucs3 = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
- AbsUserCacheStub<Permission> aucs4 = new AbsUserCacheStub<Permission>(aucs1);
-
- // For coverage
- AbsUserCacheCLStub<Permission> auccls1 = new AbsUserCacheCLStub<Permission>(aucs1);
- aucs1.setLur(cl);
- auccls1 = new AbsUserCacheCLStub<Permission>(aucs1);
- AbsUserCacheCLStub<Permission> auccls2 = new AbsUserCacheCLStub<Permission>(aucs3);
- }
-
- @Test
- public void setLurTest() {
- AbsUserCacheStub<Permission> aucs1 = new AbsUserCacheStub<Permission>(access, 65000, 70000, Integer.MAX_VALUE);
- AbsUserCacheStub<Permission> aucs2 = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
- aucs1.setLur(cl);
- aucs2.setLur(cl);
- }
-
- @Test
- public void addUserGetUserTest() throws NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
- AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
- User<Permission> user;
-
- // Test adding a user with a principal (non-GetCred). user does not have a cred
- // Then test getting that user
- when(principal.getName()).thenReturn(name1);
- user = new User<Permission>(principal, 0);
- aucs.addUser(user);
- assertThat(aucs.getUser(principal), is(user));
-
- // Test adding a user with a principal (GetCred). user does not have a cred
- // Then test getting that user
- GetCredStub gc = new GetCredStub();
- user = new User<Permission>(gc, 0);
- aucs.addUser(user);
- assertThat(aucs.getUser(gc), is(user));
-
- // Test adding a user with no principal
- // Then test getting that user via his name and cred
- user = new User<Permission>(name2, password);
- aucs.addUser(user);
- assertThat(aucs.getUser(name2, password), is(user));
-
- // Test getting a user by a CachedBasicPrincipal
- when(cbp.getName()).thenReturn(name2);
- when(cbp.getCred()).thenReturn(password);
- assertThat(aucs.getUser(cbp), is(user));
-
- // Force the user to expire, then test that he is no longer in the cache
- Field permExpiresField = User.class.getDeclaredField("permExpires");
- permExpiresField.setAccessible(true);
- permExpiresField.set(user, 0);
- assertThat(aucs.getUser(name2, password), is(nullValue()));
-
- // Test adding a user with a custom key
- // Then test gettin that user
- user = new User<Permission>(principal, 0);
- String key = principal.getName() + "NoCred";
- aucs.addUser(key, user);
- assertThat(aucs.getUser(principal), is(user));
-
- // Test that getUser returns null for principals that don't match any users
- when(principal.getName()).thenReturn("not in the cache");
- assertThat(aucs.getUser(principal), is(nullValue()));
-
- // That that getUser returns null for name/creds that are not in the cache
- assertThat(aucs.getUser("not a real user", "not in the cache".getBytes()), is(nullValue()));
- }
-
- @Test
- public void removeTest() {
- AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
- User<Permission> user;
-
- when(principal.getName()).thenReturn(name1);
- user = new User<Permission>(principal);
- // Add a user with a principal
- aucs.addUser(user);
- // Check that the user is in the cache
- assertThat(aucs.getUser(principal), is(user));
- // Remove the user
- when(principal.getName()).thenReturn(name1 + "NoCred");
- aucs.remove(user);
- // Check that the user is no longer in the cache
- when(principal.getName()).thenReturn(name1);
- assertThat(aucs.getUser(principal), is(nullValue()));
-
- // Add the user again
- aucs.addUser(user);
- // Check that the user is in the cache
- assertThat(aucs.getUser(principal), is(user));
- // Remove the user by name
- aucs.remove(name1 + "NoCred");
- // Check that the user is no longer in the cache
- assertThat(aucs.getUser(principal), is(nullValue()));
-
- // Coverage test - attempt to remove a user that is not in the cache
- aucs.remove(name1 + "NoCred");
- assertThat(aucs.getUser(principal), is(nullValue()));
- }
-
- @Test
- public void clearAllTest() {
- AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
- User<Permission> user1;
- User<Permission> user2;
-
- // Add some users to the cache
- when(principal.getName()).thenReturn(name1);
- user1 = new User<Permission>(principal);
- when(principal.getName()).thenReturn(name2);
- user2 = new User<Permission>(principal);
- aucs.addUser(user1);
- aucs.addUser(user2);
-
- // Check that the users are in the cache
- when(principal.getName()).thenReturn(name1);
- assertThat(aucs.getUser(principal), is(user1));
- when(principal.getName()).thenReturn(name2);
- assertThat(aucs.getUser(principal), is(user2));
-
- // Clear the cache
- aucs.clearAll();
-
- // Check that the users are no longer in the cache
- when(principal.getName()).thenReturn(name1);
- assertThat(aucs.getUser(principal), is(nullValue()));
- when(principal.getName()).thenReturn(name2);
- assertThat(aucs.getUser(principal), is(nullValue()));
- }
-
- @Test
- public void dumpInfoTest() {
- AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
- User<Permission> user1;
- User<Permission> user2;
-
- Principal principal1 = mock(Principal.class);
- Principal principal2 = mock(Principal.class);
- when(principal1.getName()).thenReturn(name1);
- when(principal2.getName()).thenReturn(name2);
-
- // Add some users with permissions to the cache
- user1 = new User<Permission>(principal1);
- user1.add(permission1);
- user1.add(permission2);
- user2 = new User<Permission>(principal2);
- user2.add(permission1);
- user2.add(permission2);
- aucs.addUser(user1);
- aucs.addUser(user2);
-
- // Dump the info
- List<AbsUserCache<Permission>.DumpInfo> dumpInfo = aucs.dumpInfo();
- assertThat(dumpInfo.size(), is(2));
-
- // Utility lists
- List<String> names = new ArrayList<>();
- names.add(name1);
- names.add(name2);
- List<String> permissions = new ArrayList<>();
- permissions.add("NewKey1");
- permissions.add("NewKey2");
-
- // We need to use "contains" because the dumpInfo was created from a list, so we don't know it's order
- for (AbsUserCache<Permission>.DumpInfo di : dumpInfo) {
- assertTrue(names.contains(di.user));
- for (String perm : di.perms) {
- assertTrue(permissions.contains(perm));
- }
- }
- }
-
- @Test
- public void handlesExclusivelyTest() {
- AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
- assertFalse(aucs.handlesExclusively(permission1));
- assertFalse(aucs.handlesExclusively(permission2));
- }
-
- @Test
- public void destroyTest() {
- AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
- aucs.destroy();
- aucs = new AbsUserCacheStub<Permission>(access, 1, 1, Integer.MAX_VALUE);
- aucs.destroy();
- }
-
- @Test
- public void missTest() throws IOException {
- AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
- // Add the Miss to the missmap
- assertTrue(aucs.addMiss("key", password)); // This one actually adds it
- assertTrue(aucs.addMiss("key", password)); // this one doesn't really do anything
- assertTrue(aucs.addMiss("key", password)); // neither does this one
- assertFalse(aucs.addMiss("key", password)); // By this time, the missMap is tired of this nonsense, and retaliates
- assertFalse(aucs.addMiss("key", password)); // Oh yea. He's angry
-
- // Can't really test this due to visibility
- aucs.missed("key", password);
-
- // Coverage
- AbsUserCacheStub<Permission> aucs1 = new AbsUserCacheStub<Permission>(access, 1, 1, Integer.MAX_VALUE);
- aucs1.addMiss("key", password);
- }
-
- class AbsUserCacheStub<PERM extends Permission> extends AbsUserCache<PERM> {
- public AbsUserCacheStub(Access access, long cleanInterval, int highCount, int usageCount) { super(access, cleanInterval, highCount, usageCount); }
- public AbsUserCacheStub(AbsUserCache<PERM> cache) { super(cache); }
- @Override public void setLur(CachingLur<PERM> lur) { super.setLur(lur); }
- @Override public void addUser(User<PERM> user) { super.addUser(user); }
- @Override public void addUser(String key, User<PERM> user) { super.addUser(key, user); }
- @Override public User<PERM> getUser(Principal p) { return super.getUser(p); }
- @Override public User<PERM> getUser(CachedBasicPrincipal p) { return super.getUser(p); }
- @Override public User<PERM> getUser(String user, byte[] cred) { return super.getUser(user, cred); }
- @Override public void remove(User<PERM> user) { super.remove(user); }
- @Override public boolean addMiss(String key, byte[] bs) { return super.addMiss(key, bs); }
- @Override public Miss missed(String key, byte[] bs) throws IOException { return super.missed(key, bs); }
- }
-
- class AbsUserCacheCLStub<PERM extends Permission> extends AbsUserCache<PERM> implements CachingLur<PERM> {
- public AbsUserCacheCLStub(AbsUserCache<PERM> cache) { super(cache); }
- @Override public Permission createPerm(String p) { return null; }
- @Override public boolean fish(Principal bait, Permission ... pond) { return false; }
- @Override public void fishAll(Principal bait, List<Permission> permissions) { }
- @Override public boolean handles(Principal principal) { return false; }
- @Override public Resp reload(User<PERM> user) { return null; }
- @Override public void setDebug(String commaDelimIDsOrNull) { }
- }
-
- class GetCredStub implements Principal, GetCred {
- @Override public byte[] getCred() { return password; }
- @Override public String getName() { return name1; }
- }
+ @Mock private CachingLur<Permission> cl;
+ @Mock private Principal principal;
+ @Mock private CachedBasicPrincipal cbp;
+ @Mock private LocalPermission permission1;
+ @Mock private LocalPermission permission2;
+
+ private Access access;
+
+ private ByteArrayOutputStream outStream;
+
+ private String name1 = "name1";
+ private String name2 = "name2";
+ private byte[] password = "password".getBytes();
+
+ private static Field timerField;
+
+ @BeforeClass
+ public static void setupOnce() throws Exception {
+ timerField = AbsUserCache.class.getDeclaredField("timer");
+ timerField.setAccessible(true);
+ }
+
+ @Before
+ public void setup() throws Exception {
+ MockitoAnnotations.initMocks(this);
+
+ outStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
+
+ // This must happen after changing System.out
+ access = new PropAccess();
+
+ when(permission1.getKey()).thenReturn("NewKey1");
+ when(permission2.getKey()).thenReturn("NewKey2");
+
+ timerField.set(null, null);
+ }
+
+ @After
+ public void tearDown() throws Exception {
+ System.setOut(System.out);
+ timerField.set(null, null);
+ }
+
+ @SuppressWarnings("unused")
+ @Test
+ public void constructorTest() {
+ int cleanInterval = 65000;
+ int maxInterval = 70000;
+
+ AbsUserCacheStub<Permission> aucs1 = new AbsUserCacheStub<Permission>(access, cleanInterval, maxInterval, Integer.MAX_VALUE);
+ String output = outStream.toString().split(" ", 2)[1];
+ StringBuilder expected = new StringBuilder();
+ expected.append("INIT [cadi] Cleaning Thread initialized with interval of ");
+ expected.append(String.valueOf(cleanInterval));
+ expected.append(" ms and max objects of ");
+ expected.append(String.valueOf(maxInterval));
+ expected.append(System.lineSeparator());
+ assertThat(output, is(expected.toString()));
+
+ outStream.reset();
+ AbsUserCacheStub<Permission> aucs2 = new AbsUserCacheStub<Permission>(access, cleanInterval, maxInterval, Integer.MAX_VALUE);
+ output = outStream.toString().split(" ", 2)[1];
+ expected = new StringBuilder();
+ expected.append("INIT [cadi] Cleaning Thread initialized with interval of ");
+ expected.append(String.valueOf(cleanInterval));
+ expected.append(" ms and max objects of ");
+ expected.append(String.valueOf(maxInterval));
+ expected.append(System.lineSeparator());
+ assertThat(output, is(expected.toString()));
+
+ AbsUserCacheStub<Permission> aucs3 = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ AbsUserCacheStub<Permission> aucs4 = new AbsUserCacheStub<Permission>(aucs1);
+
+ // For coverage
+ AbsUserCacheCLStub<Permission> auccls1 = new AbsUserCacheCLStub<Permission>(aucs1);
+ aucs1.setLur(cl);
+ auccls1 = new AbsUserCacheCLStub<Permission>(aucs1);
+ AbsUserCacheCLStub<Permission> auccls2 = new AbsUserCacheCLStub<Permission>(aucs3);
+ }
+
+ @Test
+ public void setLurTest() {
+ AbsUserCacheStub<Permission> aucs1 = new AbsUserCacheStub<Permission>(access, 65000, 70000, Integer.MAX_VALUE);
+ AbsUserCacheStub<Permission> aucs2 = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ aucs1.setLur(cl);
+ aucs2.setLur(cl);
+ }
+
+ @Test
+ public void addUserGetUserTest() throws NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
+ AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ User<Permission> user;
+
+ // Test adding a user with a principal (non-GetCred). user does not have a cred
+ // Then test getting that user
+ when(principal.getName()).thenReturn(name1);
+ user = new User<Permission>(principal, 0);
+ aucs.addUser(user);
+ assertThat(aucs.getUser(principal), is(user));
+
+ // Test adding a user with a principal (GetCred). user does not have a cred
+ // Then test getting that user
+ GetCredStub gc = new GetCredStub();
+ user = new User<Permission>(gc, 0);
+ aucs.addUser(user);
+ assertThat(aucs.getUser(gc), is(user));
+
+ // Test adding a user with no principal
+ // Then test getting that user via his name and cred
+ user = new User<Permission>(name2, password);
+ aucs.addUser(user);
+ assertThat(aucs.getUser(name2, password), is(user));
+
+ // Test getting a user by a CachedBasicPrincipal
+ when(cbp.getName()).thenReturn(name2);
+ when(cbp.getCred()).thenReturn(password);
+ assertThat(aucs.getUser(cbp), is(user));
+
+ // Force the user to expire, then test that he is no longer in the cache
+ Field permExpiresField = User.class.getDeclaredField("permExpires");
+ permExpiresField.setAccessible(true);
+ permExpiresField.set(user, 0);
+ assertThat(aucs.getUser(name2, password), is(nullValue()));
+
+ // Test adding a user with a custom key
+ // Then test gettin that user
+ user = new User<Permission>(principal, 0);
+ String key = principal.getName() + "NoCred";
+ aucs.addUser(key, user);
+ assertThat(aucs.getUser(principal), is(user));
+
+ // Test that getUser returns null for principals that don't match any users
+ when(principal.getName()).thenReturn("not in the cache");
+ assertThat(aucs.getUser(principal), is(nullValue()));
+
+ // That that getUser returns null for name/creds that are not in the cache
+ assertThat(aucs.getUser("not a real user", "not in the cache".getBytes()), is(nullValue()));
+ }
+
+ @Test
+ public void removeTest() {
+ AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ User<Permission> user;
+
+ when(principal.getName()).thenReturn(name1);
+ user = new User<Permission>(principal);
+ // Add a user with a principal
+ aucs.addUser(user);
+ // Check that the user is in the cache
+ assertThat(aucs.getUser(principal), is(user));
+ // Remove the user
+ when(principal.getName()).thenReturn(name1 + "NoCred");
+ aucs.remove(user);
+ // Check that the user is no longer in the cache
+ when(principal.getName()).thenReturn(name1);
+ assertThat(aucs.getUser(principal), is(nullValue()));
+
+ // Add the user again
+ aucs.addUser(user);
+ // Check that the user is in the cache
+ assertThat(aucs.getUser(principal), is(user));
+ // Remove the user by name
+ aucs.remove(name1 + "NoCred");
+ // Check that the user is no longer in the cache
+ assertThat(aucs.getUser(principal), is(nullValue()));
+
+ // Coverage test - attempt to remove a user that is not in the cache
+ aucs.remove(name1 + "NoCred");
+ assertThat(aucs.getUser(principal), is(nullValue()));
+ }
+
+ @Test
+ public void clearAllTest() {
+ AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ User<Permission> user1;
+ User<Permission> user2;
+
+ // Add some users to the cache
+ when(principal.getName()).thenReturn(name1);
+ user1 = new User<Permission>(principal);
+ when(principal.getName()).thenReturn(name2);
+ user2 = new User<Permission>(principal);
+ aucs.addUser(user1);
+ aucs.addUser(user2);
+
+ // Check that the users are in the cache
+ when(principal.getName()).thenReturn(name1);
+ assertThat(aucs.getUser(principal), is(user1));
+ when(principal.getName()).thenReturn(name2);
+ assertThat(aucs.getUser(principal), is(user2));
+
+ // Clear the cache
+ aucs.clearAll();
+
+ // Check that the users are no longer in the cache
+ when(principal.getName()).thenReturn(name1);
+ assertThat(aucs.getUser(principal), is(nullValue()));
+ when(principal.getName()).thenReturn(name2);
+ assertThat(aucs.getUser(principal), is(nullValue()));
+ }
+
+ @Test
+ public void dumpInfoTest() {
+ AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ User<Permission> user1;
+ User<Permission> user2;
+
+ Principal principal1 = mock(Principal.class);
+ Principal principal2 = mock(Principal.class);
+ when(principal1.getName()).thenReturn(name1);
+ when(principal2.getName()).thenReturn(name2);
+
+ // Add some users with permissions to the cache
+ user1 = new User<Permission>(principal1);
+ user1.add(permission1);
+ user1.add(permission2);
+ user2 = new User<Permission>(principal2);
+ user2.add(permission1);
+ user2.add(permission2);
+ aucs.addUser(user1);
+ aucs.addUser(user2);
+
+ // Dump the info
+ List<AbsUserCache<Permission>.DumpInfo> dumpInfo = aucs.dumpInfo();
+ assertThat(dumpInfo.size(), is(2));
+
+ // Utility lists
+ List<String> names = new ArrayList<>();
+ names.add(name1);
+ names.add(name2);
+ List<String> permissions = new ArrayList<>();
+ permissions.add("NewKey1");
+ permissions.add("NewKey2");
+
+ // We need to use "contains" because the dumpInfo was created from a list, so we don't know it's order
+ for (AbsUserCache<Permission>.DumpInfo di : dumpInfo) {
+ assertTrue(names.contains(di.user));
+ for (String perm : di.perms) {
+ assertTrue(permissions.contains(perm));
+ }
+ }
+ }
+
+ @Test
+ public void handlesExclusivelyTest() {
+ AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ assertFalse(aucs.handlesExclusively(permission1));
+ assertFalse(aucs.handlesExclusively(permission2));
+ }
+
+ @Test
+ public void destroyTest() {
+ AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ aucs.destroy();
+ aucs = new AbsUserCacheStub<Permission>(access, 1, 1, Integer.MAX_VALUE);
+ aucs.destroy();
+ }
+
+ @Test
+ public void missTest() throws IOException {
+ AbsUserCacheStub<Permission> aucs = new AbsUserCacheStub<Permission>(access, 0, 0, Integer.MAX_VALUE);
+ // Add the Miss to the missmap
+ assertTrue(aucs.addMiss("key", password)); // This one actually adds it
+ assertTrue(aucs.addMiss("key", password)); // this one doesn't really do anything
+ assertTrue(aucs.addMiss("key", password)); // neither does this one
+ assertFalse(aucs.addMiss("key", password)); // By this time, the missMap is tired of this nonsense, and retaliates
+ assertFalse(aucs.addMiss("key", password)); // Oh yea. He's angry
+
+ // Can't really test this due to visibility
+ aucs.missed("key", password);
+
+ // Coverage
+ AbsUserCacheStub<Permission> aucs1 = new AbsUserCacheStub<Permission>(access, 1, 1, Integer.MAX_VALUE);
+ aucs1.addMiss("key", password);
+ }
+
+ class AbsUserCacheStub<PERM extends Permission> extends AbsUserCache<PERM> {
+ public AbsUserCacheStub(Access access, long cleanInterval, int highCount, int usageCount) { super(access, cleanInterval, highCount, usageCount); }
+ public AbsUserCacheStub(AbsUserCache<PERM> cache) { super(cache); }
+ @Override public void setLur(CachingLur<PERM> lur) { super.setLur(lur); }
+ @Override public void addUser(User<PERM> user) { super.addUser(user); }
+ @Override public void addUser(String key, User<PERM> user) { super.addUser(key, user); }
+ @Override public User<PERM> getUser(Principal p) { return super.getUser(p); }
+ @Override public User<PERM> getUser(CachedBasicPrincipal p) { return super.getUser(p); }
+ @Override public User<PERM> getUser(String user, byte[] cred) { return super.getUser(user, cred); }
+ @Override public void remove(User<PERM> user) { super.remove(user); }
+ @Override public boolean addMiss(String key, byte[] bs) { return super.addMiss(key, bs); }
+ @Override public Miss missed(String key, byte[] bs) throws IOException { return super.missed(key, bs); }
+ }
+
+ class AbsUserCacheCLStub<PERM extends Permission> extends AbsUserCache<PERM> implements CachingLur<PERM> {
+ public AbsUserCacheCLStub(AbsUserCache<PERM> cache) { super(cache); }
+ @Override public Permission createPerm(String p) { return null; }
+ @Override public boolean fish(Principal bait, Permission ... pond) { return false; }
+ @Override public void fishAll(Principal bait, List<Permission> permissions) { }
+ @Override public boolean handles(Principal principal) { return false; }
+ @Override public Resp reload(User<PERM> user) { return null; }
+ @Override public void setDebug(String commaDelimIDsOrNull) { }
+ }
+
+ class GetCredStub implements Principal, GetCred {
+ @Override public byte[] getCred() { return password; }
+ @Override public String getName() { return name1; }
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Access.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Access.java
index 98903567..f97fb5fe 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Access.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Access.java
@@ -32,35 +32,35 @@ import org.onap.aaf.cadi.Access.Level;
public class JU_Access {
- @Test
- public void levelTests() {
- assertTrue(Level.DEBUG.inMask(0x1));
- for (int i = 2; i > 0; i <<= 1) {
- assertFalse(Level.DEBUG.inMask(i));
- }
- assertFalse(Level.DEBUG.inMask(0x80000000));
+ @Test
+ public void levelTests() {
+ assertTrue(Level.DEBUG.inMask(0x1));
+ for (int i = 2; i > 0; i <<= 1) {
+ assertFalse(Level.DEBUG.inMask(i));
+ }
+ assertFalse(Level.DEBUG.inMask(0x80000000));
- assertThat(Level.DEBUG.addToMask(0x2), is(0x3));
- assertThat(Level.DEBUG.delFromMask(0x1), is(0x0));
- assertThat(Level.DEBUG.toggle(0x2), is(0x3));
- assertThat(Level.DEBUG.toggle(0x1), is(0x0));
- assertThat(Level.DEBUG.maskOf(), is(123153));
- assertThat(Level.NONE.maskOf(), is(0));
- }
+ assertThat(Level.DEBUG.addToMask(0x2), is(0x3));
+ assertThat(Level.DEBUG.delFromMask(0x1), is(0x0));
+ assertThat(Level.DEBUG.toggle(0x2), is(0x3));
+ assertThat(Level.DEBUG.toggle(0x1), is(0x0));
+ assertThat(Level.DEBUG.maskOf(), is(123153));
+ assertThat(Level.NONE.maskOf(), is(0));
+ }
- @Test
- public void nullTests() throws IOException {
- // These are entirely for coverage
- Access.NULL.log(Level.DEBUG);
- Access.NULL.printf(Level.DEBUG, "");
- Access.NULL.log(new Exception());
- Access.NULL.classLoader();
- assertThat(Access.NULL.getProperty("", ""), is(nullValue()));
- Access.NULL.load(System.in);
- Access.NULL.setLogLevel(Level.DEBUG);
- assertThat(Access.NULL.decrypt("test", true), is("test"));
- assertFalse(Access.NULL.willLog(Level.DEBUG));
- assertThat(Access.NULL.getProperties(), is(not(nullValue())));
- }
+ @Test
+ public void nullTests() throws IOException {
+ // These are entirely for coverage
+ Access.NULL.log(Level.DEBUG);
+ Access.NULL.printf(Level.DEBUG, "");
+ Access.NULL.log(new Exception());
+ Access.NULL.classLoader();
+ assertThat(Access.NULL.getProperty("", ""), is(nullValue()));
+ Access.NULL.load(System.in);
+ Access.NULL.setLogLevel(Level.DEBUG);
+ assertThat(Access.NULL.decrypt("test", true), is("test"));
+ assertFalse(Access.NULL.willLog(Level.DEBUG));
+ assertThat(Access.NULL.getProperties(), is(not(nullValue())));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Base64.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Base64.java
index 801259d4..e819d574 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Base64.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Base64.java
@@ -34,59 +34,59 @@ import org.onap.aaf.cadi.Symm;
import org.onap.aaf.cadi.config.Config;
public class JU_Base64 {
- private static final String encoding = "Man is distinguished, not only by his reason, but by this singular " +
- "passion from other animals, which is a lust of the mind, that by a " +
- "perseverance of delight in the continued and indefatigable generation of " +
- "knowledge, exceeds the short vehemence of any carnal pleasure.";
+ private static final String encoding = "Man is distinguished, not only by his reason, but by this singular " +
+ "passion from other animals, which is a lust of the mind, that by a " +
+ "perseverance of delight in the continued and indefatigable generation of " +
+ "knowledge, exceeds the short vehemence of any carnal pleasure.";
- private static final String expected =
- "TWFuIGlzIGRpc3Rpbmd1aXNoZWQsIG5vdCBvbmx5IGJ5IGhpcyByZWFzb24sIGJ1dCBieSB0aGlz\n" +
- "IHNpbmd1bGFyIHBhc3Npb24gZnJvbSBvdGhlciBhbmltYWxzLCB3aGljaCBpcyBhIGx1c3Qgb2Yg\n" +
- "dGhlIG1pbmQsIHRoYXQgYnkgYSBwZXJzZXZlcmFuY2Ugb2YgZGVsaWdodCBpbiB0aGUgY29udGlu\n" +
- "dWVkIGFuZCBpbmRlZmF0aWdhYmxlIGdlbmVyYXRpb24gb2Yga25vd2xlZGdlLCBleGNlZWRzIHRo\n" +
- "ZSBzaG9ydCB2ZWhlbWVuY2Ugb2YgYW55IGNhcm5hbCBwbGVhc3VyZS4=";
+ private static final String expected =
+ "TWFuIGlzIGRpc3Rpbmd1aXNoZWQsIG5vdCBvbmx5IGJ5IGhpcyByZWFzb24sIGJ1dCBieSB0aGlz\n" +
+ "IHNpbmd1bGFyIHBhc3Npb24gZnJvbSBvdGhlciBhbmltYWxzLCB3aGljaCBpcyBhIGx1c3Qgb2Yg\n" +
+ "dGhlIG1pbmQsIHRoYXQgYnkgYSBwZXJzZXZlcmFuY2Ugb2YgZGVsaWdodCBpbiB0aGUgY29udGlu\n" +
+ "dWVkIGFuZCBpbmRlZmF0aWdhYmxlIGdlbmVyYXRpb24gb2Yga25vd2xlZGdlLCBleGNlZWRzIHRo\n" +
+ "ZSBzaG9ydCB2ZWhlbWVuY2Ugb2YgYW55IGNhcm5hbCBwbGVhc3VyZS4=";
- @Test
- public void test() throws Exception {
- // Test with different Padding
- assertEncoded("leas", "bGVhcw==");
- assertEncoded("leasu", "bGVhc3U=");
- assertEncoded("leasur", "bGVhc3Vy");
- assertEncoded("leasure", "bGVhc3VyZQ==");
- assertEncoded("leasure.", "bGVhc3VyZS4=");
+ @Test
+ public void test() throws Exception {
+ // Test with different Padding
+ assertEncoded("leas", "bGVhcw==");
+ assertEncoded("leasu", "bGVhc3U=");
+ assertEncoded("leasur", "bGVhc3Vy");
+ assertEncoded("leasure", "bGVhc3VyZQ==");
+ assertEncoded("leasure.", "bGVhc3VyZS4=");
- // Test with line ends
- assertEncoded(encoding, expected);
- }
+ // Test with line ends
+ assertEncoded(encoding, expected);
+ }
- @Test
- public void symmetric() throws IOException {
- String symmetric = new String(Symm.keygen());
- Symm bsym = Symm.obtain(symmetric);
- String result = bsym.encode(encoding);
- assertThat(bsym.decode(result), is(encoding));
+ @Test
+ public void symmetric() throws IOException {
+ String symmetric = new String(Symm.keygen());
+ Symm bsym = Symm.obtain(symmetric);
+ String result = bsym.encode(encoding);
+ assertThat(bsym.decode(result), is(encoding));
- char[] manipulate = symmetric.toCharArray();
- int spot = new SecureRandom().nextInt(manipulate.length);
- manipulate[spot]|=0xFF;
- String newsymmetric = new String(manipulate);
- assertThat(symmetric, is(not(newsymmetric)));
- try {
- bsym = Symm.obtain(newsymmetric);
- result = bsym.decode(result);
- assertThat(result, is(encoding));
- } catch (IOException e) {
- // this is what we want to see if key wrong
- }
- }
+ char[] manipulate = symmetric.toCharArray();
+ int spot = new SecureRandom().nextInt(manipulate.length);
+ manipulate[spot]|=0xFF;
+ String newsymmetric = new String(manipulate);
+ assertThat(symmetric, is(not(newsymmetric)));
+ try {
+ bsym = Symm.obtain(newsymmetric);
+ result = bsym.decode(result);
+ assertThat(result, is(encoding));
+ } catch (IOException e) {
+ // this is what we want to see if key wrong
+ }
+ }
- private void assertEncoded(String toEncode, String expected) throws IOException {
- String result = Symm.base64.encode(toEncode);
- assertThat(result, is(expected));
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- Symm.base64.decode(new ByteArrayInputStream(result.getBytes()), baos);
- result = baos.toString(Config.UTF_8);
- assertThat(result, is(toEncode));
- }
+ private void assertEncoded(String toEncode, String expected) throws IOException {
+ String result = Symm.base64.encode(toEncode);
+ assertThat(result, is(expected));
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ Symm.base64.decode(new ByteArrayInputStream(result.getBytes()), baos);
+ result = baos.toString(Config.UTF_8);
+ assertThat(result, is(toEncode));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedCadiWrap.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedCadiWrap.java
index 172270da..d01e0f07 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedCadiWrap.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedCadiWrap.java
@@ -28,18 +28,18 @@ import org.mockito.Mock;
import org.mockito.MockitoAnnotations;
public class JU_BufferedCadiWrap {
- @Mock
- private HttpServletRequest request;
-
- @Before
- public void setUp() throws Exception {
- MockitoAnnotations.initMocks(this);
- }
+ @Mock
+ private HttpServletRequest request;
+
+ @Before
+ public void setUp() throws Exception {
+ MockitoAnnotations.initMocks(this);
+ }
- @Test
- public void constructorTest() {
- // TODO: Ian - This will always fail beacuse the constructor is invalid
- // BufferedCadiWrap bcw = new BufferedCadiWrap(request);
- }
+ @Test
+ public void constructorTest() {
+ // TODO: Ian - This will always fail beacuse the constructor is invalid
+ // BufferedCadiWrap bcw = new BufferedCadiWrap(request);
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedServletInputStream.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedServletInputStream.java
index 66ac3610..a16487f8 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedServletInputStream.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedServletInputStream.java
@@ -34,98 +34,98 @@ import org.onap.aaf.cadi.BufferedServletInputStream;
import static junit.framework.Assert.assertEquals;
public class JU_BufferedServletInputStream {
- private BufferedServletInputStream bsis;
- private String expected;
-
- @Before
- public void setup() throws FileNotFoundException {
- expected = new String("This is the expected output");
- bsis = new BufferedServletInputStream(new ByteArrayInputStream(expected.getBytes()));
- }
-
- @After
- public void tearDown() throws IOException {
- bsis.close();
- }
-
- @Test
- public void ByteReadNoMarkTest() throws Exception {
- int c;
- int i = 0;
- byte output[] = new byte[100];
- while ((c = bsis.read()) != -1) {
- output[i++] = (byte)c;
- }
- Assert.assertEquals(new String(output, 0, i), expected);
- }
-
- @Test
- public void ByteReadMarkTest() throws Exception {
- bsis.mark(0);
- int c;
- int i = 0;
- byte output[] = new byte[100];
- while ((c = bsis.read()) != -1) {
- output[i++] = (byte)c;
- }
- Assert.assertEquals(new String(output, 0, i), expected);
- }
-
- @Test
- public void ByteReadStateIsStoreTest() throws Exception {
- Field state_field = BufferedServletInputStream.class.getDeclaredField("state");
- state_field.setAccessible(true);
- bsis.mark(0);
- int c;
- int i = 0;
- byte output[] = new byte[100];
- while ((c = bsis.read()) != -1) {
- output[i++] = (byte)c;
- }
- bsis.reset();
- Assert.assertEquals(state_field.get(bsis), 2); // state == READ
- }
-
- @Test
- public void ByteReadStateIsReadTest() throws Exception {
- bsis.mark(0); // Initialize the capacitor
- boolean isReset = false;
- int c;
- int i = 0;
- byte output[] = new byte[100];
- while ((c = bsis.read()) != -1) {
- output[i++] = (byte)c;
- if ((i > 5) && !isReset) {
- // Close the capacitor and start over. This is done for coverage purposes
- i = 0;
- isReset = true;
- bsis.reset(); // Sets state to READ
- }
- }
- Assert.assertEquals(new String(output, 0, i), expected);
- }
-
- @Test
- public void ByteReadStateIsNoneTest() throws Exception {
- Field state_field = BufferedServletInputStream.class.getDeclaredField("state");
- state_field.setAccessible(true);
- bsis.mark(0); // Initialize the capacitor
- int c;
- c = bsis.read();
- // Close the capacitor. This is done for coverage purposes
- bsis.reset(); // Sets state to READ
- state_field.setInt(bsis, 0); // state == NONE
- c = bsis.read();
- Assert.assertEquals(c, -1);
- }
-
- @Test
- public void ByteArrayReadNoMarkTest() throws Exception {
- byte output[] = new byte[100];
- int count = bsis.read(output, 0, expected.length());
- Assert.assertEquals(new String(output, 0, count), expected);
- Assert.assertEquals(count, expected.length());
- }
+ private BufferedServletInputStream bsis;
+ private String expected;
+
+ @Before
+ public void setup() throws FileNotFoundException {
+ expected = new String("This is the expected output");
+ bsis = new BufferedServletInputStream(new ByteArrayInputStream(expected.getBytes()));
+ }
+
+ @After
+ public void tearDown() throws IOException {
+ bsis.close();
+ }
+
+ @Test
+ public void ByteReadNoMarkTest() throws Exception {
+ int c;
+ int i = 0;
+ byte output[] = new byte[100];
+ while ((c = bsis.read()) != -1) {
+ output[i++] = (byte)c;
+ }
+ Assert.assertEquals(new String(output, 0, i), expected);
+ }
+
+ @Test
+ public void ByteReadMarkTest() throws Exception {
+ bsis.mark(0);
+ int c;
+ int i = 0;
+ byte output[] = new byte[100];
+ while ((c = bsis.read()) != -1) {
+ output[i++] = (byte)c;
+ }
+ Assert.assertEquals(new String(output, 0, i), expected);
+ }
+
+ @Test
+ public void ByteReadStateIsStoreTest() throws Exception {
+ Field state_field = BufferedServletInputStream.class.getDeclaredField("state");
+ state_field.setAccessible(true);
+ bsis.mark(0);
+ int c;
+ int i = 0;
+ byte output[] = new byte[100];
+ while ((c = bsis.read()) != -1) {
+ output[i++] = (byte)c;
+ }
+ bsis.reset();
+ Assert.assertEquals(state_field.get(bsis), 2); // state == READ
+ }
+
+ @Test
+ public void ByteReadStateIsReadTest() throws Exception {
+ bsis.mark(0); // Initialize the capacitor
+ boolean isReset = false;
+ int c;
+ int i = 0;
+ byte output[] = new byte[100];
+ while ((c = bsis.read()) != -1) {
+ output[i++] = (byte)c;
+ if ((i > 5) && !isReset) {
+ // Close the capacitor and start over. This is done for coverage purposes
+ i = 0;
+ isReset = true;
+ bsis.reset(); // Sets state to READ
+ }
+ }
+ Assert.assertEquals(new String(output, 0, i), expected);
+ }
+
+ @Test
+ public void ByteReadStateIsNoneTest() throws Exception {
+ Field state_field = BufferedServletInputStream.class.getDeclaredField("state");
+ state_field.setAccessible(true);
+ bsis.mark(0); // Initialize the capacitor
+ int c;
+ c = bsis.read();
+ // Close the capacitor. This is done for coverage purposes
+ bsis.reset(); // Sets state to READ
+ state_field.setInt(bsis, 0); // state == NONE
+ c = bsis.read();
+ Assert.assertEquals(c, -1);
+ }
+
+ @Test
+ public void ByteArrayReadNoMarkTest() throws Exception {
+ byte output[] = new byte[100];
+ int count = bsis.read(output, 0, expected.length());
+ Assert.assertEquals(new String(output, 0, count), expected);
+ Assert.assertEquals(count, expected.length());
+ }
@Test
public void ByteArrayReadTest() throws Exception {
@@ -135,50 +135,50 @@ public class JU_BufferedServletInputStream {
Assert.assertEquals(new String(output, 0, expected.length()), expected);
}
- @Test
- public void ByteArrayReadStateIsStoreTest() throws Exception {
- byte output[] = new byte[100];
- bsis.mark(0);
- int count = bsis.read(output, 0, expected.length());
- Assert.assertEquals(new String(output, 0, count), expected);
- Assert.assertEquals(count, expected.length());
-
- count = bsis.read(output, 0, 0);
- Assert.assertEquals(count, -1);
- }
-
- @Test
- public void ByteArrayReadStateIsReadTest() throws Exception {
- byte output[] = new byte[200];
- for(int i = 0; i < 2; ++i) {
- bsis.mark(0);
- bsis.read(output, 0, 100);
+ @Test
+ public void ByteArrayReadStateIsStoreTest() throws Exception {
+ byte output[] = new byte[100];
+ bsis.mark(0);
+ int count = bsis.read(output, 0, expected.length());
+ Assert.assertEquals(new String(output, 0, count), expected);
+ Assert.assertEquals(count, expected.length());
+
+ count = bsis.read(output, 0, 0);
+ Assert.assertEquals(count, -1);
+ }
+
+ @Test
+ public void ByteArrayReadStateIsReadTest() throws Exception {
+ byte output[] = new byte[200];
+ for(int i = 0; i < 2; ++i) {
+ bsis.mark(0);
+ bsis.read(output, 0, 100);
Assert.assertEquals(new String(output, 0, expected.length()), expected);
- bsis.reset();
- bsis.read(output, 0, output.length);
+ bsis.reset();
+ bsis.read(output, 0, output.length);
Assert.assertEquals(new String(output, 0, expected.length()), expected);
- bsis = new BufferedServletInputStream(new ByteArrayInputStream(output));
- if(i == 0) {
- output = new byte[200];
- }
- }
+ bsis = new BufferedServletInputStream(new ByteArrayInputStream(output));
+ if(i == 0) {
+ output = new byte[200];
+ }
+ }
Assert.assertEquals(new String(output, 0, expected.length()), expected);
- }
+ }
- @Test
- public void ByteArrayReadStateIsNoneTest() throws Exception {
+ @Test
+ public void ByteArrayReadStateIsNoneTest() throws Exception {
byte output[] = new byte[100];
bsis.mark(0);
Field state_field = BufferedServletInputStream.class.getDeclaredField("state");
- state_field.setAccessible(true);
+ state_field.setAccessible(true);
state_field.setInt(bsis, 0); // state == NONE
int count = bsis.read(output, 0, 100);
Assert.assertEquals(count, -1);
- }
+ }
@Test
public void skipTest() throws Exception {
@@ -210,42 +210,42 @@ public class JU_BufferedServletInputStream {
@Test
public void closeTest() throws Exception {
- Field capacitor_field = BufferedServletInputStream.class.getDeclaredField("capacitor");
- capacitor_field.setAccessible(true);
+ Field capacitor_field = BufferedServletInputStream.class.getDeclaredField("capacitor");
+ capacitor_field.setAccessible(true);
bsis.mark(0);
Assert.assertNotNull(capacitor_field.get(bsis));
bsis.close();
- Assert.assertNull(capacitor_field.get(bsis));
+ Assert.assertNull(capacitor_field.get(bsis));
}
- @Test
- public void markTest() throws NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
- Field state_field = BufferedServletInputStream.class.getDeclaredField("state");
- Field capacitor_field = BufferedServletInputStream.class.getDeclaredField("capacitor");
- capacitor_field.setAccessible(true);
- state_field.setAccessible(true);
+ @Test
+ public void markTest() throws NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
+ Field state_field = BufferedServletInputStream.class.getDeclaredField("state");
+ Field capacitor_field = BufferedServletInputStream.class.getDeclaredField("capacitor");
+ capacitor_field.setAccessible(true);
+ state_field.setAccessible(true);
- // capacitor is null initially
- Assert.assertNull(capacitor_field.get(bsis));
+ // capacitor is null initially
+ Assert.assertNull(capacitor_field.get(bsis));
- state_field.setInt(bsis, 0); // state == NONE
- bsis.mark(0); // the value passed into mark is ignored
- Assert.assertNotNull(capacitor_field.get(bsis));
- Assert.assertEquals(state_field.get(bsis), 1); // state == STORE
+ state_field.setInt(bsis, 0); // state == NONE
+ bsis.mark(0); // the value passed into mark is ignored
+ Assert.assertNotNull(capacitor_field.get(bsis));
+ Assert.assertEquals(state_field.get(bsis), 1); // state == STORE
- state_field.setInt(bsis, 1); // state == STORE
- bsis.mark(0); // the value passed into mark is ignored
- Assert.assertEquals(state_field.get(bsis), 1); // state == STORE
+ state_field.setInt(bsis, 1); // state == STORE
+ bsis.mark(0); // the value passed into mark is ignored
+ Assert.assertEquals(state_field.get(bsis), 1); // state == STORE
- state_field.setInt(bsis, 2); // state == READ
- bsis.mark(0); // the value passed into mark is ignored
- Assert.assertEquals(state_field.get(bsis), 1); // state == STORE
- }
+ state_field.setInt(bsis, 2); // state == READ
+ bsis.mark(0); // the value passed into mark is ignored
+ Assert.assertEquals(state_field.get(bsis), 1); // state == STORE
+ }
@Test
public void resetTest() throws Exception {
- Field state_field = BufferedServletInputStream.class.getDeclaredField("state");
- state_field.setAccessible(true);
+ Field state_field = BufferedServletInputStream.class.getDeclaredField("state");
+ state_field.setAccessible(true);
bsis.mark(0);
Assert.assertEquals(state_field.get(bsis), 1); // state == STORE
@@ -254,7 +254,7 @@ public class JU_BufferedServletInputStream {
bsis.reset();
Assert.assertEquals(state_field.get(bsis), 2); // state == READ
- state_field.setInt(bsis, -1); // state is invalid
+ state_field.setInt(bsis, -1); // state is invalid
bsis.reset(); // This call does nothing. It is for coverage alone
Assert.assertEquals(state_field.get(bsis), -1); // state doesn't change
@@ -271,50 +271,50 @@ public class JU_BufferedServletInputStream {
Assert.assertTrue(bsis.markSupported());
}
- // "Bug" 4/22/2013
- // Some XML code expects Buffered InputStream can never return 0... This isn't actually true, but we'll accommodate as far
- // as we can.
- // Here, we make sure we set and read the Buffered data, making sure the buffer is empty on the last test...
- @Test
- public void issue04_22_2013() throws IOException {
- String testString = "We want to read in and get out with a Buffered Stream seamlessly.";
- ByteArrayInputStream bais = new ByteArrayInputStream(testString.getBytes());
- BufferedServletInputStream bsis = new BufferedServletInputStream(bais);
- try {
- bsis.mark(0);
- byte aa[] = new byte[testString.length()]; // 65 count... important for our test (divisible by 5);
-
- int read;
- for(int i=0;i<aa.length;i+=5) {
- read = bsis.read(aa, i, 5);
- assertEquals(5,read);
- }
- // System.out.println(new String(aa));
-
- bsis.reset();
-
- byte bb[] = new byte[aa.length];
- read = 0;
- for(int i=0;read>=0;i+=read) {
- read = bsis.read(bb,i,5);
- switch(i) {
- case 65:
- assertEquals(read,-1);
- break;
- default:
- assertEquals(read,5);
- }
- }
- // System.out.println(new String(bb));
- assertEquals(testString,new String(aa));
- assertEquals(testString,new String(bb));
-
- } finally {
- bsis.close();
- bais.close();
- }
-
- }
+ // "Bug" 4/22/2013
+ // Some XML code expects Buffered InputStream can never return 0... This isn't actually true, but we'll accommodate as far
+ // as we can.
+ // Here, we make sure we set and read the Buffered data, making sure the buffer is empty on the last test...
+ @Test
+ public void issue04_22_2013() throws IOException {
+ String testString = "We want to read in and get out with a Buffered Stream seamlessly.";
+ ByteArrayInputStream bais = new ByteArrayInputStream(testString.getBytes());
+ BufferedServletInputStream bsis = new BufferedServletInputStream(bais);
+ try {
+ bsis.mark(0);
+ byte aa[] = new byte[testString.length()]; // 65 count... important for our test (divisible by 5);
+
+ int read;
+ for(int i=0;i<aa.length;i+=5) {
+ read = bsis.read(aa, i, 5);
+ assertEquals(5,read);
+ }
+ // System.out.println(new String(aa));
+
+ bsis.reset();
+
+ byte bb[] = new byte[aa.length];
+ read = 0;
+ for(int i=0;read>=0;i+=read) {
+ read = bsis.read(bb,i,5);
+ switch(i) {
+ case 65:
+ assertEquals(read,-1);
+ break;
+ default:
+ assertEquals(read,5);
+ }
+ }
+ // System.out.println(new String(bb));
+ assertEquals(testString,new String(aa));
+ assertEquals(testString,new String(bb));
+
+ } finally {
+ bsis.close();
+ bais.close();
+ }
+
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiException.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiException.java
index bfcaeeab..f1b5f144 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiException.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiException.java
@@ -29,92 +29,92 @@ import org.onap.aaf.cadi.CadiException;
import static org.hamcrest.CoreMatchers.is;
public class JU_CadiException {
- @Test
- public void testCadiException() {
- CadiException exception = new CadiException();
-
- assertNotNull(exception);
- }
-
- @Test
- public void testCadiExceptionString() {
- CadiException exception = new CadiException("New Exception");
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("New Exception"));
- }
-
- @Test
- public void testCadiExceptionThrowable() {
- CadiException exception = new CadiException(new Throwable("New Exception"));
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("java.lang.Throwable: New Exception"));
- }
-
- @Test
- public void testCadiExceptionStringThrowable() {
- CadiException exception = new CadiException("New Exception",new Throwable("New Exception"));
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("New Exception"));
-
- }
-
- @Test
- public void testCadiException1() {
- CadiException exception = new CadiException();
-
- assertNotNull(exception);
- }
-
- @Test
- public void testCadiExceptionString1() {
- CadiException exception = new CadiException("New Exception");
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("New Exception"));
- }
-
- @Test
- public void testCadiExceptionThrowable1() {
- CadiException exception = new CadiException(new Throwable("New Exception"));
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("java.lang.Throwable: New Exception"));
- }
-
- @Test
- public void testCadiExceptionStringThrowable1() {
- CadiException exception = new CadiException("New Exception",new Throwable("New Exception"));
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("New Exception"));
-
- }
-
- @Test
- public void testCadiException2() {
- CadiException exception = new CadiException();
-
- assertNotNull(exception);
- }
-
- @Test
- public void testCadiExceptionString2() {
- CadiException exception = new CadiException("New Exception");
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("New Exception"));
- }
-
- @Test
- public void testCadiExceptionThrowable2() {
- CadiException exception = new CadiException(new Throwable("New Exception"));
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("java.lang.Throwable: New Exception"));
- }
-
- @Test
- public void testCadiExceptionStringThrowable2() {
- CadiException exception = new CadiException("New Exception",new Throwable("New Exception"));
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("New Exception"));
-
- }
+ @Test
+ public void testCadiException() {
+ CadiException exception = new CadiException();
+
+ assertNotNull(exception);
+ }
+
+ @Test
+ public void testCadiExceptionString() {
+ CadiException exception = new CadiException("New Exception");
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("New Exception"));
+ }
+
+ @Test
+ public void testCadiExceptionThrowable() {
+ CadiException exception = new CadiException(new Throwable("New Exception"));
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("java.lang.Throwable: New Exception"));
+ }
+
+ @Test
+ public void testCadiExceptionStringThrowable() {
+ CadiException exception = new CadiException("New Exception",new Throwable("New Exception"));
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("New Exception"));
+
+ }
+
+ @Test
+ public void testCadiException1() {
+ CadiException exception = new CadiException();
+
+ assertNotNull(exception);
+ }
+
+ @Test
+ public void testCadiExceptionString1() {
+ CadiException exception = new CadiException("New Exception");
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("New Exception"));
+ }
+
+ @Test
+ public void testCadiExceptionThrowable1() {
+ CadiException exception = new CadiException(new Throwable("New Exception"));
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("java.lang.Throwable: New Exception"));
+ }
+
+ @Test
+ public void testCadiExceptionStringThrowable1() {
+ CadiException exception = new CadiException("New Exception",new Throwable("New Exception"));
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("New Exception"));
+
+ }
+
+ @Test
+ public void testCadiException2() {
+ CadiException exception = new CadiException();
+
+ assertNotNull(exception);
+ }
+
+ @Test
+ public void testCadiExceptionString2() {
+ CadiException exception = new CadiException("New Exception");
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("New Exception"));
+ }
+
+ @Test
+ public void testCadiExceptionThrowable2() {
+ CadiException exception = new CadiException(new Throwable("New Exception"));
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("java.lang.Throwable: New Exception"));
+ }
+
+ @Test
+ public void testCadiExceptionStringThrowable2() {
+ CadiException exception = new CadiException("New Exception",new Throwable("New Exception"));
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("New Exception"));
+
+ }
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiWrap.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiWrap.java
index 850dd22c..ef07fa66 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiWrap.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CadiWrap.java
@@ -51,111 +51,111 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
import org.onap.aaf.cadi.taf.TafResp;
public class JU_CadiWrap {
-
- @Mock
- private HttpServletRequest request;
-
- @Mock
- private TafResp tafResp;
-
- @Mock
- private TaggedPrincipal principle;
+
+ @Mock
+ private HttpServletRequest request;
+
+ @Mock
+ private TafResp tafResp;
+
+ @Mock
+ private TaggedPrincipal principle;
- @Mock
- private Lur lur;
+ @Mock
+ private Lur lur;
- @Before
- public void setUp() throws Exception {
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setUp() throws Exception {
+ MockitoAnnotations.initMocks(this);
- System.setOut(new PrintStream(new ByteArrayOutputStream()));
- }
+ System.setOut(new PrintStream(new ByteArrayOutputStream()));
+ }
- @After
- public void tearDown() {
- System.setOut(System.out);
- }
+ @After
+ public void tearDown() {
+ System.setOut(System.out);
+ }
- @SuppressWarnings("unchecked")
- @Test
- public void testInstantiate() throws CadiException {
- Access a = new PropAccess();
- when(tafResp.getAccess()).thenReturn(a);
-
- lur.fishAll(isA(Principal.class), (List<Permission>)isA(List.class));
-
- EpiLur lur1 = new EpiLur(lur);
-
- CadiWrap wrap = new CadiWrap(request, tafResp, lur1);
-
- assertNull(wrap.getUserPrincipal());
- assertNull(wrap.getRemoteUser());
- assertNull(wrap.getUser());
- assertEquals(wrap.getPermissions(principle).size(), 0);
- assertTrue(wrap.access() instanceof PropAccess);
-
- byte[] arr = {'1','2'};
- wrap.setCred(arr);
-
- assertEquals(arr, wrap.getCred());
-
- wrap.setUser("User1");
- assertEquals("User1", wrap.getUser());
-
- wrap.invalidate("1");
+ @SuppressWarnings("unchecked")
+ @Test
+ public void testInstantiate() throws CadiException {
+ Access a = new PropAccess();
+ when(tafResp.getAccess()).thenReturn(a);
+
+ lur.fishAll(isA(Principal.class), (List<Permission>)isA(List.class));
+
+ EpiLur lur1 = new EpiLur(lur);
+
+ CadiWrap wrap = new CadiWrap(request, tafResp, lur1);
+
+ assertNull(wrap.getUserPrincipal());
+ assertNull(wrap.getRemoteUser());
+ assertNull(wrap.getUser());
+ assertEquals(wrap.getPermissions(principle).size(), 0);
+ assertTrue(wrap.access() instanceof PropAccess);
+
+ byte[] arr = {'1','2'};
+ wrap.setCred(arr);
+
+ assertEquals(arr, wrap.getCred());
+
+ wrap.setUser("User1");
+ assertEquals("User1", wrap.getUser());
+
+ wrap.invalidate("1");
- assertFalse(wrap.isUserInRole(null));
-
- wrap.set(tafResp, lur);
-
- wrap.invalidate("2");
-
- assertFalse(wrap.isUserInRole("User1"));
- }
+ assertFalse(wrap.isUserInRole(null));
+
+ wrap.set(tafResp, lur);
+
+ wrap.invalidate("2");
+
+ assertFalse(wrap.isUserInRole("User1"));
+ }
- @Test
- public void testInstantiateWithPermConverter() throws CadiException {
- Access a = new PropAccess();
- when(tafResp.getAccess()).thenReturn(a);
- when(tafResp.getPrincipal()).thenReturn(principle);
-
- // Anonymous object for testing purposes
- CachingLur<Permission> lur1 = new CachingLur<Permission>() {
- @Override public Permission createPerm(String p) { return null; }
- @Override public boolean fish(Principal bait, Permission ... pond) { return true; }
- @Override public void fishAll(Principal bait, List<Permission> permissions) { }
- @Override public void destroy() { }
- @Override public boolean handlesExclusively(Permission ... pond) { return false; }
- @Override public boolean handles(Principal principal) { return false; }
- @Override public void remove(String user) { }
- @Override public Resp reload(User<Permission> user) { return null; }
- @Override public void setDebug(String commaDelimIDsOrNull) { }
- @Override public void clear(Principal p, StringBuilder sb) { }
- };
-
- MapPermConverter pc = new MapPermConverter();
-
- CadiWrap wrap = new CadiWrap(request, tafResp, lur1, pc);
-
- assertNotNull(wrap.getUserPrincipal());
- assertNull(wrap.getRemoteUser());
- assertNull(wrap.getUser());
-
- byte[] arr = {'1','2'};
- wrap.setCred(arr);
-
- assertEquals(arr, wrap.getCred());
-
- wrap.setUser("User1");
- assertEquals("User1", wrap.getUser());
-
- wrap.invalidate("1");
- wrap.setPermConverter(new MapPermConverter());
-
- assertTrue(wrap.getLur() instanceof CachingLur);
- assertTrue(wrap.isUserInRole("User1"));
-
- wrap.set(tafResp, lur);
- assertFalse(wrap.isUserInRole("Perm1"));
- }
+ @Test
+ public void testInstantiateWithPermConverter() throws CadiException {
+ Access a = new PropAccess();
+ when(tafResp.getAccess()).thenReturn(a);
+ when(tafResp.getPrincipal()).thenReturn(principle);
+
+ // Anonymous object for testing purposes
+ CachingLur<Permission> lur1 = new CachingLur<Permission>() {
+ @Override public Permission createPerm(String p) { return null; }
+ @Override public boolean fish(Principal bait, Permission ... pond) { return true; }
+ @Override public void fishAll(Principal bait, List<Permission> permissions) { }
+ @Override public void destroy() { }
+ @Override public boolean handlesExclusively(Permission ... pond) { return false; }
+ @Override public boolean handles(Principal principal) { return false; }
+ @Override public void remove(String user) { }
+ @Override public Resp reload(User<Permission> user) { return null; }
+ @Override public void setDebug(String commaDelimIDsOrNull) { }
+ @Override public void clear(Principal p, StringBuilder sb) { }
+ };
+
+ MapPermConverter pc = new MapPermConverter();
+
+ CadiWrap wrap = new CadiWrap(request, tafResp, lur1, pc);
+
+ assertNotNull(wrap.getUserPrincipal());
+ assertNull(wrap.getRemoteUser());
+ assertNull(wrap.getUser());
+
+ byte[] arr = {'1','2'};
+ wrap.setCred(arr);
+
+ assertEquals(arr, wrap.getCred());
+
+ wrap.setUser("User1");
+ assertEquals("User1", wrap.getUser());
+
+ wrap.invalidate("1");
+ wrap.setPermConverter(new MapPermConverter());
+
+ assertTrue(wrap.getLur() instanceof CachingLur);
+ assertTrue(wrap.isUserInRole("User1"));
+
+ wrap.set(tafResp, lur);
+ assertFalse(wrap.isUserInRole("Perm1"));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Capacitor.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Capacitor.java
index e9bceccd..ad08d159 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Capacitor.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Capacitor.java
@@ -32,22 +32,22 @@ import org.onap.aaf.cadi.Capacitor;
import java.lang.reflect.*;
public class JU_Capacitor {
- private Capacitor cap;
- public final static String TEST_DATA =
- "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
- "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" +
- "cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc" +
- "dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd" +
- "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee" +
- "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff";
-
- @Before
- public void setup() {
- cap = new Capacitor();
- }
-
- @Test
- public void singleByteTest() throws Exception {
+ private Capacitor cap;
+ public final static String TEST_DATA =
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
+ "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" +
+ "cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc" +
+ "dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd" +
+ "eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee" +
+ "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff";
+
+ @Before
+ public void setup() {
+ cap = new Capacitor();
+ }
+
+ @Test
+ public void singleByteTest() throws Exception {
assertEquals(cap.read(), -1);
cap.setForRead();
Field curr_field = Capacitor.class.getDeclaredField("curr");
@@ -57,35 +57,35 @@ public class JU_Capacitor {
assertNull(curr_field.get(cap));
assertEquals(idx_field.get(cap), 0);
- for(int iter = 0; iter < 20; ++iter) {
- for(int i = 0; i < 20; ++i) {
- cap.put((byte)('a' + i));
- }
- cap.setForRead();
- byte[] array = new byte[20];
- for(int i = 0; i < 20; ++i) {
- array[i]=(byte)cap.read();
- }
- assertEquals("abcdefghijklmnopqrst", new String(array));
- assertEquals(-1, cap.read());
-
- cap.done();
- }
-
- for(int i = 0; i < 500; i++) {
- cap.put((byte)'a');
- }
- cap.setForRead();
- byte[] array = new byte[500];
- for(int i = 0; i < 500; ++i) {
- array[i]=(byte)cap.read();
- }
+ for(int iter = 0; iter < 20; ++iter) {
+ for(int i = 0; i < 20; ++i) {
+ cap.put((byte)('a' + i));
+ }
+ cap.setForRead();
+ byte[] array = new byte[20];
+ for(int i = 0; i < 20; ++i) {
+ array[i]=(byte)cap.read();
+ }
+ assertEquals("abcdefghijklmnopqrst", new String(array));
+ assertEquals(-1, cap.read());
+
+ cap.done();
+ }
+
+ for(int i = 0; i < 500; i++) {
+ cap.put((byte)'a');
+ }
+ cap.setForRead();
+ byte[] array = new byte[500];
+ for(int i = 0; i < 500; ++i) {
+ array[i]=(byte)cap.read();
+ }
assertEquals((new String(array)).length(), 500);
- assertEquals(-1, cap.read());
- }
+ assertEquals(-1, cap.read());
+ }
- @Test
- public void availableTest() {
+ @Test
+ public void availableTest() {
assertEquals(cap.available(), 0);
for(int i = 0; i < 100; ++i) {
cap.put((byte)'a');
@@ -95,9 +95,9 @@ public class JU_Capacitor {
assertEquals(cap.available(), 156);
}
- @Test
- public void byteArrayTest() {
- byte[] arrayA = TEST_DATA.getBytes();
+ @Test
+ public void byteArrayTest() {
+ byte[] arrayA = TEST_DATA.getBytes();
assertEquals(cap.read(arrayA, 0, arrayA.length), -1);
cap.put(arrayA, 0, arrayA.length);
@@ -109,24 +109,24 @@ public class JU_Capacitor {
assertEquals(-1, cap.read());
cap.done();
- String b = "This is some content that we want to read";
- byte[] a = b.getBytes();
- byte[] c = new byte[b.length()]; // we want to use this to test reading offsets, etc
-
- for(int i = 0; i < a.length; i += 11) {
- cap.put(a, i, Math.min(11, a.length-i));
- }
- cap.reset();
- int read;
- for(int i = 0; i < c.length; i += read) {
- read = cap.read(c, i, Math.min(3, c.length-i));
- }
- assertEquals(b, new String(c));
- }
-
- @Test
- public void resetTest() throws Exception {
- cap.reset();
+ String b = "This is some content that we want to read";
+ byte[] a = b.getBytes();
+ byte[] c = new byte[b.length()]; // we want to use this to test reading offsets, etc
+
+ for(int i = 0; i < a.length; i += 11) {
+ cap.put(a, i, Math.min(11, a.length-i));
+ }
+ cap.reset();
+ int read;
+ for(int i = 0; i < c.length; i += read) {
+ read = cap.read(c, i, Math.min(3, c.length-i));
+ }
+ assertEquals(b, new String(c));
+ }
+
+ @Test
+ public void resetTest() throws Exception {
+ cap.reset();
Field curr_field = Capacitor.class.getDeclaredField("curr");
curr_field.setAccessible(true);
Field idx_field = Capacitor.class.getDeclaredField("idx");
@@ -134,22 +134,22 @@ public class JU_Capacitor {
assertNull(curr_field.get(cap));
assertEquals(idx_field.get(cap), 0);
- cap.put((byte)'a');
- cap.reset();
+ cap.put((byte)'a');
+ cap.reset();
assertNotNull(curr_field.get(cap));
assertEquals(idx_field.get(cap), 1);
- }
-
- @Test
- public void skipTest() throws Exception {
- // capacitor can't skip if nothing has been put into it
- assertEquals(cap.skip(10), 0);
- cap.put((byte)'a');
- // The Capacitor can hold 256 bytes. If we try to skip 100 bytes,
- // it should only skip 1 byte, leaving 255 remaining
- assertEquals(cap.skip(100), 255);
-
- // Skipping 200 bytes leaves 0 remaining
- assertEquals(cap.skip(200), 0);
- }
+ }
+
+ @Test
+ public void skipTest() throws Exception {
+ // capacitor can't skip if nothing has been put into it
+ assertEquals(cap.skip(10), 0);
+ cap.put((byte)'a');
+ // The Capacitor can hold 256 bytes. If we try to skip 100 bytes,
+ // it should only skip 1 byte, leaving 255 remaining
+ assertEquals(cap.skip(100), 255);
+
+ // Skipping 200 bytes leaves 0 remaining
+ assertEquals(cap.skip(200), 0);
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java
index bf4304d9..3a996df4 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java
@@ -48,226 +48,226 @@ import org.onap.aaf.cadi.Symm;
public class JU_CmdLine {
- @Mock
- private OutputStream thrower;
-
- private final ByteArrayOutputStream outContent = new ByteArrayOutputStream();
-
- private String password;
- private String keyfile;
- private String quickBrownFoxPlain = "The quick brown fox jumps over the lazy dog";
- private String quickBrownFoxMD5 = "0x9e107d9d372bb6826bd81d3542a419d6";
- private String quickBrownFoxSHA256 = "0xd7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592";
- private Symm symm;
-
- @Before
- public void setup() throws Exception {
- MockitoAnnotations.initMocks(this);
-
- System.setOut(new PrintStream(outContent));
-
- Properties p = new Properties();
- p.setProperty("force_exit", "false");
-
- CmdLine.setSystemExit(false);
- keyfile = "src/test/resources/keyfile";
- password = "password";
-
- File keyF = new File("src/test/resources", "keyfile");
- FileInputStream fis = new FileInputStream(keyF);
- try {
- symm = Symm.obtain(fis);
- } finally {
- fis.close();
- }
- }
-
- @After
- public void restoreStreams() throws IOException {
- System.setOut(System.out);
- System.setIn(System.in);
- }
-
- @Test
- public void digestTest() throws Exception {
- CmdLine.main(new String[]{"digest", password, keyfile});
- String decrypted = symm.depass(outContent.toString());
- assertThat(decrypted, is(password));
-
- System.setIn(new ByteArrayInputStream(password.getBytes()));
- CmdLine.main(new String[]{"digest", "-i", keyfile});
- decrypted = symm.depass(outContent.toString());
- assertThat(decrypted, is(password));
- }
-
- @Test
- public void encode64Test() throws Exception {
- CmdLine.main(new String[]{"encode64", password});
- String decrypted = Symm.base64.decode(outContent.toString());
- assertThat(decrypted, is(password));
- }
-
- @Test
- public void decode64Test() throws Exception {
- String encrypted = Symm.base64.encode(password);
- CmdLine.main(new String[]{"decode64", encrypted});
- assertThat(outContent.toString(), is(password + System.lineSeparator()));
- }
-
- @Test
- public void encode64urlTest() throws Exception {
- CmdLine.main(new String[]{"encode64url", password});
- String decrypted = Symm.base64url.decode(outContent.toString());
- assertThat(decrypted, is(password));
- }
-
- @Test
- public void decode64urlTest() throws Exception {
- String encrypted = Symm.base64url.encode(password);
- CmdLine.main(new String[]{"decode64url", encrypted});
- assertThat(outContent.toString(), is(password + System.lineSeparator()));
- }
-
- @Test
- public void md5Test() throws Exception {
- CmdLine.main(new String[]{"md5", quickBrownFoxPlain});
- assertThat(outContent.toString(), is(quickBrownFoxMD5 + System.lineSeparator()));
- }
-
- @Test
- public void sha256Test() throws Exception {
- CmdLine.main(new String[]{"sha256", quickBrownFoxPlain});
- assertThat(outContent.toString(), is(quickBrownFoxSHA256 + System.lineSeparator()));
-
- outContent.reset();
- CmdLine.main(new String[]{"sha256", quickBrownFoxPlain, "10"});
- String hash1 = outContent.toString();
-
- outContent.reset();
- CmdLine.main(new String[]{"sha256", quickBrownFoxPlain, "10"});
- String hash2 = outContent.toString();
-
- outContent.reset();
- CmdLine.main(new String[]{"sha256", quickBrownFoxPlain, "11"});
- String hash3 = outContent.toString();
-
- assertThat(hash1, is(hash2));
- assertThat(hash1, is(not(hash3)));
- }
-
- @Test
- public void keygenTest() throws Exception {
- CmdLine.main(new String[]{"keygen"});
- assertThat(outContent.toString().length(), is(2074));
-
- String filePath = "test/output_key";
- File testDir = new File("test");
- if(!testDir.exists()) {
- testDir.mkdirs();
- }
- CmdLine.main(new String[]{"keygen", filePath});
- File keyfile = new File(filePath);
- assertTrue(Files.isReadable(Paths.get(filePath)));
- assertFalse(Files.isWritable(Paths.get(filePath)));
- //assertFalse(Files.isExecutable(Paths.get(filePath)));
- keyfile.delete();
- }
-
- @Test
- public void passgenTest() throws Exception {
- CmdLine.main(new String[]{"passgen"});
- String output = outContent.toString().trim();
- assertThat(output.length(), is(24));
- assertTrue(containsAny(output, "+!@#$%^&*(){}[]?:;,."));
- assertTrue(containsAny(output, "ABCDEFGHIJKLMNOPQRSTUVWXYZ"));
- assertTrue(containsAny(output, "abcdefghijklmnopqrstuvwxyz"));
- assertTrue(containsAny(output, "0123456789"));
-
- int length = 10;
- outContent.reset();
- CmdLine.main(new String[]{"passgen", String.valueOf(length)});
- output = outContent.toString().trim();
- assertThat(output.length(), is(length));
-
- length = 5;
- outContent.reset();
- CmdLine.main(new String[]{"passgen", String.valueOf(length)});
- output = outContent.toString().trim();
- assertThat(output.length(), is(8));
-
- // Check that the custom hasRepeats method works
- assertTrue(hasRepeats("aa"));
- assertTrue(hasRepeats("baa"));
- assertTrue(hasRepeats("aab"));
- assertTrue(hasRepeats("baab"));
- assertFalse(hasRepeats("abc"));
- assertFalse(hasRepeats("aba"));
-
- // Run this a bunch of times for coverage
- for (int i = 0; i < 1000; i++) {
- outContent.reset();
- CmdLine.main(new String[]{"passgen"});
- output = outContent.toString().trim();
- assertFalse(hasRepeats(output));
- }
- }
-
- @Test
- public void urlgenTest() throws Exception {
- CmdLine.main(new String[]{"urlgen"});
- String output = outContent.toString().trim();
- assertThat(output.length(), is(24));
-
- int length = 5;
- outContent.reset();
- CmdLine.main(new String[]{"urlgen", String.valueOf(length)});
- output = outContent.toString().trim();
- assertThat(output.length(), is(5));
- }
-
- @Test
- public void showHelpTest() {
- String lineSeparator = System.lineSeparator();
- String expected =
- "Usage: java -jar <this jar> ..." + lineSeparator +
- " keygen [<keyfile>] (Generates Key on file, or Std Out)" + lineSeparator +
- " digest [<passwd>|-i|] <keyfile> (Encrypts Password with \"keyfile\"" + lineSeparator +
- " if passwd = -i, will read StdIn" + lineSeparator +
- " if passwd is blank, will ask securely)" + lineSeparator +
- " passgen <digits> (Generate Password of given size)" + lineSeparator +
- " urlgen <digits> (Generate URL field of given size)" + lineSeparator +
- " encode64 <your text> (Encodes to Base64)" + lineSeparator +
- " decode64 <base64 encoded text> (Decodes from Base64)" + lineSeparator +
- " encode64url <your text> (Encodes to Base64 URL charset)" + lineSeparator +
- " decode64url <base64url encoded text> (Decodes from Base64 URL charset)" + lineSeparator +
- " sha256 <text> <salts(s)> (Digest String into SHA256 Hash)" + lineSeparator +
- " md5 <text> (Digest String into MD5 Hash)" + lineSeparator;
-
- CmdLine.main(new String[]{});
-
- assertThat(outContent.toString(), is(expected));
- }
-
- private boolean containsAny(String str, String searchChars) {
- for (char c : searchChars.toCharArray()) {
- if (str.indexOf(c) >= 0) {
- return true;
- }
- }
- return false;
- }
-
- private boolean hasRepeats(String str) {
- int c = -1;
- int last;
- for (int i = 0; i < str.length(); i++) {
- last = c;
- c = str.charAt(i);
- if (c == last) {
- return true;
- }
- }
- return false;
- }
+ @Mock
+ private OutputStream thrower;
+
+ private final ByteArrayOutputStream outContent = new ByteArrayOutputStream();
+
+ private String password;
+ private String keyfile;
+ private String quickBrownFoxPlain = "The quick brown fox jumps over the lazy dog";
+ private String quickBrownFoxMD5 = "0x9e107d9d372bb6826bd81d3542a419d6";
+ private String quickBrownFoxSHA256 = "0xd7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592";
+ private Symm symm;
+
+ @Before
+ public void setup() throws Exception {
+ MockitoAnnotations.initMocks(this);
+
+ System.setOut(new PrintStream(outContent));
+
+ Properties p = new Properties();
+ p.setProperty("force_exit", "false");
+
+ CmdLine.setSystemExit(false);
+ keyfile = "src/test/resources/keyfile";
+ password = "password";
+
+ File keyF = new File("src/test/resources", "keyfile");
+ FileInputStream fis = new FileInputStream(keyF);
+ try {
+ symm = Symm.obtain(fis);
+ } finally {
+ fis.close();
+ }
+ }
+
+ @After
+ public void restoreStreams() throws IOException {
+ System.setOut(System.out);
+ System.setIn(System.in);
+ }
+
+ @Test
+ public void digestTest() throws Exception {
+ CmdLine.main(new String[]{"digest", password, keyfile});
+ String decrypted = symm.depass(outContent.toString());
+ assertThat(decrypted, is(password));
+
+ System.setIn(new ByteArrayInputStream(password.getBytes()));
+ CmdLine.main(new String[]{"digest", "-i", keyfile});
+ decrypted = symm.depass(outContent.toString());
+ assertThat(decrypted, is(password));
+ }
+
+ @Test
+ public void encode64Test() throws Exception {
+ CmdLine.main(new String[]{"encode64", password});
+ String decrypted = Symm.base64.decode(outContent.toString());
+ assertThat(decrypted, is(password));
+ }
+
+ @Test
+ public void decode64Test() throws Exception {
+ String encrypted = Symm.base64.encode(password);
+ CmdLine.main(new String[]{"decode64", encrypted});
+ assertThat(outContent.toString(), is(password + System.lineSeparator()));
+ }
+
+ @Test
+ public void encode64urlTest() throws Exception {
+ CmdLine.main(new String[]{"encode64url", password});
+ String decrypted = Symm.base64url.decode(outContent.toString());
+ assertThat(decrypted, is(password));
+ }
+
+ @Test
+ public void decode64urlTest() throws Exception {
+ String encrypted = Symm.base64url.encode(password);
+ CmdLine.main(new String[]{"decode64url", encrypted});
+ assertThat(outContent.toString(), is(password + System.lineSeparator()));
+ }
+
+ @Test
+ public void md5Test() throws Exception {
+ CmdLine.main(new String[]{"md5", quickBrownFoxPlain});
+ assertThat(outContent.toString(), is(quickBrownFoxMD5 + System.lineSeparator()));
+ }
+
+ @Test
+ public void sha256Test() throws Exception {
+ CmdLine.main(new String[]{"sha256", quickBrownFoxPlain});
+ assertThat(outContent.toString(), is(quickBrownFoxSHA256 + System.lineSeparator()));
+
+ outContent.reset();
+ CmdLine.main(new String[]{"sha256", quickBrownFoxPlain, "10"});
+ String hash1 = outContent.toString();
+
+ outContent.reset();
+ CmdLine.main(new String[]{"sha256", quickBrownFoxPlain, "10"});
+ String hash2 = outContent.toString();
+
+ outContent.reset();
+ CmdLine.main(new String[]{"sha256", quickBrownFoxPlain, "11"});
+ String hash3 = outContent.toString();
+
+ assertThat(hash1, is(hash2));
+ assertThat(hash1, is(not(hash3)));
+ }
+
+ @Test
+ public void keygenTest() throws Exception {
+ CmdLine.main(new String[]{"keygen"});
+ assertThat(outContent.toString().length(), is(2074));
+
+ String filePath = "test/output_key";
+ File testDir = new File("test");
+ if(!testDir.exists()) {
+ testDir.mkdirs();
+ }
+ CmdLine.main(new String[]{"keygen", filePath});
+ File keyfile = new File(filePath);
+ assertTrue(Files.isReadable(Paths.get(filePath)));
+ assertFalse(Files.isWritable(Paths.get(filePath)));
+ //assertFalse(Files.isExecutable(Paths.get(filePath)));
+ keyfile.delete();
+ }
+
+ @Test
+ public void passgenTest() throws Exception {
+ CmdLine.main(new String[]{"passgen"});
+ String output = outContent.toString().trim();
+ assertThat(output.length(), is(24));
+ assertTrue(containsAny(output, "+!@#$%^&*(){}[]?:;,."));
+ assertTrue(containsAny(output, "ABCDEFGHIJKLMNOPQRSTUVWXYZ"));
+ assertTrue(containsAny(output, "abcdefghijklmnopqrstuvwxyz"));
+ assertTrue(containsAny(output, "0123456789"));
+
+ int length = 10;
+ outContent.reset();
+ CmdLine.main(new String[]{"passgen", String.valueOf(length)});
+ output = outContent.toString().trim();
+ assertThat(output.length(), is(length));
+
+ length = 5;
+ outContent.reset();
+ CmdLine.main(new String[]{"passgen", String.valueOf(length)});
+ output = outContent.toString().trim();
+ assertThat(output.length(), is(8));
+
+ // Check that the custom hasRepeats method works
+ assertTrue(hasRepeats("aa"));
+ assertTrue(hasRepeats("baa"));
+ assertTrue(hasRepeats("aab"));
+ assertTrue(hasRepeats("baab"));
+ assertFalse(hasRepeats("abc"));
+ assertFalse(hasRepeats("aba"));
+
+ // Run this a bunch of times for coverage
+ for (int i = 0; i < 1000; i++) {
+ outContent.reset();
+ CmdLine.main(new String[]{"passgen"});
+ output = outContent.toString().trim();
+ assertFalse(hasRepeats(output));
+ }
+ }
+
+ @Test
+ public void urlgenTest() throws Exception {
+ CmdLine.main(new String[]{"urlgen"});
+ String output = outContent.toString().trim();
+ assertThat(output.length(), is(24));
+
+ int length = 5;
+ outContent.reset();
+ CmdLine.main(new String[]{"urlgen", String.valueOf(length)});
+ output = outContent.toString().trim();
+ assertThat(output.length(), is(5));
+ }
+
+ @Test
+ public void showHelpTest() {
+ String lineSeparator = System.lineSeparator();
+ String expected =
+ "Usage: java -jar <this jar> ..." + lineSeparator +
+ " keygen [<keyfile>] (Generates Key on file, or Std Out)" + lineSeparator +
+ " digest [<passwd>|-i|] <keyfile> (Encrypts Password with \"keyfile\"" + lineSeparator +
+ " if passwd = -i, will read StdIn" + lineSeparator +
+ " if passwd is blank, will ask securely)" + lineSeparator +
+ " passgen <digits> (Generate Password of given size)" + lineSeparator +
+ " urlgen <digits> (Generate URL field of given size)" + lineSeparator +
+ " encode64 <your text> (Encodes to Base64)" + lineSeparator +
+ " decode64 <base64 encoded text> (Decodes from Base64)" + lineSeparator +
+ " encode64url <your text> (Encodes to Base64 URL charset)" + lineSeparator +
+ " decode64url <base64url encoded text> (Decodes from Base64 URL charset)" + lineSeparator +
+ " sha256 <text> <salts(s)> (Digest String into SHA256 Hash)" + lineSeparator +
+ " md5 <text> (Digest String into MD5 Hash)" + lineSeparator;
+
+ CmdLine.main(new String[]{});
+
+ assertThat(outContent.toString(), is(expected));
+ }
+
+ private boolean containsAny(String str, String searchChars) {
+ for (char c : searchChars.toCharArray()) {
+ if (str.indexOf(c) >= 0) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ private boolean hasRepeats(String str) {
+ int c = -1;
+ int last;
+ for (int i = 0; i < str.length(); i++) {
+ last = c;
+ c = str.charAt(i);
+ if (c == last) {
+ return true;
+ }
+ }
+ return false;
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java
index f5c4d872..343dd22a 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Hash.java
@@ -32,156 +32,156 @@ import org.junit.BeforeClass;
import static org.hamcrest.CoreMatchers.*;
public class JU_Hash {
- // Some common test vectors
- private String quickBrownFoxVector = "The quick brown fox jumps over the lazy dog";
- private String quickBrownFoxMD5 = "0x9e107d9d372bb6826bd81d3542a419d6";
- private String quickBrownFoxSHA256 = "0xd7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592";
-
- private String emptyVector = "";
- private String emptyMD5 = "0xd41d8cd98f00b204e9800998ecf8427e";
- private String emptySHA256 = "0xe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
-
-
- private byte[] same1 = "this is a twin".getBytes();
- private byte[] same2 = "this is a twin".getBytes();
- private byte[] different1 = "guvf vf n gjva".getBytes();
- private byte[] different2 = "this is an only child".getBytes();
-
-
- private String uppersDec = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
- private String uppersHex1 = "0x4142434445464748494A4B4C4D4E4F505152535455565758595A";
- private String uppersHex2 = "0x4142434445464748494a4b4c4d4e4f505152535455565758595a";
- private String uppersHexNo0x1 = "4142434445464748494a4b4c4d4e4f505152535455565758595a";
- private String uppersHexNo0x2 = "4142434445464748494A4B4C4D4E4F505152535455565758595A";
-
- private String lowersDec = "abcdefghijklmnopqrstuvwxyz";
- private String lowersHex = "0x6162636465666768696a6b6c6d6e6f707172737475767778797a";
- private String lowersHexNo0x1 = "6162636465666768696a6b6c6d6e6f707172737475767778797a";
- private String lowersHexNo0x2 = "6162636465666768696A6B6C6D6E6F707172737475767778797A";
-
- private String numbersDec = "1234567890";
- private String numbersHex = "0x31323334353637383930";
- private String numbersHexNo0x = "31323334353637383930";
-
- @SuppressWarnings("unused")
- @BeforeClass
- public static void getCoverage() {
- // All of this class's methods are static, so we never need to instantiate an object.
- // That said, we can't get 100% coverage unless we instantiate one
- Hash hash = new Hash();
- }
+ // Some common test vectors
+ private String quickBrownFoxVector = "The quick brown fox jumps over the lazy dog";
+ private String quickBrownFoxMD5 = "0x9e107d9d372bb6826bd81d3542a419d6";
+ private String quickBrownFoxSHA256 = "0xd7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592";
+
+ private String emptyVector = "";
+ private String emptyMD5 = "0xd41d8cd98f00b204e9800998ecf8427e";
+ private String emptySHA256 = "0xe3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
+
+
+ private byte[] same1 = "this is a twin".getBytes();
+ private byte[] same2 = "this is a twin".getBytes();
+ private byte[] different1 = "guvf vf n gjva".getBytes();
+ private byte[] different2 = "this is an only child".getBytes();
+
+
+ private String uppersDec = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+ private String uppersHex1 = "0x4142434445464748494A4B4C4D4E4F505152535455565758595A";
+ private String uppersHex2 = "0x4142434445464748494a4b4c4d4e4f505152535455565758595a";
+ private String uppersHexNo0x1 = "4142434445464748494a4b4c4d4e4f505152535455565758595a";
+ private String uppersHexNo0x2 = "4142434445464748494A4B4C4D4E4F505152535455565758595A";
+
+ private String lowersDec = "abcdefghijklmnopqrstuvwxyz";
+ private String lowersHex = "0x6162636465666768696a6b6c6d6e6f707172737475767778797a";
+ private String lowersHexNo0x1 = "6162636465666768696a6b6c6d6e6f707172737475767778797a";
+ private String lowersHexNo0x2 = "6162636465666768696A6B6C6D6E6F707172737475767778797A";
+
+ private String numbersDec = "1234567890";
+ private String numbersHex = "0x31323334353637383930";
+ private String numbersHexNo0x = "31323334353637383930";
+
+ @SuppressWarnings("unused")
+ @BeforeClass
+ public static void getCoverage() {
+ // All of this class's methods are static, so we never need to instantiate an object.
+ // That said, we can't get 100% coverage unless we instantiate one
+ Hash hash = new Hash();
+ }
@Test
public void hashMD5Test() throws Exception {
byte[] output = Hash.hashMD5(quickBrownFoxVector.getBytes());
- assertEquals(quickBrownFoxMD5, new String(Hash.toHex(output)));
+ assertEquals(quickBrownFoxMD5, new String(Hash.toHex(output)));
output = Hash.hashMD5(emptyVector.getBytes());
- assertEquals(emptyMD5, new String(Hash.toHex(output)));
+ assertEquals(emptyMD5, new String(Hash.toHex(output)));
}
@Test
public void hashMD5WithOffsetTest() throws Exception {
byte[] output = Hash.hashMD5(quickBrownFoxVector.getBytes(), 0, quickBrownFoxVector.length());
- assertEquals(quickBrownFoxMD5, new String(Hash.toHex(output)));
+ assertEquals(quickBrownFoxMD5, new String(Hash.toHex(output)));
output = Hash.hashMD5(emptyVector.getBytes(), 0, emptyVector.length());
- assertEquals(emptyMD5, new String(Hash.toHex(output)));
+ assertEquals(emptyMD5, new String(Hash.toHex(output)));
}
@Test
public void hashMD5AsStringHexTest() throws Exception {
String output = Hash.hashMD5asStringHex(quickBrownFoxVector);
- assertEquals(quickBrownFoxMD5, output);
+ assertEquals(quickBrownFoxMD5, output);
output = Hash.hashMD5asStringHex(emptyVector);
- assertEquals(emptyMD5, output);
+ assertEquals(emptyMD5, output);
}
@Test
public void hashSHA256Test() throws Exception {
byte[] output = Hash.hashSHA256(quickBrownFoxVector.getBytes());
- assertEquals(quickBrownFoxSHA256, new String(Hash.toHex(output)));
+ assertEquals(quickBrownFoxSHA256, new String(Hash.toHex(output)));
output = Hash.hashSHA256(emptyVector.getBytes());
- assertEquals(emptySHA256, new String(Hash.toHex(output)));
+ assertEquals(emptySHA256, new String(Hash.toHex(output)));
}
@Test
public void hashSHA256WithOffsetTest() throws Exception {
byte[] output = Hash.hashSHA256(quickBrownFoxVector.getBytes(), 0, quickBrownFoxVector.length());
- assertEquals(quickBrownFoxSHA256, new String(Hash.toHex(output)));
+ assertEquals(quickBrownFoxSHA256, new String(Hash.toHex(output)));
output = Hash.hashSHA256(emptyVector.getBytes(), 0, emptyVector.length());
- assertEquals(emptySHA256, new String(Hash.toHex(output)));
+ assertEquals(emptySHA256, new String(Hash.toHex(output)));
}
@Test
public void hashSHA256AsStringHexTest() throws Exception {
String output = Hash.hashSHA256asStringHex(quickBrownFoxVector);
- assertEquals(quickBrownFoxSHA256, output);
+ assertEquals(quickBrownFoxSHA256, output);
output = Hash.hashSHA256asStringHex(emptyVector);
- assertEquals(emptySHA256, output);
+ assertEquals(emptySHA256, output);
}
@Test
public void hashSaltySHA256AsStringHexTest() throws Exception {
- String input = "password";
- String hash1 = Hash.hashSHA256asStringHex(input, 10);
- String hash2 = Hash.hashSHA256asStringHex(input, 10);
- String hash3 = Hash.hashSHA256asStringHex(input, 11);
+ String input = "password";
+ String hash1 = Hash.hashSHA256asStringHex(input, 10);
+ String hash2 = Hash.hashSHA256asStringHex(input, 10);
+ String hash3 = Hash.hashSHA256asStringHex(input, 11);
- assertEquals(hash1, hash2);
- assertThat(hash1, not(equalTo(hash3)));
+ assertEquals(hash1, hash2);
+ assertThat(hash1, not(equalTo(hash3)));
}
- @Test
- public void isEqualTest() throws Exception {
- assertTrue(Hash.isEqual(same1, same2));
- assertFalse(Hash.isEqual(same1, different1));
- assertFalse(Hash.isEqual(same1, different2));
- }
-
- @Test
- public void compareToTest() throws Exception {
- assertEquals(0, Hash.compareTo(same1, same2));
- // different1 is rot13(same1), so the difference should be 13
- assertEquals(13, Hash.compareTo(same1, different1));
- assertEquals(-78, Hash.compareTo(same1, different2));
- }
-
- @Test
- public void toHexNo0xTest() throws Exception {
- assertEquals(uppersHexNo0x1, Hash.toHexNo0x(uppersDec.getBytes()));
- assertEquals(lowersHexNo0x1, Hash.toHexNo0x(lowersDec.getBytes()));
- assertEquals(numbersHexNo0x, Hash.toHexNo0x(numbersDec.getBytes()));
- }
-
- @Test
- public void toHexTest() throws Exception {
- assertEquals(uppersHex2, Hash.toHex(uppersDec.getBytes()));
- assertEquals(lowersHex, Hash.toHex(lowersDec.getBytes()));
- assertEquals(numbersHex, Hash.toHex(numbersDec.getBytes()));
- }
+ @Test
+ public void isEqualTest() throws Exception {
+ assertTrue(Hash.isEqual(same1, same2));
+ assertFalse(Hash.isEqual(same1, different1));
+ assertFalse(Hash.isEqual(same1, different2));
+ }
+
+ @Test
+ public void compareToTest() throws Exception {
+ assertEquals(0, Hash.compareTo(same1, same2));
+ // different1 is rot13(same1), so the difference should be 13
+ assertEquals(13, Hash.compareTo(same1, different1));
+ assertEquals(-78, Hash.compareTo(same1, different2));
+ }
+
+ @Test
+ public void toHexNo0xTest() throws Exception {
+ assertEquals(uppersHexNo0x1, Hash.toHexNo0x(uppersDec.getBytes()));
+ assertEquals(lowersHexNo0x1, Hash.toHexNo0x(lowersDec.getBytes()));
+ assertEquals(numbersHexNo0x, Hash.toHexNo0x(numbersDec.getBytes()));
+ }
+
+ @Test
+ public void toHexTest() throws Exception {
+ assertEquals(uppersHex2, Hash.toHex(uppersDec.getBytes()));
+ assertEquals(lowersHex, Hash.toHex(lowersDec.getBytes()));
+ assertEquals(numbersHex, Hash.toHex(numbersDec.getBytes()));
+ }
@Test
public void toHexWithOffset() throws Exception {
- assertEquals(uppersHex2, Hash.toHex(uppersDec.getBytes(), 0, uppersDec.length()));
- assertEquals(lowersHex, Hash.toHex(lowersDec.getBytes(), 0, lowersDec.length()));
- assertEquals(numbersHex, Hash.toHex(numbersDec.getBytes(), 0, numbersDec.length()));
+ assertEquals(uppersHex2, Hash.toHex(uppersDec.getBytes(), 0, uppersDec.length()));
+ assertEquals(lowersHex, Hash.toHex(lowersDec.getBytes(), 0, lowersDec.length()));
+ assertEquals(numbersHex, Hash.toHex(numbersDec.getBytes(), 0, numbersDec.length()));
}
- @Test
- public void fromHexTest() throws Exception {
- assertEquals(uppersDec, new String(Hash.fromHex(uppersHex1)));
- assertEquals(lowersDec, new String(Hash.fromHex(lowersHex)));
- assertEquals(numbersDec, new String(Hash.fromHex(numbersHex)));
+ @Test
+ public void fromHexTest() throws Exception {
+ assertEquals(uppersDec, new String(Hash.fromHex(uppersHex1)));
+ assertEquals(lowersDec, new String(Hash.fromHex(lowersHex)));
+ assertEquals(numbersDec, new String(Hash.fromHex(numbersHex)));
try {
// This string doesn't begin with "0x"
Hash.fromHex("0X65");
- fail("Should have thrown CadiException");
+ fail("Should have thrown CadiException");
} catch (CadiException e) {
assertEquals("HexString must start with \"0x\"", e.getMessage());
}
@@ -189,22 +189,22 @@ public class JU_Hash {
try {
// This string has invalid hex characters
Hash.fromHex("0xQ");
- fail("Should have thrown CadiException");
+ fail("Should have thrown CadiException");
} catch (CadiException e) {
// 81 is dec(Q)
assertEquals("Invalid char '81' in HexString", e.getMessage());
}
- }
-
- @Test
- public void fromHexNo0xTest() throws Exception {
- assertEquals(uppersDec, new String(Hash.fromHexNo0x(uppersHexNo0x1)));
- assertEquals(lowersDec, new String(Hash.fromHexNo0x(lowersHexNo0x1)));
- assertEquals(uppersDec, new String(Hash.fromHexNo0x(uppersHexNo0x2)));
- assertEquals(lowersDec, new String(Hash.fromHexNo0x(lowersHexNo0x2)));
- assertEquals(numbersDec, new String(Hash.fromHexNo0x(numbersHexNo0x)));
- byte[] output = Hash.fromHexNo0x("ABC");
- assertEquals(new String(new byte[] {(byte)0x0A, (byte)0xB0}), new String(output));
- assertNull(Hash.fromHexNo0x("~~"));
- }
+ }
+
+ @Test
+ public void fromHexNo0xTest() throws Exception {
+ assertEquals(uppersDec, new String(Hash.fromHexNo0x(uppersHexNo0x1)));
+ assertEquals(lowersDec, new String(Hash.fromHexNo0x(lowersHexNo0x1)));
+ assertEquals(uppersDec, new String(Hash.fromHexNo0x(uppersHexNo0x2)));
+ assertEquals(lowersDec, new String(Hash.fromHexNo0x(lowersHexNo0x2)));
+ assertEquals(numbersDec, new String(Hash.fromHexNo0x(numbersHexNo0x)));
+ byte[] output = Hash.fromHexNo0x("ABC");
+ assertEquals(new String(new byte[] {(byte)0x0A, (byte)0xB0}), new String(output));
+ assertNull(Hash.fromHexNo0x("~~"));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_LocatorException.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_LocatorException.java
index 96cf8e51..ef354438 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_LocatorException.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_LocatorException.java
@@ -29,32 +29,32 @@ import org.onap.aaf.cadi.LocatorException;
import static org.hamcrest.CoreMatchers.is;
public class JU_LocatorException {
- @Test
- public void stringTest() {
- LocatorException exception = new LocatorException("New Exception");
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("New Exception"));
- }
+ @Test
+ public void stringTest() {
+ LocatorException exception = new LocatorException("New Exception");
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("New Exception"));
+ }
- @Test
- public void throwableTest() {
- LocatorException exception = new LocatorException(new Throwable("New Exception"));
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("java.lang.Throwable: New Exception"));
- }
+ @Test
+ public void throwableTest() {
+ LocatorException exception = new LocatorException(new Throwable("New Exception"));
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("java.lang.Throwable: New Exception"));
+ }
- @Test
- public void stringThrowableTest() {
- LocatorException exception = new LocatorException("New Exception",new Throwable("New Exception"));
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("New Exception"));
- }
+ @Test
+ public void stringThrowableTest() {
+ LocatorException exception = new LocatorException("New Exception",new Throwable("New Exception"));
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("New Exception"));
+ }
- @Test
- public void characterSequenceTest() {
- CharSequence testCS = new String("New Exception");
- LocatorException exception = new LocatorException(testCS);
- assertNotNull(exception);
- assertThat(exception.getMessage(), is("New Exception"));
- }
+ @Test
+ public void characterSequenceTest() {
+ CharSequence testCS = new String("New Exception");
+ LocatorException exception = new LocatorException(testCS);
+ assertNotNull(exception);
+ assertThat(exception.getMessage(), is("New Exception"));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_PropAccess.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_PropAccess.java
index 7b5da6c1..eb5d32c6 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_PropAccess.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_PropAccess.java
@@ -38,114 +38,114 @@ import java.util.Properties;
@SuppressWarnings("unused")
public class JU_PropAccess {
- // Note: We can't actually get coverage of the protected constructor -
- // that will be done later, when testing the child class "ServletContextAccess"
-
-
- @Test
- public void ConstructorTest() throws Exception {
- PropAccess prop = new PropAccess();
- assertThat(prop.getProperties(), is(not(nullValue())));
- }
-
- @Test
- public void noPrintStreamConstructionTest() throws Exception {
- // Test for coverage
- PropAccess prop = new PropAccess((PrintStream)null, new String[]{"Invalid argument"});
- }
-
- @Test
- public void noLogItConstructionTest() throws Exception {
- // Test for coverage
- PropAccess prop = new PropAccess((LogIt)null, new String[]{"Invalid argument"});
- }
-
- @Test
- public void propertiesConstructionTest() throws Exception {
- // Coverage tests
- PropAccess prop = new PropAccess(System.getProperties());
- prop = new PropAccess((PrintStream)null, System.getProperties());
- }
-
- @Test
- public void stringConstructionTest() throws Exception {
- Properties testSystemProps = new Properties(System.getProperties());
- testSystemProps.setProperty("cadi_name", "user");
- System.setProperties(testSystemProps);
- PropAccess prop = new PropAccess("cadi_keyfile=src/test/resources/keyfile", "cadi_loglevel=DEBUG", "cadi_prop_files=test/cadi.properties:not_a_file");
- }
-
- @Test
- public void loadTest() throws Exception {
- // Coverage tests
- Properties props = mock(Properties.class);
- when(props.getProperty("cadi_prop_files")).thenReturn("test/cadi.properties").thenReturn(null);
- PropAccess pa = new PropAccess();
- Field props_field = PropAccess.class.getDeclaredField("props");
- props_field.setAccessible(true);
- props_field.set(pa, props);
- ByteArrayInputStream bais = new ByteArrayInputStream(new byte[0]);
- pa.load(bais);
- }
-
- @Test
- public void specialConversionsTest() throws Exception {
- // Coverage tests
- Properties testSystemProps = new Properties(System.getProperties());
- testSystemProps.setProperty("java.specification.version", "1.7");
- System.setProperties(testSystemProps);
- PropAccess pa = new PropAccess("AFT_LATITUDE=1", "AFT_LONGITUDE=1", "cadi_protocols=TLSv1.2");
- }
-
- @Test
- public void logTest() throws Exception {
- // Coverage tests
- PropAccess pa = new PropAccess();
-
- pa.log(Level.DEBUG);
- pa.printf(Level.DEBUG, "not a real format string");
-
- pa.setLogLevel(Level.DEBUG);
- pa.log(Level.DEBUG);
- pa.log(Level.DEBUG, 1, " ", null, "");
- pa.log(Level.DEBUG, "This is a string", "This is another");
- pa.set(new LogIt() {
- @Override public void push(Level level, Object ... elements) {}
- });
- try {
- pa.log(new Exception("This exception was thrown intentionally, please ignore it"));
- } catch(Exception e) {
- fail("Should have thrown an exception");
- }
- }
-
- @Test
- public void classLoaderTest() {
- PropAccess pa = new PropAccess();
- assertThat(pa.classLoader(), instanceOf(ClassLoader.class));
- }
-
- @Test
- public void encryptionTest() throws Exception {
- PropAccess pa = new PropAccess();
- String plainText = "This is a secret message";
- String secret_message = pa.encrypt(plainText);
- String modified = secret_message.substring(4);
- // Plenty of assertions to hit all branches
- assertThat(pa.decrypt(secret_message, false), is(plainText));
- assertThat(pa.decrypt(null, false), is(nullValue()));
- assertThat(pa.decrypt(modified, true), is(plainText));
- assertThat(pa.decrypt(modified, false), is(modified));
- }
-
- @Test
- public void setPropertyTest() {
- PropAccess pa = new PropAccess();
- pa.setProperty("test", null);
- String prop = "New Property";
- String val ="And it's faithful value";
- pa.setProperty(prop, val);
-
- assertThat(pa.getProperty(prop), is(val));
- }
+ // Note: We can't actually get coverage of the protected constructor -
+ // that will be done later, when testing the child class "ServletContextAccess"
+
+
+ @Test
+ public void ConstructorTest() throws Exception {
+ PropAccess prop = new PropAccess();
+ assertThat(prop.getProperties(), is(not(nullValue())));
+ }
+
+ @Test
+ public void noPrintStreamConstructionTest() throws Exception {
+ // Test for coverage
+ PropAccess prop = new PropAccess((PrintStream)null, new String[]{"Invalid argument"});
+ }
+
+ @Test
+ public void noLogItConstructionTest() throws Exception {
+ // Test for coverage
+ PropAccess prop = new PropAccess((LogIt)null, new String[]{"Invalid argument"});
+ }
+
+ @Test
+ public void propertiesConstructionTest() throws Exception {
+ // Coverage tests
+ PropAccess prop = new PropAccess(System.getProperties());
+ prop = new PropAccess((PrintStream)null, System.getProperties());
+ }
+
+ @Test
+ public void stringConstructionTest() throws Exception {
+ Properties testSystemProps = new Properties(System.getProperties());
+ testSystemProps.setProperty("cadi_name", "user");
+ System.setProperties(testSystemProps);
+ PropAccess prop = new PropAccess("cadi_keyfile=src/test/resources/keyfile", "cadi_loglevel=DEBUG", "cadi_prop_files=test/cadi.properties:not_a_file");
+ }
+
+ @Test
+ public void loadTest() throws Exception {
+ // Coverage tests
+ Properties props = mock(Properties.class);
+ when(props.getProperty("cadi_prop_files")).thenReturn("test/cadi.properties").thenReturn(null);
+ PropAccess pa = new PropAccess();
+ Field props_field = PropAccess.class.getDeclaredField("props");
+ props_field.setAccessible(true);
+ props_field.set(pa, props);
+ ByteArrayInputStream bais = new ByteArrayInputStream(new byte[0]);
+ pa.load(bais);
+ }
+
+ @Test
+ public void specialConversionsTest() throws Exception {
+ // Coverage tests
+ Properties testSystemProps = new Properties(System.getProperties());
+ testSystemProps.setProperty("java.specification.version", "1.7");
+ System.setProperties(testSystemProps);
+ PropAccess pa = new PropAccess("AFT_LATITUDE=1", "AFT_LONGITUDE=1", "cadi_protocols=TLSv1.2");
+ }
+
+ @Test
+ public void logTest() throws Exception {
+ // Coverage tests
+ PropAccess pa = new PropAccess();
+
+ pa.log(Level.DEBUG);
+ pa.printf(Level.DEBUG, "not a real format string");
+
+ pa.setLogLevel(Level.DEBUG);
+ pa.log(Level.DEBUG);
+ pa.log(Level.DEBUG, 1, " ", null, "");
+ pa.log(Level.DEBUG, "This is a string", "This is another");
+ pa.set(new LogIt() {
+ @Override public void push(Level level, Object ... elements) {}
+ });
+ try {
+ pa.log(new Exception("This exception was thrown intentionally, please ignore it"));
+ } catch(Exception e) {
+ fail("Should have thrown an exception");
+ }
+ }
+
+ @Test
+ public void classLoaderTest() {
+ PropAccess pa = new PropAccess();
+ assertThat(pa.classLoader(), instanceOf(ClassLoader.class));
+ }
+
+ @Test
+ public void encryptionTest() throws Exception {
+ PropAccess pa = new PropAccess();
+ String plainText = "This is a secret message";
+ String secret_message = pa.encrypt(plainText);
+ String modified = secret_message.substring(4);
+ // Plenty of assertions to hit all branches
+ assertThat(pa.decrypt(secret_message, false), is(plainText));
+ assertThat(pa.decrypt(null, false), is(nullValue()));
+ assertThat(pa.decrypt(modified, true), is(plainText));
+ assertThat(pa.decrypt(modified, false), is(modified));
+ }
+
+ @Test
+ public void setPropertyTest() {
+ PropAccess pa = new PropAccess();
+ pa.setProperty("test", null);
+ String prop = "New Property";
+ String val ="And it's faithful value";
+ pa.setProperty(prop, val);
+
+ assertThat(pa.getProperty(prop), is(val));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_ServletContextAccess.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_ServletContextAccess.java
index 8531e1d1..e7689eae 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_ServletContextAccess.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_ServletContextAccess.java
@@ -47,58 +47,58 @@ import javax.servlet.ServletContext;
@SuppressWarnings("unused")
public class JU_ServletContextAccess {
- private FilterConfig filter_mock;
- Enumeration<String> enumeration;
-
- private class CustomEnumeration implements Enumeration<String> {
- private int idx = 0;
- private final String[] elements = {"This", "is", "a", "test"};
- @Override
- public String nextElement() {
- return idx >= elements.length ? null : elements[idx++];
- }
- @Override
- public boolean hasMoreElements() {
- return idx < elements.length;
- }
- }
+ private FilterConfig filter_mock;
+ Enumeration<String> enumeration;
+
+ private class CustomEnumeration implements Enumeration<String> {
+ private int idx = 0;
+ private final String[] elements = {"This", "is", "a", "test"};
+ @Override
+ public String nextElement() {
+ return idx >= elements.length ? null : elements[idx++];
+ }
+ @Override
+ public boolean hasMoreElements() {
+ return idx < elements.length;
+ }
+ }
- @Before
- public void setup() {
- enumeration = new CustomEnumeration();
- filter_mock = mock(FilterConfig.class);
- when(filter_mock.getInitParameterNames()).thenReturn(enumeration);
- }
-
- @Test
- public void ConstructorTest() throws Exception {
- ServletContextAccess sca = new ServletContextAccess(filter_mock);
- }
+ @Before
+ public void setup() {
+ enumeration = new CustomEnumeration();
+ filter_mock = mock(FilterConfig.class);
+ when(filter_mock.getInitParameterNames()).thenReturn(enumeration);
+ }
+
+ @Test
+ public void ConstructorTest() throws Exception {
+ ServletContextAccess sca = new ServletContextAccess(filter_mock);
+ }
- @Test
- public void logTest() throws Exception {
- ServletContext sc_mock = mock(ServletContext.class);
- when(filter_mock.getServletContext()).thenReturn(sc_mock);
- ServletContextAccess sca = new ServletContextAccess(filter_mock);
+ @Test
+ public void logTest() throws Exception {
+ ServletContext sc_mock = mock(ServletContext.class);
+ when(filter_mock.getServletContext()).thenReturn(sc_mock);
+ ServletContextAccess sca = new ServletContextAccess(filter_mock);
- sca.log(Level.DEBUG);
+ sca.log(Level.DEBUG);
- sca.setLogLevel(Level.DEBUG);
- sca.log(Level.DEBUG);
+ sca.setLogLevel(Level.DEBUG);
+ sca.log(Level.DEBUG);
- try {
- sca.log(new Exception("This exception was thrown intentionally, please ignore it"));
- } catch(Exception e) {
- fail("Should have thrown an exception");
- }
- }
+ try {
+ sca.log(new Exception("This exception was thrown intentionally, please ignore it"));
+ } catch(Exception e) {
+ fail("Should have thrown an exception");
+ }
+ }
- @Test
- public void contextTest() {
- ServletContext sc_mock = mock(ServletContext.class);
- when(filter_mock.getServletContext()).thenReturn(sc_mock);
- ServletContextAccess sca = new ServletContextAccess(filter_mock);
- assertThat(sca.context(), instanceOf(ServletContext.class));
- }
+ @Test
+ public void contextTest() {
+ ServletContext sc_mock = mock(ServletContext.class);
+ when(filter_mock.getServletContext()).thenReturn(sc_mock);
+ ServletContextAccess sca = new ServletContextAccess(filter_mock);
+ assertThat(sca.context(), instanceOf(ServletContext.class));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Symm.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Symm.java
index 753451ed..abbc9e90 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Symm.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Symm.java
@@ -37,176 +37,176 @@ import org.onap.aaf.cadi.PropAccess;
import org.onap.aaf.cadi.Symm;
public class JU_Symm {
- private Symm defaultSymm;
-
- private ByteArrayOutputStream outStream;
-
- @Before
- public void setup() throws Exception {
- defaultSymm = new Symm(
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".toCharArray()
- ,76, "Use default!" ,true);
- outStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
- }
-
- @After
- public void tearDown() {
- System.setOut(System.out);
- }
-
- @Test
- public void constructorTest() throws Exception {
- Symm myCustomSymm = new Symm(
- "ACEGIKMOQSUWYacegikmoqsuwy02468+/".toCharArray(), 76, "Default", true);
- Field convert_field = Symm.class.getDeclaredField("convert");
- convert_field.setAccessible(true);
-
- Class<?> Unordered_class = Class.forName("org.onap.aaf.cadi.Symm$Unordered");
- assertThat(convert_field.get(myCustomSymm), instanceOf(Unordered_class));
- }
-
- @SuppressWarnings("unused")
- @Test
- public void copyTest() throws Exception {
- Symm copy = Symm.base64.copy(76);
- }
-
- @SuppressWarnings("deprecation")
- @Test
- public void deprecatedTest() {
- assertEquals(Symm.base64(), Symm.base64);
- assertEquals(Symm.base64noSplit(), Symm.base64noSplit);
- assertEquals(Symm.base64url(), Symm.base64url);
- assertEquals(Symm.baseCrypt(), Symm.encrypt);
- }
-
- @Test
- public void encodeDecodeStringTest() throws Exception {
- String orig = "hello";
- String b64encrypted = Symm.base64.encode(orig);
- assertEquals(Symm.base64.decode(b64encrypted), orig);
-
- String defaultEnrypted = defaultSymm.encode(orig);
- assertEquals(defaultSymm.decode(defaultEnrypted), orig);
- }
-
- @Test
- public void encodeDecodeByteArrayTest() throws Exception {
- String orig = "hello";
- byte[] b64encrypted = Symm.base64.encode(orig.getBytes());
- assertEquals(new String(Symm.base64.decode(b64encrypted)), orig);
-
- byte[] empty = null;
- assertTrue(Arrays.equals(Symm.base64.encode(empty), new byte[0]));
- }
-
- @Test
- public void encodeDecodeStringToStreamTest() throws Exception {
- String orig = "I'm a password, really";
- String b64encrypted;
- String output;
-
- ByteArrayOutputStream baosEncrypt = new ByteArrayOutputStream();
- Symm.base64.encode(orig, baosEncrypt);
- b64encrypted = new String(baosEncrypt.toByteArray());
-
- ByteArrayOutputStream baosDecrypt = new ByteArrayOutputStream();
- Symm.base64.decode(b64encrypted, baosDecrypt);
- output = new String(baosDecrypt.toByteArray());
-
- assertEquals(orig, output);
- }
-
- @Test
- public void encryptDecryptStreamWithPrefixTest() throws Exception {
- String orig = "I'm a password, really";
- byte[] b64encrypted;
- String output;
-
- byte[] prefix = "enc:".getBytes();
-
- ByteArrayInputStream baisEncrypt = new ByteArrayInputStream(orig.getBytes());
- ByteArrayOutputStream baosEncrypt = new ByteArrayOutputStream();
- Symm.base64.encode(baisEncrypt, baosEncrypt, prefix);
-
- b64encrypted = baosEncrypt.toByteArray();
-
- ByteArrayInputStream baisDecrypt = new ByteArrayInputStream(b64encrypted);
- ByteArrayOutputStream baosDecrypt = new ByteArrayOutputStream();
- Symm.base64.decode(baisDecrypt, baosDecrypt, prefix.length);
-
- output = new String(baosDecrypt.toByteArray());
- assertEquals(orig, output);
- }
-
- @Test
- public void randomGenTest() {
- // Ian - There really isn't a great way to test for randomness...
- String prev = null;
- for (int i = 0; i < 10; i++) {
- String current = Symm.randomGen(100);
- if (current.equals(prev)) {
- fail("I don't know how, but you generated the exact same random string twice in a row");
- }
- prev = current;
- }
- assertTrue(true);
- }
-
- @Test
- public void obtainTest() throws Exception {
- Symm symm = Symm.base64.obtain();
-
- String orig ="Another Password, please";
- String encrypted = symm.enpass(orig);
- String decrypted = symm.depass(encrypted);
- assertEquals(orig, decrypted);
- }
-
- @Test
- public void InputStreamObtainTest() throws Exception {
- byte[] keygen = Symm.keygen();
-
- Symm symm = Symm.obtain(new ByteArrayInputStream(keygen));
-
- String orig ="Another Password, please";
- String encrypted = symm.enpass(orig);
- String decrypted = symm.depass(encrypted);
- assertEquals(orig, decrypted);
- }
-
- @Test
- public void StringObtainTest() throws Exception {
- byte[] keygen = Symm.keygen();
-
- Symm symm = Symm.obtain(new String(keygen));
-
- String orig ="Another Password, please";
- String encrypted = symm.enpass(orig);
- String decrypted = symm.depass(encrypted);
- assertEquals(orig, decrypted);
- }
-
- @Test
- public void AccessObtainTest() throws Exception {
- PropAccess pa = new PropAccess("cadi_keyfile=src/test/resources/keyfile");
- Symm symm = Symm.obtain(pa);
- String orig ="Another Password, please";
- String encrypted = symm.enpass(orig);
- String decrypted = symm.depass(encrypted);
- assertEquals(orig, decrypted);
-
- try {
- PropAccess badPa = mock(PropAccess.class);
- when(badPa.getProperty("cadi_keyfile", null)).thenReturn("not_a_real_file.txt");
- symm = Symm.obtain(badPa);
- fail("Should have thrown an exception");
- } catch (CadiException e) {
- assertTrue(e.getMessage().contains("ERROR: "));
- assertTrue(e.getMessage().contains("not_a_real_file.txt"));
- assertTrue(e.getMessage().contains(" does not exist!"));
- }
- }
-
+ private Symm defaultSymm;
+
+ private ByteArrayOutputStream outStream;
+
+ @Before
+ public void setup() throws Exception {
+ defaultSymm = new Symm(
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/".toCharArray()
+ ,76, "Use default!" ,true);
+ outStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
+ }
+
+ @After
+ public void tearDown() {
+ System.setOut(System.out);
+ }
+
+ @Test
+ public void constructorTest() throws Exception {
+ Symm myCustomSymm = new Symm(
+ "ACEGIKMOQSUWYacegikmoqsuwy02468+/".toCharArray(), 76, "Default", true);
+ Field convert_field = Symm.class.getDeclaredField("convert");
+ convert_field.setAccessible(true);
+
+ Class<?> Unordered_class = Class.forName("org.onap.aaf.cadi.Symm$Unordered");
+ assertThat(convert_field.get(myCustomSymm), instanceOf(Unordered_class));
+ }
+
+ @SuppressWarnings("unused")
+ @Test
+ public void copyTest() throws Exception {
+ Symm copy = Symm.base64.copy(76);
+ }
+
+ @SuppressWarnings("deprecation")
+ @Test
+ public void deprecatedTest() {
+ assertEquals(Symm.base64(), Symm.base64);
+ assertEquals(Symm.base64noSplit(), Symm.base64noSplit);
+ assertEquals(Symm.base64url(), Symm.base64url);
+ assertEquals(Symm.baseCrypt(), Symm.encrypt);
+ }
+
+ @Test
+ public void encodeDecodeStringTest() throws Exception {
+ String orig = "hello";
+ String b64encrypted = Symm.base64.encode(orig);
+ assertEquals(Symm.base64.decode(b64encrypted), orig);
+
+ String defaultEnrypted = defaultSymm.encode(orig);
+ assertEquals(defaultSymm.decode(defaultEnrypted), orig);
+ }
+
+ @Test
+ public void encodeDecodeByteArrayTest() throws Exception {
+ String orig = "hello";
+ byte[] b64encrypted = Symm.base64.encode(orig.getBytes());
+ assertEquals(new String(Symm.base64.decode(b64encrypted)), orig);
+
+ byte[] empty = null;
+ assertTrue(Arrays.equals(Symm.base64.encode(empty), new byte[0]));
+ }
+
+ @Test
+ public void encodeDecodeStringToStreamTest() throws Exception {
+ String orig = "I'm a password, really";
+ String b64encrypted;
+ String output;
+
+ ByteArrayOutputStream baosEncrypt = new ByteArrayOutputStream();
+ Symm.base64.encode(orig, baosEncrypt);
+ b64encrypted = new String(baosEncrypt.toByteArray());
+
+ ByteArrayOutputStream baosDecrypt = new ByteArrayOutputStream();
+ Symm.base64.decode(b64encrypted, baosDecrypt);
+ output = new String(baosDecrypt.toByteArray());
+
+ assertEquals(orig, output);
+ }
+
+ @Test
+ public void encryptDecryptStreamWithPrefixTest() throws Exception {
+ String orig = "I'm a password, really";
+ byte[] b64encrypted;
+ String output;
+
+ byte[] prefix = "enc:".getBytes();
+
+ ByteArrayInputStream baisEncrypt = new ByteArrayInputStream(orig.getBytes());
+ ByteArrayOutputStream baosEncrypt = new ByteArrayOutputStream();
+ Symm.base64.encode(baisEncrypt, baosEncrypt, prefix);
+
+ b64encrypted = baosEncrypt.toByteArray();
+
+ ByteArrayInputStream baisDecrypt = new ByteArrayInputStream(b64encrypted);
+ ByteArrayOutputStream baosDecrypt = new ByteArrayOutputStream();
+ Symm.base64.decode(baisDecrypt, baosDecrypt, prefix.length);
+
+ output = new String(baosDecrypt.toByteArray());
+ assertEquals(orig, output);
+ }
+
+ @Test
+ public void randomGenTest() {
+ // Ian - There really isn't a great way to test for randomness...
+ String prev = null;
+ for (int i = 0; i < 10; i++) {
+ String current = Symm.randomGen(100);
+ if (current.equals(prev)) {
+ fail("I don't know how, but you generated the exact same random string twice in a row");
+ }
+ prev = current;
+ }
+ assertTrue(true);
+ }
+
+ @Test
+ public void obtainTest() throws Exception {
+ Symm symm = Symm.base64.obtain();
+
+ String orig ="Another Password, please";
+ String encrypted = symm.enpass(orig);
+ String decrypted = symm.depass(encrypted);
+ assertEquals(orig, decrypted);
+ }
+
+ @Test
+ public void InputStreamObtainTest() throws Exception {
+ byte[] keygen = Symm.keygen();
+
+ Symm symm = Symm.obtain(new ByteArrayInputStream(keygen));
+
+ String orig ="Another Password, please";
+ String encrypted = symm.enpass(orig);
+ String decrypted = symm.depass(encrypted);
+ assertEquals(orig, decrypted);
+ }
+
+ @Test
+ public void StringObtainTest() throws Exception {
+ byte[] keygen = Symm.keygen();
+
+ Symm symm = Symm.obtain(new String(keygen));
+
+ String orig ="Another Password, please";
+ String encrypted = symm.enpass(orig);
+ String decrypted = symm.depass(encrypted);
+ assertEquals(orig, decrypted);
+ }
+
+ @Test
+ public void AccessObtainTest() throws Exception {
+ PropAccess pa = new PropAccess("cadi_keyfile=src/test/resources/keyfile");
+ Symm symm = Symm.obtain(pa);
+ String orig ="Another Password, please";
+ String encrypted = symm.enpass(orig);
+ String decrypted = symm.depass(encrypted);
+ assertEquals(orig, decrypted);
+
+ try {
+ PropAccess badPa = mock(PropAccess.class);
+ when(badPa.getProperty("cadi_keyfile", null)).thenReturn("not_a_real_file.txt");
+ symm = Symm.obtain(badPa);
+ fail("Should have thrown an exception");
+ } catch (CadiException e) {
+ assertTrue(e.getMessage().contains("ERROR: "));
+ assertTrue(e.getMessage().contains("not_a_real_file.txt"));
+ assertTrue(e.getMessage().contains(" does not exist!"));
+ }
+ }
+
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_TrustChecker.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_TrustChecker.java
index 511c6ee3..c6070d7d 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_TrustChecker.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_TrustChecker.java
@@ -29,9 +29,9 @@ import org.onap.aaf.cadi.TrustChecker;
public class JU_TrustChecker {
- @Test
- public void noTrustTests() {
- assertThat(TrustChecker.NOTRUST.mayTrust(null, null), is(nullValue()));
- TrustChecker.NOTRUST.setLur(null);
- }
+ @Test
+ public void noTrustTests() {
+ assertThat(TrustChecker.NOTRUST.mayTrust(null, null), is(nullValue()));
+ TrustChecker.NOTRUST.setLur(null);
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_User.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_User.java
index 2d5ba8d2..857170a7 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_User.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_User.java
@@ -45,141 +45,141 @@ import org.onap.aaf.cadi.lur.LocalPermission;
public class JU_User {
- private final Long SECOND = 1000L;
- private final String name = "Fakey McFake";
- private final String cred = "Fake credentials";
-
- private Field perms_field;
- private Field count_field;
-
- @Mock
- private Principal principal;
-
- @Mock
- private LocalPermission permission;
- @Mock
- private LocalPermission permission2;
-
- @Before
- public void setup() throws NoSuchFieldException, SecurityException {
- MockitoAnnotations.initMocks(this);
-
- when(principal.getName()).thenReturn("Principal");
-
- when(permission.getKey()).thenReturn("NewKey");
- when(permission.match(permission)).thenReturn(true);
-
- when(permission2.getKey()).thenReturn("NewKey2");
- when(permission2.match(permission)).thenReturn(false);
-
- perms_field = User.class.getDeclaredField("perms");
- perms_field.setAccessible(true);
-
- count_field = User.class.getDeclaredField("count");
- count_field.setAccessible(true);
- }
-
- @Test
- public void constructorPrincipalTest() throws IllegalArgumentException, IllegalAccessException {
- User<Permission> user = new User<Permission>(principal);
- assertThat(user.name, is(principal.getName()));
- assertThat(user.principal, is(principal));
- assertThat(user.permExpires(), is(Long.MAX_VALUE));
- assertThat((int)count_field.get(user), is(0));
- }
-
- @Test
- public void constructorNameCredTest() throws IllegalArgumentException, IllegalAccessException {
- User<Permission> user = new User<Permission>(name, cred.getBytes());
- assertThat(user.name, is(name));
- assertThat(user.principal, is(nullValue()));
- assertThat(user.permExpires(), is(Long.MAX_VALUE));
- assertThat((int)count_field.get(user), is(0));
- assertThat(user.getCred(), is(cred.getBytes()));
- }
-
- @Test
- public void constructorPrincipalIntervalTest() throws IllegalArgumentException, IllegalAccessException {
- User<Permission> user = new User<Permission>(principal, 61 * SECOND);
- Long approxExpiration = System.currentTimeMillis() + 61 * SECOND;
- assertThat(user.name, is(principal.getName()));
- assertThat(user.principal, is(principal));
- assertTrue(Math.abs(user.permExpires() - approxExpiration) < 10L);
- assertThat((int)count_field.get(user), is(0));
- }
-
- @Test
- public void constructorNameCredIntervalTest() throws IllegalArgumentException, IllegalAccessException {
- String name = "Fakey McFake";
- User<Permission> user = new User<Permission>(name, cred.getBytes(), 61 * SECOND);
- Long approxExpiration = System.currentTimeMillis() + 61 * SECOND;
- assertThat(user.name, is(name));
- assertThat(user.principal, is(nullValue()));
- assertTrue(Math.abs(user.permExpires() - approxExpiration) < 10L);
- assertThat((int)count_field.get(user), is(0));
- assertThat(user.getCred(), is(cred.getBytes()));
- }
-
- @Test
- public void countCheckTest() throws IllegalArgumentException, IllegalAccessException {
- User<Permission> user = new User<Permission>(principal);
- user.resetCount();
- assertThat((int)count_field.get(user), is(0));
- user.incCount();
- assertThat((int)count_field.get(user), is(1));
- user.incCount();
- assertThat((int)count_field.get(user), is(2));
- user.resetCount();
- assertThat((int)count_field.get(user), is(0));
- }
-
- @Test
- public void permTest() throws InterruptedException, IllegalArgumentException, IllegalAccessException {
- User<Permission> user = new User<Permission>(principal);
- assertThat(user.permExpires(), is(Long.MAX_VALUE));
- user.renewPerm();
- Thread.sleep(1); // Let it expire
- assertThat(user.permExpired(), is(true));
-
- user = new User<Permission>(principal,100);
- assertTrue(user.noPerms());
- user.add(permission);
- assertFalse(user.permsUnloaded());
- assertFalse(user.noPerms());
- user.setNoPerms();
- assertThat(user.permExpired(), is(false));
- assertTrue(user.permsUnloaded());
- assertTrue(user.noPerms());
- perms_field.set(user, null);
- assertTrue(user.permsUnloaded());
- assertTrue(user.noPerms());
- }
-
- @Test
- public void addValuesToNewMapTest() {
- User<Permission> user = new User<Permission>(principal);
- Map<String, Permission> newMap = new HashMap<>();
-
- assertFalse(user.contains(permission));
-
- user.add(newMap, permission);
- user.setMap(newMap);
-
- assertTrue(user.contains(permission));
-
- List<Permission> sink = new ArrayList<>();
- user.copyPermsTo(sink);
-
- assertThat(sink.size(), is(1));
- assertTrue(sink.contains(permission));
-
- assertThat(user.toString(), is("Principal|:NewKey"));
-
- user.add(newMap, permission2);
- user.setMap(newMap);
- assertFalse(user.contains(permission2));
-
- assertThat(user.toString(), is("Principal|:NewKey2,NewKey"));
- }
-
+ private final Long SECOND = 1000L;
+ private final String name = "Fakey McFake";
+ private final String cred = "Fake credentials";
+
+ private Field perms_field;
+ private Field count_field;
+
+ @Mock
+ private Principal principal;
+
+ @Mock
+ private LocalPermission permission;
+ @Mock
+ private LocalPermission permission2;
+
+ @Before
+ public void setup() throws NoSuchFieldException, SecurityException {
+ MockitoAnnotations.initMocks(this);
+
+ when(principal.getName()).thenReturn("Principal");
+
+ when(permission.getKey()).thenReturn("NewKey");
+ when(permission.match(permission)).thenReturn(true);
+
+ when(permission2.getKey()).thenReturn("NewKey2");
+ when(permission2.match(permission)).thenReturn(false);
+
+ perms_field = User.class.getDeclaredField("perms");
+ perms_field.setAccessible(true);
+
+ count_field = User.class.getDeclaredField("count");
+ count_field.setAccessible(true);
+ }
+
+ @Test
+ public void constructorPrincipalTest() throws IllegalArgumentException, IllegalAccessException {
+ User<Permission> user = new User<Permission>(principal);
+ assertThat(user.name, is(principal.getName()));
+ assertThat(user.principal, is(principal));
+ assertThat(user.permExpires(), is(Long.MAX_VALUE));
+ assertThat((int)count_field.get(user), is(0));
+ }
+
+ @Test
+ public void constructorNameCredTest() throws IllegalArgumentException, IllegalAccessException {
+ User<Permission> user = new User<Permission>(name, cred.getBytes());
+ assertThat(user.name, is(name));
+ assertThat(user.principal, is(nullValue()));
+ assertThat(user.permExpires(), is(Long.MAX_VALUE));
+ assertThat((int)count_field.get(user), is(0));
+ assertThat(user.getCred(), is(cred.getBytes()));
+ }
+
+ @Test
+ public void constructorPrincipalIntervalTest() throws IllegalArgumentException, IllegalAccessException {
+ User<Permission> user = new User<Permission>(principal, 61 * SECOND);
+ Long approxExpiration = System.currentTimeMillis() + 61 * SECOND;
+ assertThat(user.name, is(principal.getName()));
+ assertThat(user.principal, is(principal));
+ assertTrue(Math.abs(user.permExpires() - approxExpiration) < 10L);
+ assertThat((int)count_field.get(user), is(0));
+ }
+
+ @Test
+ public void constructorNameCredIntervalTest() throws IllegalArgumentException, IllegalAccessException {
+ String name = "Fakey McFake";
+ User<Permission> user = new User<Permission>(name, cred.getBytes(), 61 * SECOND);
+ Long approxExpiration = System.currentTimeMillis() + 61 * SECOND;
+ assertThat(user.name, is(name));
+ assertThat(user.principal, is(nullValue()));
+ assertTrue(Math.abs(user.permExpires() - approxExpiration) < 10L);
+ assertThat((int)count_field.get(user), is(0));
+ assertThat(user.getCred(), is(cred.getBytes()));
+ }
+
+ @Test
+ public void countCheckTest() throws IllegalArgumentException, IllegalAccessException {
+ User<Permission> user = new User<Permission>(principal);
+ user.resetCount();
+ assertThat((int)count_field.get(user), is(0));
+ user.incCount();
+ assertThat((int)count_field.get(user), is(1));
+ user.incCount();
+ assertThat((int)count_field.get(user), is(2));
+ user.resetCount();
+ assertThat((int)count_field.get(user), is(0));
+ }
+
+ @Test
+ public void permTest() throws InterruptedException, IllegalArgumentException, IllegalAccessException {
+ User<Permission> user = new User<Permission>(principal);
+ assertThat(user.permExpires(), is(Long.MAX_VALUE));
+ user.renewPerm();
+ Thread.sleep(1); // Let it expire
+ assertThat(user.permExpired(), is(true));
+
+ user = new User<Permission>(principal,100);
+ assertTrue(user.noPerms());
+ user.add(permission);
+ assertFalse(user.permsUnloaded());
+ assertFalse(user.noPerms());
+ user.setNoPerms();
+ assertThat(user.permExpired(), is(false));
+ assertTrue(user.permsUnloaded());
+ assertTrue(user.noPerms());
+ perms_field.set(user, null);
+ assertTrue(user.permsUnloaded());
+ assertTrue(user.noPerms());
+ }
+
+ @Test
+ public void addValuesToNewMapTest() {
+ User<Permission> user = new User<Permission>(principal);
+ Map<String, Permission> newMap = new HashMap<>();
+
+ assertFalse(user.contains(permission));
+
+ user.add(newMap, permission);
+ user.setMap(newMap);
+
+ assertTrue(user.contains(permission));
+
+ List<Permission> sink = new ArrayList<>();
+ user.copyPermsTo(sink);
+
+ assertThat(sink.size(), is(1));
+ assertTrue(sink.contains(permission));
+
+ assertThat(user.toString(), is("Principal|:NewKey"));
+
+ user.add(newMap, permission2);
+ user.setMap(newMap);
+ assertFalse(user.contains(permission2));
+
+ assertThat(user.toString(), is("Principal|:NewKey2,NewKey"));
+ }
+
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Chmod.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Chmod.java
index 62114189..f8905bb5 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Chmod.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Chmod.java
@@ -37,39 +37,39 @@ import org.onap.aaf.cadi.util.Chmod;
public class JU_Chmod {
- private File file;
- private String filePath;
+ private File file;
+ private String filePath;
- @Before
- public void setup() throws IOException {
- file = File.createTempFile("chmod_test", "");
- filePath = file.getAbsolutePath();
- }
+ @Before
+ public void setup() throws IOException {
+ file = File.createTempFile("chmod_test", "");
+ filePath = file.getAbsolutePath();
+ }
- @After
- public void tearDown() {
- file.delete();
- }
+ @After
+ public void tearDown() {
+ file.delete();
+ }
- @Test
- public void to755Test() throws IOException {
- Chmod.to755.chmod(file);
- Set<PosixFilePermission> set = Files.getPosixFilePermissions(Paths.get(filePath));
- assertThat(PosixFilePermissions.toString(set), is("rwxr-xr-x"));
- }
+ @Test
+ public void to755Test() throws IOException {
+ Chmod.to755.chmod(file);
+ Set<PosixFilePermission> set = Files.getPosixFilePermissions(Paths.get(filePath));
+ assertThat(PosixFilePermissions.toString(set), is("rwxr-xr-x"));
+ }
- @Test
- public void to644Test() throws IOException {
- Chmod.to644.chmod(file);
- Set<PosixFilePermission> set = Files.getPosixFilePermissions(Paths.get(filePath));
- assertThat(PosixFilePermissions.toString(set), is("rw-r--r--"));
- }
+ @Test
+ public void to644Test() throws IOException {
+ Chmod.to644.chmod(file);
+ Set<PosixFilePermission> set = Files.getPosixFilePermissions(Paths.get(filePath));
+ assertThat(PosixFilePermissions.toString(set), is("rw-r--r--"));
+ }
- @Test
- public void to400Test() throws IOException {
- Chmod.to400.chmod(file);
- Set<PosixFilePermission> set = Files.getPosixFilePermissions(Paths.get(filePath));
- assertThat(PosixFilePermissions.toString(set), is("r--------"));
- }
+ @Test
+ public void to400Test() throws IOException {
+ Chmod.to400.chmod(file);
+ Set<PosixFilePermission> set = Files.getPosixFilePermissions(Paths.get(filePath));
+ assertThat(PosixFilePermissions.toString(set), is("r--------"));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_FQI.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_FQI.java
index bcd2f776..3daa6cb7 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_FQI.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_FQI.java
@@ -30,15 +30,15 @@ import org.onap.aaf.cadi.util.FQI;
public class JU_FQI {
- @Test
- public void reverseDomainTest() {
- assertThat(FQI.reverseDomain("user@att.com"), is("com.att"));
- }
+ @Test
+ public void reverseDomainTest() {
+ assertThat(FQI.reverseDomain("user@att.com"), is("com.att"));
+ }
- @Test
- public void coverageTest() {
- @SuppressWarnings("unused")
- FQI fqi = new FQI();
- }
+ @Test
+ public void coverageTest() {
+ @SuppressWarnings("unused")
+ FQI fqi = new FQI();
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_JsonOutputStream.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_JsonOutputStream.java
index da3557cb..b3d7797c 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_JsonOutputStream.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_JsonOutputStream.java
@@ -36,58 +36,58 @@ import org.onap.aaf.cadi.util.JsonOutputStream;
public class JU_JsonOutputStream {
- private JsonOutputStream jos;
-
- @Before
- public void setup() {
- jos = new JsonOutputStream(new ByteArrayOutputStream());
- }
-
- @Test
- public void constructorTest() {
- jos = new JsonOutputStream(System.out);
- jos = new JsonOutputStream(System.err);
- }
-
- @Test
- public void writeTest() throws IOException {
- byte[] json = ("{" +
- "name: user," +
- "password: pass," +
- "contact: {" +
- "email: user@att.com," +
- "phone: 555-5555" +
- "}," +
- "list: [" +
- "item1," +
- "item2" +
- "],[],{}," +
- "list:" +
- "[" +
- "item1," +
- "item2" +
- "]" +
- "}").getBytes();
- jos.write(json);
- }
-
- @Test
- public void resetIndentTest() throws IllegalArgumentException, IllegalAccessException, NoSuchFieldException, SecurityException {
- Field indentField = JsonOutputStream.class.getDeclaredField("indent");
- indentField.setAccessible(true);
-
- assertThat((int)indentField.get(jos), is(0));
- jos.resetIndent();
- assertThat((int)indentField.get(jos), is(1));
- }
-
- @Test
- public void coverageTest() throws IOException {
- jos.flush();
- jos.close();
-
- jos = new JsonOutputStream(System.out);
- jos.close();
- }
+ private JsonOutputStream jos;
+
+ @Before
+ public void setup() {
+ jos = new JsonOutputStream(new ByteArrayOutputStream());
+ }
+
+ @Test
+ public void constructorTest() {
+ jos = new JsonOutputStream(System.out);
+ jos = new JsonOutputStream(System.err);
+ }
+
+ @Test
+ public void writeTest() throws IOException {
+ byte[] json = ("{" +
+ "name: user," +
+ "password: pass," +
+ "contact: {" +
+ "email: user@att.com," +
+ "phone: 555-5555" +
+ "}," +
+ "list: [" +
+ "item1," +
+ "item2" +
+ "],[],{}," +
+ "list:" +
+ "[" +
+ "item1," +
+ "item2" +
+ "]" +
+ "}").getBytes();
+ jos.write(json);
+ }
+
+ @Test
+ public void resetIndentTest() throws IllegalArgumentException, IllegalAccessException, NoSuchFieldException, SecurityException {
+ Field indentField = JsonOutputStream.class.getDeclaredField("indent");
+ indentField.setAccessible(true);
+
+ assertThat((int)indentField.get(jos), is(0));
+ jos.resetIndent();
+ assertThat((int)indentField.get(jos), is(1));
+ }
+
+ @Test
+ public void coverageTest() throws IOException {
+ jos.flush();
+ jos.close();
+
+ jos = new JsonOutputStream(System.out);
+ jos.close();
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_MaskFormatException.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_MaskFormatException.java
index ea743430..ba03b6b1 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_MaskFormatException.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_MaskFormatException.java
@@ -30,15 +30,15 @@ import org.onap.aaf.cadi.util.MaskFormatException;
public class JU_MaskFormatException {
- @Test
- public void throwsTest() {
- String errorMessage = "This is a MaskFormatException";
- try {
- throw new MaskFormatException(errorMessage);
- } catch (Exception e) {
- assertThat(e.getMessage(), is(errorMessage));
- assertTrue(e instanceof MaskFormatException);
- }
- }
+ @Test
+ public void throwsTest() {
+ String errorMessage = "This is a MaskFormatException";
+ try {
+ throw new MaskFormatException(errorMessage);
+ } catch (Exception e) {
+ assertThat(e.getMessage(), is(errorMessage));
+ assertTrue(e instanceof MaskFormatException);
+ }
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_NetMask.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_NetMask.java
index 403f1f1e..f2e393d9 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_NetMask.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_NetMask.java
@@ -27,39 +27,39 @@ import org.onap.aaf.cadi.util.NetMask;
public class JU_NetMask {
- @Test
- public void deriveTest() {
- String test = "test";
- assertEquals(NetMask.derive(test.getBytes()), 0);
- }
+ @Test
+ public void deriveTest() {
+ String test = "test";
+ assertEquals(NetMask.derive(test.getBytes()), 0);
+ }
- @Test
- public void deriveTest2() {
- String test = "1.2.3.4";
- assertEquals(NetMask.derive(test.getBytes()), 0);
- }
-
- @Test
- public void deriveTest3() {
- String test = "1.2.4";
- assertEquals(NetMask.derive(test.getBytes()), 0);
- }
-
- @Test
- public void deriveTest4() {
- String test = "1.3.4";
- assertEquals(NetMask.derive(test.getBytes()), 0);
- }
-
- @Test
- public void deriveTest5() {
- String test = "2.3.4";
- assertEquals(NetMask.derive(test.getBytes()), 0);
- }
-
- @Test
- public void deriveTest6() {
- String test = "3.4";
- assertEquals(NetMask.derive(test.getBytes()), 0);
- }
+ @Test
+ public void deriveTest2() {
+ String test = "1.2.3.4";
+ assertEquals(NetMask.derive(test.getBytes()), 0);
+ }
+
+ @Test
+ public void deriveTest3() {
+ String test = "1.2.4";
+ assertEquals(NetMask.derive(test.getBytes()), 0);
+ }
+
+ @Test
+ public void deriveTest4() {
+ String test = "1.3.4";
+ assertEquals(NetMask.derive(test.getBytes()), 0);
+ }
+
+ @Test
+ public void deriveTest5() {
+ String test = "2.3.4";
+ assertEquals(NetMask.derive(test.getBytes()), 0);
+ }
+
+ @Test
+ public void deriveTest6() {
+ String test = "3.4";
+ assertEquals(NetMask.derive(test.getBytes()), 0);
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Pool.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Pool.java
index b9f0e997..5862d792 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Pool.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Pool.java
@@ -33,127 +33,127 @@ import org.onap.aaf.cadi.util.Pool.*;
public class JU_Pool {
- private StringBuilder sb = new StringBuilder();
-
- private class IntegerCreator implements Creator<Integer> {
- private int current = 0;
-
- @Override
- public Integer create() {
- return current++;
- }
-
- @Override
- public void destroy(Integer t) {
- t = 0;
- }
-
- @Override
- public boolean isValid(Integer t) {
- return (t & 0x1) == 0;
- }
-
- @Override
- public void reuse(Integer t) {
- }
- }
-
- private class CustomLogger implements Log {
- @Override
- public void log(Object... o) {
- for (Object item : o) {
- sb.append(item.toString());
- }
- }
- }
-
- @Test
- public void getTest() throws CadiException {
- Pool<Integer> intPool = new Pool<Integer>(new IntegerCreator());
-
- List<Pooled<Integer>> gotten = new ArrayList<>();
- for (int i = 0; i < 10; i++) {
- gotten.add(intPool.get());
- assertThat(gotten.get(i).content, is(i));
- }
-
- gotten.get(9).done();
- gotten.set(9, intPool.get());
- assertThat(gotten.get(9).content, is(9));
-
- for (int i = 0; i < 10; i++) {
- gotten.get(i).done();
- }
-
- for (int i = 0; i < 10; i++) {
- gotten.set(i, intPool.get());
- if (i < 5) {
- assertThat(gotten.get(i).content, is(i));
- } else {
- assertThat(gotten.get(i).content, is(i + 5));
- }
- }
-
- for (int i = 0; i < 10; i++) {
- gotten.get(i).toss();
- // Coverage calls
- gotten.get(i).toss();
- gotten.get(i).done();
-
- // only set some objects to null -> this is for the finalize coverage test
- if (i < 5) {
- gotten.set(i, null);
- }
- }
-
- // Coverage of finalize()
- System.gc();
- }
-
- @Test
- public void bulkTest() throws CadiException {
- Pool<Integer> intPool = new Pool<Integer>(new IntegerCreator());
-
- intPool.prime(10);
- // Remove all of the invalid items (in this case, odd numbers)
- assertFalse(intPool.validate());
-
- // Make sure we got them all
- assertTrue(intPool.validate());
-
- // Get an item from the pool
- Pooled<Integer> gotten = intPool.get();
- assertThat(gotten.content, is(0));
-
- // finalize that item, then check the next one to make sure we actually purged
- // the odd numbers
- gotten = intPool.get();
- assertThat(gotten.content, is(2));
-
- intPool.drain();
-
- }
-
- @Test
- public void setMaxTest() {
- Pool<Integer> intPool = new Pool<Integer>(new IntegerCreator());
- intPool.setMaxRange(10);
- assertThat(intPool.getMaxRange(), is(10));
- intPool.setMaxRange(-10);
- assertThat(intPool.getMaxRange(), is(0));
- }
-
- @Test
- public void loggingTest() {
- Pool<Integer> intPool = new Pool<Integer>(new IntegerCreator());
-
- // Log to Log.NULL for coverage
- intPool.log("Test log output");
-
- intPool.setLogger(new CustomLogger());
- intPool.log("Test log output");
-
- assertThat(sb.toString(), is("Test log output"));
- }
+ private StringBuilder sb = new StringBuilder();
+
+ private class IntegerCreator implements Creator<Integer> {
+ private int current = 0;
+
+ @Override
+ public Integer create() {
+ return current++;
+ }
+
+ @Override
+ public void destroy(Integer t) {
+ t = 0;
+ }
+
+ @Override
+ public boolean isValid(Integer t) {
+ return (t & 0x1) == 0;
+ }
+
+ @Override
+ public void reuse(Integer t) {
+ }
+ }
+
+ private class CustomLogger implements Log {
+ @Override
+ public void log(Object... o) {
+ for (Object item : o) {
+ sb.append(item.toString());
+ }
+ }
+ }
+
+ @Test
+ public void getTest() throws CadiException {
+ Pool<Integer> intPool = new Pool<Integer>(new IntegerCreator());
+
+ List<Pooled<Integer>> gotten = new ArrayList<>();
+ for (int i = 0; i < 10; i++) {
+ gotten.add(intPool.get());
+ assertThat(gotten.get(i).content, is(i));
+ }
+
+ gotten.get(9).done();
+ gotten.set(9, intPool.get());
+ assertThat(gotten.get(9).content, is(9));
+
+ for (int i = 0; i < 10; i++) {
+ gotten.get(i).done();
+ }
+
+ for (int i = 0; i < 10; i++) {
+ gotten.set(i, intPool.get());
+ if (i < 5) {
+ assertThat(gotten.get(i).content, is(i));
+ } else {
+ assertThat(gotten.get(i).content, is(i + 5));
+ }
+ }
+
+ for (int i = 0; i < 10; i++) {
+ gotten.get(i).toss();
+ // Coverage calls
+ gotten.get(i).toss();
+ gotten.get(i).done();
+
+ // only set some objects to null -> this is for the finalize coverage test
+ if (i < 5) {
+ gotten.set(i, null);
+ }
+ }
+
+ // Coverage of finalize()
+ System.gc();
+ }
+
+ @Test
+ public void bulkTest() throws CadiException {
+ Pool<Integer> intPool = new Pool<Integer>(new IntegerCreator());
+
+ intPool.prime(10);
+ // Remove all of the invalid items (in this case, odd numbers)
+ assertFalse(intPool.validate());
+
+ // Make sure we got them all
+ assertTrue(intPool.validate());
+
+ // Get an item from the pool
+ Pooled<Integer> gotten = intPool.get();
+ assertThat(gotten.content, is(0));
+
+ // finalize that item, then check the next one to make sure we actually purged
+ // the odd numbers
+ gotten = intPool.get();
+ assertThat(gotten.content, is(2));
+
+ intPool.drain();
+
+ }
+
+ @Test
+ public void setMaxTest() {
+ Pool<Integer> intPool = new Pool<Integer>(new IntegerCreator());
+ intPool.setMaxRange(10);
+ assertThat(intPool.getMaxRange(), is(10));
+ intPool.setMaxRange(-10);
+ assertThat(intPool.getMaxRange(), is(0));
+ }
+
+ @Test
+ public void loggingTest() {
+ Pool<Integer> intPool = new Pool<Integer>(new IntegerCreator());
+
+ // Log to Log.NULL for coverage
+ intPool.log("Test log output");
+
+ intPool.setLogger(new CustomLogger());
+ intPool.log("Test log output");
+
+ assertThat(sb.toString(), is("Test log output"));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Split.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Split.java
index 12be4e15..8977a4f4 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Split.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Split.java
@@ -28,86 +28,86 @@ import org.onap.aaf.cadi.util.Split;
public class JU_Split {
- @Test
- public void splitTest() {
- String[] output = Split.split('c', "ctestctc", 0, "ctestctc".length());
- assertThat(output.length, is(4));
- assertThat(output[0], is(""));
- assertThat(output[1], is("test"));
- assertThat(output[2], is("t"));
- assertThat(output[3], is(""));
-
- output = Split.split('c', "ctestctc", 0, 4);
- assertThat(output.length, is(2));
- assertThat(output[0], is(""));
- assertThat(output[1], is("tes"));
+ @Test
+ public void splitTest() {
+ String[] output = Split.split('c', "ctestctc", 0, "ctestctc".length());
+ assertThat(output.length, is(4));
+ assertThat(output[0], is(""));
+ assertThat(output[1], is("test"));
+ assertThat(output[2], is("t"));
+ assertThat(output[3], is(""));
+
+ output = Split.split('c', "ctestctc", 0, 4);
+ assertThat(output.length, is(2));
+ assertThat(output[0], is(""));
+ assertThat(output[1], is("tes"));
output = Split.split('c', "test", 0, "test".length());
- assertThat(output.length, is(1));
- assertThat(output[0], is("test"));
+ assertThat(output.length, is(1));
+ assertThat(output[0], is("test"));
- assertThat(Split.split('c', null, 0, 0).length, is(0));
+ assertThat(Split.split('c', null, 0, 0).length, is(0));
// Test with fewer arguments
- output = Split.split('c', "ctestctc");
- assertThat(output.length, is(4));
- assertThat(output[0], is(""));
- assertThat(output[1], is("test"));
- assertThat(output[2], is("t"));
- assertThat(output[3], is(""));
- }
-
- @Test
- public void splitTrimTest() {
- String[] output = Split.splitTrim('c', " cte stc ctc ", 0, " cte stc ctc ".length());
- assertThat(output.length, is(5));
- assertThat(output[0], is(""));
- assertThat(output[1], is("te st"));
- assertThat(output[2], is(""));
- assertThat(output[3], is("t"));
- assertThat(output[4], is(""));
-
- output = Split.splitTrim('c', " cte stc ctc ", 0, 5);
- assertThat(output.length, is(2));
- assertThat(output[0], is(""));
- assertThat(output[1], is("te"));
-
- assertThat(Split.splitTrim('c', " te st ", 0, " te st ".length())[0], is("te st"));
+ output = Split.split('c', "ctestctc");
+ assertThat(output.length, is(4));
+ assertThat(output[0], is(""));
+ assertThat(output[1], is("test"));
+ assertThat(output[2], is("t"));
+ assertThat(output[3], is(""));
+ }
+
+ @Test
+ public void splitTrimTest() {
+ String[] output = Split.splitTrim('c', " cte stc ctc ", 0, " cte stc ctc ".length());
+ assertThat(output.length, is(5));
+ assertThat(output[0], is(""));
+ assertThat(output[1], is("te st"));
+ assertThat(output[2], is(""));
+ assertThat(output[3], is("t"));
+ assertThat(output[4], is(""));
+
+ output = Split.splitTrim('c', " cte stc ctc ", 0, 5);
+ assertThat(output.length, is(2));
+ assertThat(output[0], is(""));
+ assertThat(output[1], is("te"));
+
+ assertThat(Split.splitTrim('c', " te st ", 0, " te st ".length())[0], is("te st"));
assertThat(Split.splitTrim('c', null, 0, 0).length, is(0));
- // Test with 2 arguments
- output = Split.splitTrim('c', " cte stc ctc ");
- assertThat(output.length, is(5));
- assertThat(output[0], is(""));
- assertThat(output[1], is("te st"));
- assertThat(output[2], is(""));
- assertThat(output[3], is("t"));
- assertThat(output[4], is(""));
-
- // Tests with 1 argument
- output = Split.splitTrim('c', " cte stc ctc ", 1);
- assertThat(output.length, is(1));
- assertThat(output[0], is("cte stc ctc"));
-
- output = Split.splitTrim('c', "testctest2", 2);
- assertThat(output.length, is(2));
- assertThat(output[0], is("test"));
- assertThat(output[1], is("test2"));
-
- output = Split.splitTrim('c', " cte stc ctc ", 4);
- assertThat(output.length, is(4));
- assertThat(output[0], is(""));
- assertThat(output[1], is("te st"));
- assertThat(output[2], is(""));
-
- assertThat(Split.splitTrim('c', null, 0).length, is(0));
- }
-
- @Test
- public void coverageTest() {
- @SuppressWarnings("unused")
- Split split = new Split();
- }
+ // Test with 2 arguments
+ output = Split.splitTrim('c', " cte stc ctc ");
+ assertThat(output.length, is(5));
+ assertThat(output[0], is(""));
+ assertThat(output[1], is("te st"));
+ assertThat(output[2], is(""));
+ assertThat(output[3], is("t"));
+ assertThat(output[4], is(""));
+
+ // Tests with 1 argument
+ output = Split.splitTrim('c', " cte stc ctc ", 1);
+ assertThat(output.length, is(1));
+ assertThat(output[0], is("cte stc ctc"));
+
+ output = Split.splitTrim('c', "testctest2", 2);
+ assertThat(output.length, is(2));
+ assertThat(output[0], is("test"));
+ assertThat(output[1], is("test2"));
+
+ output = Split.splitTrim('c', " cte stc ctc ", 4);
+ assertThat(output.length, is(4));
+ assertThat(output[0], is(""));
+ assertThat(output[1], is("te st"));
+ assertThat(output[2], is(""));
+
+ assertThat(Split.splitTrim('c', null, 0).length, is(0));
+ }
+
+ @Test
+ public void coverageTest() {
+ @SuppressWarnings("unused")
+ Split split = new Split();
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_SubStandardConsole.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_SubStandardConsole.java
index 712b9891..5bc1be21 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_SubStandardConsole.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_SubStandardConsole.java
@@ -36,90 +36,90 @@ import org.onap.aaf.cadi.util.SubStandardConsole;
public class JU_SubStandardConsole {
- private String inputString = "An input string";
- private ByteArrayOutputStream outStream;
- private ByteArrayOutputStream errStream;
- private String lineSeparator = System.lineSeparator();
-
- @Before
- public void setup() {
- outStream = new ByteArrayOutputStream();
- errStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
- System.setErr(new PrintStream(errStream));
- }
-
- @After
- public void tearDown() {
- System.setOut(System.out);
- System.setErr(System.err);
- }
-
- @Test
- public void readLineTest() {
- byte[] input = inputString.getBytes();
- System.setIn(new ByteArrayInputStream(input));
- SubStandardConsole ssc = new SubStandardConsole();
- String output = ssc.readLine("%s" + lineSeparator, ">>> ");
- assertThat(output, is(inputString));
- assertThat(outStream.toString(), is(">>> " + lineSeparator));
- }
-
- @Test
- public void readLineTest2() {
- byte[] input = inputString.getBytes();
- System.setIn(new ByteArrayInputStream(input));
- SubStandardConsole ssc = new SubStandardConsole();
- String output = ssc.readLine("%s %s" + lineSeparator, ">>> ", "Another argument for coverage");
- assertThat(output, is(inputString));
- }
-
- @Test
- public void readLineTest3() {
- byte[] input = "\n".getBytes();
- System.setIn(new ByteArrayInputStream(input));
- SubStandardConsole ssc = new SubStandardConsole();
- String output = ssc.readLine("%s" + lineSeparator, ">>> ");
- assertThat(output, is(">>> "));
- assertThat(outStream.toString(), is(">>> " + lineSeparator));
- }
-
- @Test
- public void readPasswordTest() {
- byte[] input = inputString.getBytes();
- System.setIn(new ByteArrayInputStream(input));
- SubStandardConsole ssc = new SubStandardConsole();
- char[] output = ssc.readPassword("%s" + lineSeparator, ">>> ");
- System.out.println(output);
- assertThat(output, is(inputString.toCharArray()));
- assertThat(outStream.toString(), is(">>> " + lineSeparator + "An input string" + lineSeparator));
- }
-
- @Test
- public void printfTest() {
- byte[] input = inputString.getBytes();
- System.setIn(new ByteArrayInputStream(input));
- SubStandardConsole ssc = new SubStandardConsole();
- ssc.printf("%s", "A format specifier");
- assertThat(outStream.toString(), is("A format specifier"));
- }
-
- @Test
- public void throwsTest() throws IOException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
- BufferedReader brMock = mock(BufferedReader.class);
- when(brMock.readLine()).thenThrow(new IOException());
-
- SubStandardConsole ssc = new SubStandardConsole();
-
- Field brField = SubStandardConsole.class.getDeclaredField("br");
- brField.setAccessible(true);
- brField.set(ssc, brMock);
-
- assertThat(ssc.readLine(""), is(""));
- assertThat(errStream.toString(), is("uh oh..." + lineSeparator));
+ private String inputString = "An input string";
+ private ByteArrayOutputStream outStream;
+ private ByteArrayOutputStream errStream;
+ private String lineSeparator = System.lineSeparator();
+
+ @Before
+ public void setup() {
+ outStream = new ByteArrayOutputStream();
+ errStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
+ System.setErr(new PrintStream(errStream));
+ }
+
+ @After
+ public void tearDown() {
+ System.setOut(System.out);
+ System.setErr(System.err);
+ }
+
+ @Test
+ public void readLineTest() {
+ byte[] input = inputString.getBytes();
+ System.setIn(new ByteArrayInputStream(input));
+ SubStandardConsole ssc = new SubStandardConsole();
+ String output = ssc.readLine("%s" + lineSeparator, ">>> ");
+ assertThat(output, is(inputString));
+ assertThat(outStream.toString(), is(">>> " + lineSeparator));
+ }
+
+ @Test
+ public void readLineTest2() {
+ byte[] input = inputString.getBytes();
+ System.setIn(new ByteArrayInputStream(input));
+ SubStandardConsole ssc = new SubStandardConsole();
+ String output = ssc.readLine("%s %s" + lineSeparator, ">>> ", "Another argument for coverage");
+ assertThat(output, is(inputString));
+ }
+
+ @Test
+ public void readLineTest3() {
+ byte[] input = "\n".getBytes();
+ System.setIn(new ByteArrayInputStream(input));
+ SubStandardConsole ssc = new SubStandardConsole();
+ String output = ssc.readLine("%s" + lineSeparator, ">>> ");
+ assertThat(output, is(">>> "));
+ assertThat(outStream.toString(), is(">>> " + lineSeparator));
+ }
+
+ @Test
+ public void readPasswordTest() {
+ byte[] input = inputString.getBytes();
+ System.setIn(new ByteArrayInputStream(input));
+ SubStandardConsole ssc = new SubStandardConsole();
+ char[] output = ssc.readPassword("%s" + lineSeparator, ">>> ");
+ System.out.println(output);
+ assertThat(output, is(inputString.toCharArray()));
+ assertThat(outStream.toString(), is(">>> " + lineSeparator + "An input string" + lineSeparator));
+ }
+
+ @Test
+ public void printfTest() {
+ byte[] input = inputString.getBytes();
+ System.setIn(new ByteArrayInputStream(input));
+ SubStandardConsole ssc = new SubStandardConsole();
+ ssc.printf("%s", "A format specifier");
+ assertThat(outStream.toString(), is("A format specifier"));
+ }
+
+ @Test
+ public void throwsTest() throws IOException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
+ BufferedReader brMock = mock(BufferedReader.class);
+ when(brMock.readLine()).thenThrow(new IOException());
+
+ SubStandardConsole ssc = new SubStandardConsole();
+
+ Field brField = SubStandardConsole.class.getDeclaredField("br");
+ brField.setAccessible(true);
+ brField.set(ssc, brMock);
+
+ assertThat(ssc.readLine(""), is(""));
+ assertThat(errStream.toString(), is("uh oh..." + lineSeparator));
errStream.reset();
- assertThat(ssc.readPassword("").length, is(0));
- assertThat(errStream.toString(), is("uh oh..." + lineSeparator));
- }
+ assertThat(ssc.readPassword("").length, is(0));
+ assertThat(errStream.toString(), is("uh oh..." + lineSeparator));
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_TheConsole.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_TheConsole.java
index 40f88a3a..025e3e67 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_TheConsole.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_TheConsole.java
@@ -27,8 +27,8 @@ import org.onap.aaf.cadi.util.TheConsole;
public class JU_TheConsole {
- @Test
- public void implemented(){
- assertEquals(TheConsole.implemented(),false);
- }
+ @Test
+ public void implemented(){
+ assertEquals(TheConsole.implemented(),false);
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_UserChainManip.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_UserChainManip.java
index 21f8c21b..9e4cd88d 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_UserChainManip.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_UserChainManip.java
@@ -29,39 +29,39 @@ import org.onap.aaf.cadi.util.UserChainManip;
public class JU_UserChainManip {
- @Test
- public void build(){
- UserChain.Protocol baseAuth=UserChain.Protocol.BasicAuth;
- StringBuilder sb = UserChainManip.build(new StringBuilder(""), "app", "id", baseAuth, true);
- assertThat(sb.toString(), is("app:id:BasicAuth:AS"));
+ @Test
+ public void build(){
+ UserChain.Protocol baseAuth=UserChain.Protocol.BasicAuth;
+ StringBuilder sb = UserChainManip.build(new StringBuilder(""), "app", "id", baseAuth, true);
+ assertThat(sb.toString(), is("app:id:BasicAuth:AS"));
- // for coverage
- sb = UserChainManip.build(sb, "app", "id", baseAuth, true);
- assertThat(sb.toString(), is("app:id:BasicAuth:AS,app:id:BasicAuth"));
+ // for coverage
+ sb = UserChainManip.build(sb, "app", "id", baseAuth, true);
+ assertThat(sb.toString(), is("app:id:BasicAuth:AS,app:id:BasicAuth"));
- sb = UserChainManip.build(new StringBuilder(""), "app", "id", baseAuth, false);
- assertThat(sb.toString(), is("app:id:BasicAuth"));
- }
+ sb = UserChainManip.build(new StringBuilder(""), "app", "id", baseAuth, false);
+ assertThat(sb.toString(), is("app:id:BasicAuth"));
+ }
- @Test
- public void idToNSTEST() {
- assertThat(UserChainManip.idToNS(null), is(""));
- assertThat(UserChainManip.idToNS(""), is(""));
- assertThat(UserChainManip.idToNS("something"), is(""));
- assertThat(UserChainManip.idToNS("something@@"), is(""));
- assertThat(UserChainManip.idToNS("something@@."), is(""));
- assertThat(UserChainManip.idToNS("something@com"), is("com"));
- assertThat(UserChainManip.idToNS("something@random.com"), is("com.random"));
- assertThat(UserChainManip.idToNS("@random.com"), is("com.random"));
- assertThat(UserChainManip.idToNS("something@random.com."), is("com.random"));
- assertThat(UserChainManip.idToNS("something@..random...com..."), is("com.random"));
- assertThat(UserChainManip.idToNS("something@this.random.com"), is("com.random.this"));
- }
+ @Test
+ public void idToNSTEST() {
+ assertThat(UserChainManip.idToNS(null), is(""));
+ assertThat(UserChainManip.idToNS(""), is(""));
+ assertThat(UserChainManip.idToNS("something"), is(""));
+ assertThat(UserChainManip.idToNS("something@@"), is(""));
+ assertThat(UserChainManip.idToNS("something@@."), is(""));
+ assertThat(UserChainManip.idToNS("something@com"), is("com"));
+ assertThat(UserChainManip.idToNS("something@random.com"), is("com.random"));
+ assertThat(UserChainManip.idToNS("@random.com"), is("com.random"));
+ assertThat(UserChainManip.idToNS("something@random.com."), is("com.random"));
+ assertThat(UserChainManip.idToNS("something@..random...com..."), is("com.random"));
+ assertThat(UserChainManip.idToNS("something@this.random.com"), is("com.random.this"));
+ }
- @Test
- public void coverageTest() {
- @SuppressWarnings("unused")
- UserChainManip ucm = new UserChainManip();
- }
+ @Test
+ public void coverageTest() {
+ @SuppressWarnings("unused")
+ UserChainManip ucm = new UserChainManip();
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Vars.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Vars.java
index 551f725d..3eb43df4 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Vars.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_Vars.java
@@ -29,120 +29,120 @@ import org.junit.Test;
import org.onap.aaf.cadi.util.Vars;
public class JU_Vars {
-
- @Test
- public void coverage() {
- @SuppressWarnings("unused")
- Vars my_nonstatic_object_for_coverage = new Vars();
- }
+
+ @Test
+ public void coverage() {
+ @SuppressWarnings("unused")
+ Vars my_nonstatic_object_for_coverage = new Vars();
+ }
- @Test
- public void convert() {
- String test = "test";
- List<String> list = new ArrayList<>();
- list.add("method");
- assertEquals(Vars.convert(test, list), test);
- }
+ @Test
+ public void convert() {
+ String test = "test";
+ List<String> list = new ArrayList<>();
+ list.add("method");
+ assertEquals(Vars.convert(test, list), test);
+ }
- @Test
- public void convertTest1() {
- List<String> list = new ArrayList<>();
- list.add("method");
- assertEquals(Vars.convert("test", list), "test");
- }
+ @Test
+ public void convertTest1() {
+ List<String> list = new ArrayList<>();
+ list.add("method");
+ assertEquals(Vars.convert("test", list), "test");
+ }
- @Test
- public void convertTest2() {
- List<String> list = new ArrayList<>();
- list.add("method");
- assertEquals(Vars.convert("test", list), "test");
- }
+ @Test
+ public void convertTest2() {
+ List<String> list = new ArrayList<>();
+ list.add("method");
+ assertEquals(Vars.convert("test", list), "test");
+ }
- @Test
- public void test() {
- StringBuilder holder = new StringBuilder();
- String str,bstr;
- assertEquals(str = "set %1 to %2",Vars.convert(holder,str, "a","b"));
- assertEquals("set a to b",holder.toString());
- assertEquals(str,Vars.convert(null,str, "a","b"));
- holder.setLength(0);
- assertEquals(str,Vars.convert(holder,bstr="set %s to %s", "a","b"));
- assertEquals("set a to b",holder.toString());
- assertEquals(str,Vars.convert(null,bstr, "a","b"));
-
- holder.setLength(0);
- assertEquals(str = "%1=%2",Vars.convert(holder,str, "a","b"));
- assertEquals("a=b",holder.toString());
- assertEquals(str,Vars.convert(null,str, "a","b"));
- holder.setLength(0);
- assertEquals(str,Vars.convert(holder,bstr="%s=%s", "a","b"));
- assertEquals("a=b",holder.toString());
- assertEquals(str,Vars.convert(null,bstr, "a","b"));
-
- holder.setLength(0);
- assertEquals(str = "%1%2",Vars.convert(holder,str, "a","b"));
- assertEquals("ab",holder.toString());
- assertEquals(str ,Vars.convert(null,str, "a","b"));
- holder.setLength(0);
- assertEquals(str,Vars.convert(holder,bstr="%s%s", "a","b"));
- assertEquals("ab",holder.toString());
- assertEquals(str ,Vars.convert(null,bstr, "a","b"));
+ @Test
+ public void test() {
+ StringBuilder holder = new StringBuilder();
+ String str,bstr;
+ assertEquals(str = "set %1 to %2",Vars.convert(holder,str, "a","b"));
+ assertEquals("set a to b",holder.toString());
+ assertEquals(str,Vars.convert(null,str, "a","b"));
+ holder.setLength(0);
+ assertEquals(str,Vars.convert(holder,bstr="set %s to %s", "a","b"));
+ assertEquals("set a to b",holder.toString());
+ assertEquals(str,Vars.convert(null,bstr, "a","b"));
+
+ holder.setLength(0);
+ assertEquals(str = "%1=%2",Vars.convert(holder,str, "a","b"));
+ assertEquals("a=b",holder.toString());
+ assertEquals(str,Vars.convert(null,str, "a","b"));
+ holder.setLength(0);
+ assertEquals(str,Vars.convert(holder,bstr="%s=%s", "a","b"));
+ assertEquals("a=b",holder.toString());
+ assertEquals(str,Vars.convert(null,bstr, "a","b"));
+
+ holder.setLength(0);
+ assertEquals(str = "%1%2",Vars.convert(holder,str, "a","b"));
+ assertEquals("ab",holder.toString());
+ assertEquals(str ,Vars.convert(null,str, "a","b"));
+ holder.setLength(0);
+ assertEquals(str,Vars.convert(holder,bstr="%s%s", "a","b"));
+ assertEquals("ab",holder.toString());
+ assertEquals(str ,Vars.convert(null,bstr, "a","b"));
- holder.setLength(0);
- assertEquals(str = " %1=%2 ",Vars.convert(holder,str, "a","b"));
- assertEquals(" a=b ",holder.toString());
- assertEquals(str ,Vars.convert(null,str, "a","b"));
- holder.setLength(0);
- assertEquals(str,Vars.convert(holder,bstr = " %s=%s ", "a","b"));
- assertEquals(" a=b ",holder.toString());
- assertEquals(str ,Vars.convert(null,bstr, "a","b"));
+ holder.setLength(0);
+ assertEquals(str = " %1=%2 ",Vars.convert(holder,str, "a","b"));
+ assertEquals(" a=b ",holder.toString());
+ assertEquals(str ,Vars.convert(null,str, "a","b"));
+ holder.setLength(0);
+ assertEquals(str,Vars.convert(holder,bstr = " %s=%s ", "a","b"));
+ assertEquals(" a=b ",holder.toString());
+ assertEquals(str ,Vars.convert(null,bstr, "a","b"));
- holder.setLength(0);
- assertEquals(str = " %1%2%10 ",Vars.convert(holder,str, "a","b","c","d","e","f","g","h","i","j"));
- assertEquals(" abj ",holder.toString());
- assertEquals(str,Vars.convert(null,str, "a","b","c","d","e","f","g","h","i","j"));
- holder.setLength(0);
- assertEquals(str=" %1%2%3 ",Vars.convert(holder,bstr = " %s%s%s ", "a","b","c","d","e","f","g","h","i","j"));
- assertEquals(" abc ",holder.toString());
- assertEquals(str,Vars.convert(null,bstr, "a","b","c","d","e","f","g","h","i","j"));
-
+ holder.setLength(0);
+ assertEquals(str = " %1%2%10 ",Vars.convert(holder,str, "a","b","c","d","e","f","g","h","i","j"));
+ assertEquals(" abj ",holder.toString());
+ assertEquals(str,Vars.convert(null,str, "a","b","c","d","e","f","g","h","i","j"));
+ holder.setLength(0);
+ assertEquals(str=" %1%2%3 ",Vars.convert(holder,bstr = " %s%s%s ", "a","b","c","d","e","f","g","h","i","j"));
+ assertEquals(" abc ",holder.toString());
+ assertEquals(str,Vars.convert(null,bstr, "a","b","c","d","e","f","g","h","i","j"));
+
- holder.setLength(0);
- assertEquals(str = "set %1 to %2",Vars.convert(holder,str, "Something much","larger"));
- assertEquals("set Something much to larger",holder.toString());
- assertEquals(str,Vars.convert(null,str,"Something much","larger"));
- holder.setLength(0);
- assertEquals(str,Vars.convert(holder,bstr="set %s to %s", "Something much","larger"));
- assertEquals("set Something much to larger",holder.toString());
- assertEquals(str,Vars.convert(null,bstr, "Something much","larger"));
+ holder.setLength(0);
+ assertEquals(str = "set %1 to %2",Vars.convert(holder,str, "Something much","larger"));
+ assertEquals("set Something much to larger",holder.toString());
+ assertEquals(str,Vars.convert(null,str,"Something much","larger"));
+ holder.setLength(0);
+ assertEquals(str,Vars.convert(holder,bstr="set %s to %s", "Something much","larger"));
+ assertEquals("set Something much to larger",holder.toString());
+ assertEquals(str,Vars.convert(null,bstr, "Something much","larger"));
- holder.setLength(0);
- assertEquals(str = "Text without Vars",Vars.convert(holder,str));
- assertEquals(str,holder.toString());
- assertEquals(str = "Text without Vars",Vars.convert(null,str));
-
-
- holder.setLength(0);
- assertEquals(str = "Not %1 Enough %2 Vars %3",Vars.convert(holder,str, "a","b"));
- assertEquals("Not a Enough b Vars ",holder.toString());
- assertEquals(str ,Vars.convert(null,str, "a","b"));
- holder.setLength(0);
- assertEquals(str,Vars.convert(holder,bstr="Not %s Enough %s Vars %s", "a","b"));
- assertEquals("Not a Enough b Vars ",holder.toString());
- assertEquals(str ,Vars.convert(null,bstr, "a","b"));
+ holder.setLength(0);
+ assertEquals(str = "Text without Vars",Vars.convert(holder,str));
+ assertEquals(str,holder.toString());
+ assertEquals(str = "Text without Vars",Vars.convert(null,str));
+
+
+ holder.setLength(0);
+ assertEquals(str = "Not %1 Enough %2 Vars %3",Vars.convert(holder,str, "a","b"));
+ assertEquals("Not a Enough b Vars ",holder.toString());
+ assertEquals(str ,Vars.convert(null,str, "a","b"));
+ holder.setLength(0);
+ assertEquals(str,Vars.convert(holder,bstr="Not %s Enough %s Vars %s", "a","b"));
+ assertEquals("Not a Enough b Vars ",holder.toString());
+ assertEquals(str ,Vars.convert(null,bstr, "a","b"));
- holder.setLength(0);
- assertEquals(str = "!@#$%^*()-+?/,:;.",Vars.convert(holder,str, "a","b"));
- assertEquals(str,holder.toString());
- assertEquals(str ,Vars.convert(null,str, "a","b"));
+ holder.setLength(0);
+ assertEquals(str = "!@#$%^*()-+?/,:;.",Vars.convert(holder,str, "a","b"));
+ assertEquals(str,holder.toString());
+ assertEquals(str ,Vars.convert(null,str, "a","b"));
- holder.setLength(0);
- bstr = "%s !@#$%^*()-+?/,:;.";
- str = "%1 !@#$%^*()-+?/,:;.";
- assertEquals(str,Vars.convert(holder,bstr, "Not Acceptable"));
- assertEquals("Not Acceptable !@#$%^*()-+?/,:;.",holder.toString());
- assertEquals(str ,Vars.convert(null,bstr, "Not Acceptable"));
- }
-
+ holder.setLength(0);
+ bstr = "%s !@#$%^*()-+?/,:;.";
+ str = "%1 !@#$%^*()-+?/,:;.";
+ assertEquals(str,Vars.convert(holder,bstr, "Not Acceptable"));
+ assertEquals("Not Acceptable !@#$%^*()-+?/,:;.",holder.toString());
+ assertEquals(str ,Vars.convert(null,bstr, "Not Acceptable"));
+ }
+
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_WSSEParser.java b/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_WSSEParser.java
index 0d7bdc2c..eca34963 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_WSSEParser.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_WSSEParser.java
@@ -26,138 +26,138 @@ import org.onap.aaf.cadi.wsse.WSSEParser;
public class JU_WSSEParser {
- @Test
- public void test() {
- @SuppressWarnings("unused")
- WSSEParser wp = new WSSEParser();
+ @Test
+ public void test() {
+ @SuppressWarnings("unused")
+ WSSEParser wp = new WSSEParser();
- // TODO: test the rest of this class
-// final BasicCred bc = new BasicCred() {
-// private String user;
-// private byte[] password;
+ // TODO: test the rest of this class
+// final BasicCred bc = new BasicCred() {
+// private String user;
+// private byte[] password;
//
-// public void setUser(String user) { this.user = user; }
-// public void setCred(byte[] passwd) { this.password = passwd; }
-// public String getUser() { return user; }
-// public byte[] getCred() { return password; }
-// };
+// public void setUser(String user) { this.user = user; }
+// public void setCred(byte[] passwd) { this.password = passwd; }
+// public String getUser() { return user; }
+// public byte[] getCred() { return password; }
+// };
-// FileInputStream fis;
-// fis = new FileInputStream("test/example.xml");
-// BufferedServletInputStream is = new BufferedServletInputStream(fis);
-// try {
-// is.mark(1536);
-// try {
-// assertNull(wp.parse(bc, is));
-// } finally {
-// is.reset();
-// assertEquals(814,is.buffered());
-// }
-// String password = new String(bc.getCred());
-// System.out.println("CadiWrap credentials are: " + bc.getUser() + ", " + password);
-// assertEquals("some_user", bc.getUser());
-// assertEquals("some_password", password);
-//
-// } finally {
-// fis.close();
-// }
+// FileInputStream fis;
+// fis = new FileInputStream("test/example.xml");
+// BufferedServletInputStream is = new BufferedServletInputStream(fis);
+// try {
+// is.mark(1536);
+// try {
+// assertNull(wp.parse(bc, is));
+// } finally {
+// is.reset();
+// assertEquals(814,is.buffered());
+// }
+// String password = new String(bc.getCred());
+// System.out.println("CadiWrap credentials are: " + bc.getUser() + ", " + password);
+// assertEquals("some_user", bc.getUser());
+// assertEquals("some_password", password);
+//
+// } finally {
+// fis.close();
+// }
//
-// // CBUS (larger)
-// fis = new FileInputStream("test/CBUSevent.xml");
-// is = new BufferedServletInputStream(fis);
-// try {
-// is.mark(1536);
-// try {
-// assertNull(wp.parse(bc, is));
-// } finally {
-// is.reset();
-// assertEquals(667,is.buffered());
-// }
-// String password = new String(bc.getCred());
-// System.out.println("CadiWrap credentials are: " + bc.getUser() + ", " + password);
-// assertEquals("none", bc.getUser());
-// assertEquals("none", password);
-//
-// } finally {
-// fis.close();
-// }
+// // CBUS (larger)
+// fis = new FileInputStream("test/CBUSevent.xml");
+// is = new BufferedServletInputStream(fis);
+// try {
+// is.mark(1536);
+// try {
+// assertNull(wp.parse(bc, is));
+// } finally {
+// is.reset();
+// assertEquals(667,is.buffered());
+// }
+// String password = new String(bc.getCred());
+// System.out.println("CadiWrap credentials are: " + bc.getUser() + ", " + password);
+// assertEquals("none", bc.getUser());
+// assertEquals("none", password);
+//
+// } finally {
+// fis.close();
+// }
//
-// // Closed Stream
-// fis = new FileInputStream("test/example.xml");
-// fis.close();
-// bc.setCred(null);
-// bc.setUser(null);
-// XMLStreamException ex = wp.parse(bc, fis);
-// assertNotNull(ex);
-// assertNull(bc.getUser());
-// assertNull(bc.getCred());
+// // Closed Stream
+// fis = new FileInputStream("test/example.xml");
+// fis.close();
+// bc.setCred(null);
+// bc.setUser(null);
+// XMLStreamException ex = wp.parse(bc, fis);
+// assertNotNull(ex);
+// assertNull(bc.getUser());
+// assertNull(bc.getCred());
//
//
-// fis = new FileInputStream("test/exampleNoSecurity.xml");
-// try {
-// bc.setCred(null);
-// bc.setUser(null);
-// assertNull(wp.parse(bc, fis));
-// assertNull(bc.getUser());
-// assertNull(bc.getCred());
-// } finally {
-// fis.close();
-// }
+// fis = new FileInputStream("test/exampleNoSecurity.xml");
+// try {
+// bc.setCred(null);
+// bc.setUser(null);
+// assertNull(wp.parse(bc, fis));
+// assertNull(bc.getUser());
+// assertNull(bc.getCred());
+// } finally {
+// fis.close();
+// }
//
-// fis = new FileInputStream("test/exampleBad1.xml");
-// try {
-// bc.setCred(null);
-// bc.setUser(null);
-// assertNull(wp.parse(bc, fis));
-// assertNull(bc.getUser());
-// assertNull(bc.getCred());
-// } finally {
-// fis.close();
-// }
+// fis = new FileInputStream("test/exampleBad1.xml");
+// try {
+// bc.setCred(null);
+// bc.setUser(null);
+// assertNull(wp.parse(bc, fis));
+// assertNull(bc.getUser());
+// assertNull(bc.getCred());
+// } finally {
+// fis.close();
+// }
//
-// XMLStreamException e = wp.parse(bc, new ByteArrayInputStream("Not XML".getBytes())); // empty
-// assertNotNull(e);
+// XMLStreamException e = wp.parse(bc, new ByteArrayInputStream("Not XML".getBytes())); // empty
+// assertNotNull(e);
//
-// e = wp.parse(bc, new ByteArrayInputStream("".getBytes())); // empty
-// assertNotNull(e);
-//
-//
-// long start, count = 0L;
-// int iter = 30000;
-// File f = new File("test/CBUSevent.xml");
-// fis = new FileInputStream(f);
-// is = new BufferedServletInputStream(fis);
-// is.mark(0);
-// try {
-// while(is.read()>=0);
-// } finally {
-// fis.close();
-// }
+// e = wp.parse(bc, new ByteArrayInputStream("".getBytes())); // empty
+// assertNotNull(e);
+//
+//
+// long start, count = 0L;
+// int iter = 30000;
+// File f = new File("test/CBUSevent.xml");
+// fis = new FileInputStream(f);
+// is = new BufferedServletInputStream(fis);
+// is.mark(0);
+// try {
+// while(is.read()>=0);
+// } finally {
+// fis.close();
+// }
//
-// for(int i=0;i<iter;++i) {
-// start = System.nanoTime();
-// is.reset();
-// try {
-// assertNull(wp.parse(bc, is));
-// } finally {
-// count += System.nanoTime()-start;
-// }
-// }
-// float ms = count/1000000f;
-// System.out.println("Executed " + iter + " WSSE reads from Memory Stream in " + ms + "ms. " + ms/iter + "ms per trans");
-//
-// // SPECIFIC ISSUES
-//
-// fis = new FileInputStream("test/error2013_04_23.xml");
-// try {
-// bc.setCred(null);
-// bc.setUser(null);
-// assertNull(wp.parse(bc, fis));
-// assertNull(bc.getUser());
-// assertNull(bc.getCred());
-// } finally {
-// fis.close();
-// }
- }
+// for(int i=0;i<iter;++i) {
+// start = System.nanoTime();
+// is.reset();
+// try {
+// assertNull(wp.parse(bc, is));
+// } finally {
+// count += System.nanoTime()-start;
+// }
+// }
+// float ms = count/1000000f;
+// System.out.println("Executed " + iter + " WSSE reads from Memory Stream in " + ms + "ms. " + ms/iter + "ms per trans");
+//
+// // SPECIFIC ISSUES
+//
+// fis = new FileInputStream("test/error2013_04_23.xml");
+// try {
+// bc.setCred(null);
+// bc.setUser(null);
+// assertNull(wp.parse(bc, fis));
+// assertNull(bc.getUser());
+// assertNull(bc.getCred());
+// } finally {
+// fis.close();
+// }
+ }
}
diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_XReader.java b/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_XReader.java
index e75cea4e..36de053c 100644
--- a/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_XReader.java
+++ b/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_XReader.java
@@ -40,113 +40,113 @@ import org.onap.aaf.cadi.wsse.XReader;
public class JU_XReader {
- private final static String TEST_DIR_NAME = "src/test/resources";
- private final static String TEST_XML_NAME = "test.xml";
- private static File testXML;
-
- private final static String COMMENT = "a comment";
- private final static String OUTER_TAG = "outerTag";
- private final static String INNER_TAG = "innerTag";
- private final static String DATA_TAG = "dataTag";
- private final static String DATA = "some text that represents data";
- private final static String SELF_CLOSING_TAG = "selfClosingTag";
- private final static String PREFIX = "prefix";
- private final static String SUFFIX = "suffix";
-
- @BeforeClass
- public static void setupOnce() throws IOException {
- testXML = setupXMLFile();
- }
-
- @AfterClass
- public static void tearDownOnce() {
- testXML.delete();
- }
-
- @Test
- public void test() throws XMLStreamException, IOException {
- FileInputStream fis = new FileInputStream(TEST_DIR_NAME + '/' + TEST_XML_NAME);
- try {
- XReader xr = new XReader(fis);
- assertThat(xr.hasNext(), is(true));
- XEvent xe;
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.START_DOCUMENT));
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.COMMENT));
- assertThat(((XEvent.Comment)xe).value, is(COMMENT));
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
- assertThat(xe.asStartElement().getName().toString(), is(OUTER_TAG));
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
- assertThat(xe.asStartElement().getName().toString(), is(INNER_TAG));
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
- assertThat(xe.asStartElement().getName().toString(), is(DATA_TAG));
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.CHARACTERS));
- assertThat(xe.asCharacters().getData().toString(), is(DATA));
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.END_ELEMENT));
- assertThat(xe.asEndElement().getName().toString(), is(DATA_TAG));
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
- assertThat(xe.asStartElement().getName().toString(), is(SELF_CLOSING_TAG));
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
- assertThat(xe.asStartElement().getName().toString(), is(SUFFIX));
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.END_ELEMENT));
- assertThat(xe.asEndElement().getName().toString(), is(INNER_TAG));
-
- xe = getNextEvent(xr);
- assertThat(xe.getEventType(), is(XMLEvent.END_ELEMENT));
- assertThat(xe.asEndElement().getName().toString(), is(OUTER_TAG));
-
- assertThat(xr.hasNext(), is(false));
-
- } finally {
- fis.close();
- }
- }
-
- private static XEvent getNextEvent(XReader xr) throws XMLStreamException {
- if (xr.hasNext()) {
- return xr.nextEvent();
- }
- return null;
- }
-
- private static File setupXMLFile() throws IOException {
- File xmlFile = new File(TEST_DIR_NAME, TEST_XML_NAME);
- PrintWriter writer = new PrintWriter(xmlFile);
- writer.println(" "); // Whitespace before the document - this is for coverage
- writer.println("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
- writer.println("<!DOCTYPE xml>");
- writer.println("<!--" + COMMENT + "-->");
- writer.println("<" + OUTER_TAG + ">");
- writer.println(" <" + INNER_TAG + ">");
- writer.println(" <" + DATA_TAG + ">" + DATA + "</" + DATA_TAG + ">");
- writer.println(" <" + SELF_CLOSING_TAG + " withAnAttribute=\"That has nested \\\" marks\" />");
- writer.println(" <" + PREFIX + ":" + SUFFIX + "/>");
- writer.println(" </" + INNER_TAG + ">");
- writer.println("</" + OUTER_TAG + ">");
- writer.flush();
- writer.close();
- return xmlFile;
- }
+ private final static String TEST_DIR_NAME = "src/test/resources";
+ private final static String TEST_XML_NAME = "test.xml";
+ private static File testXML;
+
+ private final static String COMMENT = "a comment";
+ private final static String OUTER_TAG = "outerTag";
+ private final static String INNER_TAG = "innerTag";
+ private final static String DATA_TAG = "dataTag";
+ private final static String DATA = "some text that represents data";
+ private final static String SELF_CLOSING_TAG = "selfClosingTag";
+ private final static String PREFIX = "prefix";
+ private final static String SUFFIX = "suffix";
+
+ @BeforeClass
+ public static void setupOnce() throws IOException {
+ testXML = setupXMLFile();
+ }
+
+ @AfterClass
+ public static void tearDownOnce() {
+ testXML.delete();
+ }
+
+ @Test
+ public void test() throws XMLStreamException, IOException {
+ FileInputStream fis = new FileInputStream(TEST_DIR_NAME + '/' + TEST_XML_NAME);
+ try {
+ XReader xr = new XReader(fis);
+ assertThat(xr.hasNext(), is(true));
+ XEvent xe;
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.START_DOCUMENT));
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.COMMENT));
+ assertThat(((XEvent.Comment)xe).value, is(COMMENT));
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
+ assertThat(xe.asStartElement().getName().toString(), is(OUTER_TAG));
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
+ assertThat(xe.asStartElement().getName().toString(), is(INNER_TAG));
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
+ assertThat(xe.asStartElement().getName().toString(), is(DATA_TAG));
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.CHARACTERS));
+ assertThat(xe.asCharacters().getData().toString(), is(DATA));
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.END_ELEMENT));
+ assertThat(xe.asEndElement().getName().toString(), is(DATA_TAG));
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
+ assertThat(xe.asStartElement().getName().toString(), is(SELF_CLOSING_TAG));
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.START_ELEMENT));
+ assertThat(xe.asStartElement().getName().toString(), is(SUFFIX));
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.END_ELEMENT));
+ assertThat(xe.asEndElement().getName().toString(), is(INNER_TAG));
+
+ xe = getNextEvent(xr);
+ assertThat(xe.getEventType(), is(XMLEvent.END_ELEMENT));
+ assertThat(xe.asEndElement().getName().toString(), is(OUTER_TAG));
+
+ assertThat(xr.hasNext(), is(false));
+
+ } finally {
+ fis.close();
+ }
+ }
+
+ private static XEvent getNextEvent(XReader xr) throws XMLStreamException {
+ if (xr.hasNext()) {
+ return xr.nextEvent();
+ }
+ return null;
+ }
+
+ private static File setupXMLFile() throws IOException {
+ File xmlFile = new File(TEST_DIR_NAME, TEST_XML_NAME);
+ PrintWriter writer = new PrintWriter(xmlFile);
+ writer.println(" "); // Whitespace before the document - this is for coverage
+ writer.println("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
+ writer.println("<!DOCTYPE xml>");
+ writer.println("<!--" + COMMENT + "-->");
+ writer.println("<" + OUTER_TAG + ">");
+ writer.println(" <" + INNER_TAG + ">");
+ writer.println(" <" + DATA_TAG + ">" + DATA + "</" + DATA_TAG + ">");
+ writer.println(" <" + SELF_CLOSING_TAG + " withAnAttribute=\"That has nested \\\" marks\" />");
+ writer.println(" <" + PREFIX + ":" + SUFFIX + "/>");
+ writer.println(" </" + INNER_TAG + ">");
+ writer.println("</" + OUTER_TAG + ">");
+ writer.flush();
+ writer.close();
+ return xmlFile;
+ }
}
diff --git a/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/ClientFactory.java b/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/ClientFactory.java
index 50eaa759..2a1ecdeb 100644
--- a/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/ClientFactory.java
+++ b/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/ClientFactory.java
@@ -33,24 +33,24 @@ import org.onap.aaf.cadi.oauth.TokenClientFactory;
import org.onap.aaf.misc.env.APIException;
public class ClientFactory {
- private final TokenClientFactory tcf;
- public ClientFactory(final PropAccess access) throws APIException, CadiException {
- try {
- tcf = TokenClientFactory.instance(access);
- } catch (GeneralSecurityException | IOException e) {
- throw new CadiException(e);
- }
- }
-
- public ClientFactory(String[] args) throws APIException, CadiException {
- this(new PropAccess(args));
- }
+ private final TokenClientFactory tcf;
+ public ClientFactory(final PropAccess access) throws APIException, CadiException {
+ try {
+ tcf = TokenClientFactory.instance(access);
+ } catch (GeneralSecurityException | IOException e) {
+ throw new CadiException(e);
+ }
+ }
+
+ public ClientFactory(String[] args) throws APIException, CadiException {
+ this(new PropAccess(args));
+ }
- public SimpleRESTClient simpleRESTClient(final String endpoint, final String ... scopes) throws URISyntaxException, LocatorException, CadiException, APIException {
- return new SimpleRESTClient(tcf, Config.AAF_OAUTH2_TOKEN_URL, endpoint, scopes);
- }
+ public SimpleRESTClient simpleRESTClient(final String endpoint, final String ... scopes) throws URISyntaxException, LocatorException, CadiException, APIException {
+ return new SimpleRESTClient(tcf, Config.AAF_OAUTH2_TOKEN_URL, endpoint, scopes);
+ }
- public Access getAccess() {
- return tcf.access;
- }
+ public Access getAccess() {
+ return tcf.access;
+ }
}
diff --git a/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/RESTException.java b/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/RESTException.java
index 95c9fe85..107e1d89 100644
--- a/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/RESTException.java
+++ b/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/RESTException.java
@@ -23,44 +23,44 @@ package org.onap.aaf.cadi.enduser;
import org.onap.aaf.cadi.client.Future;
public class RESTException extends Exception {
- /**
- *
- */
- private static final long serialVersionUID = -5232371598208651058L;
- private Future<?> future;
+ /**
+ *
+ */
+ private static final long serialVersionUID = -5232371598208651058L;
+ private Future<?> future;
- public RESTException(Future<?> future) {
- this.future = future;
- }
-
- public int getCode() {
- return future.code();
- }
-
- public String getMsg() {
- return future.body();
- }
+ public RESTException(Future<?> future) {
+ this.future = future;
+ }
+
+ public int getCode() {
+ return future.code();
+ }
+
+ public String getMsg() {
+ return future.body();
+ }
- public String errorString() {
- String body = future.body();
- return "RESTClient Error: " + future.code() + ": " + (body.isEmpty()?"<no message in call>":body);
- }
+ public String errorString() {
+ String body = future.body();
+ return "RESTClient Error: " + future.code() + ": " + (body.isEmpty()?"<no message in call>":body);
+ }
- /* (non-Javadoc)
- * @see java.lang.Throwable#getMessage()
- */
- @Override
- public String getMessage() {
- return errorString();
- }
+ /* (non-Javadoc)
+ * @see java.lang.Throwable#getMessage()
+ */
+ @Override
+ public String getMessage() {
+ return errorString();
+ }
- /* (non-Javadoc)
- * @see java.lang.Throwable#getLocalizedMessage()
- */
- @Override
- public String getLocalizedMessage() {
- return errorString();
- }
-
+ /* (non-Javadoc)
+ * @see java.lang.Throwable#getLocalizedMessage()
+ */
+ @Override
+ public String getLocalizedMessage() {
+ return errorString();
+ }
+
}
diff --git a/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/SimpleRESTClient.java b/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/SimpleRESTClient.java
index 30344de5..7c633640 100644
--- a/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/SimpleRESTClient.java
+++ b/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/SimpleRESTClient.java
@@ -43,266 +43,266 @@ import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.util.StringBuilderWriter;
public class SimpleRESTClient {
- private static final String APPLICATION_JSON = "application/json";
- private static final String[] EMPTY = new String[0];
- private final TokenClient tokenClient;
- private final TzClient restClient;
- private int callTimeout;
- private String client_id;
- private String app;
- private String chain;
- private Headers headers = new Headers() {
- @Override
- public String[] headers() {
- return EMPTY;
- }};
-
- public SimpleRESTClient(final TokenClientFactory tcf, final String tokenURL, final String endpoint, final String[] scope) throws CadiException, LocatorException, APIException {
- callTimeout = Integer.parseInt(tcf.access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF));
- tokenClient = tcf.newClient(tokenURL);
- Result<TimedToken> rtt = tokenClient.getToken(scope);
- if(rtt.isOK()) {
- restClient = tcf.newTzClient(endpoint);
-
- if((client_id = tcf.access.getProperty(Config.AAF_APPID, null))==null) {
- if((client_id = tcf.access.getProperty(Config.CADI_ALIAS, null))==null) {
- throw new CadiException(Config.AAF_APPID + " or " + Config.CADI_ALIAS + " needs to be defined");
- }
- }
- try {
- restClient.setToken(client_id,rtt.value);
- } catch (IOException e) {
- throw new CadiException(e);
- }
- } else {
- throw new CadiException(rtt.error);
- }
- }
-
- public SimpleRESTClient timeout(int newTimeout) {
- callTimeout = newTimeout;
- return this;
- }
+ private static final String APPLICATION_JSON = "application/json";
+ private static final String[] EMPTY = new String[0];
+ private final TokenClient tokenClient;
+ private final TzClient restClient;
+ private int callTimeout;
+ private String client_id;
+ private String app;
+ private String chain;
+ private Headers headers = new Headers() {
+ @Override
+ public String[] headers() {
+ return EMPTY;
+ }};
+
+ public SimpleRESTClient(final TokenClientFactory tcf, final String tokenURL, final String endpoint, final String[] scope) throws CadiException, LocatorException, APIException {
+ callTimeout = Integer.parseInt(tcf.access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF));
+ tokenClient = tcf.newClient(tokenURL);
+ Result<TimedToken> rtt = tokenClient.getToken(scope);
+ if(rtt.isOK()) {
+ restClient = tcf.newTzClient(endpoint);
+
+ if((client_id = tcf.access.getProperty(Config.AAF_APPID, null))==null) {
+ if((client_id = tcf.access.getProperty(Config.CADI_ALIAS, null))==null) {
+ throw new CadiException(Config.AAF_APPID + " or " + Config.CADI_ALIAS + " needs to be defined");
+ }
+ }
+ try {
+ restClient.setToken(client_id,rtt.value);
+ } catch (IOException e) {
+ throw new CadiException(e);
+ }
+ } else {
+ throw new CadiException(rtt.error);
+ }
+ }
+
+ public SimpleRESTClient timeout(int newTimeout) {
+ callTimeout = newTimeout;
+ return this;
+ }
- //Format:<ID>:<APP>:<protocol>[:AS][,<ID>:<APP>:<protocol>]*
- public SimpleRESTClient endUser(Principal principal) {
- if(principal==null) {
- chain = null;
- } else {
- if(principal instanceof TaggedPrincipal) {
- TaggedPrincipal tp = (TaggedPrincipal)principal;
- chain = tp.getName() + ':' + (app==null?"":app) + ':' + tp.tag() + ":AS";
- } else {
- chain = principal.getName() + (app==null?"":':'+app);
- }
- }
- return this;
- }
-
- /**
- * Single Threaded Class for building up content
- * @author jg1555
- *
- */
- public static class Input {
- private static final byte[] EMPTY_STREAM_BYTES = "".getBytes();
+ //Format:<ID>:<APP>:<protocol>[:AS][,<ID>:<APP>:<protocol>]*
+ public SimpleRESTClient endUser(Principal principal) {
+ if(principal==null) {
+ chain = null;
+ } else {
+ if(principal instanceof TaggedPrincipal) {
+ TaggedPrincipal tp = (TaggedPrincipal)principal;
+ chain = tp.getName() + ':' + (app==null?"":app) + ':' + tp.tag() + ":AS";
+ } else {
+ chain = principal.getName() + (app==null?"":':'+app);
+ }
+ }
+ return this;
+ }
+
+ /**
+ * Single Threaded Class for building up content
+ * @author jg1555
+ *
+ */
+ public static class Input {
+ private static final byte[] EMPTY_STREAM_BYTES = "".getBytes();
- private String content;
- private StringBuilder sb;
-
- public Input() {
- content = null;
- sb = null;
- }
-
- public Input(final String content) {
- this.content = content;
- }
-
- public void set(final String content) {
- this.content = content;
- }
-
- public PrintWriter writer() {
- return new PrintWriter(new StringBuilderWriter(builder()));
- }
-
- public StringBuilder builder() {
- if(sb==null) {
- sb = new StringBuilder();
- content = null;
- }
- return sb;
- }
-
- /**
- * Reuse StringBuilder object
- */
- public void clear() {
- content = null;
- if(sb!=null) {
- sb.setLength(0);
- }
- }
-
- @Override
- public String toString() {
- if(content!=null) {
- return content;
- } else if(sb!=null) {
- return sb.toString();
- } else {
- return "";
- }
- }
+ private String content;
+ private StringBuilder sb;
+
+ public Input() {
+ content = null;
+ sb = null;
+ }
+
+ public Input(final String content) {
+ this.content = content;
+ }
+
+ public void set(final String content) {
+ this.content = content;
+ }
+
+ public PrintWriter writer() {
+ return new PrintWriter(new StringBuilderWriter(builder()));
+ }
+
+ public StringBuilder builder() {
+ if(sb==null) {
+ sb = new StringBuilder();
+ content = null;
+ }
+ return sb;
+ }
+
+ /**
+ * Reuse StringBuilder object
+ */
+ public void clear() {
+ content = null;
+ if(sb!=null) {
+ sb.setLength(0);
+ }
+ }
+
+ @Override
+ public String toString() {
+ if(content!=null) {
+ return content;
+ } else if(sb!=null) {
+ return sb.toString();
+ } else {
+ return "";
+ }
+ }
- public byte[] getBytes() {
- byte[] rv;
- if(content==null) {
- if(sb==null) {
- rv = EMPTY_STREAM_BYTES;
- } else {
- rv = sb.toString().getBytes();
- }
- } else {
- rv = content.getBytes();
- }
- content = null;
- return rv;
- }
- }
+ public byte[] getBytes() {
+ byte[] rv;
+ if(content==null) {
+ if(sb==null) {
+ rv = EMPTY_STREAM_BYTES;
+ } else {
+ rv = sb.toString().getBytes();
+ }
+ } else {
+ rv = content.getBytes();
+ }
+ content = null;
+ return rv;
+ }
+ }
- /////////////////////////////////////////////////////////////
- //
- // CREATE
- //
- /////////////////////////////////////////////////////////////
- public void create(final String path, final Input input) throws RESTException, CadiException, LocatorException, APIException {
- post(path,APPLICATION_JSON, input);
- }
+ /////////////////////////////////////////////////////////////
+ //
+ // CREATE
+ //
+ /////////////////////////////////////////////////////////////
+ public void create(final String path, final Input input) throws RESTException, CadiException, LocatorException, APIException {
+ post(path,APPLICATION_JSON, input);
+ }
- public void post(final String path, final Input input) throws RESTException, CadiException, LocatorException, APIException {
- post(path,APPLICATION_JSON, input);
- }
+ public void post(final String path, final Input input) throws RESTException, CadiException, LocatorException, APIException {
+ post(path,APPLICATION_JSON, input);
+ }
- public void post(final String path, final String contentType, final Input input) throws RESTException, CadiException, LocatorException, APIException {
- Future<Void> future = restClient.best(new Retryable<Future<Void>>() {
- @Override
- public Future<Void> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- return client.create(path, contentType, new ETransfer(input));
- }
- });
- if(!future.get(callTimeout)) {
- throw new RESTException(future);
- }
- }
+ public void post(final String path, final String contentType, final Input input) throws RESTException, CadiException, LocatorException, APIException {
+ Future<Void> future = restClient.best(new Retryable<Future<Void>>() {
+ @Override
+ public Future<Void> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ return client.create(path, contentType, new ETransfer(input));
+ }
+ });
+ if(!future.get(callTimeout)) {
+ throw new RESTException(future);
+ }
+ }
- /////////////////////////////////////////////////////////////
- //
- // READ
- //
- /////////////////////////////////////////////////////////////
- public String read(final String path) throws RESTException, CadiException, LocatorException, APIException {
- return get(path,APPLICATION_JSON);
- }
+ /////////////////////////////////////////////////////////////
+ //
+ // READ
+ //
+ /////////////////////////////////////////////////////////////
+ public String read(final String path) throws RESTException, CadiException, LocatorException, APIException {
+ return get(path,APPLICATION_JSON);
+ }
- public String get(final String path) throws RESTException, CadiException, LocatorException, APIException {
- return get(path,APPLICATION_JSON);
- }
+ public String get(final String path) throws RESTException, CadiException, LocatorException, APIException {
+ return get(path,APPLICATION_JSON);
+ }
- public String get(final String path, final String accepts) throws RESTException, CadiException, LocatorException, APIException {
- Future<String> future = restClient.best(new Retryable<Future<String>>() {
- @Override
- public Future<String> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- return client.read(path,accepts, headers());
- }
- });
- if(future.get(callTimeout)) {
- return future.value;
- } else {
- throw new RESTException(future);
- }
- }
-
- /////////////////////////////////////////////////////////////
- //
- // UPDATE
- //
- /////////////////////////////////////////////////////////////
+ public String get(final String path, final String accepts) throws RESTException, CadiException, LocatorException, APIException {
+ Future<String> future = restClient.best(new Retryable<Future<String>>() {
+ @Override
+ public Future<String> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ return client.read(path,accepts, headers());
+ }
+ });
+ if(future.get(callTimeout)) {
+ return future.value;
+ } else {
+ throw new RESTException(future);
+ }
+ }
+
+ /////////////////////////////////////////////////////////////
+ //
+ // UPDATE
+ //
+ /////////////////////////////////////////////////////////////
- public String update(final String path, final Input input) throws RESTException, CadiException, LocatorException, APIException {
- return put(path,APPLICATION_JSON, input);
- }
+ public String update(final String path, final Input input) throws RESTException, CadiException, LocatorException, APIException {
+ return put(path,APPLICATION_JSON, input);
+ }
- public String put(final String path, final Input input) throws RESTException, CadiException, LocatorException, APIException {
- return put(path,APPLICATION_JSON, input);
- }
+ public String put(final String path, final Input input) throws RESTException, CadiException, LocatorException, APIException {
+ return put(path,APPLICATION_JSON, input);
+ }
- public String put(final String path, final String contentType, final Input input) throws RESTException, CadiException, LocatorException, APIException {
- Future<String> future = restClient.best(new Retryable<Future<String>>() {
- @Override
- public Future<String> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- return client.update(path, contentType, new ETransfer(input));
- }
- });
- if(future.get(callTimeout)) {
- return future.value;
- } else {
- throw new RESTException(future);
- }
- }
+ public String put(final String path, final String contentType, final Input input) throws RESTException, CadiException, LocatorException, APIException {
+ Future<String> future = restClient.best(new Retryable<Future<String>>() {
+ @Override
+ public Future<String> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ return client.update(path, contentType, new ETransfer(input));
+ }
+ });
+ if(future.get(callTimeout)) {
+ return future.value;
+ } else {
+ throw new RESTException(future);
+ }
+ }
- /////////////////////////////////////////////////////////////
- //
- // DELETE
- //
- /////////////////////////////////////////////////////////////
- public void delete(final String path) throws RESTException, CadiException, LocatorException, APIException {
- delete(path,APPLICATION_JSON);
- }
-
- public void delete(final String path, final String contentType) throws RESTException, CadiException, LocatorException, APIException {
- Future<Void> future = restClient.best(new Retryable<Future<Void>>() {
- @Override
- public Future<Void> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- return client.delete(path, contentType);
- }
- });
- if(!future.get(callTimeout)) {
- throw new RESTException(future);
- }
- }
+ /////////////////////////////////////////////////////////////
+ //
+ // DELETE
+ //
+ /////////////////////////////////////////////////////////////
+ public void delete(final String path) throws RESTException, CadiException, LocatorException, APIException {
+ delete(path,APPLICATION_JSON);
+ }
+
+ public void delete(final String path, final String contentType) throws RESTException, CadiException, LocatorException, APIException {
+ Future<Void> future = restClient.best(new Retryable<Future<Void>>() {
+ @Override
+ public Future<Void> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ return client.delete(path, contentType);
+ }
+ });
+ if(!future.get(callTimeout)) {
+ throw new RESTException(future);
+ }
+ }
- /////////////////////////////////////////////////////////////
-
- private static class ETransfer implements EClient.Transfer {
- private Input input;
- public ETransfer(final Input input) {
- this.input = input;
- }
-
- @Override
- public void transfer(OutputStream os) throws IOException, APIException {
- os.write(input.getBytes());
- }
- }
+ /////////////////////////////////////////////////////////////
+
+ private static class ETransfer implements EClient.Transfer {
+ private Input input;
+ public ETransfer(final Input input) {
+ this.input = input;
+ }
+
+ @Override
+ public void transfer(OutputStream os) throws IOException, APIException {
+ os.write(input.getBytes());
+ }
+ }
- public interface Headers {
- String[] headers();
- }
-
- public String[] headers() {
- if(chain==null) {
- return headers.headers();
- } else {
- String[] strs = headers.headers();
- String[] rv = new String[strs.length+2];
- rv[0]=Config.CADI_USER_CHAIN;
- rv[1]=chain;
- for(int i = 0;i<strs.length;++i) {
- rv[i+2]=strs[i];
- }
- return rv;
- }
- }
+ public interface Headers {
+ String[] headers();
+ }
+
+ public String[] headers() {
+ if(chain==null) {
+ return headers.headers();
+ } else {
+ String[] strs = headers.headers();
+ String[] rv = new String[strs.length+2];
+ rv[0]=Config.CADI_USER_CHAIN;
+ rv[1]=chain;
+ for(int i = 0;i<strs.length;++i) {
+ rv[i+2]=strs[i];
+ }
+ return rv;
+ }
+ }
}
diff --git a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java
index ae9c93ed..154ba1b7 100644
--- a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java
+++ b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java
@@ -50,187 +50,187 @@ import aafoauth.v2_0.Token;
public class OAuthExample {
- private static TokenClientFactory tcf;
- private static PropAccess access;
+ private static TokenClientFactory tcf;
+ private static PropAccess access;
- public final static void main(final String args[]) {
- // These Objects are expected to be Long-Lived... Construct once
-
- // Property Access
- // This method will allow you to set "cadi_prop_files" (or any other property) on Command line
- access = new PropAccess(args);
-
- // access = PropAccess();
- // Note: This style will load "cadi_prop_files" from VM Args
-
- // Token aware Client Factory
- try {
- tcf = TokenClientFactory.instance(access);
- } catch (APIException | GeneralSecurityException | IOException | CadiException e1) {
- access.log(e1, "Unable to setup OAuth Client Factory, Fail Fast");
- System.exit(1);
- }
-
-
- // Obtain Endpoints for OAuth2 from Properties. Expected is "cadi.properties" file, pointed to by "cadi_prop_files"
- String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,Defaults.OAUTH2_TOKEN_URL); // Default to AAF
- String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,Defaults.OAUTH2_INTROSPECT_URL); // Default to AAF);
- // Get Hello Service
- final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL,Defaults.HELLO_URL);
+ public final static void main(final String args[]) {
+ // These Objects are expected to be Long-Lived... Construct once
+
+ // Property Access
+ // This method will allow you to set "cadi_prop_files" (or any other property) on Command line
+ access = new PropAccess(args);
+
+ // access = PropAccess();
+ // Note: This style will load "cadi_prop_files" from VM Args
+
+ // Token aware Client Factory
+ try {
+ tcf = TokenClientFactory.instance(access);
+ } catch (APIException | GeneralSecurityException | IOException | CadiException e1) {
+ access.log(e1, "Unable to setup OAuth Client Factory, Fail Fast");
+ System.exit(1);
+ }
+
+
+ // Obtain Endpoints for OAuth2 from Properties. Expected is "cadi.properties" file, pointed to by "cadi_prop_files"
+ String tokenServiceURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,Defaults.OAUTH2_TOKEN_URL); // Default to AAF
+ String tokenIntrospectURL = access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,Defaults.OAUTH2_INTROSPECT_URL); // Default to AAF);
+ // Get Hello Service
+ final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL,Defaults.HELLO_URL);
- final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF));
-
- try {
- //////////////////////////////////////////////////////////////////////
- // Scenario 1:
- // Get and use an OAuth Client, which understands Token Management
- //////////////////////////////////////////////////////////////////////
- // Create a Token Client, that gets its tokens from expected OAuth Server
- // In this example, it is AAF, but it can be the Alternate OAuth
+ final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF));
+
+ try {
+ //////////////////////////////////////////////////////////////////////
+ // Scenario 1:
+ // Get and use an OAuth Client, which understands Token Management
+ //////////////////////////////////////////////////////////////////////
+ // Create a Token Client, that gets its tokens from expected OAuth Server
+ // In this example, it is AAF, but it can be the Alternate OAuth
- TokenClient tc = tcf.newClient(tokenServiceURL); // can set your own timeout here (url, timeoutMilliseconds)
- // Set your Application (MicroService, whatever) Credentials here
- // These are how your Application is known, particularly to the OAuth Server.
- // If AAF Token server, then its just the same as your other AAF MechID creds
- // If it is the Alternate OAUTH, you'll need THOSE credentials. See that tool's Onboarding procedures.
- String client_id = access.getProperty(Config.AAF_APPID);
- if(client_id==null) {
- // For AAF, client_id CAN be Certificate. This is not necessarily true elsewhere
- client_id = access.getProperty(Config.CADI_ALIAS);
- }
- String client_secret = access.getProperty(Config.AAF_APPPASS);
- tc.client_creds(client_id, client_secret);
-
- // If you are working with Credentials the End User, set username/password as appropriate to the OAuth Server
- // tc.password(end_user_id, end_user_password);
- // IMPORTANT:
- // if you are setting client Credentials, you MAY NOT reuse this Client mid-transaction. You CAN reuse after setting
- // tc.clearEndUser();
- // You may want to see "Pooled Client" example, using special CADI utility
+ TokenClient tc = tcf.newClient(tokenServiceURL); // can set your own timeout here (url, timeoutMilliseconds)
+ // Set your Application (MicroService, whatever) Credentials here
+ // These are how your Application is known, particularly to the OAuth Server.
+ // If AAF Token server, then its just the same as your other AAF MechID creds
+ // If it is the Alternate OAUTH, you'll need THOSE credentials. See that tool's Onboarding procedures.
+ String client_id = access.getProperty(Config.AAF_APPID);
+ if(client_id==null) {
+ // For AAF, client_id CAN be Certificate. This is not necessarily true elsewhere
+ client_id = access.getProperty(Config.CADI_ALIAS);
+ }
+ String client_secret = access.getProperty(Config.AAF_APPPASS);
+ tc.client_creds(client_id, client_secret);
+
+ // If you are working with Credentials the End User, set username/password as appropriate to the OAuth Server
+ // tc.password(end_user_id, end_user_password);
+ // IMPORTANT:
+ // if you are setting client Credentials, you MAY NOT reuse this Client mid-transaction. You CAN reuse after setting
+ // tc.clearEndUser();
+ // You may want to see "Pooled Client" example, using special CADI utility
- // With AAF, the Scopes you put in are the AAF Namespaces you want access to. Your Token will contain the
- // AAF Permissions of the Namespaces (you can put in more than one), the user name (or client_id if no user_name),
- // is allowed to see.
-
- // Here's a trick to get the namespace out of a Fully Qualified AAF Identity (your MechID)
- String ns = FQI.reverseDomain(client_id);
- System.out.printf("\nNote: The AAF Namespace of FQI (Fully Qualified Identity) %s is %s\n\n",client_id, ns);
+ // With AAF, the Scopes you put in are the AAF Namespaces you want access to. Your Token will contain the
+ // AAF Permissions of the Namespaces (you can put in more than one), the user name (or client_id if no user_name),
+ // is allowed to see.
+
+ // Here's a trick to get the namespace out of a Fully Qualified AAF Identity (your MechID)
+ String ns = FQI.reverseDomain(client_id);
+ System.out.printf("\nNote: The AAF Namespace of FQI (Fully Qualified Identity) %s is %s\n\n",client_id, ns);
- // Now, we can get a Token. Note: for "scope", use AAF Namespaces to get AAF Permissions embedded in
- // Note: getToken checks if Token is expired, if so, then refreshes before handing back.
- Result<TimedToken> rtt = tc.getToken(ns,"org.onap.test");
-
- // Note: you can clear a Token's Disk/Memory presence by
- // 1) removing the Token from the "token/outgoing" directory on the O/S
- // 2) programmatically by calling "clearToken" with exact params as "getToken", when it has the same credentials set
- // tc.clearToken("org.onap.aaf","org.onap.test");
-
- // Result Object can be queried for success
- if(rtt.isOK()) {
- TimedToken token = rtt.value;
- print(token); // Take a look at what's in a Token
-
- // Use this Token in your client calls with "Tokenized Client" (TzClient)
- // These should NOT be used cross thread.
- TzClient helloClient = tcf.newTzClient(endServicesURL);
- helloClient.setToken(client_id, token);
-
- // This client call style, "best" call with "Retryable" inner class covers finding an available Service
- // (when Multi-services exist) for the best service, based (currently) on distance.
- //
- // the "Generic" in Type gives a Return Value for the Code, which you can set on the "best" method
- // Note that variables used in the inner class from this part of the code must be "final", see "CALL_TIMEOUT"
- String rv = helloClient.best(new Retryable<String>() {
- @Override
- public String code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<String> future = client.read("hello","text/plain");
- // The "future" calling method allows you to do other processing, such as call more than one backend
- // client before picking up the result
- // If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then
- if(future.get(CALL_TIMEOUT)) {
- // Client Returned expected value
- return future.value;
- } else {
- throw new APIException(future.code() + future.body());
- }
- }
- });
-
- // You want to do something with returned value. Here, we say "hello"
- System.out.printf("\nPositive Response from Hello: %s\n",rv);
-
-
- //////////////////////////////////////////////////////////////////////
- // Scenario 2:
- // As a Service, read Introspection information as proof of Authenticated Authorization
- //////////////////////////////////////////////////////////////////////
- // CADI Framework (i.e. CadiFilter) works with the Introspection to drive the J2EE interfaces (
- // i.e. if(isUserInRole("ns.perm|instance|action")) {...
- //
- // Here, however, is a way to introspect via Java
- //
- // now, call Introspect (making sure right URLs are set in properties)
- // We need a Different Introspect TokenClient, because different Endpoint (and usually different Services)
- TokenClient tci = tcf.newClient(tokenIntrospectURL);
- tci.client_creds(client_id, client_secret);
- Result<Introspect> is = tci.introspect(token.getAccessToken());
- if(is.isOK()) {
- // Note that AAF will add JSON set of Permissions as part of "Content:", legitimate extension of OAuth Structure
- print(is.value); // do something with Introspect Object
- } else {
- access.printf(Level.ERROR, "Unable to introspect OAuth Token %s: %d %s\n",
- token.getAccessToken(),rtt.code,rtt.error);
- }
- } else {
- access.printf(Level.ERROR, "Unable to obtain OAuth Token: %d %s\n",rtt.code,rtt.error);
- }
-
- } catch (CadiException | LocatorException | APIException | IOException e) {
- e.printStackTrace();
- }
- }
-
- /////////////////////////////////////////////////////////////
- // Examples of Object Access
- /////////////////////////////////////////////////////////////
- private static void print(Token t) {
- GregorianCalendar exp_date = new GregorianCalendar();
- exp_date.add(GregorianCalendar.SECOND, t.getExpiresIn());
- System.out.printf("Access Token\n\tToken:\t\t%s\n\tToken Type:\t%s\n\tExpires In:\t%d (%s)\n\tScope:\t\t%s\n\tRefresh Token:\t%s\n",
- t.getAccessToken(),
- t.getTokenType(),
- t.getExpiresIn(),
- Chrono.timeStamp(new Date(System.currentTimeMillis()+(t.getExpiresIn()*1000))),
- t.getScope(),
- t.getRefreshToken());
- }
-
- private static void print(Introspect ti) {
- if(ti==null || ti.getClientId()==null) {
- System.out.println("Empty Introspect");
- return;
- }
- Date exp = new Date(ti.getExp()*1000); // seconds
- System.out.printf("Introspect\n"
- + "\tAccessToken:\t%s\n"
- + "\tClient-id:\t%s\n"
- + "\tClient Type:\t%s\n"
- + "\tActive: \t%s\n"
- + "\tUserName:\t%s\n"
- + "\tExpires: \t%d (%s)\n"
- + "\tScope:\t\t%s\n"
- + "\tContent:\t%s\n",
- ti.getAccessToken(),
- ti.getClientId(),
- ti.getClientType(),
- ti.isActive()?Boolean.TRUE.toString():Boolean.FALSE.toString(),
- ti.getUsername(),
- ti.getExp(),
- Chrono.timeStamp(exp),
- ti.getScope(),
- ti.getContent()==null?"":ti.getContent());
-
- System.out.println();
- }
+ // Now, we can get a Token. Note: for "scope", use AAF Namespaces to get AAF Permissions embedded in
+ // Note: getToken checks if Token is expired, if so, then refreshes before handing back.
+ Result<TimedToken> rtt = tc.getToken(ns,"org.onap.test");
+
+ // Note: you can clear a Token's Disk/Memory presence by
+ // 1) removing the Token from the "token/outgoing" directory on the O/S
+ // 2) programmatically by calling "clearToken" with exact params as "getToken", when it has the same credentials set
+ // tc.clearToken("org.onap.aaf","org.onap.test");
+
+ // Result Object can be queried for success
+ if(rtt.isOK()) {
+ TimedToken token = rtt.value;
+ print(token); // Take a look at what's in a Token
+
+ // Use this Token in your client calls with "Tokenized Client" (TzClient)
+ // These should NOT be used cross thread.
+ TzClient helloClient = tcf.newTzClient(endServicesURL);
+ helloClient.setToken(client_id, token);
+
+ // This client call style, "best" call with "Retryable" inner class covers finding an available Service
+ // (when Multi-services exist) for the best service, based (currently) on distance.
+ //
+ // the "Generic" in Type gives a Return Value for the Code, which you can set on the "best" method
+ // Note that variables used in the inner class from this part of the code must be "final", see "CALL_TIMEOUT"
+ String rv = helloClient.best(new Retryable<String>() {
+ @Override
+ public String code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<String> future = client.read("hello","text/plain");
+ // The "future" calling method allows you to do other processing, such as call more than one backend
+ // client before picking up the result
+ // If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then
+ if(future.get(CALL_TIMEOUT)) {
+ // Client Returned expected value
+ return future.value;
+ } else {
+ throw new APIException(future.code() + future.body());
+ }
+ }
+ });
+
+ // You want to do something with returned value. Here, we say "hello"
+ System.out.printf("\nPositive Response from Hello: %s\n",rv);
+
+
+ //////////////////////////////////////////////////////////////////////
+ // Scenario 2:
+ // As a Service, read Introspection information as proof of Authenticated Authorization
+ //////////////////////////////////////////////////////////////////////
+ // CADI Framework (i.e. CadiFilter) works with the Introspection to drive the J2EE interfaces (
+ // i.e. if(isUserInRole("ns.perm|instance|action")) {...
+ //
+ // Here, however, is a way to introspect via Java
+ //
+ // now, call Introspect (making sure right URLs are set in properties)
+ // We need a Different Introspect TokenClient, because different Endpoint (and usually different Services)
+ TokenClient tci = tcf.newClient(tokenIntrospectURL);
+ tci.client_creds(client_id, client_secret);
+ Result<Introspect> is = tci.introspect(token.getAccessToken());
+ if(is.isOK()) {
+ // Note that AAF will add JSON set of Permissions as part of "Content:", legitimate extension of OAuth Structure
+ print(is.value); // do something with Introspect Object
+ } else {
+ access.printf(Level.ERROR, "Unable to introspect OAuth Token %s: %d %s\n",
+ token.getAccessToken(),rtt.code,rtt.error);
+ }
+ } else {
+ access.printf(Level.ERROR, "Unable to obtain OAuth Token: %d %s\n",rtt.code,rtt.error);
+ }
+
+ } catch (CadiException | LocatorException | APIException | IOException e) {
+ e.printStackTrace();
+ }
+ }
+
+ /////////////////////////////////////////////////////////////
+ // Examples of Object Access
+ /////////////////////////////////////////////////////////////
+ private static void print(Token t) {
+ GregorianCalendar exp_date = new GregorianCalendar();
+ exp_date.add(GregorianCalendar.SECOND, t.getExpiresIn());
+ System.out.printf("Access Token\n\tToken:\t\t%s\n\tToken Type:\t%s\n\tExpires In:\t%d (%s)\n\tScope:\t\t%s\n\tRefresh Token:\t%s\n",
+ t.getAccessToken(),
+ t.getTokenType(),
+ t.getExpiresIn(),
+ Chrono.timeStamp(new Date(System.currentTimeMillis()+(t.getExpiresIn()*1000))),
+ t.getScope(),
+ t.getRefreshToken());
+ }
+
+ private static void print(Introspect ti) {
+ if(ti==null || ti.getClientId()==null) {
+ System.out.println("Empty Introspect");
+ return;
+ }
+ Date exp = new Date(ti.getExp()*1000); // seconds
+ System.out.printf("Introspect\n"
+ + "\tAccessToken:\t%s\n"
+ + "\tClient-id:\t%s\n"
+ + "\tClient Type:\t%s\n"
+ + "\tActive: \t%s\n"
+ + "\tUserName:\t%s\n"
+ + "\tExpires: \t%d (%s)\n"
+ + "\tScope:\t\t%s\n"
+ + "\tContent:\t%s\n",
+ ti.getAccessToken(),
+ ti.getClientId(),
+ ti.getClientType(),
+ ti.isActive()?Boolean.TRUE.toString():Boolean.FALSE.toString(),
+ ti.getUsername(),
+ ti.getExp(),
+ Chrono.timeStamp(exp),
+ ti.getScope(),
+ ti.getContent()==null?"":ti.getContent());
+
+ System.out.println();
+ }
}
diff --git a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OnapClientExample.java b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OnapClientExample.java
index c82a7c5d..657a9b78 100644
--- a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OnapClientExample.java
+++ b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OnapClientExample.java
@@ -50,161 +50,161 @@ import aafoauth.v2_0.Token;
public class OnapClientExample {
- private static TokenClientFactory tcf;
- private static PropAccess access;
+ private static TokenClientFactory tcf;
+ private static PropAccess access;
- public final static void main(final String args[]) {
- // These Objects are expected to be Long-Lived... Construct once
-
- // Property Access
- // This method will allow you to set "cadi_prop_files" (or any other property) on Command line
- access = new PropAccess(args);
-
- // access = PropAccess();
- // Note: This style will load "cadi_prop_files" from VM Args
-
- // Token aware Client Factory
- try {
- tcf = TokenClientFactory.instance(access);
- } catch (APIException | GeneralSecurityException | IOException | CadiException e1) {
- access.log(e1, "Unable to setup OAuth Client Factory, Fail Fast");
- System.exit(1);
- }
-
- final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF));
-
- try {
- //////////////////////////////////////////////////////////////////////
- // Scenario 1:
- // Get and use an OAuth Client, which understands Token Management
- //////////////////////////////////////////////////////////////////////
- // Create a Token Client, that gets its tokens from expected OAuth Server
- // In this example, it is AAF, but it can be the Alternate OAuth
+ public final static void main(final String args[]) {
+ // These Objects are expected to be Long-Lived... Construct once
+
+ // Property Access
+ // This method will allow you to set "cadi_prop_files" (or any other property) on Command line
+ access = new PropAccess(args);
+
+ // access = PropAccess();
+ // Note: This style will load "cadi_prop_files" from VM Args
+
+ // Token aware Client Factory
+ try {
+ tcf = TokenClientFactory.instance(access);
+ } catch (APIException | GeneralSecurityException | IOException | CadiException e1) {
+ access.log(e1, "Unable to setup OAuth Client Factory, Fail Fast");
+ System.exit(1);
+ }
+
+ final int CALL_TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF));
+
+ try {
+ //////////////////////////////////////////////////////////////////////
+ // Scenario 1:
+ // Get and use an OAuth Client, which understands Token Management
+ //////////////////////////////////////////////////////////////////////
+ // Create a Token Client, that gets its tokens from expected OAuth Server
+ // In this example, it is AAF, but it can be the Alternate OAuth
- TokenClient tc = tcf.newClient(Config.AAF_OAUTH2_TOKEN_URL); // can set your own timeout here (url, timeoutMilliseconds)
-
- // Here's a trick to get the namespace out of a Fully Qualified AAF Identity (your MechID)
- String ns = FQI.reverseDomain(tc.client_id());
- System.out.printf("\nNote: The AAF Namespace of FQI (Fully Qualified Identity) %s is %s\n\n",tc.client_id(), ns);
+ TokenClient tc = tcf.newClient(Config.AAF_OAUTH2_TOKEN_URL); // can set your own timeout here (url, timeoutMilliseconds)
+
+ // Here's a trick to get the namespace out of a Fully Qualified AAF Identity (your MechID)
+ String ns = FQI.reverseDomain(tc.client_id());
+ System.out.printf("\nNote: The AAF Namespace of FQI (Fully Qualified Identity) %s is %s\n\n",tc.client_id(), ns);
- // Now, we can get a Token. Note: for "scope", use AAF Namespaces to get AAF Permissions embedded in
- // Note: getToken checks if Token is expired, if so, then refreshes before handing back.
- Result<TimedToken> rtt = tc.getToken(ns,"org.onap.test"); // get multiple scopes
-
- // Note: you can clear a Token's Disk/Memory presence by
- // 1) removing the Token from the "token/outgoing" directory on the O/S
- // 2) programmatically by calling "clearToken" with exact params as "getToken", when it has the same credentials set
- // tc.clearToken("org.onap.aaf","org.onap.test");
-
- // Result Object can be queried for success
- if(rtt.isOK()) {
- TimedToken token = rtt.value;
- print(token); // Take a look at what's in a Token
-
- // Use this Token in your client calls with "Tokenized Client" (TzClient)
- // These should NOT be used cross thread.
- // Get Hello Service URL... roll your own in your own world.
- final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL,Defaults.HELLO_URL);
+ // Now, we can get a Token. Note: for "scope", use AAF Namespaces to get AAF Permissions embedded in
+ // Note: getToken checks if Token is expired, if so, then refreshes before handing back.
+ Result<TimedToken> rtt = tc.getToken(ns,"org.onap.test"); // get multiple scopes
+
+ // Note: you can clear a Token's Disk/Memory presence by
+ // 1) removing the Token from the "token/outgoing" directory on the O/S
+ // 2) programmatically by calling "clearToken" with exact params as "getToken", when it has the same credentials set
+ // tc.clearToken("org.onap.aaf","org.onap.test");
+
+ // Result Object can be queried for success
+ if(rtt.isOK()) {
+ TimedToken token = rtt.value;
+ print(token); // Take a look at what's in a Token
+
+ // Use this Token in your client calls with "Tokenized Client" (TzClient)
+ // These should NOT be used cross thread.
+ // Get Hello Service URL... roll your own in your own world.
+ final String endServicesURL = access.getProperty(Config.AAF_OAUTH2_HELLO_URL,Defaults.HELLO_URL);
- TzClient helloClient = tcf.newTzClient(endServicesURL);
- helloClient.setToken(tc.client_id(), token);
-
- // This client call style, "best" call with "Retryable" inner class covers finding an available Service
- // (when Multi-services exist) for the best service, based (currently) on distance.
- //
- // the "Generic" in Type gives a Return Value for the Code, which you can set on the "best" method
- // Note that variables used in the inner class from this part of the code must be "final", see "CALL_TIMEOUT"
- String rv = helloClient.best(new Retryable<String>() {
- @Override
- public String code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<String> future = client.read("hello","text/plain");
- // The "future" calling method allows you to do other processing, such as call more than one backend
- // client before picking up the result
- // If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then
- if(future.get(CALL_TIMEOUT)) {
- // Client Returned expected value
- return future.value;
- } else {
- throw new APIException(future.code() + future.body());
- }
- }
- });
-
- // You want to do something with returned value. Here, we say "hello"
- System.out.printf("\nPositive Response from Hello: %s\n",rv);
-
-
- //////////////////////////////////////////////////////////////////////
- // Scenario 2:
- // As a Service, read Introspection information as proof of Authenticated Authorization
- //////////////////////////////////////////////////////////////////////
- // CADI Framework (i.e. CadiFilter) works with the Introspection to drive the J2EE interfaces (
- // i.e. if(isUserInRole("ns.perm|instance|action")) {...
- //
- // Here, however, is a way to introspect via Java
- //
- // now, call Introspect (making sure right URLs are set in properties)
- // We need a Different Introspect TokenClient, because different Endpoint (and usually different Services)
- TokenClient tci = tcf.newClient(Config.AAF_OAUTH2_INTROSPECT_URL);
- Result<Introspect> is = tci.introspect(token.getAccessToken());
- if(is.isOK()) {
- // Note that AAF will add JSON set of Permissions as part of "Content:", legitimate extension of OAuth Structure
- print(is.value); // do something with Introspect Object
- } else {
- access.printf(Level.ERROR, "Unable to introspect OAuth Token %s: %d %s\n",
- token.getAccessToken(),rtt.code,rtt.error);
- }
- } else {
- access.printf(Level.ERROR, "Unable to obtain OAuth Token: %d %s\n",rtt.code,rtt.error);
- }
-
- } catch (CadiException | LocatorException | APIException | IOException e) {
- e.printStackTrace();
- }
- }
-
- /////////////////////////////////////////////////////////////
- // Examples of Object Access
- /////////////////////////////////////////////////////////////
- private static void print(Token t) {
- GregorianCalendar exp_date = new GregorianCalendar();
- exp_date.add(GregorianCalendar.SECOND, t.getExpiresIn());
- System.out.printf("Access Token\n\tToken:\t\t%s\n\tToken Type:\t%s\n\tExpires In:\t%d (%s)\n\tScope:\t\t%s\n\tRefresh Token:\t%s\n",
- t.getAccessToken(),
- t.getTokenType(),
- t.getExpiresIn(),
- Chrono.timeStamp(new Date(System.currentTimeMillis()+(t.getExpiresIn()*1000))),
- t.getScope(),
- t.getRefreshToken());
- }
-
- private static void print(Introspect ti) {
- if(ti==null || ti.getClientId()==null) {
- System.out.println("Empty Introspect");
- return;
- }
- Date exp = new Date(ti.getExp()*1000); // seconds
- System.out.printf("Introspect\n"
- + "\tAccessToken:\t%s\n"
- + "\tClient-id:\t%s\n"
- + "\tClient Type:\t%s\n"
- + "\tActive: \t%s\n"
- + "\tUserName:\t%s\n"
- + "\tExpires: \t%d (%s)\n"
- + "\tScope:\t\t%s\n"
- + "\tContent:\t%s\n",
- ti.getAccessToken(),
- ti.getClientId(),
- ti.getClientType(),
- ti.isActive()?Boolean.TRUE.toString():Boolean.FALSE.toString(),
- ti.getUsername(),
- ti.getExp(),
- Chrono.timeStamp(exp),
- ti.getScope(),
- ti.getContent()==null?"":ti.getContent());
-
- System.out.println();
- }
+ TzClient helloClient = tcf.newTzClient(endServicesURL);
+ helloClient.setToken(tc.client_id(), token);
+
+ // This client call style, "best" call with "Retryable" inner class covers finding an available Service
+ // (when Multi-services exist) for the best service, based (currently) on distance.
+ //
+ // the "Generic" in Type gives a Return Value for the Code, which you can set on the "best" method
+ // Note that variables used in the inner class from this part of the code must be "final", see "CALL_TIMEOUT"
+ String rv = helloClient.best(new Retryable<String>() {
+ @Override
+ public String code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<String> future = client.read("hello","text/plain");
+ // The "future" calling method allows you to do other processing, such as call more than one backend
+ // client before picking up the result
+ // If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then
+ if(future.get(CALL_TIMEOUT)) {
+ // Client Returned expected value
+ return future.value;
+ } else {
+ throw new APIException(future.code() + future.body());
+ }
+ }
+ });
+
+ // You want to do something with returned value. Here, we say "hello"
+ System.out.printf("\nPositive Response from Hello: %s\n",rv);
+
+
+ //////////////////////////////////////////////////////////////////////
+ // Scenario 2:
+ // As a Service, read Introspection information as proof of Authenticated Authorization
+ //////////////////////////////////////////////////////////////////////
+ // CADI Framework (i.e. CadiFilter) works with the Introspection to drive the J2EE interfaces (
+ // i.e. if(isUserInRole("ns.perm|instance|action")) {...
+ //
+ // Here, however, is a way to introspect via Java
+ //
+ // now, call Introspect (making sure right URLs are set in properties)
+ // We need a Different Introspect TokenClient, because different Endpoint (and usually different Services)
+ TokenClient tci = tcf.newClient(Config.AAF_OAUTH2_INTROSPECT_URL);
+ Result<Introspect> is = tci.introspect(token.getAccessToken());
+ if(is.isOK()) {
+ // Note that AAF will add JSON set of Permissions as part of "Content:", legitimate extension of OAuth Structure
+ print(is.value); // do something with Introspect Object
+ } else {
+ access.printf(Level.ERROR, "Unable to introspect OAuth Token %s: %d %s\n",
+ token.getAccessToken(),rtt.code,rtt.error);
+ }
+ } else {
+ access.printf(Level.ERROR, "Unable to obtain OAuth Token: %d %s\n",rtt.code,rtt.error);
+ }
+
+ } catch (CadiException | LocatorException | APIException | IOException e) {
+ e.printStackTrace();
+ }
+ }
+
+ /////////////////////////////////////////////////////////////
+ // Examples of Object Access
+ /////////////////////////////////////////////////////////////
+ private static void print(Token t) {
+ GregorianCalendar exp_date = new GregorianCalendar();
+ exp_date.add(GregorianCalendar.SECOND, t.getExpiresIn());
+ System.out.printf("Access Token\n\tToken:\t\t%s\n\tToken Type:\t%s\n\tExpires In:\t%d (%s)\n\tScope:\t\t%s\n\tRefresh Token:\t%s\n",
+ t.getAccessToken(),
+ t.getTokenType(),
+ t.getExpiresIn(),
+ Chrono.timeStamp(new Date(System.currentTimeMillis()+(t.getExpiresIn()*1000))),
+ t.getScope(),
+ t.getRefreshToken());
+ }
+
+ private static void print(Introspect ti) {
+ if(ti==null || ti.getClientId()==null) {
+ System.out.println("Empty Introspect");
+ return;
+ }
+ Date exp = new Date(ti.getExp()*1000); // seconds
+ System.out.printf("Introspect\n"
+ + "\tAccessToken:\t%s\n"
+ + "\tClient-id:\t%s\n"
+ + "\tClient Type:\t%s\n"
+ + "\tActive: \t%s\n"
+ + "\tUserName:\t%s\n"
+ + "\tExpires: \t%d (%s)\n"
+ + "\tScope:\t\t%s\n"
+ + "\tContent:\t%s\n",
+ ti.getAccessToken(),
+ ti.getClientId(),
+ ti.getClientType(),
+ ti.isActive()?Boolean.TRUE.toString():Boolean.FALSE.toString(),
+ ti.getUsername(),
+ ti.getExp(),
+ Chrono.timeStamp(exp),
+ ti.getScope(),
+ ti.getContent()==null?"":ti.getContent());
+
+ System.out.println();
+ }
}
diff --git a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/SimpleRestClientExample.java b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/SimpleRestClientExample.java
index 6cabc654..27f9198a 100644
--- a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/SimpleRestClientExample.java
+++ b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/SimpleRestClientExample.java
@@ -35,185 +35,185 @@ import org.onap.aaf.misc.env.APIException;
public class SimpleRestClientExample {
- public final static void main(final String args[]) throws URISyntaxException, LocatorException {
- try {
- // Note: Expect ClientFactory to be long-lived... do NOT create more than once.
- ClientFactory cf = new ClientFactory(args);
-
-
- String urlString = cf.getAccess().getProperty("myurl", null);
- if(urlString==null) {
- System.out.println("Note: In your startup, add \"myurl=https://<aaf hello machine>:8130\" to command line\n\t"
- + "OR\n\t"
- + " add -Dmyurl=https://<aaf hello machine>:8130 to VM Args\n\t"
- + "where \"aaf hello machine\" is an aaf Installation you know about.");
- } else {
-
- SimpleRESTClient restClient = cf.simpleRESTClient(urlString,"org.osaaf.aaf");
-
- /////////////////////////////////////////////////////////////
- //
- // Creating Content for CREATE/UPDATE
- //
- /////////////////////////////////////////////////////////////
- // Create an object that can be reusable IN THIS THREAD ONLY... Not Thread-safe on purpose
- Input input = new SimpleRESTClient.Input();
-
- // Note: alternate use is to set the input object to an already created String
- // Input input = new SimpleRESTClient.Input(aString);
-
- PrintWriter pw = input.writer();
- pw.print("{\"something\": [");
- for(int i=0;i<4;++i) {
- if(i>0) {
- pw.print(',');
- }
- pw.print("{\"myint\":");
- pw.print(i);
- pw.print('}');
- }
- pw.println("]}");
-
- // You can check or log the content
- String content = input.toString();
- System.out.println(content);
-
- // Good form for Writers is that you should close it...
- pw.close();
-
- /////////////////////////////////////////////////////////////
- //
- // CREATE/POST
- //
- /////////////////////////////////////////////////////////////
- System.out.println("-------- START REST CREATE/UPDATE --------");
- try {
- restClient.create("resthello/rest_id", input);
- // No Error code, it worked.
- System.out.println("No Error Code, Create worked...");
- } catch (RESTException e) {
- System.out.println(e.getCode());
- System.out.println(e.getMsg());
- } finally {
- System.out.println("-------- END REST CREATE/UPDATE --------");
- }
-
-
- /////////////////////////////////////////////////////////////
- //
- // READ/GET
- //
- /////////////////////////////////////////////////////////////
-
- // Make some calls. Note that RESTException is thrown if Call does not complete.
- // RESTException has HTTP Code and any Message sent from Server
- System.out.println("-------- START REST READ/GET --------");
- boolean expectException = false;
- try {
-
- // Call with no Queries
- String rv = restClient.get("resthello/rest_id");
- System.out.println(rv);
-
- // Same call with "read" style
- rv = restClient.read("resthello/rest_id");
- System.out.println(rv);
-
-
- // Call with Queries
- rv = restClient.get("resthello/rest_id?perm=org.osaaf.people|*|read");
- System.out.println(rv);
-
- // Call setting ID from principal coming from Trans
- // Pretend Transaction
- HRequest req = new HRequest("demo@people.osaaf.org"); // Pretend Trans has Jonathan as Identity
-
- // Call with RESTException, which allows obtaining HTTPCode and any Error message sent
- rv = restClient.endUser(req.userPrincipal()).get("resthello/rest_id?perm=org.osaaf.people|*|read");
- System.out.println(rv);
-
- // Expect Exception here.
- System.out.println("-------- START Expecting Exception starting here --------");
- expectException = true;
- restClient.get("notAnAPI");
- } catch(RESTException e) {
- System.out.println(e.getCode());
- System.out.println(e.getMsg());
- System.out.println(e.getMessage());
- System.out.println(e.getLocalizedMessage());
- System.out.println(e);
- } finally {
- if(expectException) {
- System.out.println("-------- END Expecting Exception starting here --------");
- }
- System.out.println("-------- END REST READ/GET --------");
- }
-
- /////////////////////////////////////////////////////////////
- //
- // UPDATE/PUT
- //
- /////////////////////////////////////////////////////////////
-
-
- // If you use "input" object again as a writer, you can clear it on the same thread, and go again
- input.clear();
- // Here we just set to a String, instead of Writing
- input.set("{\"something\" : []}");
-
- System.out.println("-------- END REST UPDATE/PUT --------");
- try {
- String rv = restClient.update("resthello/rest_id", input);
- // No Error code, it worked. REST Update will return the updated Data
- System.out.println("Update worked");
- System.out.println(rv);
- } catch (RESTException e) {
- System.out.println(e.getCode());
- System.out.println(e.getMsg());
- } finally {
- System.out.println("-------- END REST UPDATE/PUT --------");
- }
-
- /////////////////////////////////////////////////////////////
- //
- // DELETE
- //
- /////////////////////////////////////////////////////////////
-
- System.out.println("-------- START REST DELETE --------");
- try {
- restClient.delete("resthello/rest_id");
- // No Error code, it worked. REST Update will return the updated Data
- System.out.println("Delete worked");
- } catch (RESTException e) {
- System.out.println(e.getCode());
- System.out.println(e.getMsg());
- } finally {
- System.out.println("-------- END REST DELETE --------");
- }
- }
- } catch (CadiException | APIException e) {
- e.printStackTrace();
- }
- }
-
- private static class HRequest {
-
- public HRequest(String fqi) {
- name = fqi;
- }
- protected final String name;
-
- // fake out HttpServletRequest, only for get Principal
- public Principal userPrincipal() {
- return new Principal() {
-
- @Override
- public String getName() {
- return name;
- }
-
- };
- }
- }
+ public final static void main(final String args[]) throws URISyntaxException, LocatorException {
+ try {
+ // Note: Expect ClientFactory to be long-lived... do NOT create more than once.
+ ClientFactory cf = new ClientFactory(args);
+
+
+ String urlString = cf.getAccess().getProperty("myurl", null);
+ if(urlString==null) {
+ System.out.println("Note: In your startup, add \"myurl=https://<aaf hello machine>:8130\" to command line\n\t"
+ + "OR\n\t"
+ + " add -Dmyurl=https://<aaf hello machine>:8130 to VM Args\n\t"
+ + "where \"aaf hello machine\" is an aaf Installation you know about.");
+ } else {
+
+ SimpleRESTClient restClient = cf.simpleRESTClient(urlString,"org.osaaf.aaf");
+
+ /////////////////////////////////////////////////////////////
+ //
+ // Creating Content for CREATE/UPDATE
+ //
+ /////////////////////////////////////////////////////////////
+ // Create an object that can be reusable IN THIS THREAD ONLY... Not Thread-safe on purpose
+ Input input = new SimpleRESTClient.Input();
+
+ // Note: alternate use is to set the input object to an already created String
+ // Input input = new SimpleRESTClient.Input(aString);
+
+ PrintWriter pw = input.writer();
+ pw.print("{\"something\": [");
+ for(int i=0;i<4;++i) {
+ if(i>0) {
+ pw.print(',');
+ }
+ pw.print("{\"myint\":");
+ pw.print(i);
+ pw.print('}');
+ }
+ pw.println("]}");
+
+ // You can check or log the content
+ String content = input.toString();
+ System.out.println(content);
+
+ // Good form for Writers is that you should close it...
+ pw.close();
+
+ /////////////////////////////////////////////////////////////
+ //
+ // CREATE/POST
+ //
+ /////////////////////////////////////////////////////////////
+ System.out.println("-------- START REST CREATE/UPDATE --------");
+ try {
+ restClient.create("resthello/rest_id", input);
+ // No Error code, it worked.
+ System.out.println("No Error Code, Create worked...");
+ } catch (RESTException e) {
+ System.out.println(e.getCode());
+ System.out.println(e.getMsg());
+ } finally {
+ System.out.println("-------- END REST CREATE/UPDATE --------");
+ }
+
+
+ /////////////////////////////////////////////////////////////
+ //
+ // READ/GET
+ //
+ /////////////////////////////////////////////////////////////
+
+ // Make some calls. Note that RESTException is thrown if Call does not complete.
+ // RESTException has HTTP Code and any Message sent from Server
+ System.out.println("-------- START REST READ/GET --------");
+ boolean expectException = false;
+ try {
+
+ // Call with no Queries
+ String rv = restClient.get("resthello/rest_id");
+ System.out.println(rv);
+
+ // Same call with "read" style
+ rv = restClient.read("resthello/rest_id");
+ System.out.println(rv);
+
+
+ // Call with Queries
+ rv = restClient.get("resthello/rest_id?perm=org.osaaf.people|*|read");
+ System.out.println(rv);
+
+ // Call setting ID from principal coming from Trans
+ // Pretend Transaction
+ HRequest req = new HRequest("demo@people.osaaf.org"); // Pretend Trans has Jonathan as Identity
+
+ // Call with RESTException, which allows obtaining HTTPCode and any Error message sent
+ rv = restClient.endUser(req.userPrincipal()).get("resthello/rest_id?perm=org.osaaf.people|*|read");
+ System.out.println(rv);
+
+ // Expect Exception here.
+ System.out.println("-------- START Expecting Exception starting here --------");
+ expectException = true;
+ restClient.get("notAnAPI");
+ } catch(RESTException e) {
+ System.out.println(e.getCode());
+ System.out.println(e.getMsg());
+ System.out.println(e.getMessage());
+ System.out.println(e.getLocalizedMessage());
+ System.out.println(e);
+ } finally {
+ if(expectException) {
+ System.out.println("-------- END Expecting Exception starting here --------");
+ }
+ System.out.println("-------- END REST READ/GET --------");
+ }
+
+ /////////////////////////////////////////////////////////////
+ //
+ // UPDATE/PUT
+ //
+ /////////////////////////////////////////////////////////////
+
+
+ // If you use "input" object again as a writer, you can clear it on the same thread, and go again
+ input.clear();
+ // Here we just set to a String, instead of Writing
+ input.set("{\"something\" : []}");
+
+ System.out.println("-------- END REST UPDATE/PUT --------");
+ try {
+ String rv = restClient.update("resthello/rest_id", input);
+ // No Error code, it worked. REST Update will return the updated Data
+ System.out.println("Update worked");
+ System.out.println(rv);
+ } catch (RESTException e) {
+ System.out.println(e.getCode());
+ System.out.println(e.getMsg());
+ } finally {
+ System.out.println("-------- END REST UPDATE/PUT --------");
+ }
+
+ /////////////////////////////////////////////////////////////
+ //
+ // DELETE
+ //
+ /////////////////////////////////////////////////////////////
+
+ System.out.println("-------- START REST DELETE --------");
+ try {
+ restClient.delete("resthello/rest_id");
+ // No Error code, it worked. REST Update will return the updated Data
+ System.out.println("Delete worked");
+ } catch (RESTException e) {
+ System.out.println(e.getCode());
+ System.out.println(e.getMsg());
+ } finally {
+ System.out.println("-------- END REST DELETE --------");
+ }
+ }
+ } catch (CadiException | APIException e) {
+ e.printStackTrace();
+ }
+ }
+
+ private static class HRequest {
+
+ public HRequest(String fqi) {
+ name = fqi;
+ }
+ protected final String name;
+
+ // fake out HttpServletRequest, only for get Principal
+ public Principal userPrincipal() {
+ return new Principal() {
+
+ @Override
+ public String getName() {
+ return name;
+ }
+
+ };
+ }
+ }
}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java
index 466c02da..f11d8f89 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java
@@ -36,91 +36,91 @@ import org.onap.aaf.cadi.client.Future;
import org.onap.aaf.cadi.principal.TaggedPrincipal;
// Uncomment if you utilized the "MiniJASPIWrap" in the Servlet setup in "main()", and want to protect your service via Permission or mapped role
-// @RolesAllowed({"com.att.aaf.myPerm|myInstance|myAction"})
- public class MyServlet implements Servlet {
- private ServletConfig servletConfig;
-
- public void init(ServletConfig config) throws ServletException {
- servletConfig = config;
- }
-
- public ServletConfig getServletConfig() {
- return servletConfig;
- }
-
- public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException {
- HttpServletRequest request;
- try {
- request = (HttpServletRequest)req;
- } catch (ClassCastException e) {
- throw new ServletException("Only serving HTTP today",e);
- }
-
- res.getOutputStream().println("<html><header><title>CSP Servlet Test</title></header><body><h1>You're good to go!</h1><pre>" +
- request.getUserPrincipal());
-
- String perm = request.getParameter("PERM");
- if(perm!=null) {
- if(request.isUserInRole(perm)) {
- if(perm.indexOf('|')<0) {
- res.getOutputStream().println("\nCongrats!, You are in Role " + perm);
- } else {
- res.getOutputStream().println("\nCongrats!, You have Permission " + perm);
- }
- } else {
- if(perm.indexOf('|')<0) {
- res.getOutputStream().println("\nSorry, you are NOT in Role " + perm);
- } else {
- res.getOutputStream().println("\nSorry, you do NOT have Permission " + perm);
- }
- }
- }
-
- // You can get the working AAFCon from Trans
- AAFCon<?> aafcon = AAFCon.obtain(req);
- if(aafcon!=null) {
- try {
- res.getOutputStream().println("----- Perms JSON from direct call -----");
- final Principal up = request.getUserPrincipal();
- TaggedPrincipal tp;
- if(up instanceof TaggedPrincipal) {
- tp = (TaggedPrincipal)up;
- } else {
- tp = new TaggedPrincipal() {
- @Override
- public String getName() {
- return up.getName();
- }
+// @RolesAllowed({"com.att.aaf.myPerm|myInstance|myAction"})
+ public class MyServlet implements Servlet {
+ private ServletConfig servletConfig;
+
+ public void init(ServletConfig config) throws ServletException {
+ servletConfig = config;
+ }
+
+ public ServletConfig getServletConfig() {
+ return servletConfig;
+ }
+
+ public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException {
+ HttpServletRequest request;
+ try {
+ request = (HttpServletRequest)req;
+ } catch (ClassCastException e) {
+ throw new ServletException("Only serving HTTP today",e);
+ }
+
+ res.getOutputStream().println("<html><header><title>CSP Servlet Test</title></header><body><h1>You're good to go!</h1><pre>" +
+ request.getUserPrincipal());
+
+ String perm = request.getParameter("PERM");
+ if(perm!=null) {
+ if(request.isUserInRole(perm)) {
+ if(perm.indexOf('|')<0) {
+ res.getOutputStream().println("\nCongrats!, You are in Role " + perm);
+ } else {
+ res.getOutputStream().println("\nCongrats!, You have Permission " + perm);
+ }
+ } else {
+ if(perm.indexOf('|')<0) {
+ res.getOutputStream().println("\nSorry, you are NOT in Role " + perm);
+ } else {
+ res.getOutputStream().println("\nSorry, you do NOT have Permission " + perm);
+ }
+ }
+ }
+
+ // You can get the working AAFCon from Trans
+ AAFCon<?> aafcon = AAFCon.obtain(req);
+ if(aafcon!=null) {
+ try {
+ res.getOutputStream().println("----- Perms JSON from direct call -----");
+ final Principal up = request.getUserPrincipal();
+ TaggedPrincipal tp;
+ if(up instanceof TaggedPrincipal) {
+ tp = (TaggedPrincipal)up;
+ } else {
+ tp = new TaggedPrincipal() {
+ @Override
+ public String getName() {
+ return up.getName();
+ }
- @Override
- public String tag() {
- return "Unknown";
- }
- };
- }
- // This call will be "as the user calling", but only if permission is set to trust.
-// Future<String> future = aafcon.clientAs("2.0",tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
- Future<String> future = aafcon.client("2.0").read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
- if(future.get(4000 /* timeout */)) {
- res.getOutputStream().print(future.value);
- } else {
- System.err.println(future.code() + ", " + future.body());
- res.getOutputStream().print(future.code() + ", " + future.body());
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- } else {
- res.getOutputStream().println("No AAFCon instantiated");
- }
- res.getOutputStream().print("</pre></body></html>");
-
- }
-
- public String getServletInfo() {
- return "MyServlet";
- }
-
- public void destroy() {
- }
- } \ No newline at end of file
+ @Override
+ public String tag() {
+ return "Unknown";
+ }
+ };
+ }
+ // This call will be "as the user calling", but only if permission is set to trust.
+// Future<String> future = aafcon.clientAs("2.0",tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
+ Future<String> future = aafcon.client("2.0").read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
+ if(future.get(4000 /* timeout */)) {
+ res.getOutputStream().print(future.value);
+ } else {
+ System.err.println(future.code() + ", " + future.body());
+ res.getOutputStream().print(future.code() + ", " + future.body());
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ } else {
+ res.getOutputStream().println("No AAFCon instantiated");
+ }
+ res.getOutputStream().print("</pre></body></html>");
+
+ }
+
+ public String getServletInfo() {
+ return "MyServlet";
+ }
+
+ public void destroy() {
+ }
+ } \ No newline at end of file
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java
index 17f9b198..a45725d7 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/Config.java
@@ -31,15 +31,15 @@ import org.onap.aaf.cadi.filter.CadiFilter;
public class Config {
- /**
- * Method to make jetty configurations (others?) with more complex function possible
- *
- * @param sc
- */
- public static final void addToContext(WebAppContext sc, String propFile) {
- sc.addFilter(CadiFilter.class,"/*",EnumSet.of(DispatcherType.REQUEST));
- sc.setInitParameter(org.onap.aaf.cadi.config.Config.CADI_PROP_FILES, propFile);
- }
-
+ /**
+ * Method to make jetty configurations (others?) with more complex function possible
+ *
+ * @param sc
+ */
+ public static final void addToContext(WebAppContext sc, String propFile) {
+ sc.addFilter(CadiFilter.class,"/*",EnumSet.of(DispatcherType.REQUEST));
+ sc.setInitParameter(org.onap.aaf.cadi.config.Config.CADI_PROP_FILES, propFile);
+ }
+
}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
index 2d1fc097..cec8a539 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java
@@ -43,70 +43,70 @@ import org.onap.aaf.cadi.config.SecurityInfo;
import org.onap.aaf.cadi.filter.CadiFilter;
public abstract class JettyServletServer implements Servlet {
-
- public static Server run(PropAccess access, String context, Class<? extends Servlet> servletCls, int port, String ...args) throws Exception {
- // Defaults:
- int blockingQueueSize = 10;
+
+ public static Server run(PropAccess access, String context, Class<? extends Servlet> servletCls, int port, String ...args) throws Exception {
+ // Defaults:
+ int blockingQueueSize = 10;
int corePoolSize = 10;
int maxPoolSize = 10;
int keepAliveTime = 3000;
- String hostname = access.getProperty(Config.HOSTNAME, null);
- if(hostname==null) {
- hostname = Inet4Address.getLocalHost().getHostName();
- }
+ String hostname = access.getProperty(Config.HOSTNAME, null);
+ if(hostname==null) {
+ hostname = Inet4Address.getLocalHost().getHostName();
+ }
// Add your own Properties to override defaults
ArrayBlockingQueue<Runnable> queue = new ArrayBlockingQueue<Runnable>(blockingQueueSize);
QueuedThreadPool pool = new QueuedThreadPool(maxPoolSize,corePoolSize,keepAliveTime,queue);
- Server server = new Server(pool);
+ Server server = new Server(pool);
- String protocol;
- if(access.getProperty(Config.CADI_KEYSTORE_PASSWORD,null)==null) {
- ServerConnector conn = new ServerConnector(server);
- conn.setHost(hostname);
- conn.setPort(port);
- server.addConnector(conn);
- protocol = "http";
- } else {
- // Setup Security
- SecurityInfo securityInfo = new SecurityInfo(access);
- SslContextFactory scf = new SslContextFactory();
- scf.setSslContext(securityInfo.getSSLContext());
- scf.setWantClientAuth(true);
- ServerConnector sslConnector = new ServerConnector(server,scf);
- sslConnector.setHost(hostname);
- sslConnector.setPort(port);
- server.addConnector(sslConnector);
- protocol = "https";
- }
+ String protocol;
+ if(access.getProperty(Config.CADI_KEYSTORE_PASSWORD,null)==null) {
+ ServerConnector conn = new ServerConnector(server);
+ conn.setHost(hostname);
+ conn.setPort(port);
+ server.addConnector(conn);
+ protocol = "http";
+ } else {
+ // Setup Security
+ SecurityInfo securityInfo = new SecurityInfo(access);
+ SslContextFactory scf = new SslContextFactory();
+ scf.setSslContext(securityInfo.getSSLContext());
+ scf.setWantClientAuth(true);
+ ServerConnector sslConnector = new ServerConnector(server,scf);
+ sslConnector.setHost(hostname);
+ sslConnector.setPort(port);
+ server.addConnector(sslConnector);
+ protocol = "https";
+ }
// Setup Sample Servlet
CadiFilter cf = new CadiFilter(true,access);
- FilterHolder cfh = new FilterHolder(cf);
-
- ServletHandler shand = new ServletHandler();
- shand.addFilterWithMapping(cfh, "/*", FilterMapping.ALL);
- // To use normal Servlets, just add the class here... Actually, bug in Jetty... need to add with ServletHolder
- ServletHolder sh = new ServletHolder();
- sh.setServlet(servletCls.newInstance());
- shand.addServletWithMapping(sh,"/*");
-
- // To use JASPI Authorization Style to protect the servlet, wrap the Servlet
- // with the "MiniJSAPIWrap class, as shown here. Then add "@RolesAllowed" on your
- // servlet (see sample). Use Pipe delimited Permissions, not AAF Roles in the line
- // shand.addServletWithMapping(new MiniJASPIWrap(MyServlet.class),"/*");
- // call initialize after start
- ContextHandler ch = new ServletContextHandler();
- ch.setContextPath(context);
- ch.setHandler(shand);
- server.setHandler(ch);
- // Startup the Server
+ FilterHolder cfh = new FilterHolder(cf);
+
+ ServletHandler shand = new ServletHandler();
+ shand.addFilterWithMapping(cfh, "/*", FilterMapping.ALL);
+ // To use normal Servlets, just add the class here... Actually, bug in Jetty... need to add with ServletHolder
+ ServletHolder sh = new ServletHolder();
+ sh.setServlet(servletCls.newInstance());
+ shand.addServletWithMapping(sh,"/*");
+
+ // To use JASPI Authorization Style to protect the servlet, wrap the Servlet
+ // with the "MiniJSAPIWrap class, as shown here. Then add "@RolesAllowed" on your
+ // servlet (see sample). Use Pipe delimited Permissions, not AAF Roles in the line
+ // shand.addServletWithMapping(new MiniJASPIWrap(MyServlet.class),"/*");
+ // call initialize after start
+ ContextHandler ch = new ServletContextHandler();
+ ch.setContextPath(context);
+ ch.setHandler(shand);
+ server.setHandler(ch);
+ // Startup the Server
server.setStopAtShutdown(true);
server.start();
access.log(Level.INFO,"TestServlet is running at " + protocol + "://"+hostname+':'+port+context);
return server;
- }
+ }
}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
index 049e45e8..6edd6f5b 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyStandalone.java
@@ -30,17 +30,17 @@ import org.onap.aaf.cadi.PropAccess;
public class JettyStandalone {
- public static void main(String[] args) {
- PropAccess access = new PropAccess(args);
- try {
- Server server = JettyServletServer.run(access, "/caditest", MyServlet.class, 3456);
- server.join();
- } catch (Exception e) {
- access.log(Level.ERROR, e);
- } finally {
- access.log(Level.INFO,"Stopping Service");
- }
-
- }
+ public static void main(String[] args) {
+ PropAccess access = new PropAccess(args);
+ try {
+ Server server = JettyServletServer.run(access, "/caditest", MyServlet.class, 3456);
+ server.join();
+ } catch (Exception e) {
+ access.log(Level.ERROR, e);
+ } finally {
+ access.log(Level.INFO,"Stopping Service");
+ }
+
+ }
}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
index 904f3cdc..29462cfb 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java
@@ -48,54 +48,54 @@ import org.onap.aaf.cadi.filter.RolesAllowed;
*
*/
public class MiniJASPIWrap extends ServletHolder {
- private RolesAllowed rolesAllowed;
- //private String roles;
- public MiniJASPIWrap(Class<? extends Servlet> servlet) {
- super(servlet);
- this.rolesAllowed = servlet.getAnnotation(RolesAllowed.class);
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- if(rolesAllowed!=null) {
- for(String str : rolesAllowed.value()) {
- if(first)first=false;
- else sb.append(',');
- sb.append(str);
- }
- }
- //roles = sb.toString();
- }
+ private RolesAllowed rolesAllowed;
+ //private String roles;
+ public MiniJASPIWrap(Class<? extends Servlet> servlet) {
+ super(servlet);
+ this.rolesAllowed = servlet.getAnnotation(RolesAllowed.class);
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ if(rolesAllowed!=null) {
+ for(String str : rolesAllowed.value()) {
+ if(first)first=false;
+ else sb.append(',');
+ sb.append(str);
+ }
+ }
+ //roles = sb.toString();
+ }
- /**
- * handle
- *
- * When utilized, this class authorizes the transaction by first calling the standard J2EE API call
- * "isUserInRole" with the role(s) found in the class Annotations (JASPI Style)
- */
- @Override
- public void handle(Request baseRequest, ServletRequest request, ServletResponse response) throws ServletException, UnavailableException, IOException {
- if(rolesAllowed==null) {
- super.handle(baseRequest, request, response);
- } else { // Validate
- try {
-
- HttpServletRequest hreq = (HttpServletRequest)request;
- boolean proceed = false;
- for(String role : rolesAllowed.value()) {
- if(hreq.isUserInRole(role)) {
- proceed = true;
- break;
- }
- }
- if(proceed) {
- super.handle(baseRequest, request, response);
- } else {
- //baseRequest.getServletContext().log(hreq.getUserPrincipal().getName()+" Refused " + roles);
- ((HttpServletResponse)response).sendError(403); // forbidden
- }
- } catch(ClassCastException e) {
- throw new ServletException("JASPIWrap only supports HTTPServletRequest/HttpServletResponse");
- }
- }
- }
+ /**
+ * handle
+ *
+ * When utilized, this class authorizes the transaction by first calling the standard J2EE API call
+ * "isUserInRole" with the role(s) found in the class Annotations (JASPI Style)
+ */
+ @Override
+ public void handle(Request baseRequest, ServletRequest request, ServletResponse response) throws ServletException, UnavailableException, IOException {
+ if(rolesAllowed==null) {
+ super.handle(baseRequest, request, response);
+ } else { // Validate
+ try {
+
+ HttpServletRequest hreq = (HttpServletRequest)request;
+ boolean proceed = false;
+ for(String role : rolesAllowed.value()) {
+ if(hreq.isUserInRole(role)) {
+ proceed = true;
+ break;
+ }
+ }
+ if(proceed) {
+ super.handle(baseRequest, request, response);
+ } else {
+ //baseRequest.getServletContext().log(hreq.getUserPrincipal().getName()+" Refused " + roles);
+ ((HttpServletResponse)response).sendError(403); // forbidden
+ }
+ } catch(ClassCastException e) {
+ throw new ServletException("JASPIWrap only supports HTTPServletRequest/HttpServletResponse");
+ }
+ }
+ }
}
diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java
index 415283a5..1597dbd5 100644
--- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java
+++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java
@@ -39,7 +39,7 @@ import org.onap.aaf.cadi.PropAccess;
*/
public class TomcatEmbedded {
- public static void main(String[] args) throws Exception {
+ public static void main(String[] args) throws Exception {
System.setProperty("org.apache.catalina.startup.EXIT_ON_INIT_FAILURE", "true");
Tomcat tomcat = new Tomcat();
@@ -51,8 +51,8 @@ public class TomcatEmbedded {
tomcat.start();
tomcat.getServer().await();
- }
-
+ }
+
private static Connector getSslConnector(PropAccess access, int port) throws IOException {
Connector connector = new Connector();
connector.setPort(port);
@@ -75,34 +75,34 @@ public class TomcatEmbedded {
}
private static void setAttr(Connector connector, Access access, String ctag, String atag) throws IOException {
- String value = access.getProperty(atag, null);
- if(value==null) {
- access.log(Level.ERROR, atag, "is null");
- } else {
- if(value.startsWith("enc:")) {
- access.log(Level.INIT,atag,"=enc:************");
- value = access.decrypt(value, false);
- } else {
- access.log(Level.INIT,atag,"=",value);
- }
- connector.setAttribute(ctag, value);
- }
+ String value = access.getProperty(atag, null);
+ if(value==null) {
+ access.log(Level.ERROR, atag, "is null");
+ } else {
+ if(value.startsWith("enc:")) {
+ access.log(Level.INIT,atag,"=enc:************");
+ value = access.decrypt(value, false);
+ } else {
+ access.log(Level.INIT,atag,"=",value);
+ }
+ connector.setAttribute(ctag, value);
+ }
}
- private static File getRootFolder() {
- try {
- File root;
- String runningJarPath = Main.class.getProtectionDomain().getCodeSource().getLocation().toURI().getPath().replaceAll("\\\\", "/");
- int lastIndexOf = runningJarPath.lastIndexOf("/target/");
- if (lastIndexOf < 0) {
- root = new File("");
- } else {
- root = new File(runningJarPath.substring(0, lastIndexOf));
- }
- System.out.println("application resolved root folder: " + root.getAbsolutePath());
- return root;
- } catch (URISyntaxException ex) {
- throw new RuntimeException(ex);
- }
- }
+ private static File getRootFolder() {
+ try {
+ File root;
+ String runningJarPath = Main.class.getProtectionDomain().getCodeSource().getLocation().toURI().getPath().replaceAll("\\\\", "/");
+ int lastIndexOf = runningJarPath.lastIndexOf("/target/");
+ if (lastIndexOf < 0) {
+ root = new File("");
+ } else {
+ root = new File(runningJarPath.substring(0, lastIndexOf));
+ }
+ System.out.println("application resolved root folder: " + root.getAbsolutePath());
+ return root;
+ } catch (URISyntaxException ex) {
+ throw new RuntimeException(ex);
+ }
+ }
}