summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java2
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java2
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java2
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java4
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java2
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java5
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java2
-rw-r--r--auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java6
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java8
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java19
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java4
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java3
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java243
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java2
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java2
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java2
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java12
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java9
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java2
-rw-r--r--cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java27
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java17
-rw-r--r--cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java4
22 files changed, 195 insertions, 184 deletions
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java
index 0222965f..ad997d16 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java
@@ -500,7 +500,7 @@ public class AAFcli {
// }
TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
-// HMangr hman = new HMangr(access, loc).readTimeout(TIMEOUT).apiVersion(Config.AAF_DEFAULT_VERSION);
+// HMangr hman = new HMangr(access, loc).readTimeout(TIMEOUT).apiVersion(Config.AAF_DEFAULT_API_VERSION);
if (access.getProperty(Config.AAF_DEFAULT_REALM)==null) {
access.setProperty(Config.AAF_DEFAULT_REALM, "people.osaaf.org");
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java
index 9bb01956..1064c9b8 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java
@@ -37,7 +37,7 @@ public class Version extends Cmd {
protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException {
pw().println("AAF Command Line Tool");
pw().print("Version: ");
- pw().println(Config.AAF_DEFAULT_VERSION);
+ pw().println(Config.AAF_DEFAULT_API_VERSION);
return 200 /*HttpStatus.OK_200;*/;
}
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java
index 0120fa7f..abe4c342 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java
@@ -193,7 +193,7 @@ public class JU_AAFCli {
Locator loc;
loc = new PropertyLocator(aafUrl);
TIMEOUT = Integer.parseInt(env.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
- HMangr hman = new HMangr(env, loc).readTimeout(TIMEOUT).apiVersion(Config.AAF_DEFAULT_VERSION);
+ HMangr hman = new HMangr(env, loc).readTimeout(TIMEOUT).apiVersion(Config.AAF_DEFAULT_API_VERSION);
// TODO: Consider requiring a default in properties
env.setProperty(Config.AAF_DEFAULT_REALM,
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java
index df80ec6d..435b8845 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java
@@ -158,11 +158,11 @@ public abstract class AbsService<ENV extends BasicEnv, TRANS extends Trans> exte
}
public Rcli<?> client() throws CadiException {
- return aafCon.client(Config.AAF_DEFAULT_VERSION);
+ return aafCon.client();
}
public Rcli<?> clientAsUser(TaggedPrincipal p) throws CadiException {
- return aafCon.client(Config.AAF_DEFAULT_VERSION).forUser(
+ return aafCon.client().forUser(
new HTransferSS(p,app_name, aafCon.securityInfo()));
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java
index 6d7fa207..5d1d0219 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java
@@ -79,7 +79,7 @@ public class NsDetail extends Page {
if (gw_url==null) {
gw_url="";
} else {
- gw_url+="/aaf/"+Config.AAF_DEFAULT_VERSION;
+ gw_url+="/aaf/"+Config.AAF_DEFAULT_API_VERSION;
}
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java
index bd44dfce..c8294d1f 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java
@@ -62,7 +62,6 @@ import org.onap.aaf.cadi.register.Registrant;
import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.Data;
import org.onap.aaf.misc.env.Env;
-import org.onap.aaf.misc.rosetta.env.RosettaEnv;
import com.datastax.driver.core.Cluster;
@@ -187,7 +186,7 @@ public class AAF_Locate extends AbsService<AuthzEnv, AuthzTrans> {
protected AAFConHttp _newAAFConHttp() throws CadiException {
try {
if (dal==null) {
- dal = AbsAAFLocator.create(aaf_service_name,Config.AAF_DEFAULT_VERSION);
+ dal = AbsAAFLocator.create(aaf_service_name,Config.AAF_DEFAULT_API_VERSION);
}
// utilize pre-constructed DirectAAFLocator
return new AAFConHttp(env.access(),dal);
@@ -198,7 +197,7 @@ public class AAF_Locate extends AbsService<AuthzEnv, AuthzTrans> {
public Locator<URI> getGUILocator() throws LocatorException {
if (gui_locator==null) {
- gui_locator = AbsAAFLocator.create(aaf_gui_name,Config.AAF_DEFAULT_VERSION);
+ gui_locator = AbsAAFLocator.create(aaf_gui_name,Config.AAF_DEFAULT_API_VERSION);
}
return gui_locator;
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java
index 8bceb2ab..e3179aea 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java
@@ -47,7 +47,7 @@ public class JSONPermLoaderFactory {
public static JSONPermLoader remote(final AAFCon<?> aafcon, final int timeout) {
return new JSONPermLoader() {
public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException {
- Rcli<?> c = aafcon.clientAs(Config.AAF_DEFAULT_VERSION,trans.getUserPrincipal());
+ Rcli<?> c = aafcon.clientAs(Config.AAF_DEFAULT_API_VERSION,trans.getUserPrincipal());
StringBuilder pathinfo = new StringBuilder("/authz/perms/user/");
pathinfo.append(user);
pathinfo.append("?scopes=");
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java
index 529a6ae2..786b4282 100644
--- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java
@@ -84,7 +84,7 @@ public class JU_JSONPermLoaderFactoryTest {
@Test
public void testRemoteWithTimeOut() throws APIException, CadiException {
when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
- when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
+ when(aafcon.clientAs(Config.AAF_DEFAULT_API_VERSION, trans.getUserPrincipal())).thenReturn(c);
when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
"application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
when(fs.get(0)).thenReturn(true);
@@ -105,7 +105,7 @@ public class JU_JSONPermLoaderFactoryTest {
@Test
public void testRemoteWith404() throws APIException, CadiException {
when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
- when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
+ when(aafcon.clientAs(Config.AAF_DEFAULT_API_VERSION, trans.getUserPrincipal())).thenReturn(c);
when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
"application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
when(fs.get(0)).thenReturn(false);
@@ -127,7 +127,7 @@ public class JU_JSONPermLoaderFactoryTest {
@Test
public void testRemote() throws APIException, CadiException {
when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
- when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
+ when(aafcon.clientAs(Config.AAF_DEFAULT_API_VERSION, trans.getUserPrincipal())).thenReturn(c);
when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
"application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
when(fs.get(0)).thenReturn(false);
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java
index 5253513d..4f34fd56 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java
@@ -211,11 +211,11 @@ public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> {
public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
Class<?> respCls = facade.mapper().getClass(api);
if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
- String application = applicationJSON(respCls, Config.AAF_DEFAULT_VERSION);
+ String application = applicationJSON(respCls, Config.AAF_DEFAULT_API_VERSION);
- route(env,meth,path,code,application,"application/json;version="+Config.AAF_DEFAULT_VERSION,"*/*");
- application = applicationXML(respCls, Config.AAF_DEFAULT_VERSION);
- route(env,meth,path,code.clone(facade_XML,false),application,"text/xml;version=Config.AAF_DEFAULT_VERSION");
+ route(env,meth,path,code,application,"application/json;version="+Config.AAF_DEFAULT_API_VERSION,"*/*");
+ application = applicationXML(respCls, Config.AAF_DEFAULT_API_VERSION);
+ route(env,meth,path,code.clone(facade_XML,false),application,"text/xml;version="+Config.AAF_DEFAULT_API_VERSION);
}
/**
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java
index a38904d4..43709ccc 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/Defaults.java
@@ -21,13 +21,14 @@
package org.onap.aaf.cadi.aaf;
public interface Defaults {
- public static String AAF_VERSION = "2.1";
- public static String AAF_NS = "AAF_NS";
- public static String AAF_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".service:" + AAF_VERSION;
- public static String GUI_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".gui:" + AAF_VERSION;
- public static String CM_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".cm:" + AAF_VERSION;
- public static String FS_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".fs:" + AAF_VERSION;
- public static String HELLO_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".hello:" + AAF_VERSION;
- public static String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".token:" + AAF_VERSION;
- public static String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/" + AAF_NS + ".introspect:" + AAF_VERSION;
+ public final static String AAF_VERSION = "2.1";
+ public final static String AAF_NS = "AAF_NS";
+ public final static String AAF_ROOT = "https://AAF_LOCATE_URL/" + AAF_NS;
+ public final static String AAF_URL = AAF_ROOT + ".service:" + AAF_VERSION;
+ public final static String GUI_URL = AAF_ROOT + ".gui:" + AAF_VERSION;
+ public final static String CM_URL = AAF_ROOT + ".cm:" + AAF_VERSION;
+ public final static String FS_URL = AAF_ROOT + ".fs:" + AAF_VERSION;
+ public final static String HELLO_URL = AAF_ROOT + ".hello:" + AAF_VERSION;
+ public final static String OAUTH2_TOKEN_URL = AAF_ROOT + ".token:" + AAF_VERSION;
+ public final static String OAUTH2_INTROSPECT_URL = AAF_ROOT + ".introspect:" + AAF_VERSION;
}
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java
index dd3cde7e..c23e9b23 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java
@@ -125,7 +125,7 @@ public class AAFListedCertIdentity implements CertIdentity {
userLookup.add(s);
}
for (String authMech : authMechanisms) {
- Future<Users> fusr = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authz/users/perm/com.att.aaf.trust/"+authMech+"/authenticate", Users.class, aafcon.usersDF);
+ Future<Users> fusr = aafcon.client().read("/authz/users/perm/com.att.aaf.trust/"+authMech+"/authenticate", Users.class, aafcon.usersDF);
if (fusr.get(5000)) {
List<User> users = fusr.value.getUser();
if (users.isEmpty()) {
@@ -146,7 +146,7 @@ public class AAFListedCertIdentity implements CertIdentity {
}
for (String u : userLookup) {
- Future<Certs> fc = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authn/cert/id/"+u, Certs.class, aafcon.certsDF);
+ Future<Certs> fc = aafcon.client().read("/authn/cert/id/"+u, Certs.class, aafcon.certsDF);
XMLGregorianCalendar now = Chrono.timeStamp();
if (fc.get(5000)) {
List<Cert> certs = fc.value.getCert();
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java
index 167fae9f..606638a4 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java
@@ -30,7 +30,6 @@ import org.onap.aaf.cadi.User;
import org.onap.aaf.cadi.aaf.AAFPermission;
import org.onap.aaf.cadi.client.Future;
import org.onap.aaf.cadi.client.Rcli;
-import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.cadi.lur.ConfigPrincipal;
public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> {
@@ -140,7 +139,7 @@ public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> {
try {
Miss missed = missed(getName(),getCred());
if (missed==null || missed.mayContinue()) {
- Rcli<CLIENT> client = con.client(Config.AAF_DEFAULT_VERSION).forUser(con.basicAuth(getName(), new String(getCred())));
+ Rcli<CLIENT> client = con.client().forUser(con.basicAuth(getName(), new String(getCred())));
Future<String> fp = client.read(
"/authn/basicAuth",
"text/plain"
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java
index b6644368..77489633 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java
@@ -69,26 +69,142 @@ public abstract class AAFCon<CLIENT> implements Connector {
final public RosettaDF<Error> errDF;
private String realm;
public final String app;
+ protected final String apiVersion;
protected SecurityInfoC<CLIENT> si;
private AAFLurPerm lur;
final public RosettaEnv env;
- protected abstract URI initURI();
+ protected AAFCon(AAFCon<CLIENT> copy) {
+ access = copy.access;
+ apiVersion = access.getProperty(Config.AAF_API_VERSION, Config.AAF_DEFAULT_API_VERSION);
+ timeout = copy.timeout;
+ cleanInterval = copy.cleanInterval;
+ connTimeout = copy.connTimeout;
+ highCount = copy.highCount;
+ userExpires = copy.userExpires;
+ usageRefreshTriggerCount = copy.usageRefreshTriggerCount;
+ permsDF = copy.permsDF;
+ certsDF = copy.certsDF;
+ usersDF = copy.usersDF;
+ errDF = copy.errDF;
+ app = copy.app;
+ si = copy.si;
+ env = copy.env;
+ realm = copy.realm;
+ }
+ protected AAFCon(Access access, String tag, SecurityInfoC<CLIENT> si) throws CadiException{
+ apiVersion = access.getProperty(Config.AAF_API_VERSION, Config.AAF_DEFAULT_API_VERSION);
+ if (tag==null) {
+ throw new CadiException("AAFCon cannot be constructed without a property tag or URL");
+ } else {
+ String str = access.getProperty(tag,null);
+ if (str==null) {
+ if (tag.contains("://")) { // assume a URL
+ str = tag;
+ } else {
+ throw new CadiException("A URL or " + tag + " property is required.");
+ }
+ }
+ setInitURI(str);
+ }
+ try {
+ this.access = access;
+ this.si = si;
+ if (si.defSS.getID().equals(SecurityInfoC.DEF_ID)) { // it's the Preliminary SS, try to get a better one
+ String mechid = access.getProperty(Config.AAF_APPID, null);
+ if (mechid==null) {
+ mechid=access.getProperty(Config.OAUTH_CLIENT_ID,null);
+ }
+ String encpass = access.getProperty(Config.AAF_APPPASS, null);
+ if (encpass==null) {
+ encpass = access.getProperty(Config.OAUTH_CLIENT_SECRET,null);
+ }
+ if (encpass==null) {
+ String alias = access.getProperty(Config.CADI_ALIAS, mechid);
+ if (alias==null) {
+ access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID);
+ set(si.defSS);
+ } else {
+ si.defSS=x509Alias(alias);
+ set(si.defSS);
+ }
+ } else {
+ if (mechid!=null) {
+ si.defSS=basicAuth(mechid, encpass);
+ set(si.defSS);
+ } else {
+ si.defSS=new SecuritySetter<CLIENT>() {
+
+ @Override
+ public String getID() {
+ return "";
+ }
+
+ @Override
+ public void setSecurity(CLIENT client) throws CadiException {
+ throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)");
+ }
+
+ @Override
+ public int setLastResponse(int respCode) {
+ return 0;
+ }
+ };
+ set(si.defSS);
+ }
+ }
+ }
+
+ timeout = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT, Config.AAF_CALL_TIMEOUT_DEF));
+ cleanInterval = Integer.parseInt(access.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF));
+ highCount = Integer.parseInt(access.getProperty(Config.AAF_HIGH_COUNT, Config.AAF_HIGH_COUNT_DEF).trim());
+ connTimeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF).trim());
+ userExpires = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim());
+ usageRefreshTriggerCount = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim())-1; // zero based
+
+ app=FQI.reverseDomain(si.defSS.getID());
+ //TODO Get Realm from AAF
+ realm="people.osaaf.org";
+
+ env = new RosettaEnv();
+ permsDF = env.newDataFactory(Perms.class);
+ usersDF = env.newDataFactory(Users.class);
+ certsDF = env.newDataFactory(Certs.class);
+ certsDF.rootMarshal(new CertsMarshal()); // Speedier Marshaling
+ errDF = env.newDataFactory(Error.class);
+ } catch (APIException e) {
+ throw new CadiException("AAFCon cannot be configured",e);
+ }
+ }
+ protected abstract URI initURI();
protected abstract void setInitURI(String uriString) throws CadiException;
- /*
- protected abstract SecuritySetter<CLIENT> bestSS(SecurityInfoC<CLIENT> si) throws CadiException;
- */
+
+ public final String aafVersion() {
+ return apiVersion;
+ }
/**
* Use this call to get the appropriate client based on configuration (HTTP, future)
+ * using default AAF API Version
+ *
+ * @param apiVersion
+ * @return
+ * @throws CadiException
+ */
+ public Rcli<CLIENT> client() throws CadiException {
+ return client(apiVersion);
+ }
+
+ /**
+ * Use this call to get the appropriate client based on configuration (HTTP, future)
*
* @param apiVersion
* @return
* @throws CadiException
*/
- public Rcli<CLIENT> client(String apiVersion) throws CadiException {
- Rcli<CLIENT> client = clients.get(apiVersion);
+ public Rcli<CLIENT> client(final String apiVersion) throws CadiException {
+ Rcli<CLIENT> client = clients.get(apiVersion);
if (client==null) {
client = rclient(initURI(),si.defSS);
client.apiVersion(apiVersion)
@@ -112,112 +228,25 @@ public abstract class AAFCon<CLIENT> implements Connector {
* @return
* @throws CadiException
*/
+ public Rcli<CLIENT> clientAs(TaggedPrincipal p) throws CadiException {
+ return clientAs(apiVersion,p);
+ }
+
+ /**
+ * Use this API when you have permission to have your call act as the end client's ID.
+ *
+ * Your calls will get 403 errors if you do not have this permission. it is a special setup, rarely given.
+ *
+ * @param apiVersion
+ * @param req
+ * @return
+ * @throws CadiException
+ */
public Rcli<CLIENT> clientAs(String apiVersion, TaggedPrincipal p) throws CadiException {
Rcli<CLIENT> cl = client(apiVersion);
return cl.forUser(transferSS(p));
}
-
- protected AAFCon(AAFCon<CLIENT> copy) {
- access = copy.access;
- timeout = copy.timeout;
- cleanInterval = copy.cleanInterval;
- connTimeout = copy.connTimeout;
- highCount = copy.highCount;
- userExpires = copy.userExpires;
- usageRefreshTriggerCount = copy.usageRefreshTriggerCount;
- permsDF = copy.permsDF;
- certsDF = copy.certsDF;
- usersDF = copy.usersDF;
- errDF = copy.errDF;
- app = copy.app;
- si = copy.si;
- env = copy.env;
- realm = copy.realm;
- }
-
- protected AAFCon(Access access, String tag, SecurityInfoC<CLIENT> si) throws CadiException{
- if (tag==null) {
- throw new CadiException("AAFCon cannot be constructed without a property tag or URL");
- } else {
- String str = access.getProperty(tag,null);
- if (str==null) {
- if (tag.contains("://")) { // assume a URL
- str = tag;
- } else {
- throw new CadiException("A URL or " + tag + " property is required.");
- }
- }
- setInitURI(str);
- }
- try {
- this.access = access;
- this.si = si;
- if (si.defSS.getID().equals(SecurityInfoC.DEF_ID)) { // it's the Preliminary SS, try to get a better one
- String mechid = access.getProperty(Config.AAF_APPID, null);
- if (mechid==null) {
- mechid=access.getProperty(Config.OAUTH_CLIENT_ID,null);
- }
- String encpass = access.getProperty(Config.AAF_APPPASS, null);
- if (encpass==null) {
- encpass = access.getProperty(Config.OAUTH_CLIENT_SECRET,null);
- }
- if (encpass==null) {
- String alias = access.getProperty(Config.CADI_ALIAS, mechid);
- if (alias==null) {
- access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID);
- set(si.defSS);
- } else {
- si.defSS=x509Alias(alias);
- set(si.defSS);
- }
- } else {
- if (mechid!=null) {
- si.defSS=basicAuth(mechid, encpass);
- set(si.defSS);
- } else {
- si.defSS=new SecuritySetter<CLIENT>() {
-
- @Override
- public String getID() {
- return "";
- }
-
- @Override
- public void setSecurity(CLIENT client) throws CadiException {
- throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)");
- }
- @Override
- public int setLastResponse(int respCode) {
- return 0;
- }
- };
- set(si.defSS);
- }
- }
- }
-
- timeout = Integer.parseInt(access.getProperty(Config.AAF_CALL_TIMEOUT, Config.AAF_CALL_TIMEOUT_DEF));
- cleanInterval = Integer.parseInt(access.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF));
- highCount = Integer.parseInt(access.getProperty(Config.AAF_HIGH_COUNT, Config.AAF_HIGH_COUNT_DEF).trim());
- connTimeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF).trim());
- userExpires = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim());
- usageRefreshTriggerCount = Integer.parseInt(access.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF).trim())-1; // zero based
-
- app=FQI.reverseDomain(si.defSS.getID());
- //TODO Get Realm from AAF
- realm="people.osaaf.org";
-
- env = new RosettaEnv();
- permsDF = env.newDataFactory(Perms.class);
- usersDF = env.newDataFactory(Users.class);
- certsDF = env.newDataFactory(Certs.class);
- certsDF.rootMarshal(new CertsMarshal()); // Speedier Marshaling
- errDF = env.newDataFactory(Error.class);
- } catch (APIException e) {
- throw new CadiException("AAFCon cannot be configured",e);
- }
- }
public RosettaEnv env() {
return env;
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java
index 9b5e9389..d39fc1d6 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java
@@ -1,5 +1,5 @@
/**
- * ============LICENSE_START====================================================
+r * ============LICENSE_START====================================================
* org.onap.aaf
* ===========================================================================
* Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
index dc0e2cae..e48ae169 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
@@ -190,7 +190,7 @@ public class AAFLurPerm extends AbsAAFLur<AAFPermission> {
@Override
public Resp code(Rcli<?> client) throws CadiException, ConnectException, APIException {
final long remoteStart = System.nanoTime();
- Future<Perms> fp = aaf.client(Config.AAF_DEFAULT_VERSION).read(
+ Future<Perms> fp = aaf.client().read(
"/authz/perms/user/"+name,
aaf.permsDF
);
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java
index 83b66a08..c27dd123 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java
@@ -209,7 +209,7 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT
if (prin instanceof BasicPrincipal) {
Future<String> fp;
try {
- Rcli<CLIENT> userAAF = aaf.client(Config.AAF_DEFAULT_VERSION).forUser(aaf.transferSS((BasicPrincipal)prin));
+ Rcli<CLIENT> userAAF = aaf.client().forUser(aaf.transferSS((BasicPrincipal)prin));
fp = userAAF.read("/authn/basicAuth", "text/plain");
return fp.get(aaf.timeout)?Resp.REVALIDATED:Resp.UNVALIDATED;
} catch (Exception e) {
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java
index 09f007c9..c7246466 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java
@@ -32,11 +32,10 @@ import java.util.NoSuchElementException;
import org.onap.aaf.cadi.Access;
import org.onap.aaf.cadi.Access.Level;
-import org.onap.aaf.cadi.aaf.Defaults;
import org.onap.aaf.cadi.Locator;
import org.onap.aaf.cadi.LocatorException;
+import org.onap.aaf.cadi.aaf.Defaults;
import org.onap.aaf.cadi.config.Config;
-import org.onap.aaf.cadi.locator.PropertyLocator;
import org.onap.aaf.cadi.routing.GreatCircle;
import org.onap.aaf.misc.env.Trans;
import org.onap.aaf.misc.env.util.Split;
@@ -96,11 +95,11 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI>
}
if (name.startsWith("http")) { // simple URL
this.name = name;
- this.version = Config.AAF_DEFAULT_VERSION;
+ this.version = access.getProperty(Config.AAF_API_VERSION,Config.AAF_DEFAULT_API_VERSION);
} else {
String[] split = Split.split(':', name);
this.name = split[0];
- this.version = (split.length > 1) ? split[1] : Config.AAF_DEFAULT_VERSION;
+ this.version = (split.length > 1) ? split[1] : access.getProperty(Config.AAF_API_VERSION,Config.AAF_DEFAULT_API_VERSION);
}
}
@@ -113,9 +112,9 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI>
locatorCreator = lc;
}
- public static Locator<URI> create(String key) throws LocatorException {
+ /*public static Locator<URI> create(String key) throws LocatorException {
String name = null;
- String version = Config.AAF_DEFAULT_VERSION;
+ String version = Config.AAF_DEFAULT_API_VERSION;
String pathInfo = null;
int prev = key.indexOf("/locate");
if (prev>0) {
@@ -156,6 +155,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI>
}
return null;
}
+ */
public static Locator<URI> create(final String name, final String version) throws LocatorException {
return locatorCreator.create(name, version);
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java
index a03b3fdf..9552d397 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java
@@ -308,8 +308,13 @@ public class AAFSSO {
addProp(Config.AAF_LOCATE_URL, locateUrl);
}
- access.setProperty(Config.AAF_URL, Defaults.AAF_URL);
- access.setProperty(Config.CM_URL, Defaults.CM_URL);
+ final String apiVersion = access.getProperty(Config.AAF_API_VERSION);
+ if(access.getProperty(Config.AAF_URL)==null) {
+ access.setProperty(Config.AAF_URL, apiVersion==null?Defaults.AAF_URL:Defaults.AAF_ROOT+".service:"+apiVersion);
+ }
+ if(access.getProperty(Config.CM_URL)==null) {
+ access.setProperty(Config.CM_URL, apiVersion==null?Defaults.CM_URL:Defaults.AAF_ROOT+".cm:"+apiVersion);
+ }
String cadiLatitude = access.getProperty(Config.CADI_LATITUDE);
if (cadiLatitude==null) {
System.out.println("# If you do not know your Global Coordinates, we suggest bing.com/maps");
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java
index 1d1c6163..4c1139d4 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/cert/test/JU_AAFListedCertIdentity.java
@@ -117,7 +117,7 @@ public class JU_AAFListedCertIdentity {
@Test
public void test() throws APIException, CadiException, CertificateException {
- doReturn(rcliMock).when(conMock).client(Config.AAF_DEFAULT_VERSION);
+ doReturn(rcliMock).when(conMock).client();
when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/tguard/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock);
when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/basicAuth/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock);
when(rcliMock.read("/authz/users/perm/com.att.aaf.trust/csp/authenticate", Users.class, userDFMock)).thenReturn(futureUsersMock);
diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java
index 825e3c91..14f96733 100644
--- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java
+++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/v2_0/test/JU_AbsAAFLocator.java
@@ -74,40 +74,17 @@ public class JU_AbsAAFLocator {
// Test with http
loc = new AAFLocatorStub(access, "httpname");
assertThat(loc.getName(), is("httpname"));
- assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_VERSION));
+ assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_API_VERSION));
assertThat(loc.toString(), is("AAFLocator for " + "httpname" + " on " + loc.getURI()));
loc = new AAFLocatorStub(access, "name");
assertThat(loc.getName(), is("name"));
- assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_VERSION));
+ assertThat(loc.getVersion(), is(Config.AAF_DEFAULT_API_VERSION));
loc = new AAFLocatorStub(access, "name:v2.0");
assertThat(loc.getName(), is("name"));
assertThat(loc.getVersion(), is("v2.0"));
}
- @Test
- public void createTest() throws LocatorException {
- AbsAAFLocator.setCreator(locatorCreatorMock);
-
- assertThat(AbsAAFLocator.create("nonsense"), is(nullValue()));
- assertThat(AbsAAFLocator.create("nonsense/locate"), is(nullValue()));
- assertThat(AbsAAFLocator.create("nonsense/locate/"), is(nullValue()));
- assertThat(AbsAAFLocator.create("nonsense/locate//"), is(nullValue()));
- assertThat(AbsAAFLocator.create("nonsense/locate/name:v2.0"), is(nullValue()));
-
- assertThat(AbsAAFLocator.create("http/locate/name:v2.0"), is(nullValue()));
-
- doReturn(mock(AbsAAFLocator.class)).when(locatorCreatorMock).create(anyString(), anyString());
- assertThat(AbsAAFLocator.create("http/locate/name:v2.0/path"), is(not(nullValue())));
-
- AbsAAFLocator.setCreator(null);
- assertThat(AbsAAFLocator.create("http/locate/name:v2.0"), is(nullValue()));
-
- assertThat(AbsAAFLocator.create("http"), is(not(nullValue())));
-
- AbsAAFLocator.setCreator(locatorCreatorMock);
- assertThat(AbsAAFLocator.create("first", "second"), is(not(nullValue())));
- }
@Test
public void nameFromLocatorURITest() throws LocatorException, URISyntaxException {
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index b7d5abe5..2f9de6cf 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -140,15 +140,16 @@ public class Config {
public static final String AAF_ROOT_COMPANY = "aaf_root_company";
public static final String AAF_LOCATE_URL = "aaf_locate_url"; //URL for AAF locator
private static final String AAF_LOCATE_URL_TAG = "AAF_LOCATE_URL"; // Name of Above for use in Config Variables.
- public static final String AAF_DEFAULT_VERSION = "2.1";
+ public static final String AAF_DEFAULT_API_VERSION = "2.1";
+ public static final String AAF_API_VERSION = "aaf_api_version";
public static final String AAF_URL = "aaf_url"; //URL for AAF... Use to trigger AAF configuration
- public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.service:" + AAF_DEFAULT_VERSION;
- public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.gui:" + AAF_DEFAULT_VERSION;
- public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:" + AAF_DEFAULT_VERSION;
- public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.fs:" + AAF_DEFAULT_VERSION;
- public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.hello:" + AAF_DEFAULT_VERSION;
- public static final String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/AAF_NS.token:" + AAF_DEFAULT_VERSION;
- public static final String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/AAF_NS.introspect:" + AAF_DEFAULT_VERSION;
+ public static final String AAF_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.service:" + AAF_DEFAULT_API_VERSION;
+ public static final String GUI_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.gui:" + AAF_DEFAULT_API_VERSION;
+ public static final String CM_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.cm:" + AAF_DEFAULT_API_VERSION;
+ public static final String FS_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.fs:" + AAF_DEFAULT_API_VERSION;
+ public static final String HELLO_URL_DEF = "https://AAF_LOCATE_URL/AAF_NS.hello:" + AAF_DEFAULT_API_VERSION;
+ public static final String OAUTH2_TOKEN_URL = "https://AAF_LOCATE_URL/AAF_NS.token:" + AAF_DEFAULT_API_VERSION;
+ public static final String OAUTH2_INTROSPECT_URL = "https://AAF_LOCATE_URL/AAF_NS.introspect:" + AAF_DEFAULT_API_VERSION;
public static final String AAF_REGISTER_AS = "aaf_register_as";
public static final String AAF_APPID = "aaf_id";
diff --git a/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java
index 7d1eae96..adb95d9b 100644
--- a/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java
+++ b/cadi/servlet-sample/src/main/java/org/onap/aaf/sample/cadi/MyServlet.java
@@ -100,8 +100,8 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal;
};
}
// This call will be "as the user calling", but only if permission is set to trust.
-// Future<String> future = aafcon.clientAs(Config.AAF_DEFAULT_VERSION,tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
- Future<String> future = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
+// Future<String> future = aafcon.clientAs(Config.AAF_DEFAULT_API_VERSION,tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
+ Future<String> future = aafcon.client(Config.AAF_DEFAULT_API_VERSION).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json");
if (future.get(4000 /* timeout */)) {
res.getOutputStream().print(future.value);
} else {