diff options
7 files changed, 60 insertions, 64 deletions
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java index 0c28c7ca..bb6f1986 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java @@ -136,16 +136,13 @@ public abstract class AbsService<ENV extends BasicEnv, TRANS extends Trans> exte * @return * @throws LocatorException */ - protected synchronized AAFConHttp _newAAFConHttp() throws CadiException, LocatorException { - try { + protected synchronized AAFConHttp _newAAFConHttp() throws CadiException, LocatorException { if(aafCon==null) { aafCon = new AAFConHttp(access); - } + } return aafCon; - } catch (APIException e) { - throw new CadiException(e); + } - } // This is a method, so we can overload for AAFAPI public String aaf_url() { diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java index 8371ff14..9f25eab7 100644 --- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java +++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java @@ -191,10 +191,9 @@ public class AAF_Locate extends AbsService<AuthzEnv, AuthzTrans> { } // utilize pre-constructed DirectAAFLocator return new AAFConHttp(env.access(),dal); - } catch (APIException | LocatorException e) { + } catch (LocatorException e) { throw new CadiException(e); } - } public Locator<URI> getGUILocator() throws LocatorException { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java index 3c970bc2..b350e2a7 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java @@ -43,7 +43,7 @@ public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> { * @throws Exception .. */ // Package on purpose - AAFAuthn(AAFCon<CLIENT> con) throws Exception { + AAFAuthn(AAFCon<CLIENT> con) { super(con.access,con.cleanInterval,con.highCount,con.usageRefreshTriggerCount); this.con = con; } @@ -73,7 +73,7 @@ public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> { * * Convenience function. Passes "null" for State object */ - public String validate(String user, String password) throws IOException, CadiException { + public String validate(String user, String password) throws IOException { return validate(user,password,null); } @@ -90,7 +90,7 @@ public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> { * @throws CadiException * @throws Exception */ - public String validate(String user, String password, Object state) throws IOException, CadiException { + public String validate(String user, String password, Object state) throws IOException { password = access.decrypt(password, false); byte[] bytes = password.getBytes(); User<AAFPermission> usr = getUser(user,bytes); @@ -103,7 +103,7 @@ public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> { } } - AAFCachedPrincipal cp = new AAFCachedPrincipal(this,con.app, user, bytes, con.cleanInterval); + AAFCachedPrincipal cp = new AAFCachedPrincipal(user, bytes, con.cleanInterval); // Since I've relocated the Validation piece in the Principal, just revalidate, then do Switch // Statement switch(cp.revalidate(state)) { @@ -127,9 +127,10 @@ public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> { } private class AAFCachedPrincipal extends ConfigPrincipal implements CachedPrincipal { - private long expires,timeToLive; + private long expires; + private long timeToLive; - public AAFCachedPrincipal(AAFAuthn<?> aaf, String app, String name, byte[] pass, int timeToLive) { + private AAFCachedPrincipal(String name, byte[] pass, int timeToLive) { super(name,pass); this.timeToLive = timeToLive; expires = timeToLive + System.currentTimeMillis(); @@ -164,6 +165,6 @@ public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> { public long expires() { return expires; } - }; + } } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java index b076379c..32a82d6d 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java @@ -166,19 +166,21 @@ public abstract class AAFCon<CLIENT> implements Connector { access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID); set(si.defSS); } else { - set(si.defSS=x509Alias(alias)); + si.defSS=x509Alias(alias); + set(si.defSS); } } else { - if(mechid!=null && encpass !=null) { - set(si.defSS=basicAuth(mechid, encpass)); + if(mechid!=null) { + si.defSS=basicAuth(mechid, encpass); + set(si.defSS); } else { - set(si.defSS=new SecuritySetter<CLIENT>() { - + si.defSS=new SecuritySetter<CLIENT>() { + @Override public String getID() { return ""; } - + @Override public void setSecurity(CLIENT client) throws CadiException { throw new CadiException("AAFCon has not been initialized with Credentials (SecuritySetter)"); @@ -188,7 +190,8 @@ public abstract class AAFCon<CLIENT> implements Connector { public int setLastResponse(int respCode) { return 0; } - }); + }; + set(si.defSS); } } } @@ -249,22 +252,21 @@ public abstract class AAFCon<CLIENT> implements Connector { public AAFAuthn<CLIENT> newAuthn() throws APIException { try { - return new AAFAuthn<CLIENT>(this); - } catch (APIException e) { - throw e; + return new AAFAuthn<>(this); } catch (Exception e) { throw new APIException(e); } } public AAFAuthn<CLIENT> newAuthn(AbsUserCache<AAFPermission> c) { - return new AAFAuthn<CLIENT>(this,c); + return new AAFAuthn<>(this, c); } public AAFLurPerm newLur() throws CadiException { try { if(lur==null) { - return (lur = new AAFLurPerm(this)); + lur = new AAFLurPerm(this); + return lur; } else { return new AAFLurPerm(this,lur); } @@ -357,13 +359,13 @@ public abstract class AAFCon<CLIENT> implements Connector { Error err = errDF.newData().in(TYPE.JSON).load(f.body()).asObject(); return Vars.convert(err.getText(),err.getVariables()); } catch (APIException e){ - // just return the body below + access.log(e); } } return text; } - public static AAFCon<?> newInstance(PropAccess pa) throws APIException, CadiException, LocatorException { + public static AAFCon<?> newInstance(PropAccess pa) throws CadiException, LocatorException { // Potentially add plugin for other kinds of Access return new AAFConHttp(pa); } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java index 9fc38d9f..59cb6c87 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java @@ -49,7 +49,7 @@ import org.onap.aaf.misc.env.APIException; public class AAFConHttp extends AAFCon<HttpURLConnection> { private final HMangr hman; - public AAFConHttp(Access access) throws APIException, CadiException, LocatorException { + public AAFConHttp(Access access) throws CadiException, LocatorException { super(access,Config.AAF_URL,SecurityInfoC.instance(access, HttpURLConnection.class)); bestSS(si); hman = new HMangr(access,Config.loadLocator(si, access.getProperty(Config.AAF_URL,null))); @@ -64,7 +64,7 @@ public class AAFConHttp extends AAFCon<HttpURLConnection> { } catch (APIException e) { throw new CadiException(e); } - } else if((s = access.getProperty(Config.AAF_APPID, null))!=null){ + } else if((access.getProperty(Config.AAF_APPID, null))!=null){ try { return new HBasicAuthSS(si,true); } catch (IOException /*| GeneralSecurityException*/ e) { @@ -75,19 +75,19 @@ public class AAFConHttp extends AAFCon<HttpURLConnection> { } } - public AAFConHttp(Access access, String tag) throws APIException, CadiException, LocatorException { + public AAFConHttp(Access access, String tag) throws CadiException, LocatorException { super(access,tag,SecurityInfoC.instance(access, HttpURLConnection.class)); bestSS(si); hman = new HMangr(access,Config.loadLocator(si, access.getProperty(tag,tag/*try the content itself*/))); } - public AAFConHttp(Access access, String urlTag, SecurityInfoC<HttpURLConnection> si) throws CadiException, APIException, LocatorException { + public AAFConHttp(Access access, String urlTag, SecurityInfoC<HttpURLConnection> si) throws CadiException, LocatorException { super(access,urlTag,si); bestSS(si); hman = new HMangr(access,Config.loadLocator(si, access.getProperty(urlTag,null))); } - public AAFConHttp(Access access, Locator<URI> locator) throws CadiException, LocatorException, APIException { + public AAFConHttp(Access access, Locator<URI> locator) throws CadiException, LocatorException { super(access,Config.AAF_URL,SecurityInfoC.instance(access, HttpURLConnection.class)); bestSS(si); hman = new HMangr(access,locator); @@ -135,7 +135,7 @@ public class AAFConHttp extends AAFCon<HttpURLConnection> { } } - public SecuritySetter<HttpURLConnection> x509Alias(String alias) throws APIException, CadiException { + public SecuritySetter<HttpURLConnection> x509Alias(String alias) throws CadiException { try { return set(new HX509SS(alias,si)); } catch (Exception e) { @@ -168,7 +168,7 @@ public class AAFConHttp extends AAFCon<HttpURLConnection> { } } @Override - public AbsTransferSS<HttpURLConnection> transferSS(TaggedPrincipal principal) throws CadiException { + public AbsTransferSS<HttpURLConnection> transferSS(TaggedPrincipal principal) { return new HTransferSS(principal, app,si); } @@ -199,7 +199,7 @@ public class AAFConHttp extends AAFCon<HttpURLConnection> { @Override public <RET> RET best(Retryable<RET> retryable) throws LocatorException, CadiException, APIException { - return hman.best(si.defSS, (Retryable<RET>)retryable); + return hman.best(si.defSS, retryable); } /* (non-Javadoc) @@ -207,7 +207,7 @@ public class AAFConHttp extends AAFCon<HttpURLConnection> { */ @Override public <RET> RET bestForUser(GetSetter getSetter, Retryable<RET> retryable) throws LocatorException, CadiException, APIException { - return hman.best(getSetter.get(this), (Retryable<RET>)retryable); + return hman.best(getSetter.get(this), retryable); } /* (non-Javadoc) @@ -230,7 +230,7 @@ public class AAFConHttp extends AAFCon<HttpURLConnection> { * @see org.onap.aaf.cadi.aaf.v2_0.AAFCon#setInitURI(java.lang.String) */ @Override - protected void setInitURI(String uriString) throws CadiException { + protected void setInitURI(String uriString) { // Using Locator, not URLString, which is mostly for DME2 } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java index 42f3ec4d..6159726b 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java @@ -22,23 +22,20 @@ package org.onap.aaf.cadi.aaf.v2_0; import java.io.IOException; -import java.net.ConnectException; import java.security.Principal; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; - import org.onap.aaf.cadi.AbsUserCache; +import org.onap.aaf.cadi.Access.Level; import org.onap.aaf.cadi.CachedPrincipal; +import org.onap.aaf.cadi.CachedPrincipal.Resp; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.Connector; import org.onap.aaf.cadi.GetCred; import org.onap.aaf.cadi.Hash; import org.onap.aaf.cadi.SecuritySetter; -import org.onap.aaf.cadi.User; -import org.onap.aaf.cadi.Access.Level; -import org.onap.aaf.cadi.CachedPrincipal.Resp; import org.onap.aaf.cadi.Taf.LifeForm; +import org.onap.aaf.cadi.User; import org.onap.aaf.cadi.aaf.AAFPermission; import org.onap.aaf.cadi.aaf.v2_0.AAFCon.GetSetter; import org.onap.aaf.cadi.client.Future; @@ -54,8 +51,6 @@ import org.onap.aaf.cadi.taf.basic.BasicHttpTafResp; import org.onap.aaf.misc.env.APIException; public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpTaf { -// private static final String INVALID_AUTH_TOKEN = "Invalid Auth Token"; -// private static final String AUTHENTICATING_SERVICE_UNAVAILABLE = "Authenticating Service unavailable"; private AAFCon<CLIENT> aaf; private boolean warn; @@ -67,19 +62,19 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT public AAFTaf(AAFCon<CLIENT> con, boolean turnOnWarning, AbsUserCache<AAFPermission> other) { super(other); - aaf = (AAFCon<CLIENT>)con; + aaf = con; warn = turnOnWarning; } // Note: Needed for Creation of this Object with Generics @SuppressWarnings("unchecked") - public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning, AbsUserCache<AAFPermission> other) throws CadiException { + public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning, AbsUserCache<AAFPermission> other) { this((AAFCon<CLIENT>)mustBeAAFCon,turnOnWarning,other); } // Note: Needed for Creation of this Object with Generics @SuppressWarnings("unchecked") - public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning) throws CadiException { + public AAFTaf(Connector mustBeAAFCon, boolean turnOnWarning) { this((AAFCon<CLIENT>)mustBeAAFCon,turnOnWarning); } @@ -90,7 +85,9 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT // Note: Either Carbon or Silicon based LifeForms ok String authz = req.getHeader("Authorization"); if(authz != null && authz.startsWith("Basic ")) { - if(warn&&!req.isSecure())aaf.access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel"); + if(warn&&!req.isSecure()) { + aaf.access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel"); + } try { final CachedBasicPrincipal bp; if(req.getUserPrincipal() instanceof CachedBasicPrincipal) { @@ -100,14 +97,12 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT } // First try Cache final User<AAFPermission> usr = getUser(bp); - if(usr != null && usr.principal != null) { - if(usr.principal instanceof GetCred) { - if(Hash.isEqual(bp.getCred(),((GetCred)usr.principal).getCred())) { - return new BasicHttpTafResp(aaf.access,bp,bp.getName()+" authenticated by cached AAF password",RESP.IS_AUTHENTICATED,resp,aaf.getRealm(),false); - } - } + if(usr != null + && usr.principal instanceof GetCred + && Hash.isEqual(bp.getCred(),((GetCred)usr.principal).getCred())) { + return new BasicHttpTafResp(aaf.access,bp,bp.getName()+" authenticated by cached AAF password",RESP.IS_AUTHENTICATED,resp,aaf.getRealm(),false); } - + Miss miss = missed(bp.getName(), bp.getCred()); if(miss!=null && !miss.mayContinue()) { return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req, @@ -123,7 +118,7 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT } },new Retryable<BasicHttpTafResp>() { @Override - public BasicHttpTafResp code(Rcli<?> client) throws CadiException, ConnectException, APIException { + public BasicHttpTafResp code(Rcli<?> client) throws CadiException, APIException { Future<String> fp = client.read("/authn/basicAuth", "text/plain"); if(fp.get(aaf.timeout)) { if(usr!=null) { @@ -166,7 +161,7 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT return new BasicHttpTafResp(aaf.access,null,"Requesting HTTP Basic Authorization",RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),false); } - public String buildMsg(Principal pr, HttpServletRequest req, Object ... msg) { + private String buildMsg(Principal pr, HttpServletRequest req, Object... msg) { StringBuilder sb = new StringBuilder(); for(Object s : msg) { sb.append(s.toString()); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java index 7de8536a..fca23740 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java @@ -135,6 +135,8 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> version = split[1]; name = split[0]; break; + default: + break; } } } @@ -214,7 +216,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> } private boolean noEntries() { - return epList.size()<=0; + return epList.isEmpty(); } @Override @@ -423,8 +425,8 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> } protected static class EP implements Comparable<EP> { - public URI uri; - public final double distance; + private URI uri; + private final double distance; private boolean valid; public EP(final Endpoint ep, double latitude, double longitude) throws URISyntaxException { @@ -493,7 +495,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> try { return new URI(rv.getScheme(),rv.getUserInfo(),rv.getHost(),rv.getPort(),pathInfo,query,fragment); } catch (URISyntaxException e) { - throw new LocatorException("Error copying URL"); + throw new LocatorException("Error copying URL", e); } } return rv; |