summaryrefslogtreecommitdiffstats
path: root/auth-client
diff options
context:
space:
mode:
Diffstat (limited to 'auth-client')
-rw-r--r--auth-client/.gitignore4
-rw-r--r--auth-client/pom.xml225
-rw-r--r--auth-client/src/main/xsd/aaf_2_0.xsd547
-rw-r--r--auth-client/src/main/xsd/aaf_oauth2.xsd141
-rw-r--r--auth-client/src/main/xsd/certman_1_0.xsd169
-rw-r--r--auth-client/src/main/xsd/certman_2_0.xsd169
-rw-r--r--auth-client/src/main/xsd/locate_1_0.xsd79
7 files changed, 1334 insertions, 0 deletions
diff --git a/auth-client/.gitignore b/auth-client/.gitignore
new file mode 100644
index 00000000..6028f0a5
--- /dev/null
+++ b/auth-client/.gitignore
@@ -0,0 +1,4 @@
+/.classpath
+/.settings/
+/target/
+/.project
diff --git a/auth-client/pom.xml b/auth-client/pom.xml
new file mode 100644
index 00000000..8c693bfa
--- /dev/null
+++ b/auth-client/pom.xml
@@ -0,0 +1,225 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.onap.aaf.authz</groupId>
+ <artifactId>parent</artifactId>
+ <version>2.1.0-SNAPSHOT</version>
+ </parent>
+
+ <!-- No Parent on Purpose!!! -->
+ <artifactId>aaf-auth-client</artifactId>
+ <name>AAF Auth Client</name>
+ <description>XSD Generated classes for AAF Auth</description>
+ <groupId>org.onap.aaf.authz</groupId>
+ <version>2.1.0-SNAPSHOT</version>
+ <packaging>jar</packaging>
+
+ <properties>
+ <project.interfaceVersion>2.1.0-SNAPSHOT</project.interfaceVersion>
+ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ <maven.test.failure.ignore>true</maven.test.failure.ignore>
+ <!-- SONAR -->
+ <sonar.skip>true</sonar.skip>
+ <jacoco.version>0.7.7.201606060606</jacoco.version>
+ <sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version>
+ <sonar.core.codeCoveragePlugin>jacoco</sonar.core.codeCoveragePlugin>
+ <!-- Default Sonar configuration -->
+ <sonar.jacoco.reportPaths>target/code-coverage/jacoco-ut.exec</sonar.jacoco.reportPaths>
+ <sonar.jacoco.itReportPaths>target/code-coverage/jacoco-it.exec</sonar.jacoco.itReportPaths>
+ <!-- Note: This list should match jacoco-maven-plugin's exclusion list below -->
+ <sonar.exclusions>**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**</sonar.exclusions>
+ <nexusproxy>https://nexus.onap.org</nexusproxy>
+ <snapshotNexusPath>/content/repositories/snapshots/</snapshotNexusPath>
+ <releaseNexusPath>/content/repositories/releases/</releaseNexusPath>
+ <stagingNexusPath>/content/repositories/staging/</stagingNexusPath>
+ <sitePath>/content/sites/site/org.onap.aaf.authz/${project.artifactId}/${project.version}</sitePath>
+ </properties>
+
+ <developers>
+ <developer>
+ <name>Jonathan Gathman</name>
+ <email>jonathan.gathman@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Architect</role>
+ <role>Lead Developer</role>
+ </roles>
+ </developer>
+ <developer>
+ <name>Gabe Maurer</name>
+ <email>gabe.maurer@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Developer</role>
+ </roles>
+ </developer>
+ <developer>
+ <name>Ian Howell</name>
+ <email>ian.howell@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Developer</role>
+ </roles>
+ </developer>
+ <developer>
+ <name>Sai Gandham</name>
+ <email>sai.gandham@att.com</email>
+ <organization>ATT</organization>
+ <roles>
+ <role>Developer</role>
+ </roles>
+ </developer>
+ </developers>
+
+
+ <dependencies>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.10</version>
+ <scope>test</scope>
+ </dependency>
+
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.jvnet.jaxb2.maven2</groupId>
+ <artifactId>maven-jaxb2-plugin</artifactId>
+ <version>0.8.2</version>
+ <executions>
+ <execution>
+ <goals>
+ <goal>generate</goal>
+ </goals>
+ </execution>
+ </executions>
+ <configuration>
+ <schemaDirectory>src/main/xsd</schemaDirectory>
+ </configuration>
+ </plugin>
+
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-deploy-plugin</artifactId>
+ <version>2.5</version>
+ <configuration>
+ <skip>false</skip>
+ </configuration>
+ </plugin>
+
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-compiler-plugin</artifactId>
+ <version>2.3.2</version>
+ <configuration>
+ <source>1.6</source>
+ <target>1.6</target>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.sonatype.plugins</groupId>
+ <artifactId>nexus-staging-maven-plugin</artifactId>
+ <version>1.6.7</version>
+ <extensions>true</extensions>
+ <configuration>
+ <nexusUrl>${nexusproxy}</nexusUrl>
+ <stagingProfileId>176c31dfe190a</stagingProfileId>
+ <serverId>ecomp-staging</serverId>
+ </configuration>
+ </plugin>
+ <plugin>
+ <groupId>org.jacoco</groupId>
+ <artifactId>jacoco-maven-plugin</artifactId>
+ <version>0.7.7.201606060606</version>
+ <configuration>
+ <dumpOnExit>true</dumpOnExit>
+ <includes>
+ <include>org.onap.aaf.*</include>
+ </includes>
+ </configuration>
+ <executions>
+ <execution>
+ <id>pre-unit-test</id>
+ <goals>
+ <goal>prepare-agent</goal>
+ </goals>
+ <configuration>
+ <destFile>${project.build.directory}/coverage-reports/jacoco.exec</destFile>
+ <!-- <append>true</append> -->
+ </configuration>
+ </execution>
+ <execution>
+ <id>pre-integration-test</id>
+ <phase>pre-integration-test</phase>
+ <goals>
+ <goal>prepare-agent</goal>
+ </goals>
+ <configuration>
+ <destFile>${project.build.directory}/coverage-reports/jacoco-it.exec</destFile>
+ <!-- <append>true</append> -->
+ </configuration>
+ </execution>
+ <execution>
+ <goals>
+ <goal>merge</goal>
+ </goals>
+ <phase>post-integration-test</phase>
+ <configuration>
+ <fileSets>
+ <fileSet implementation="org.apache.maven.shared.model.fileset.FileSet">
+ <directory>${project.build.directory}/coverage-reports</directory>
+ <includes>
+ <include>*.exec</include>
+ </includes>
+ </fileSet>
+ </fileSets>
+ <destFile>${project.build.directory}/jacoco-dev.exec</destFile>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+
+ <distributionManagement>
+ <repository>
+ <id>ecomp-releases</id>
+ <name>AAF Release Repository</name>
+ <url>${nexusproxy}${releaseNexusPath}</url>
+ </repository>
+ <snapshotRepository>
+ <id>ecomp-snapshots</id>
+ <name>AAF Snapshot Repository</name>
+ <url>${nexusproxy}${snapshotNexusPath}</url>
+ </snapshotRepository>
+ <site>
+ <id>ecomp-site</id>
+ <url>dav:${nexusproxy}${sitePath}</url>
+ </site>
+ </distributionManagement>
+</project>
+
diff --git a/auth-client/src/main/xsd/aaf_2_0.xsd b/auth-client/src/main/xsd/aaf_2_0.xsd
new file mode 100644
index 00000000..b4b1ba9c
--- /dev/null
+++ b/auth-client/src/main/xsd/aaf_2_0.xsd
@@ -0,0 +1,547 @@
+<!--
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+-->
+
+<xs:schema
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:aaf="urn:aaf:v2_0"
+ targetNamespace="urn:aaf:v2_0"
+ elementFormDefault="qualified">
+
+<!--
+ June 2, 2017, adding Roles, Perms, etc to NSRequest for Onboarding purposes.
+
+ Note: jan 22, 2015. Deprecating the "force" element in the "Request" Structure. Do that
+ with Query Params.
+
+ Eliminate in 3.0
+ -->
+<!--
+ Errors
+ Note: This Error Structure has been made to conform to the AT&T TSS Policies
+ -->
+ <xs:element name="error">
+ <xs:complexType>
+ <xs:sequence>
+ <!--
+ Unique message identifier of the format ‘ABCnnnn’ where ‘ABC’ is
+ either ‘SVC’ for Service Exceptions or ‘POL’ for Policy Exception.
+ Exception numbers may be in the range of 0001 to 9999 where :
+ * 0001 to 0199 are reserved for common exception messages
+ * 0200 to 0999 are reserved for Parlay Web Services specification use
+ * 1000-9999 are available for exceptions
+ -->
+ <xs:element name="messageId" type="xs:string" minOccurs="1" maxOccurs="1"/>
+
+ <!--
+ Message text, with replacement
+ variables marked with %n, where n is
+ an index into the list of <variables>
+ elements, starting at 1
+ -->
+ <xs:element name="text" type="xs:string" minOccurs="1" maxOccurs="1"/>
+
+ <!--
+ List of zero or more strings that
+ represent the contents of the variables
+ used by the message text. -->
+ <xs:element name="variables" type="xs:string" minOccurs="0" maxOccurs="unbounded" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Requests
+ -->
+ <xs:complexType name="Request">
+ <xs:sequence>
+ <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+ <xs:element name="end" type="xs:dateTime" minOccurs="1" maxOccurs="1"/>
+ <!-- Deprecated. Use Query Command
+ <xs:element name="force" type="xs:string" minOccurs="1" maxOccurs="1" default="false"/>
+ -->
+ </xs:sequence>
+ </xs:complexType>
+
+<!--
+ Keys
+ -->
+ <xs:element name="keys">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="key" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+
+<!--
+ Permissions
+-->
+ <xs:complexType name = "pkey">
+ <xs:sequence>
+ <xs:element name="type" type="xs:string"/>
+ <xs:element name="instance" type="xs:string"/>
+ <xs:element name="action" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:element name="permKey">
+ <xs:complexType >
+ <xs:complexContent>
+ <xs:extension base="aaf:pkey" />
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="perm">
+ <xs:complexType >
+ <xs:complexContent>
+ <xs:extension base="aaf:pkey">
+ <xs:sequence>
+ <xs:element name="roles" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- This data not filled in unless Requested -->
+ <xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="perms">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element ref="aaf:perm" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="permRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="type" type="xs:string"/>
+ <xs:element name="instance" type="xs:string"/>
+ <xs:element name="action" type="xs:string"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+
+<!--
+ Roles
+-->
+ <xs:complexType name="rkey">
+ <xs:sequence>
+ <xs:element name="name" type="xs:string"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:element name="roleKey">
+ <xs:complexType >
+ <xs:complexContent>
+ <xs:extension base="aaf:rkey" />
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="role">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:rkey">
+ <xs:sequence>
+ <xs:element name="perms" type="aaf:pkey" minOccurs="0" maxOccurs="unbounded"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- This data not filled in unless Requested -->
+ <xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="roles">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element ref="aaf:role" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="roleRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <!-- Added userRole return types Jonathan 9/16/2015 -->
+ <xs:element name="userRole">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="expires" type="xs:date" minOccurs="1" maxOccurs="1" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <!-- Added userRoles return types Jonathan 9/16/2015 -->
+ <xs:element name="userRoles">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element ref="aaf:userRole" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="userRoleRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="rolePermRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="perm" type="aaf:pkey" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="nsRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="admin" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <xs:element name="responsible" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Note: dec 11, 2015. Request-able NS Type Jonathan -->
+ <xs:element name="type" type="xs:string" minOccurs="0" maxOccurs="1"/>
+
+ <!-- "scope" is deprecated and unused as of AAF 2.0.11. It will be removed in future versions
+ <xs:element name="scope" type="xs:int" minOccurs="0" maxOccurs="1"/>
+
+
+ <xs:element ref="aaf:roleRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:permRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="aaf_id" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element ref="aaf:userRoleRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+
+ -->
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="nsAttribRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="ns" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name = "nss">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name = "ns" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name = "name" type = "xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name = "responsible" type = "xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name = "admin" type = "xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
+ <xs:element name = "description" type = "xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Note: Dec 16, 2015. Added description field. Verify backward compatibility. Jonathan -->
+ <xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Users
+-->
+ <xs:element name="users">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="user" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="1" />
+ <!-- Changed type to dateTime, because of importance of Certs -->
+ <xs:element name="expires" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+ <!-- need to differentiate User Cred Types, Jonathan 5/20/2015
+ This Return Object is shared by multiple functions:
+ Type is not returned for "UserRole", but only "Cred"
+ -->
+ <xs:element name="type" type="xs:int" minOccurs="0" maxOccurs="1" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Certs
+ Added Jonathan 5/20/2015 to support identifying Certificate based Services
+ -->
+ <xs:element name="certs">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="cert" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="1" />
+ <xs:element name="x500" type="xs:string" minOccurs="1" maxOccurs="1" />
+ <xs:element name="expires" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+ <xs:element name="fingerprint" type="xs:hexBinary" minOccurs="1" maxOccurs="1" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Credentials
+-->
+ <xs:element name="credRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="id" type="xs:string"/>
+ <xs:element name="type" type="xs:int" minOccurs="0" maxOccurs="1"/>
+ <xs:choice >
+ <xs:element name="password" type="xs:string" />
+ <xs:element name="entry" type="xs:string" />
+ </xs:choice>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Multi Request
+ -->
+
+ <xs:element name="multiRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element ref="aaf:nsRequest" minOccurs="0" maxOccurs="1"/>
+ <xs:element ref="aaf:nsAttribRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:roleRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:permRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:credRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:userRoleRequest" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="aaf:rolePermRequest" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ History
+ -->
+ <xs:element name="history">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="item" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="YYYYMM" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="timestamp" type="xs:dateTime" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="subject" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="target" type = "xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="action" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="memo" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Approvals
+ -->
+ <xs:complexType name="approval">
+ <xs:sequence>
+ <!-- Note, id is set by system -->
+ <xs:element name="id" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="ticket" type="xs:string"/>
+ <xs:element name="user" type="xs:string"/>
+ <xs:element name="approver" type="xs:string"/>
+ <xs:element name="type" type="xs:string"/>
+ <xs:element name="memo" type="xs:string"/>
+ <xs:element name="updated" type="xs:dateTime"/>
+ <xs:element name="status">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="approve"/>
+ <xs:enumeration value="reject"/>
+ <xs:enumeration value="pending"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="operation">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="C"/>
+ <xs:enumeration value="U"/>
+ <xs:enumeration value="D"/>
+ <xs:enumeration value="G"/>
+ <xs:enumeration value="UG"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ <xs:element name="approvals">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="approvals" type="aaf:approval" minOccurs="1" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+<!--
+ Delegates
+-->
+ <xs:complexType name="delg">
+ <xs:sequence>
+ <xs:element name="user" type="xs:string"/>
+ <xs:element name="delegate" type="xs:string"/>
+ <xs:element name="expires" type="xs:date"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:element name="delgRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="aaf:Request">
+ <xs:sequence>
+ <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="delegate" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="delgs">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="delgs" type="aaf:delg" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <!-- Jonathan 3/11/2015 New for 2.0.8 -->
+ <xs:element name="api">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="route" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="meth" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="path" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="param" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="desc" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="comments" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="contentType" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="expected" type="xs:int" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="explicitErr" type="xs:int" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+</xs:schema>
diff --git a/auth-client/src/main/xsd/aaf_oauth2.xsd b/auth-client/src/main/xsd/aaf_oauth2.xsd
new file mode 100644
index 00000000..22283184
--- /dev/null
+++ b/auth-client/src/main/xsd/aaf_oauth2.xsd
@@ -0,0 +1,141 @@
+<!--
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+-->
+<xs:schema
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:aafoauth="urn:aafoauth:v2_0"
+ targetNamespace="urn:aafoauth:v2_0"
+ elementFormDefault="qualified">
+
+
+ <!-- Definition of a GUID found several places on WEB, 5/24/2017
+ Developed a HexToken instead
+ <xs:simpleType name="guid">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ The representation of a GUID, generally the id of an element.
+ </xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:string">
+ <xs:pattern value="\{[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}\}"/>
+ </xs:restriction>
+ </xs:simpleType>
+ -->
+
+ <!-- fill this out
+ <xs:simpleType name="scope">
+ <xs:annotation>
+ <xs:documentation xml:lang="en">
+ The representation of a GUID, generally the id of an element.
+ </xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:string">
+ <xs:pattern value="[&#x|&#x23-&#x5B|&#5D-&#x7E]*"/>
+ </xs:restriction>
+ </xs:simpleType>
+ -->
+
+ <!--
+ Authenticate: consider "redirect" as well as typical connection info like:
+ grant_type - use the value “password”
+ client_id - your API client id
+ client_secret - the secret key of your client
+ username - the account username for which you want to obtain an access token
+ password - the account password
+ response_type - use the value “token”
+
+ -->
+ <!-- RFC 6749, Section 4.2.1 -->
+ <xs:element name="tokenRequest">
+ <xs:complexType>
+ <xs:sequence>
+ <!-- Must be set to "token" -->
+ <xs:element name="response_type" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="client_id" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="redirect_uri" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- only include for "refresh_token" type -->
+ <xs:element name="refresh_token" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="state" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="scope" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Normally put in application/x-www-form-urlencoded -->
+ <xs:element name="grant_type" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="username" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="password" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="client_secret" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <!-- RFC 6749, Section 4.2.2 -->
+ <xs:element name="token">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="access_token" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="token_type" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="refresh_token" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="expires_in" type="xs:int" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="scope" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="state" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <!-- RFC 6749, Section 4.2.2.1 -->
+ <xs:element name="error">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="error">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="invalid_request" />
+ <xs:enumeration value="unauthorized_client" />
+ <xs:enumeration value="access_denied" />
+ <xs:enumeration value="unsupported_response_type" />
+ <xs:enumeration value="invalid_scope" />
+ <xs:enumeration value="server_error" />
+ <xs:enumeration value="temporarily_unavailable" />
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="error_description" type="xs:string" minOccurs="0" maxOccurs="1" />
+ <xs:element name="error_uri" type="xs:string" minOccurs="0" maxOccurs="1" />
+ <xs:element name="state" type="xs:string" minOccurs = "0" maxOccurs="1" />
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <!-- Jonathan 4/21/2016 New for Certificate Info -->
+ <xs:element name="introspect">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="access_token" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="active" type="xs:boolean" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="client_id" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="username" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="client_type" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <!-- Seconds from jan 1 1970 -->
+ <xs:element name="exp" type="xs:long" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="scope" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="content" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+</xs:schema>
diff --git a/auth-client/src/main/xsd/certman_1_0.xsd b/auth-client/src/main/xsd/certman_1_0.xsd
new file mode 100644
index 00000000..19c698b9
--- /dev/null
+++ b/auth-client/src/main/xsd/certman_1_0.xsd
@@ -0,0 +1,169 @@
+<!--
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+-->
+
+<xs:schema
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:certman="urn:certman:v1_0"
+ targetNamespace="urn:certman:v1_0"
+ elementFormDefault="qualified">
+
+
+ <!-- Jonathan 4/21/2016 New for Certificate Info -->
+ <xs:element name="certInfo">
+ <xs:complexType>
+ <xs:sequence>
+ <!-- Base64 Encoded Private Key -->
+ <xs:element name="privatekey" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Base64 Encoded Certificate -->
+ <xs:element name="certs" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <!-- Challenge Password (2 method Auth) -->
+ <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Notes from Server concerning Cert (not an error) -->
+ <xs:element name="notes" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Issuer DNs from CA -->
+ <xs:element name="caIssuerDNs" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <!-- ENV in Cert -->
+ <xs:element name="env" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:complexType name="baseRequest">
+ <xs:sequence>
+ <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <!-- Sponsor is only required if the caller is not Sponsor. In that case, the calling ID must be delegated to do the work. -->
+ <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+ <xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="specificRequest">
+ <xs:complexContent>
+ <xs:extension base="certman:baseRequest">
+ <xs:sequence>
+ <xs:element name="serial" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <!-- Certificate has been compromised or other security issue -->
+ <xs:element name="revoke" type="xs:boolean" minOccurs="0" maxOccurs="1" default="false"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+
+ <xs:element name="certificateRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="certman:baseRequest">
+ <xs:sequence>
+ <!-- One FQDN is required. Multiple driven by Policy -->
+ <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <!-- Optional Email for getting Public Certificate -->
+ <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="clientX509Request">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <xs:element name="email" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+ <xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="certificateRenew">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="certman:specificRequest">
+ <xs:sequence>
+ <!-- One FQDN is required. Multiple driven by Policy -->
+ <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <!-- Challenge Password (for accessing manually) TODO Is it necessary? -->
+ <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Optional Email for getting Public Certificate -->
+ <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="certificateDrop">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="certman:specificRequest">
+ <xs:sequence>
+ <!-- Challenge Password (for accessing manually) TODO Is it necessary? -->
+ <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <!-- Placement Structures -->
+
+ <xs:element name="artifacts">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="artifact" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="machine" type="xs:string" minOccurs="0" maxOccurs="1" />
+ <xs:element name="type" minOccurs="1" maxOccurs="3">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="file"/>
+ <xs:enumeration value="jks"/>
+ <xs:enumeration value="print"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="ca" type="xs:string" minOccurs="1" maxOccurs="1" />
+ <xs:element name="dir" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="os_user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <!-- Ignored on input, and set by TABLES. However, returned on output -->
+ <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1" />
+ <!-- Optional... if empty, will use MechID Namespace -->
+ <xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Optional... if empty, will notify Sponsor -->
+ <xs:element name="notification" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Optional... Days before auto renewal. Min is 10. Max is 1/3 expiration (60) -->
+ <xs:element name="renewDays" type="xs:int" minOccurs="0" maxOccurs="1" default="30"/>
+ <!-- Optional... Additional SANS. May be denied by CA. -->
+ <xs:element name="sans" type="xs:string" minOccurs="0" maxOccurs="99"/>
+
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+
+
+</xs:schema>
diff --git a/auth-client/src/main/xsd/certman_2_0.xsd b/auth-client/src/main/xsd/certman_2_0.xsd
new file mode 100644
index 00000000..35389402
--- /dev/null
+++ b/auth-client/src/main/xsd/certman_2_0.xsd
@@ -0,0 +1,169 @@
+<!--
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+-->
+
+<xs:schema
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:certman="urn:certman:v2_0"
+ targetNamespace="urn:certman:v2_0"
+ elementFormDefault="qualified">
+
+
+ <!-- Jonathan 4/21/2016 New for Certificate Info -->
+ <xs:element name="certInfo">
+ <xs:complexType>
+ <xs:sequence>
+ <!-- Base64 Encoded Private Key -->
+ <xs:element name="privatekey" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Base64 Encoded Certificate -->
+ <xs:element name="certs" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <!-- Challenge Password (2 method Auth) -->
+ <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Notes from Server concerning Cert (not an error) -->
+ <xs:element name="notes" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Issuer DNs from CA -->
+ <xs:element name="caIssuerDNs" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <!-- ENV in Cert -->
+ <xs:element name="env" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:complexType name="baseRequest">
+ <xs:sequence>
+ <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <!-- Sponsor is only required if the caller is not Sponsor. In that case, the calling ID must be delegated to do the work. -->
+ <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+ <xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="specificRequest">
+ <xs:complexContent>
+ <xs:extension base="certman:baseRequest">
+ <xs:sequence>
+ <xs:element name="serial" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <!-- Certificate has been compromised or other security issue -->
+ <xs:element name="revoke" type="xs:boolean" minOccurs="0" maxOccurs="1" default="false"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+
+ <xs:element name="certificateRequest">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="certman:baseRequest">
+ <xs:sequence>
+ <!-- One FQDN is required. Multiple driven by Policy -->
+ <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <!-- Optional Email for getting Public Certificate -->
+ <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="clientX509Request">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <xs:element name="email" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
+ <xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="certificateRenew">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="certman:specificRequest">
+ <xs:sequence>
+ <!-- One FQDN is required. Multiple driven by Policy -->
+ <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
+ <!-- Challenge Password (for accessing manually) TODO Is it necessary? -->
+ <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Optional Email for getting Public Certificate -->
+ <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:element name="certificateDrop">
+ <xs:complexType>
+ <xs:complexContent>
+ <xs:extension base="certman:specificRequest">
+ <xs:sequence>
+ <!-- Challenge Password (for accessing manually) TODO Is it necessary? -->
+ <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+ </xs:element>
+
+ <!-- Placement Structures -->
+
+ <xs:element name="artifacts">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="artifact" minOccurs="0" maxOccurs="unbounded">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="machine" type="xs:string" minOccurs="0" maxOccurs="1" />
+ <xs:element name="type" minOccurs="1" maxOccurs="3">
+ <xs:simpleType>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="file"/>
+ <xs:enumeration value="jks"/>
+ <xs:enumeration value="print"/>
+ </xs:restriction>
+ </xs:simpleType>
+ </xs:element>
+ <xs:element name="ca" type="xs:string" minOccurs="1" maxOccurs="1" />
+ <xs:element name="dir" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="os_user" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <!-- Ignored on input, and set by TABLES. However, returned on output -->
+ <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1" />
+ <!-- Optional... if empty, will use MechID Namespace -->
+ <xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Optional... if empty, will notify Sponsor -->
+ <xs:element name="notification" type="xs:string" minOccurs="0" maxOccurs="1"/>
+ <!-- Optional... Days before auto renewal. Min is 10. Max is 1/3 expiration (60) -->
+ <xs:element name="renewDays" type="xs:int" minOccurs="0" maxOccurs="1" default="30"/>
+ <!-- Optional... Additional SANS. May be denied by CA. -->
+ <xs:element name="sans" type="xs:string" minOccurs="0" maxOccurs="99"/>
+
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+
+
+</xs:schema>
diff --git a/auth-client/src/main/xsd/locate_1_0.xsd b/auth-client/src/main/xsd/locate_1_0.xsd
new file mode 100644
index 00000000..209e3bf4
--- /dev/null
+++ b/auth-client/src/main/xsd/locate_1_0.xsd
@@ -0,0 +1,79 @@
+<!--
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+-->
+
+<xs:schema
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:locate="urn:locate:v1_0"
+ targetNamespace="urn:locate:v1_0"
+ elementFormDefault="qualified">
+
+ <xs:complexType name="endpoint">
+ <xs:sequence>
+ <!-- Must be set to "token" -->
+ <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="major" type="xs:int" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="minor" type="xs:int" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="patch" type="xs:int" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="pkg" type="xs:int" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="latitude" type="xs:float" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="longitude" type="xs:float" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="protocol" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="subprotocol" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="hostname" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="port" type="xs:int" minOccurs="1" maxOccurs="1"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:element name="endpoints">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="endpoint" type="locate:endpoint" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+
+ <xs:complexType name="mgmt_endpoint">
+ <xs:complexContent>
+ <xs:extension base="locate:endpoint">
+ <xs:sequence>
+ <xs:element name="special_ports" minOccurs="0" maxOccurs="unbounded" >
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="port" type="xs:int" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="protocol" type="xs:string" minOccurs="1" maxOccurs="1"/>
+ <xs:element name="protocol_versions" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:extension>
+ </xs:complexContent>
+ </xs:complexType>
+
+ <xs:element name="mgmt_endpoints">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="mgmt_endpoint" type="locate:mgmt_endpoint" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+</xs:schema>