diff options
Diffstat (limited to 'auth/auth-certman/src')
17 files changed, 199 insertions, 199 deletions
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java index d80b085b..15e298b7 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java @@ -97,7 +97,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> { aafAuthn = aafCon().newAuthn(aafLurPerm); String aaf_env = env.getProperty(Config.AAF_ENV); - if(aaf_env==null) { + if (aaf_env==null) { throw new APIException("aaf_env needs to be set"); } @@ -112,17 +112,17 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> { // Load Supported Certificate Authorities by property // Note: Some will be dynamic Properties, so we need to look through all - for(Entry<Object, Object> es : env.access().getProperties().entrySet()) { + for (Entry<Object, Object> es : env.access().getProperties().entrySet()) { String key = es.getKey().toString(); - if(key.startsWith(CA.CM_CA_PREFIX)) { + if (key.startsWith(CA.CM_CA_PREFIX)) { int idx = key.indexOf('.'); - if(idx==key.lastIndexOf('.')) { // else it's a regular property + if (idx==key.lastIndexOf('.')) { // else it's a regular property env.log(Level.INIT, "Loading Certificate Authority Module: " + key.substring(idx+1)); String[] segs = Split.split(',', env.getProperty(key)); - if(segs.length>0) { + if (segs.length>0) { String[][] multiParams = new String[segs.length-1][]; - for(int i=0;i<multiParams.length;++i) { + for (int i=0;i<multiParams.length;++i) { multiParams[i]=Split.split(';',segs[1+i]); } @SuppressWarnings("unchecked") @@ -141,7 +141,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> { } } } - if(certAuths.size()==0) { + if (certAuths.size()==0) { throw new APIException("No Certificate Authorities have been configured in CertMan"); } @@ -152,7 +152,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> { synchronized(env) { - if(cacheUser == null) { + if (cacheUser == null) { cacheUser = Cache.obtain(USER_PERMS); Cache.startCleansing(env, USER_PERMS); } @@ -184,7 +184,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> { String version = "1.0"; // Get Correct API Class from Mapper Class<?> respCls = facade1_0.mapper().getClass(api); - if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name()); + if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name()); // setup Application API HTML ContentTypes for JSON and Route String application = applicationJSON(respCls, version); route(env,meth,path,code,application,"application/json;version="+version,"*/*"); diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java index 34f7927e..a3a30607 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java @@ -52,7 +52,7 @@ public class API_Artifact { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.createArtifacts(trans, req, resp); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.CREATED_201); } else { context.error(trans,resp,r); @@ -67,7 +67,7 @@ public class API_Artifact { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.readArtifacts(trans, req, resp); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -81,7 +81,7 @@ public class API_Artifact { public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.readArtifacts(trans, resp, pathParam(req,":mechid"), pathParam(req,":machine")); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -94,7 +94,7 @@ public class API_Artifact { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.updateArtifacts(trans, req, resp); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -107,7 +107,7 @@ public class API_Artifact { public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.deleteArtifacts(trans, resp, pathParam(req, ":mechid"), pathParam(req,":machine")); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -120,7 +120,7 @@ public class API_Artifact { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.deleteArtifacts(trans, req, resp); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java index 625fed62..68354413 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java @@ -63,12 +63,12 @@ public class API_Cert { public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { String key = pathParam(req, ":ca"); CA ca; - if((ca = aafCM.getCA(key))==null) { + if ((ca = aafCM.getCA(key))==null) { context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key); } else { trans.put(sCertAuth, ca); Result<Void> r = context.requestCert(trans, req, resp, ca); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -82,12 +82,12 @@ public class API_Cert { public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { String key = pathParam(req, ":ca"); CA ca; - if((ca = aafCM.getCA(key))==null) { + if ((ca = aafCM.getCA(key))==null) { context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key); } else { trans.put(sCertAuth, ca); Result<Void> r = context.requestPersonalCert(trans, req, resp, ca); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -104,7 +104,7 @@ public class API_Cert { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.check(trans, resp, pathParam(req,"perm")); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { trans.checkpoint(r.errorString()); @@ -125,7 +125,7 @@ public class API_Cert { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.readCertsByMechID(trans, resp, pathParam(req,"id")); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java index 820f02d1..881c9bea 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java @@ -71,7 +71,7 @@ public abstract class CA { this.env = env; permNS = CM_CA_PREFIX + name; permType = access.getProperty(permNS + ".perm_type",null); - if(permType==null) { + if (permType==null) { throw new CertException(permNS + ".perm_type" + MUST_EXIST_TO_CREATE_CSRS_FOR + caName); } caIssuerDNs = Split.splitTrim(':', access.getProperty(Config.CADI_X509_ISSUERS, null)); @@ -79,22 +79,22 @@ public abstract class CA { String tag = CA.CM_CA_PREFIX+caName+CA.CM_CA_BASE_SUBJECT; String fields = access.getProperty(tag, null); - if(fields==null) { + if (fields==null) { throw new CertException(tag + MUST_EXIST_TO_CREATE_CSRS_FOR + caName); } access.log(Level.INFO, tag, "=",fields); rdns = RDN.parse('/',fields); - for(RDN rdn : rdns) { - if(rdn.aoi==BCStyle.EmailAddress) { // Cert Specs say Emails belong in Subject + for (RDN rdn : rdns) { + if (rdn.aoi==BCStyle.EmailAddress) { // Cert Specs say Emails belong in Subject throw new CertException("email address is not allowed in " + CM_CA_BASE_SUBJECT); } } idDomains = new ArrayList<>(); StringBuilder sb = null; - for(String s : Split.splitTrim(',', access.getProperty(CA.CM_CA_PREFIX+caName+".idDomains", ""))) { - if(s.length()>0) { - if(sb==null) { + for (String s : Split.splitTrim(',', access.getProperty(CA.CM_CA_PREFIX+caName+".idDomains", ""))) { + if (s.length()>0) { + if (sb==null) { sb = new StringBuilder(); } else { sb.append(", "); @@ -103,31 +103,31 @@ public abstract class CA { sb.append(s); } } - if(sb!=null) { + if (sb!=null) { access.printf(Level.INIT, "CA '%s' supports Personal Certificates for %s", caName, sb); } String dataDir = access.getProperty(CM_PUBLIC_DIR,null); - if(dataDir!=null) { + if (dataDir!=null) { File data = new File(dataDir); byte[] bytes; - if(data.exists()) { + if (data.exists()) { String trustCas = access.getProperty(CM_TRUST_CAS,null); - if(trustCas!=null) { - for(String fname : Split.splitTrim(',', trustCas)) { + if (trustCas!=null) { + for (String fname : Split.splitTrim(',', trustCas)) { File crt; - if(fname.contains("/")) { + if (fname.contains("/")) { crt = new File(fname); } else { crt = new File(data,fname); } - if(crt.exists()) { + if (crt.exists()) { access.printf(Level.INIT, "Loading CA Cert from %s", crt.getAbsolutePath()); bytes = new byte[(int)crt.length()]; FileInputStream fis = new FileInputStream(crt); try { int read = fis.read(bytes); - if(read>0) { + if (read>0) { addTrustedCA(new String(bytes)); } } finally { @@ -148,13 +148,13 @@ public abstract class CA { protected void addCaIssuerDN(String issuerDN) { boolean changed = true; - for(String id : caIssuerDNs) { - if(id.equals(issuerDN)) { + for (String id : caIssuerDNs) { + if (id.equals(issuerDN)) { changed = false; break; } } - if(changed) { + if (changed) { String[] newsa = new String[caIssuerDNs.length+1]; newsa[0]=issuerDN; System.arraycopy(caIssuerDNs, 0, newsa, 1, caIssuerDNs.length); @@ -164,13 +164,13 @@ public abstract class CA { protected synchronized void addTrustedCA(final String crtString) { String crt; - if(crtString.endsWith("\n")) { + if (crtString.endsWith("\n")) { crt = crtString; } else { crt = crtString + '\n'; } - for(int i=0;i<trustedCAs.length;++i) { - if(trustedCAs[i]==null) { + for (int i=0;i<trustedCAs.length;++i) { + if (trustedCAs[i]==null) { trustedCAs[i]=crt; return; } @@ -221,7 +221,7 @@ public abstract class CA { */ public boolean inPersonalDomains(Principal p) { int at = p.getName().indexOf('@'); - if(at>=0) { + if (at>=0) { return idDomains.contains(p.getName().substring(at+1)); } else { return false; diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java index 000b6dd5..bc81fc43 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java @@ -75,10 +75,10 @@ public class JscepCA extends CA { mxcwiS = new ConcurrentHashMap<>(); mxcwiC = new ConcurrentHashMap<>(); - if(params.length<2) { + if (params.length<2) { throw new CertException("No Trust Chain parameters are included"); } - if(params[0].length<2) { + if (params[0].length<2) { throw new CertException("User/Password required for JSCEP"); } final String id = params[0][0]; @@ -98,21 +98,21 @@ public class JscepCA extends CA { StringBuilder urlstr = new StringBuilder(); - for(int i=1;i<params.length;++i) { // skip first section, which is user/pass + for (int i=1;i<params.length;++i) { // skip first section, which is user/pass // Work - if(i>1) { + if (i>1) { urlstr.append(','); // delimiter } urlstr.append(params[i][0]); String dir = access.getProperty(CM_PUBLIC_DIR, ""); - if(!"".equals(dir) && !dir.endsWith("/")) { + if (!"".equals(dir) && !dir.endsWith("/")) { dir = dir + '/'; } String path; List<FileReader> frs = new ArrayList<>(params.length-1); try { - for(int j=1; j<params[i].length; ++j) { // first 3 taken up, see above + for (int j=1; j<params[i].length; ++j) { // first 3 taken up, see above path = !params[i][j].contains("/")?dir+params[i][j]:params[i][j]; access.printf(Level.INIT, "Loading a TrustChain Member for %s from %s",name, path); frs.add(new FileReader(path)); @@ -121,8 +121,8 @@ public class JscepCA extends CA { addCaIssuerDN(xcwi.getIssuerDN()); mxcwiS.put(params[i][0],xcwi); } finally { - for(FileReader fr : frs) { - if(fr!=null) { + for (FileReader fr : frs) { + if (fr!=null) { fr.close(); } } @@ -139,10 +139,10 @@ public class JscepCA extends CA { PKCS10CertificationRequest csr; try { csr = csrmeta.generateCSR(trans); - if(trans.info().isLoggable()) { + if (trans.info().isLoggable()) { trans.info().log(BCFactory.toString(csr)); } - if(trans.info().isLoggable()) { + if (trans.info().isLoggable()) { trans.info().log(csr); } } finally { @@ -152,7 +152,7 @@ public class JscepCA extends CA { tt = trans.start("Enroll CSR", Env.SUB); Client client = null; Item item = null; - for(int i=0; i<MAX_RETRY;++i) { + for (int i=0; i<MAX_RETRY;++i) { try { item = clients.best(); client = clients.get(item); @@ -163,12 +163,12 @@ public class JscepCA extends CA { csr, MS_PROFILE /* profile... MS can't deal with blanks*/); - while(true) { - if(er.isSuccess()) { + while (true) { + if (er.isSuccess()) { trans.checkpoint("Cert from " + clients.info(item)); X509Certificate x509 = null; - for( Certificate cert : er.getCertStore().getCertificates(null)) { - if(x509==null) { + for ( Certificate cert : er.getCertStore().getCertificates(null)) { + if (x509==null) { x509 = (X509Certificate)cert; break; } @@ -183,14 +183,14 @@ public class JscepCA extends CA { throw new CertException(clients.info(item)+':'+er.getFailInfo().toString()); } } - } catch(LocatorException e) { + } catch (LocatorException e) { trans.error().log(e); i=MAX_RETRY; } catch (ClientException e) { trans.error().log(e,"SCEP Client Error, Temporarily Invalidating Client: " + clients.info(item)); try { clients.invalidate(client); - if(!clients.hasItems()) { + if (!clients.hasItems()) { clients.refresh(); } } catch (LocatorException e1) { diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java index b7d78f05..2a3ce537 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java @@ -92,55 +92,55 @@ public class LocalCA extends CA { serial = new BigInteger(64,random); - if(params.length<1 || params[0].length<2) { + if (params.length<1 || params[0].length<2) { throw new IOException("LocalCA expects cm_ca.<ca name>=org.onap.aaf.auth.cm.ca.LocalCA,<full path to key file>[;<Full Path to Trust Chain, ending with actual CA>]+"); } // Read in the Private Key String configured; File f = new File(params[0][0]); - if(f.exists() && f.isFile()) { + if (f.exists() && f.isFile()) { String fileName = f.getName(); - if(fileName.endsWith(".key")) { + if (fileName.endsWith(".key")) { caKey = Factory.toPrivateKey(NullTrans.singleton(),f); List<FileReader> frs = new ArrayList<>(params.length-1); try { String dir = access.getProperty(CM_PUBLIC_DIR, ""); - if(!"".equals(dir) && !dir.endsWith("/")) { + if (!"".equals(dir) && !dir.endsWith("/")) { dir = dir + '/'; } String path; - for(int i=1; i<params[0].length; ++i) { // first param is Private Key, remainder are TrustChain + for (int i=1; i<params[0].length; ++i) { // first param is Private Key, remainder are TrustChain path = !params[0][i].contains("/")?dir+params[0][i]:params[0][i]; access.printf(Level.INIT, "Loading a TrustChain Member for %s from %s\n",name, path); frs.add(new FileReader(path)); } x509cwi = new X509ChainWithIssuer(frs); } finally { - for(FileReader fr : frs) { - if(fr!=null) { + for (FileReader fr : frs) { + if (fr!=null) { fr.close(); } } } configured = "Configured with " + fileName; } else { - if(params.length<1 || params[0].length<3) { + if (params.length<1 || params[0].length<3) { throw new CertException("LocalCA parameters must be <keystore [.p12|.pkcs12|.jks|.pkcs11(sun only)]; <alias>; enc:<encrypted Keystore Password>>"); } try { Provider p; KeyStore keyStore; FileInputStream fis = null; - if(fileName.endsWith(".pkcs11")) { + if (fileName.endsWith(".pkcs11")) { String ksType="PKCS11"; p = Factory.getSecurityProvider(ksType,params); keyStore = KeyStore.getInstance(ksType,p); - } else if(fileName.endsWith(".jks")) { + } else if (fileName.endsWith(".jks")) { keyStore = KeyStore.getInstance("JKS"); fis = new FileInputStream(f); - } else if(fileName.endsWith(".p12") || fileName.endsWith(".pkcs12")) { + } else if (fileName.endsWith(".p12") || fileName.endsWith(".pkcs12")) { keyStore = KeyStore.getInstance("PKCS12"); fis = new FileInputStream(f); } else { @@ -151,7 +151,7 @@ public class LocalCA extends CA { try { String pass = access.decrypt(params[0][2]/*encrypted passcode*/, true); - if(pass==null) { + if (pass==null) { throw new CertException("Passcode for " + fileName + " cannot be decrypted."); } char[] ksPass = pass.toCharArray(); @@ -164,12 +164,12 @@ public class LocalCA extends CA { fis.close(); } Entry entry; - if(fileName.endsWith(".pkcs11")) { + if (fileName.endsWith(".pkcs11")) { entry = keyStore.getEntry(params[0][1]/*alias*/, null); } else { entry = keyStore.getEntry(params[0][1]/*alias*/, keyPass); } - if(entry==null) { + if (entry==null) { throw new CertException("There is no Keystore entry with name '" + params[0][1] +'\''); } PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry)entry; @@ -188,7 +188,7 @@ public class LocalCA extends CA { X500NameBuilder xnb = new X500NameBuilder(); List<RDN> rp = RDN.parse(',', x509cwi.getIssuerDN()); Collections.reverse(rp); - for(RDN rnd : rp) { + for (RDN rnd : rp) { xnb.addRDN(rnd.aoi,rnd.value); } issuer = xnb.build(); @@ -226,7 +226,7 @@ public class LocalCA extends CA { // new SubjectPublicKeyInfo(ASN1Sequence.getInstance(caCert.getPublicKey().getEncoded())) ); List<GeneralName> lsan = new ArrayList<>(); - for(String s : csrmeta.sans()) { + for (String s : csrmeta.sans()) { lsan.add(new GeneralName(GeneralName.dNSName,s)); } GeneralName[] sans = new GeneralName[lsan.size()]; diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java index e51f2faa..2ef6da55 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java @@ -45,8 +45,8 @@ public class X509ChainWithIssuer extends X509andChain { // Trust Chain. Last one should be the CA Collection<? extends Certificate> certs; X509Certificate x509; - for(Reader rdr : rdrs) { - if(rdr==null) { // cover for badly formed array + for (Reader rdr : rdrs) { + if (rdr==null) { // cover for badly formed array continue; } @@ -56,13 +56,13 @@ public class X509ChainWithIssuer extends X509andChain { } catch (CertificateException e) { throw new CertException(e); } - for(Certificate c : certs) { + for (Certificate c : certs) { x509=(X509Certificate)c; Principal subject = x509.getSubjectDN(); - if(subject==null) { + if (subject==null) { continue; } - if(cert==null) { // first in Trust Chain + if (cert==null) { // first in Trust Chain issuerDN = subject.toString(); cert=x509; // adding each time makes sure last one is signer. } @@ -73,12 +73,12 @@ public class X509ChainWithIssuer extends X509andChain { public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException { X509Certificate x509; - for(int i=certs.length-1; i>=0; --i) { + for (int i=certs.length-1; i>=0; --i) { x509=(X509Certificate)certs[i]; Principal subject = x509.getSubjectDN(); - if(subject!=null) { + if (subject!=null) { addTrustChainEntry(x509); - if(i==0) { // last one is signer + if (i==0) { // last one is signer cert=x509; issuerDN= subject.toString(); } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java index 3c684db2..7eb88bd2 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java @@ -58,7 +58,7 @@ public class X509andChain { public void addTrustChainEntry(X509Certificate x509) throws IOException, CertException { - if(trustChain==null) { + if (trustChain==null) { trustChain = new String[] {Factory.toString(NullTrans.singleton(),x509)}; } else { String[] temp = new String[trustChain.length+1]; diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java index 8edfa634..b84816ab 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java @@ -65,7 +65,7 @@ public class BCFactory extends Factory { } public static String toString(PKCS10CertificationRequest csr) throws IOException, CertException { - if(csr==null) { + if (csr==null) { throw new CertException("x509 Certificate Request not built"); } return textBuilder("CERTIFICATE REQUEST",csr.getEncoded()); @@ -94,8 +94,8 @@ public class BCFactory extends Factory { CSRMeta csr = ca.newCSRMeta(); boolean first = true; // Set CN (and SAN) - for(String fqdn : fqdns) { - if(first) { + for (String fqdn : fqdns) { + if (first) { first = false; csr.cn(fqdn); } @@ -106,7 +106,7 @@ public class BCFactory extends Factory { csr.mechID(mechid); csr.email(sponsorEmail); String errs; - if((errs=validateApp(csr))!=null) { + if ((errs=validateApp(csr))!=null) { throw new CertException(errs); } return csr; @@ -114,7 +114,7 @@ public class BCFactory extends Factory { private static String validateApp(CSRMeta csr) { CertmanValidator v = new CertmanValidator(); - if(v.nullOrBlank("cn", csr.cn()) + if (v.nullOrBlank("cn", csr.cn()) .nullOrBlank("mechID", csr.mechID()) // .nullOrBlank("email", csr.email()) .err()) { @@ -130,7 +130,7 @@ public class BCFactory extends Factory { csr.challenge(new String(Symm.randomGen(24))); csr.email(email); String errs; - if((errs=validatePersonal(csr))!=null) { + if ((errs=validatePersonal(csr))!=null) { throw new CertException(errs); } return csr; @@ -138,7 +138,7 @@ public class BCFactory extends Factory { private static String validatePersonal(CSRMeta csr) { CertmanValidator v = new CertmanValidator(); - if(v.nullOrBlank("cn", csr.cn()) + if (v.nullOrBlank("cn", csr.cn()) .nullOrBlank("email", csr.email()) .err()) { return v.errs(); diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java index 5df439ab..a3740bfe 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java @@ -70,18 +70,18 @@ public class CSRMeta { } public X500Name x500Name() { - if(name==null) { + if (name==null) { X500NameBuilder xnb = new X500NameBuilder(); xnb.addRDN(BCStyle.CN,cn); xnb.addRDN(BCStyle.E,email); - if(mechID!=null) { - if(environment==null) { + if (mechID!=null) { + if (environment==null) { xnb.addRDN(BCStyle.OU,mechID); } else { xnb.addRDN(BCStyle.OU,mechID+':'+environment); } } - for(RDN rdn : rdns) { + for (RDN rdn : rdns) { xnb.addRDN(rdn.aoi,rdn.value); } name = xnb.build(); @@ -92,16 +92,16 @@ public class CSRMeta { public PKCS10CertificationRequest generateCSR(Trans trans) throws IOException, CertException { PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(x500Name(),keypair(trans).getPublic()); - if(challenge!=null) { + if (challenge!=null) { DERPrintableString password = new DERPrintableString(challenge); builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, password); } int plus = email==null?0:1; - if(!sanList.isEmpty()) { + if (!sanList.isEmpty()) { GeneralName[] gna = new GeneralName[sanList.size()+plus]; int i=-1; - for(String s : sanList) { + for (String s : sanList) { gna[++i]=new GeneralName(GeneralName.dNSName,s); } gna[++i]=new GeneralName(GeneralName.rfc822Name,email); @@ -132,17 +132,17 @@ public class CSRMeta { Extensions extensions = Extensions.getInstance(attribute.getAttrValues().getObjectAt(0)); GeneralNames gns = GeneralNames.fromExtensions(extensions,Extension.subjectAlternativeName); GeneralName[] names = gns.getNames(); - for(int k=0; k < names.length; k++) { + for (int k=0; k < names.length; k++) { String title = ""; - if(names[k].getTagNo() == GeneralName.dNSName) { + if (names[k].getTagNo() == GeneralName.dNSName) { title = "dNSName"; - } else if(names[k].getTagNo() == GeneralName.iPAddress) { + } else if (names[k].getTagNo() == GeneralName.iPAddress) { title = "iPAddress"; // Deprecated, but I don't see anything better to use. names[k].toASN1Object(); - } else if(names[k].getTagNo() == GeneralName.otherName) { + } else if (names[k].getTagNo() == GeneralName.otherName) { title = "otherName"; - } else if(names[k].getTagNo() == GeneralName.rfc822Name) { + } else if (names[k].getTagNo() == GeneralName.rfc822Name) { title = "email"; } @@ -180,7 +180,7 @@ public class CSRMeta { public KeyPair keypair(Trans trans) { - if(keyPair == null) { + if (keyPair == null) { keyPair = Factory.generateKeyPair(trans); } return keyPair; diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java index c39ba6d3..f57c837a 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java @@ -69,19 +69,19 @@ public class RDN { List<RDN> lrnd = new ArrayList<>(); StringBuilder sb = new StringBuilder(); boolean inQuotes = false; - for(int i=0;i<dnString.length();++i) { + for (int i=0;i<dnString.length();++i) { char c = dnString.charAt(i); - if(inQuotes) { - if('"' == c) { + if (inQuotes) { + if ('"' == c) { inQuotes=false; } else { sb.append(dnString.charAt(i)); } } else { - if('"' == c) { + if ('"' == c) { inQuotes=true; - } else if(delim==c) { - if(sb.length()>0) { + } else if (delim==c) { + if (sb.length()>0) { lrnd.add(new RDN(sb.toString())); sb.setLength(0); } @@ -90,7 +90,7 @@ public class RDN { } } } - if(sb.indexOf("=")>0) { + if (sb.indexOf("=")>0) { lrnd.add(new RDN(sb.toString())); } return lrnd; diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java index 310ea8b2..e05b2a27 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java @@ -115,7 +115,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. (certDF = env.newDataFactory(mapper.getClass(API.CERT))).in(dataType).out(dataType); (artiDF = env.newDataFactory(mapper.getClass(API.ARTIFACTS))).in(dataType).out(dataType); // sCertAuth = env.slot(API_Cert.CERT_AUTH); - if(artiDF.getOutType().name().contains("xml")) { + if (artiDF.getOutType().name().contains("xml")) { voidResp = "application/Void+xml;charset=utf-8;version=1.0,application/xml;version=1.0,*/*"; } else { voidResp = "application/Void+json;charset=utf-8;version=1.0,application/json;version=1.0,*/*"; @@ -206,7 +206,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. "] " + holder.toString(), Env.ALWAYS); - if(hidemsg) { + if (hidemsg) { holder.setLength(0); em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request"); } @@ -231,7 +231,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. default: return Result.err(Result.ERR_BadData,"Invalid Perm String"); } - if(certman.aafLurPerm.fish(trans.getUserPrincipal(), ap)) { + if (certman.aafLurPerm.fish(trans.getUserPrincipal(), ap)) { resp.setContentType(voidResp); resp.getOutputStream().write(0); return Result.ok(); @@ -253,13 +253,13 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. try { Data<REQ> rd = certRequestDF.newData().load(req.getInputStream()); request = rd.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,REQUEST_CERT); return Result.err(Result.ERR_BadData,"Invalid Input"); } Result<CertResp> rcr = service.requestCert(trans,mapper.toReq(trans,request), ca); - if(rcr.notOK()) { + if (rcr.notOK()) { return Result.err(rcr); } @@ -291,7 +291,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. public Result<Void> requestPersonalCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca) { return Result.err(Result.ERR_NotImplemented,"not implemented yet"); // Result<CertResp> rcr = service.requestPersonalCert(trans,ca); -// if(rcr.notOK()) { +// if (rcr.notOK()) { // return Result.err(rcr); // } else { // try { @@ -308,17 +308,17 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. // zos.closeEntry(); // // String wt; -// if((wt=req.getParameter("withTrust"))!=null || TRUE.equalsIgnoreCase(wt)) { +// if ((wt=req.getParameter("withTrust"))!=null || TRUE.equalsIgnoreCase(wt)) { // zos.putNextEntry(new ZipEntry(trans.user()+".trustCrts")); -// for(String s : ca.getTrustChain()) { +// for (String s : ca.getTrustChain()) { // ps.println(s); // } // zos.closeEntry(); // } // // boolean withJKS = (wt=req.getParameter("withJKS"))!=null || TRUE.equalsIgnoreCase(wt); -// if(withJKS) { -// if(trans.getUserPrincipal() instanceof BasicPrincipal) { +// if (withJKS) { +// if (trans.getUserPrincipal() instanceof BasicPrincipal) { // char[] cap = new String(((BasicPrincipal)trans.getUserPrincipal()).getCred()).toCharArray(); // KeyStore ks = keystore(trans, rcr.value, ca.getTrustChain(), trans.user(), cap); // zos.putNextEntry(new ZipEntry(trans.user()+".jks")); @@ -337,7 +337,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. // ps.println("echo \"Deploying to `pwd`\""); // ps.println("jar -xvf $THE_PWD/$1 " + trans.user()); // ps.println("chmod 600 " + trans.user() + ".key"); -// if(withJKS) { +// if (withJKS) { // ps.println("chmod 600 " + trans.user() + ".jks"); // } // ps.println("cd $THE_PWD"); @@ -362,7 +362,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. // // Get the Cert(s)... Might include Trust store // List<String> lcerts = new ArrayList<>(); // lcerts.add(cr.asCertString()); -// for(String s : trustChain) { +// for (String s : trustChain) { // lcerts.add(s); // } // @@ -377,7 +377,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. // jks.setEntry(name, pkEntry, protParam); // // int i=0; -// for(X509Certificate x509 : certs) { +// for (X509Certificate x509 : certs) { // jks.setCertificateEntry("cert_"+ ++i, x509); // } // return jks; @@ -391,7 +391,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. try { Data<REQ> rd = certRenewDF.newData().load(req.getInputStream()); request = rd.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,RENEW_CERT); return Result.err(Result.ERR_BadData,"Invalid Input"); } @@ -427,7 +427,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. try { Data<REQ> rd = certDropDF.newData().load(req.getInputStream()); request = rd.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,DROP_CERT); return Result.err(Result.ERR_BadData,"Invalid Input"); } @@ -485,7 +485,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. try { Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream()); arti = rd.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,CREATE_ARTIFACTS); return Result.err(Result.ERR_BadData,"Invalid Input"); } @@ -509,23 +509,23 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. String ns = req.getParameter("ns"); Result<ARTIFACTS> ra; - if( machine !=null && mechid == null) { + if ( machine !=null && mechid == null) { ra = mapper.fromArtifacts(service.readArtifactsByMachine(trans, machine)); - } else if(mechid!=null && machine==null) { + } else if (mechid!=null && machine==null) { ra = mapper.fromArtifacts(service.readArtifactsByMechID(trans, mechid)); - } else if(mechid!=null && machine!=null) { + } else if (mechid!=null && machine!=null) { ArtiDAO.Data add = new ArtiDAO.Data(); add.mechid = mechid; add.machine = machine; add.ns = ns; ra = mapper.fromArtifacts(service.readArtifacts(trans,add)); - } else if(ns!=null) { + } else if (ns!=null) { ra = mapper.fromArtifacts(service.readArtifactsByNs(trans, ns)); } else { ra = Result.err(Status.ERR_BadData,"Invalid request inputs"); } - if(ra.isOK()) { + if (ra.isOK()) { RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value); data.to(resp.getOutputStream()); setContentType(resp,artiDF.getOutType()); @@ -550,7 +550,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. add.mechid = mechid; add.machine = machine; Result<ARTIFACTS> ra = mapper.fromArtifacts(service.readArtifacts(trans,add)); - if(ra.isOK()) { + if (ra.isOK()) { RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value); data.to(resp.getOutputStream()); setContentType(resp,artiDF.getOutType()); @@ -575,7 +575,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. try { Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream()); arti = rd.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,UPDATE_ARTIFACTS); return Result.err(Result.ERR_BadData,"Invalid Input"); } @@ -597,7 +597,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. try { Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream()); arti = rd.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,DELETE_ARTIFACTS); return Result.err(Result.ERR_BadData,"Invalid Input"); } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java index 53b97626..99d0c478 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java @@ -86,7 +86,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { err.setMessageId(msgID); // AT&T Restful Error Format requires numbers "%" placements err.setText(Vars.convert(holder, text, var)); - for(String s : var) { + for (String s : var) { err.getVariables().add(s); } return err; @@ -97,7 +97,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { */ @Override public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException { - if(!in.isOK()) { + if (!in.isOK()) { return Result.err(in); } @@ -105,15 +105,15 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { CertInfo cout = newInstance(API.CERT); cout.setPrivatekey(cin.privateString()); String value; - if((value=cin.challenge())!=null) { + if ((value=cin.challenge())!=null) { cout.setChallenge(value); } // In Version 1, Cert is always first cout.getCerts().add(cin.asCertString()); // Follow with Trust Chain - if(cin.trustChain()!=null) { - for(String c : cin.trustChain()) { - if(c!=null) { + if (cin.trustChain()!=null) { + for (String c : cin.trustChain()) { + if (c!=null) { cout.getCerts().add(c); } } @@ -121,20 +121,20 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { // Adding all the Certs in one response is a mistake. Makes it very hard for Agent to setup // Certs in keystore versus Truststore. Separate in Version 2_0 - if(cin.trustCAs()!=null) { - for(String c : cin.trustCAs()) { - if(c!=null) { - if(!cout.getCerts().contains(c)) { + if (cin.trustCAs()!=null) { + for (String c : cin.trustCAs()) { + if (c!=null) { + if (!cout.getCerts().contains(c)) { cout.getCerts().add(c); } } } } - if(cin.notes()!=null) { + if (cin.notes()!=null) { boolean first = true; StringBuilder sb = new StringBuilder(); - for(String n : cin.notes()) { - if(first) { + for (String n : cin.notes()) { + if (first) { first = false; } else { sb.append('\n'); @@ -144,7 +144,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { cout.setNotes(sb.toString()); } List<String> caIssuerDNs = cout.getCaIssuerDNs(); - for(String s : cin.caIssuerDNs()) { + for (String s : cin.caIssuerDNs()) { caIssuerDNs.add(s); } cout.setEnv(cin.env()); @@ -154,10 +154,10 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { @Override public Result<CertInfo> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in) { - if(in.isOK()) { + if (in.isOK()) { CertInfo cout = newInstance(API.CERT); List<String> certs = cout.getCerts(); - for(CertDAO.Data cdd : in.value) { + for (CertDAO.Data cdd : in.value) { certs.add(cdd.x509); } return Result.ok(cout); @@ -174,7 +174,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { CertificateRequest in; try { in = (CertificateRequest)req; - } catch(ClassCastException e) { + } catch (ClassCastException e) { return Result.err(Result.ERR_BadData,"Request is not a CertificateRequest"); } @@ -184,7 +184,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { out.fqdns=in.getFqdns(); v.isNull("CertRequest", req).nullOrBlank("MechID", out.mechid); v.nullBlankMin("FQDNs", out.fqdns,1); - if(v.err()) { + if (v.err()) { return Result.err(Result.ERR_BadData, v.errs()); } out.emails = in.getEmail(); @@ -217,7 +217,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { @Override public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) { List<ArtiDAO.Data> ladd = new ArrayList<>(); - for(Artifact arti : artifacts.getArtifact()) { + for (Artifact arti : artifacts.getArtifact()) { ArtiDAO.Data data = new ArtiDAO.Data(); data.mechid = arti.getMechid(); data.machine = arti.getMachine(); @@ -235,11 +235,11 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { data.expires = null; // Derive Optional Data from Machine (Domain) if exists - if(data.machine!=null) { - if(data.ca==null && data.machine.endsWith(".att.com")) { + if (data.machine!=null) { + if (data.ca==null && data.machine.endsWith(".att.com")) { data.ca = "aaf"; // default } - if(data.ns==null ) { + if (data.ns==null ) { data.ns=FQI.reverseDomain(data.machine); } } @@ -254,9 +254,9 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { */ @Override public Result<Artifacts> fromArtifacts(Result<List<Data>> lArtiDAO) { - if(lArtiDAO.isOK()) { + if (lArtiDAO.isOK()) { Artifacts artis = new Artifacts(); - for(ArtiDAO.Data arti : lArtiDAO.value) { + for (ArtiDAO.Data arti : lArtiDAO.value) { Artifact a = new Artifact(); a.setMechid(arti.mechid); a.setMachine(arti.machine); diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java index d85ea2ca..55a292e0 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java @@ -86,7 +86,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { err.setMessageId(msgID); // AT&T Restful Error Format requires numbers "%" placements err.setText(Vars.convert(holder, text, var)); - for(String s : var) { + for (String s : var) { err.getVariables().add(s); } return err; @@ -100,25 +100,25 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { */ @Override public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException { - if(!in.isOK()) { + if (!in.isOK()) { CertResp cin = in.value; CertInfo cout = newInstance(API.CERT); cout.setPrivatekey(cin.privateString()); String value; - if((value=cin.challenge())!=null) { + if ((value=cin.challenge())!=null) { cout.setChallenge(value); } cout.getCerts().add(cin.asCertString()); - if(cin.trustChain()!=null) { - for(String c : cin.trustChain()) { + if (cin.trustChain()!=null) { + for (String c : cin.trustChain()) { cout.getCerts().add(c); } } - if(cin.notes()!=null) { + if (cin.notes()!=null) { boolean first = true; StringBuilder sb = new StringBuilder(); - for(String n : cin.notes()) { - if(first) { + for (String n : cin.notes()) { + if (first) { first = false; } else { sb.append('\n'); @@ -129,7 +129,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { } List<String> caIssuerDNs = cout.getCaIssuerDNs(); - for(String s : cin.caIssuerDNs()) { + for (String s : cin.caIssuerDNs()) { caIssuerDNs.add(s); } @@ -143,10 +143,10 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { @Override public Result<CertInfo> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in) { - if(in.isOK()) { + if (in.isOK()) { CertInfo cout = newInstance(API.CERT); List<String> certs = cout.getCerts(); - for(CertDAO.Data cdd : in.value) { + for (CertDAO.Data cdd : in.value) { certs.add(cdd.x509); } return Result.ok(cout); @@ -163,7 +163,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { CertificateRequest in; try { in = (CertificateRequest)req; - } catch(ClassCastException e) { + } catch (ClassCastException e) { return Result.err(Result.ERR_BadData,"Request is not a CertificateRequest"); } @@ -172,7 +172,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { v.isNull("CertRequest", req) .nullOrBlank("MechID", out.mechid=in.getMechid()); v.nullBlankMin("FQDNs", out.fqdns=in.getFqdns(),1); - if(v.err()) { + if (v.err()) { return Result.err(Result.ERR_BadData, v.errs()); } @@ -206,7 +206,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { @Override public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) { List<ArtiDAO.Data> ladd = new ArrayList<>(); - for(Artifact arti : artifacts.getArtifact()) { + for (Artifact arti : artifacts.getArtifact()) { ArtiDAO.Data data = new ArtiDAO.Data(); data.mechid = arti.getMechid(); data.machine = arti.getMachine(); @@ -224,13 +224,13 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { data.expires = null; // Derive Optional Data from Machine (Domain) if exists - if(data.machine!=null) { - if(data.ca==null) { - if(data.machine.endsWith(".att.com")) { + if (data.machine!=null) { + if (data.ca==null) { + if (data.machine.endsWith(".att.com")) { data.ca = "aaf"; // default } } - if(data.ns==null ) { + if (data.ns==null ) { data.ns=FQI.reverseDomain(data.machine); } } @@ -245,9 +245,9 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { */ @Override public Result<Artifacts> fromArtifacts(Result<List<Data>> lArtiDAO) { - if(lArtiDAO.isOK()) { + if (lArtiDAO.isOK()) { Artifacts artis = new Artifacts(); - for(ArtiDAO.Data arti : lArtiDAO.value) { + for (ArtiDAO.Data arti : lArtiDAO.value) { Artifact a = new Artifact(); a.setMechid(arti.mechid); a.setMachine(arti.machine); diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java index 62f0d680..89824a47 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java @@ -164,7 +164,7 @@ public class CMService { } else { for (String cn : req.value.fqdns) { - if(!ignoreIPs) { + if (!ignoreIPs) { try { InetAddress[] ias = InetAddress.getAllByName(cn); Set<String> potentialSanNames = new HashSet<>(); @@ -186,7 +186,7 @@ public class CMService { } final String host; - if(ignoreIPs) { + if (ignoreIPs) { host = req.value.fqdns.get(0); } else if (primary == null) { return Result.err(Result.ERR_Denied, "Request not made from matching IP (%s)", trans.ip()); @@ -271,7 +271,7 @@ public class CMService { // Make sure Primary is the first in fqdns if (fqdns.size() > 1) { for (int i = 0; i < fqdns.size(); ++i) { - if(primary==null) { + if (primary==null) { trans.error().log("CMService var primary is null"); } else { String fg = fqdns.get(i); diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java index ea97dd0d..1a27b41f 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java @@ -49,13 +49,13 @@ public class CertmanValidator extends Validator{ private static final String ARTIFACTS_MUST_HAVE_AT_LEAST = "Artifacts must have at least "; public CertmanValidator nullBlankMin(String name, List<String> list, int min) { - if(list==null) { + if (list==null) { msg(name + IS_NULL); } else { - if(list.size()<min) { + if (list.size()<min) { msg(name + MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES)); } else { - for(String s : list) { + for (String s : list) { nullOrBlank("List Item",s); } } @@ -64,13 +64,13 @@ public class CertmanValidator extends Validator{ } public CertmanValidator artisRequired(List<ArtiDAO.Data> list, int min) { - if(list==null) { + if (list==null) { msg(ARTIFACT_LIST_IS_NULL); } else { - if(list.size()<min) { + if (list.size()<min) { msg(ARTIFACTS_MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES)); } else { - for(ArtiDAO.Data a : list) { + for (ArtiDAO.Data a : list) { allRequired(a); } } @@ -79,13 +79,13 @@ public class CertmanValidator extends Validator{ } public CertmanValidator artisKeys(List<ArtiDAO.Data> list, int min) { - if(list==null) { + if (list==null) { msg(ARTIFACT_LIST_IS_NULL); } else { - if(list.size()<min) { + if (list.size()<min) { msg(ARTIFACTS_MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES)); } else { - for(ArtiDAO.Data a : list) { + for (ArtiDAO.Data a : list) { keys(a); } } @@ -95,7 +95,7 @@ public class CertmanValidator extends Validator{ public CertmanValidator keys(ArtiDAO.Data add) { - if(add==null) { + if (add==null) { msg("Artifact is null."); } else { nullOrBlank(MECHID, add.mechid); @@ -105,7 +105,7 @@ public class CertmanValidator extends Validator{ } private CertmanValidator allRequired(Data a) { - if(a==null) { + if (a==null) { msg("Artifact is null."); } else { nullOrBlank(MECHID, a.mechid); diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java index 7e6c3647..2eab9b2b 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java @@ -76,7 +76,7 @@ public class CertmanTest { // } // // Locator<URI> loc = new DNSLocator(env, "https", "aaf.it.att.com", "8150"); -// for(Item item = loc.first(); item!=null; item=loc.next(item)) { +// for (Item item = loc.first(); item!=null; item=loc.next(item)) { // System.out.println(loc.get(item)); // } // @@ -111,7 +111,7 @@ public class CertmanTest { // @Test // public void testX500Name() throws Exception { // -// for( InetAddress ia : InetAddress.getAllByName("aaf.dev.att.com")) { +// for ( InetAddress ia : InetAddress.getAllByName("aaf.dev.att.com")) { // System.out.printf("%s - %s\n", ia.getHostName(), ia.getHostAddress()); // InetAddress ia1 = InetAddress.getByName(ia.getHostAddress()); // System.out.printf("%s - %s\n", ia1.getHostName(), ia1.getHostAddress()); @@ -133,12 +133,12 @@ public class CertmanTest { // try { // System.out.println(reqDF.newData().option(Data.PRETTY).load(cr).asString()); // Future<String> f = client.updateRespondString(path, reqDF, cr); -// if(f.get(10000)) { +// if (f.get(10000)) { // end = System.nanoTime(); // System.out.println(f.body()); // CertInfo capi = certDF.newData().in(Data.TYPE.JSON).load(f.body()).asObject(); -// for(String c :capi.getCerts()) { -// for( java.security.cert.Certificate x509 : Factory.toX509Certificate(c)) { +// for (String c :capi.getCerts()) { +// for ( java.security.cert.Certificate x509 : Factory.toX509Certificate(c)) { // System.out.println(x509.toString()); // } // } |