diff options
Diffstat (limited to 'auth/auth-certman')
37 files changed, 503 insertions, 503 deletions
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java index aadb165e..d7571ab5 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java @@ -8,9 +8,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -92,12 +92,12 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> { } /** * Construct AuthzAPI with all the Context Supporting Routes that Authz needs - * + * * @param env - * @param si - * @param dm - * @param decryptor - * @throws APIException + * @param si + * @param dm + * @param decryptor + * @throws APIException */ public AAF_CM(AuthzEnv env) throws Exception { super(env.access(),env); @@ -109,7 +109,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> { if (aafEnv==null) { throw new APIException("aaf_env needs to be set"); } - + // Check for allowing /tmp in Properties String allowTmp = env.getProperty(CM_ALLOW_TMP); if("true".equalsIgnoreCase(allowTmp)) { @@ -132,7 +132,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> { String key = es.getKey().toString(); if (key.startsWith(CA.CM_CA_PREFIX)) { int idx = key.indexOf('.'); - if (idx==key.lastIndexOf('.')) { // else it's a regular property + if (idx==key.lastIndexOf('.')) { // else it's a regular property env.log(Level.INIT, "Loading Certificate Authority Module: " + key.substring(idx+1)); String[] segs = Split.split(',', env.getProperty(key)); if (segs.length>0) { @@ -149,7 +149,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> { pinst[0]=env; pinst[1]= key.substring(idx+1); pinst[2]= aafEnv; - pinst[3] = multiParams; + pinst[3] = multiParams; try { CA ca = cons.newInstance(pinst); certAuths.put(ca.getName(),ca); @@ -170,7 +170,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> { } // note: Service knows how to shutdown Cluster on Shutdown, etc. See Constructor facade1_0 = FacadeFactory.v1_0(this,trans, service,Data.TYPE.JSON); // Default Facade - facade1_0_XML = FacadeFactory.v1_0(this,trans,service,Data.TYPE.XML); + facade1_0_XML = FacadeFactory.v1_0(this,trans,service,Data.TYPE.XML); synchronized(env) { @@ -194,19 +194,19 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> { public CA getCA(String key) { return certAuths.get(key); } - + /** * Setup XML and JSON implementations for each supported Version type - * + * * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties * to do Versions and Content switches - * + * */ public void route(HttpMethods meth, String path, API api, Code code) throws Exception { String version = "1.0"; // Get Correct API Class from Mapper - Class<?> respCls = facade1_0.mapper().getClass(api); + Class<?> respCls = facade1_0.mapper().getClass(api); if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name()); // setup Application API HTML ContentTypes for JSON and Route String application = applicationJSON(respCls, version); diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/LocalCAImpl.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/LocalCAImpl.java index d32b67a3..dbc63ad1 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/LocalCAImpl.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/LocalCAImpl.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -35,7 +35,7 @@ public class LocalCAImpl extends CA { super(access, caName, env); // TODO Auto-generated constructor stub } - + public LocalCAImpl(Access access, final String name, final String env, final String[][] params) throws IOException, CertException { super(access, name, env); } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java index a3a30607..8ba4b127 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -34,7 +34,7 @@ import org.onap.aaf.auth.rserv.HttpMethods; /** * API Deployment Artifact Apis.. using Redirect for mechanism - * + * * @author Jonathan * */ @@ -43,7 +43,7 @@ public class API_Artifact { private static final String CERT_ARTIFACTS = "/cert/artifacts"; /** * Normal Init level APIs - * + * * @param cmAPI * @throws Exception */ @@ -79,7 +79,7 @@ public class API_Artifact { cmAPI.route(HttpMethods.GET, "/cert/artifacts/:mechid/:machine", API.ARTIFACTS, new Code(cmAPI,GET_ARTIFACTS) { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { - + Result<Void> r = context.readArtifacts(trans, resp, pathParam(req,":mechid"), pathParam(req,":machine")); if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); @@ -88,8 +88,8 @@ public class API_Artifact { } } }); - - + + cmAPI.route(HttpMethods.PUT, CERT_ARTIFACTS, API.ARTIFACTS, new Code(cmAPI,"Update Artifacts") { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { @@ -105,7 +105,7 @@ public class API_Artifact { cmAPI.route(HttpMethods.DELETE, "/cert/artifacts/:mechid/:machine", API.VOID, new Code(cmAPI,"Delete Artifacts") { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { - Result<Void> r = context.deleteArtifacts(trans, resp, + Result<Void> r = context.deleteArtifacts(trans, resp, pathParam(req, ":mechid"), pathParam(req,":machine")); if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); @@ -114,7 +114,7 @@ public class API_Artifact { } } }); - + cmAPI.route(HttpMethods.DELETE, CERT_ARTIFACTS, API.VOID, new Code(cmAPI,"Delete Artifacts") { @Override @@ -127,7 +127,7 @@ public class API_Artifact { } } }); - + } } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java index 68354413..0f239ada 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -36,7 +36,7 @@ import org.onap.aaf.misc.env.Slot; /** * API Apis.. using Redirect for mechanism - * + * * @author Jonathan * */ @@ -46,7 +46,7 @@ public class API_Cert { /** * Normal Init level APIs - * + * * @param aafCM * @param facade * @throws Exception @@ -54,7 +54,7 @@ public class API_Cert { public static void init(final AAF_CM aafCM) throws Exception { // Check for Created Certificate Authorities in TRANS sCertAuth = aafCM.env.slot(CERT_AUTH); - + //////// // Overall APIs /////// @@ -76,7 +76,7 @@ public class API_Cert { } } }); - + aafCM.route(HttpMethods.GET,"/cert/:ca/personal",API.CERT,new Code(aafCM,"Request Personal Certificate") { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { @@ -96,9 +96,9 @@ public class API_Cert { } }); - + /** - * + * */ aafCM.route(HttpMethods.GET, "/cert/may/:perm", API.VOID, new Code(aafCM,"Check Permission") { @Override @@ -114,10 +114,10 @@ public class API_Cert { }); /** - * Get Cert by ID and Machine + * Get Cert by ID and Machine */ - + /** * Get Certs by ID */ @@ -133,10 +133,10 @@ public class API_Cert { } }); - + /** * Get Certs by Machine */ - + } } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java index ab304629..13876b14 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -54,11 +54,11 @@ public abstract class CA { public static final Set<String> EMPTY = Collections.unmodifiableSet(new HashSet<>()); - + private final String name; private final String env; private MessageDigest messageDigest; - private final String permNS; + private final String permNS; private final String permType; private final ArrayList<String> idDomains; private String[] trustedCAs; @@ -71,7 +71,7 @@ public abstract class CA { trustedCAs = new String[4]; // starting array this.name = caName; this.env = env; - this.env_tag = env==null || env.isEmpty()?false: + this.env_tag = env==null || env.isEmpty()?false: Boolean.parseBoolean(access.getProperty(CM_CA_ENV_TAG, Boolean.FALSE.toString())); permNS=null; String prefix = CM_CA_PREFIX + name; @@ -80,9 +80,9 @@ public abstract class CA { throw new CertException(prefix + ".perm_type" + MUST_EXIST_TO_CREATE_CSRS_FOR + caName); } caIssuerDNs = Split.splitTrim(':', access.getProperty(Config.CADI_X509_ISSUERS, null)); - + String tag = CA.CM_CA_PREFIX+caName+CA.CM_CA_BASE_SUBJECT; - + String fields = access.getProperty(tag, null); if (fields==null) { throw new CertException(tag + MUST_EXIST_TO_CREATE_CSRS_FOR + caName); @@ -94,7 +94,7 @@ public abstract class CA { throw new CertException("email address is not allowed in " + CM_CA_BASE_SUBJECT); } } - + idDomains = new ArrayList<>(); StringBuilder sb = null; for (String s : Split.splitTrim(',', access.getProperty(CA.CM_CA_PREFIX+caName+".idDomains", ""))) { @@ -111,7 +111,7 @@ public abstract class CA { if (sb!=null) { access.printf(Level.INIT, "CA '%s' supports Personal Certificates for %s", caName, sb); } - + String dataDir = access.getProperty(CM_PUBLIC_DIR,null); if (dataDir!=null) { File data = new File(dataDir); @@ -132,7 +132,7 @@ public abstract class CA { FileInputStream fis = new FileInputStream(crt); try { int read = fis.read(bytes); - if (read>0) { + if (read>0) { addTrustedCA(new String(bytes)); } } finally { @@ -166,7 +166,7 @@ public abstract class CA { caIssuerDNs = newsa; } } - + protected synchronized void addTrustedCA(final String crtString) { String crt; if (crtString.endsWith("\n")) { @@ -185,19 +185,19 @@ public abstract class CA { temp[trustedCAs.length]=crt; trustedCAs = temp; } - + public String[] getCaIssuerDNs() { return caIssuerDNs; } - + public String[] getTrustedCAs() { return trustedCAs; } - + public boolean shouldAddEnvTag() { - return env_tag; + return env_tag; } - + public String getEnv() { return env; } @@ -213,16 +213,16 @@ public abstract class CA { public String getName() { return name; } - - + + public String getPermNS() { return permNS; } - + public String getPermType() { return permType; } - + public abstract X509andChain sign(Trans trans, CSRMeta csrmeta) throws IOException, CertException; /* (non-Javadoc) diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java index 4dd49199..51b962c8 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java @@ -9,9 +9,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -71,20 +71,20 @@ public class JscepCA extends CA { super(access, name, env); mxcwiS = new ConcurrentHashMap<>(); mxcwiC = new ConcurrentHashMap<>(); - + if (params.length<2) { throw new CertException("No Trust Chain parameters are included"); - } + } if (params[0].length<2) { throw new CertException("User/Password required for JSCEP"); } final String id = params[0][0]; - final String pw = params[0][1]; - + final String pw = params[0][1]; + // Set this for NTLM password Microsoft Authenticator.setDefault(new Authenticator() { - @Override - public PasswordAuthentication getPasswordAuthentication () { + @Override + public PasswordAuthentication getPasswordAuthentication () { try { return new PasswordAuthentication (id,access.decrypt(pw,true).toCharArray()); } catch (IOException e) { @@ -93,16 +93,16 @@ public class JscepCA extends CA { return null; } }); - + StringBuilder urlstr = new StringBuilder(); for (int i=1;i<params.length;++i) { // skip first section, which is user/pass - // Work + // Work if (i>1) { urlstr.append(','); // delimiter } urlstr.append(params[i][0]); - + String dir = access.getProperty(CM_PUBLIC_DIR, ""); if (!"".equals(dir) && !dir.endsWith("/")) { dir = dir + '/'; @@ -125,12 +125,12 @@ public class JscepCA extends CA { } } } - } + } clients = new JscepClientLocator(access,urlstr.toString()); } // package on purpose - + @Override public X509ChainWithIssuer sign(Trans trans, CSRMeta csrmeta) throws IOException, CertException { TimeTaken tt = trans.start("Generating CSR and Keys for New Certificate", Env.SUB); @@ -139,14 +139,14 @@ public class JscepCA extends CA { csr = csrmeta.generateCSR(trans); if (trans.info().isLoggable()) { trans.info().log(BCFactory.toString(csr)); - } + } if (trans.info().isLoggable()) { trans.info().log(csr); } } finally { tt.done(); } - + tt = trans.start("Enroll CSR", Env.SUB); Client client = null; Item item = null; @@ -154,13 +154,13 @@ public class JscepCA extends CA { try { item = clients.best(); client = clients.get(item); - + EnrollmentResponse er = client.enrol( csrmeta.initialConversationCert(trans), csrmeta.keypair(trans).getPrivate(), csr, MS_PROFILE /* profile... MS can't deal with blanks*/); - + while (true) { if (er.isSuccess()) { trans.checkpoint("Cert from " + clients.info(item)); @@ -186,7 +186,7 @@ public class JscepCA extends CA { i=MAX_RETRY; } catch (ClientException e) { trans.error().log(e,"SCEP Client Error, Temporarily Invalidating Client: " + clients.info(item)); - try { + try { clients.invalidate(client); if (!clients.hasItems()) { clients.refresh(); @@ -202,13 +202,13 @@ public class JscepCA extends CA { tt.done(); } } - + return null; } - + /** * Locator specifically for Jscep Clients. - * + * * Class based client for access to common Map */ private class JscepClientLocator extends HotPeerLocator<Client> { @@ -247,7 +247,7 @@ public class JscepCA extends CA { protected void _destroy(Client client) { mxcwiC.remove(client); } - - + + } } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java index c51ddbde..c2d6701a 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -79,22 +79,22 @@ public class LocalCA extends CA { KeyPurposeId.id_kp_serverAuth, // WebServer KeyPurposeId.id_kp_clientAuth // WebClient }; - + private final PrivateKey caKey; private final X500Name issuer; private BigInteger serial; private final X509ChainWithIssuer x509cwi; // "Cert" is CACert - - + + public LocalCA(Access access, final String name, final String env, final String[][] params) throws IOException, CertException { super(access, name, env); - + serial = new BigInteger(64,new SecureRandom()); if (params.length<1 || params[0].length<2) { throw new IOException("LocalCA expects cm_ca.<ca name>=org.onap.aaf.auth.cm.ca.LocalCA,<full path to key file>[;<Full Path to Trust Chain, ending with actual CA>]+"); } - + // Read in the Private Key String configured; File f = new File(params[0][0]); @@ -145,7 +145,7 @@ public class LocalCA extends CA { } else { throw new CertException("Unknown Keystore type from filename " + fileName); } - + KeyStore.ProtectionParameter keyPass; try { @@ -174,7 +174,7 @@ public class LocalCA extends CA { } PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry)entry; caKey = privateKeyEntry.getPrivateKey(); - + x509cwi = new X509ChainWithIssuer(privateKeyEntry.getCertificateChain()); configured = "keystore \"" + fileName + "\", alias " + params[0][1]; } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | UnrecoverableEntryException e) { @@ -184,7 +184,7 @@ public class LocalCA extends CA { } else { throw new CertException("Private Key, " + f.getPath() + ", does not exist"); } - + X500NameBuilder xnb = new X500NameBuilder(); List<RDN> rp = RDN.parse(',', x509cwi.getIssuerDN()); Collections.reverse(rp); @@ -209,12 +209,12 @@ public class LocalCA extends CA { TimeTaken tt = trans.start("Create/Sign Cert",Env.SUB); try { BigInteger bi; - + synchronized(ONE) { bi = serial; serial = serial.add(ONE); } - + RSAPublicKey rpk = (RSAPublicKey)csrmeta.keypair(trans).getPublic(); X509v3CertificateBuilder xcb = new X509v3CertificateBuilder( issuer, @@ -238,7 +238,7 @@ public class LocalCA extends CA { )) .addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature - | KeyUsage.keyEncipherment + | KeyUsage.keyEncipherment | KeyUsage.nonRepudiation)) .addExtension(Extension.extendedKeyUsage, true, new ExtendedKeyUsage(ASN_WebUsage)) @@ -250,8 +250,8 @@ public class LocalCA extends CA { false, new GeneralNames(sans)) // .addExtension(MiscObjectIdentifiers.netscape, true, new NetscapeCertType( // NetscapeCertType.sslClient|NetscapeCertType.sslClient)) - ; - + ; + x509 = new JcaX509CertificateConverter().getCertificate( xcb.build(BCFactory.contentSigner(caKey))); } catch (GeneralSecurityException|OperatorCreationException e) { @@ -259,7 +259,7 @@ public class LocalCA extends CA { } finally { tt.done(); } - + return new X509andChain(x509,x509cwi.trustChain); } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java index 30495d08..fde94b42 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -38,9 +38,9 @@ public class X509ChainWithIssuer extends X509andChain { public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) { super(x509,orig.trustChain); - issuerDN=orig.issuerDN; + issuerDN=orig.issuerDN; } - + public X509ChainWithIssuer(final List<? extends Reader> rdrs) throws IOException, CertException { // Trust Chain. Last one should be the CA Collection<? extends Certificate> certs; @@ -49,7 +49,7 @@ public class X509ChainWithIssuer extends X509andChain { if (rdr==null) { // cover for badly formed array continue; } - + byte[] bytes = Factory.decode(rdr,null); try { certs = Factory.toX509Certificate(bytes); @@ -70,7 +70,7 @@ public class X509ChainWithIssuer extends X509andChain { } } } - + public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException { X509Certificate x509; for (int i=certs.length-1; i>=0; --i) { @@ -79,8 +79,8 @@ public class X509ChainWithIssuer extends X509andChain { if (subject!=null) { addTrustChainEntry(x509); if (i==0) { // last one is signer - cert=x509; - issuerDN= subject.toString(); + cert=x509; + issuerDN= subject.toString(); } } } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java index 9a0e1c0d..b05747b6 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -30,21 +30,21 @@ import org.onap.aaf.cadi.configure.Factory; /** - * Have to put the Cert and resulting Trust Chain together. + * Have to put the Cert and resulting Trust Chain together. * Treating them separately has caused issues - * + * * @author JonathanGathman * */ public class X509andChain { protected X509Certificate cert; protected String[] trustChain; - + public X509andChain() { cert = null; trustChain = null; } - + public X509andChain(X509Certificate cert, String[] tc) { this.cert = cert; trustChain=tc; @@ -55,8 +55,8 @@ public class X509andChain { trustChain = new String[chain.size()+1]; chain.toArray(trustChain); } - - + + public void addTrustChainEntry(X509Certificate x509) throws IOException, CertException { if (trustChain==null) { trustChain = new String[] {Factory.toString(NullTrans.singleton(),x509)}; @@ -67,14 +67,14 @@ public class X509andChain { trustChain=temp; } } - + public X509Certificate getX509() { return cert; } - + public String[] getTrustChain() { return trustChain; } - + } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java index b84816ab..9715422d 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -47,7 +47,7 @@ import org.onap.aaf.misc.env.Trans; /** * Additional Factory mechanisms for CSRs, and BouncyCastle. The main Factory * utilizes only Java abstractions, and is useful in Client code. - * + * * @author JonathanGathman * */ @@ -59,11 +59,11 @@ public class BCFactory extends Factory { // Bouncy jcsb = new JcaContentSignerBuilder(Factory.SIG_ALGO); } - + public static ContentSigner contentSigner(PrivateKey pk) throws OperatorCreationException { return jcsb.build(pk); } - + public static String toString(PKCS10CertificationRequest csr) throws IOException, CertException { if (csr==null) { throw new CertException("x509 Certificate Request not built"); @@ -89,7 +89,7 @@ public class BCFactory extends Factory { tt.done(); } } - + public static CSRMeta createCSRMeta(CA ca, String mechid, String sponsorEmail, List<String> fqdns) throws CertException { CSRMeta csr = ca.newCSRMeta(); boolean first = true; @@ -99,9 +99,9 @@ public class BCFactory extends Factory { first = false; csr.cn(fqdn); } - csr.san(fqdn); // duplicate CN in SAN, per RFC 5280 section 4.2.1.6 + csr.san(fqdn); // duplicate CN in SAN, per RFC 5280 section 4.2.1.6 } - + csr.challenge(new String(Symm.randomGen(24))); csr.mechID(mechid); csr.email(sponsorEmail); @@ -111,7 +111,7 @@ public class BCFactory extends Factory { } return csr; } - + private static String validateApp(CSRMeta csr) { CertmanValidator v = new CertmanValidator(); if (v.nullOrBlank("cn", csr.cn()) @@ -146,6 +146,6 @@ public class BCFactory extends Factory { return null; } } - + } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java index f67f445f..04ba0b89 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java @@ -9,9 +9,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -90,15 +90,15 @@ public class CSRMeta { } return name; } - - + + public PKCS10CertificationRequest generateCSR(Trans trans) throws IOException, CertException { PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(x500Name(),keypair(trans).getPublic()); if (challenge!=null) { DERPrintableString password = new DERPrintableString(challenge); builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, password); } - + int plus = email==null?0:1; if (!sanList.isEmpty()) { GeneralName[] gna = new GeneralName[sanList.size()+plus]; @@ -107,7 +107,7 @@ public class CSRMeta { gna[++i]=new GeneralName(GeneralName.dNSName,s); } gna[++i]=new GeneralName(GeneralName.rfc822Name,email); - + builder.addAttribute( PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new Extensions(new Extension[] { @@ -122,7 +122,7 @@ public class CSRMeta { throw new CertException(e); } } - + @SuppressWarnings("deprecation") public static void dump(PKCS10CertificationRequest csr) { Attribute[] certAttributes = csr.getAttributes(); @@ -152,7 +152,7 @@ public class CSRMeta { } } } - + public X509Certificate initialConversationCert(Trans trans) throws CertificateException, OperatorCreationException { GregorianCalendar gc = new GregorianCalendar(); Date start = gc.getTime(); @@ -209,15 +209,15 @@ public class CSRMeta { public void environment(String env) { environment = env; } - + /** - * + * * @return */ public String environment() { return environment; } - + /** * @return the mechID */ @@ -263,5 +263,5 @@ public class CSRMeta { public void challenge(String challenge) { this.challenge = challenge; } - + } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java index fe4e20ff..c43e614c 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -35,7 +35,7 @@ public class RDN { public RDN(final String tagValue) throws CertException { String[] tv = Split.splitTrim('=',tagValue); switch(tv[0]) { - case "cn":case "CN": aoi = BCStyle.CN; + case "cn":case "CN": aoi = BCStyle.CN; break; case "c":case "C": aoi = BCStyle.C; break; @@ -49,21 +49,21 @@ public class RDN { break; case "dc":case "DC": aoi = BCStyle.DC; break; - case "gn":case "GN": aoi = BCStyle.GIVENNAME; + case "gn":case "GN": aoi = BCStyle.GIVENNAME; break; - case "sn":case "SN": aoi = BCStyle.SN; + case "sn":case "SN": aoi = BCStyle.SN; break; // surname case "email":case "EMAIL": case "emailaddress": case "EMAILADDRESS": aoi = BCStyle.EmailAddress; break; // should be SAN extension - case "initials": aoi = BCStyle.INITIALS; - break; - case "pseudonym": aoi = BCStyle.PSEUDONYM; + case "initials": aoi = BCStyle.INITIALS; + break; + case "pseudonym": aoi = BCStyle.PSEUDONYM; break; - case "generationQualifier": aoi = BCStyle.GENERATION; + case "generationQualifier": aoi = BCStyle.GENERATION; break; - case "serialNumber": aoi = BCStyle.SERIALNUMBER; + case "serialNumber": aoi = BCStyle.SERIALNUMBER; break; default: throw new CertException("Unknown ASN1ObjectIdentifier for " + tv[0] + " in " + tagValue); @@ -71,7 +71,7 @@ public class RDN { tag = tv[0]; value = tv[1]; } - + /** * Parse various forms of DNs into appropriate RDNs, which have the ASN1ObjectIdentifier * @param delim @@ -109,7 +109,7 @@ public class RDN { } return lrnd; } - + @Override public String toString() { return tag + '=' + value; diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertDrop.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertDrop.java index 0a9d7661..e9e5d446 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertDrop.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertDrop.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertRenew.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertRenew.java index 242a18ac..55e5a573 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertRenew.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertRenew.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java index 3e2fb816..7de19944 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -37,13 +37,13 @@ public class CertReq { public List<String> fqdns; // Notify public List<String> emails; - - + + // These may be null public String sponsor; public XMLGregorianCalendar start; public XMLGregorianCalendar end; - + public CSRMeta getCSRMeta() throws CertException { return BCFactory.createCSRMeta(certAuthority, mechid, sponsor,fqdns); } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java index 9017763a..be0c251c 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java @@ -9,9 +9,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -37,12 +37,12 @@ public class CertResp { private CA ca; private KeyPair keyPair; private String challenge; - + private String privateKey; private String certString; private String[] trustChain; private String[] notes; - + public CertResp(Trans trans, CA ca, X509Certificate x509, CSRMeta csrMeta, String[] trustChain, String[] notes) throws IOException, CertException { keyPair = csrMeta.keypair(trans); privateKey = Factory.toString(trans, keyPair.getPrivate()); @@ -58,35 +58,35 @@ public class CertResp { certString = cert; } - + public String asCertString() { return certString; } - + public String privateString() { return privateKey; } - + public String challenge() { return challenge==null?"":challenge; } - + public String[] notes() { return notes; } - + public String[] caIssuerDNs() { return ca.getCaIssuerDNs(); } - + public String env() { return ca.getEnv(); } - + public String[] trustChain() { return trustChain; } - + public String[] trustCAs() { return ca.getTrustedCAs(); } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java index 2a49d3cd..3926422a 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -33,14 +33,14 @@ import org.onap.aaf.auth.layer.Result; /** - * + * * @author Jonathan * */ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> { ///////////////////// STANDARD ELEMENTS ////////////////// - /** + /** * @param trans * @param response * @param result @@ -48,7 +48,7 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> { void error(AuthzTrans trans, HttpServletResponse response, Result<?> result); /** - * + * * @param trans * @param response * @param status @@ -62,20 +62,20 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> { * @param resp * @param perm * @return - * @throws IOException + * @throws IOException */ Result<Void> check(AuthzTrans trans, HttpServletResponse resp, String perm) throws IOException; /** - * + * * @return */ public Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper(); ///////////////////// STANDARD ELEMENTS ////////////////// - + /** - * + * * @param trans * @param resp * @param rservlet @@ -84,7 +84,7 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> { public abstract Result<Void> requestCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca); /** - * + * * @param trans * @param resp * @param rservlet @@ -94,7 +94,7 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> { /** - * + * * @param trans * @param req * @param resp @@ -103,36 +103,36 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> { public abstract Result<Void> renewCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, boolean withTrust); /** - * + * * @param trans * @param req * @param resp * @return */ public abstract Result<Void> dropCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp); - + /** - * + * * @param trans * @param resp * @param pathParam * @return */ public Result<Void> readCertsByMechID(AuthzTrans trans, HttpServletResponse resp, String mechID); - + /** - * + * * @param trans * @param req * @param resp * @return */ Result<Void> createArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp); - + /** - * + * * @param trans * @param req * @param resp @@ -141,7 +141,7 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> { Result<Void> readArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp); /** - * + * * @param trans * @param resp * @param mechid @@ -151,16 +151,16 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> { Result<Void> readArtifacts(AuthzTrans trans, HttpServletResponse resp, String mechid, String machine); /** - * + * * @param trans * @param req * @param resp * @return */ Result<Void> updateArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp); - + /** - * + * * @param trans * @param req * @param resp @@ -169,7 +169,7 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> { Result<Void> deleteArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp); /** - * + * * @param trans * @param resp * @param mechid diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java index 4a3b5cbe..63859656 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -37,9 +37,9 @@ import certman.v1_0.CertInfo; * */ public class Facade1_0 extends FacadeImpl<BaseRequest,CertInfo, Artifacts, Error> { - public Facade1_0(AAF_CM certman, - CMService service, - Mapper<BaseRequest,CertInfo,Artifacts,Error> mapper, + public Facade1_0(AAF_CM certman, + CMService service, + Mapper<BaseRequest,CertInfo,Artifacts,Error> mapper, Data.TYPE type) throws APIException { super(certman, service, mapper, type); } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java index e9ffb908..1519de14 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -35,7 +35,7 @@ public class FacadeFactory { certman, service, new Mapper1_0(), - type); + type); } } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java index f381a9e8..513b8ea5 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java @@ -8,9 +8,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -59,7 +59,7 @@ import org.onap.aaf.misc.rosetta.env.RosettaData; /** * AuthzFacade - * + * * This Service Facade encapsulates the essence of the API Service can do, and provides * a single created object for elements such as RosettaDF. * @@ -70,14 +70,14 @@ import org.onap.aaf.misc.rosetta.env.RosettaData; * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request. * 4) Log Service info, warnings and exceptions as necessary * 5) When asked by the API layer, this will create and write Error content to the OutputStream - * - * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be + * + * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be * clearly coordinated with the API Documentation - * + * * @author Jonathan * */ -public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.auth.layer.FacadeImpl implements Facade<REQ,CERT,ARTIFACTS,ERROR> +public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.auth.layer.FacadeImpl implements Facade<REQ,CERT,ARTIFACTS,ERROR> { private static final String TRUE = "TRUE"; private static final String REQUEST_CERT = "Request New Certificate"; @@ -100,8 +100,8 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. private final String voidResp; public FacadeImpl(AAF_CM certman, - CMService service, - Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper, + CMService service, + Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper, Data.TYPE dataType) throws APIException { this.service = service; this.mapper = mapper; @@ -120,14 +120,14 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. voidResp = "application/Void+json;charset=utf-8;version=1.0,application/json;version=1.0,*/*"; } } - + public Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper() { return mapper; } - + /* (non-Javadoc) * @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int) - * + * * Note: Conforms to AT&T TSS RESTful Error Structure */ @Override @@ -136,7 +136,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. result.details==null?"":result.details.trim(), result.variables==null?Result.EMPTY_VARS:result.variables); } - + @Override public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final Object ... _detail) { String msgId; @@ -158,7 +158,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. prefix = "Forbidden"; response.setStatus(/*httpstatus=*/403); break; - + case 404: case ERR_NotFound: msgId = "SVC1404"; @@ -172,21 +172,21 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. prefix = "Not Acceptable"; response.setStatus(/*httpstatus=*/406); break; - + case 409: case ERR_ConflictAlreadyExists: msgId = "SVC1409"; prefix = "Conflict Already Exists"; response.setStatus(/*httpstatus=*/409); break; - + case 501: case ERR_NotImplemented: msgId = "SVC1501"; - prefix = "Not Implemented"; + prefix = "Not Implemented"; response.setStatus(/*httpstatus=*/501); break; - + default: msgId = "SVC1500"; @@ -200,7 +200,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. StringBuilder holder = new StringBuilder(); ERROR em = mapper().errorFromMessage(holder, msgId,prefix + ": " + _msg,_detail); trans.checkpoint( - "ErrResp [" + + "ErrResp [" + msgId + "] " + holder.toString(), @@ -210,7 +210,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request"); } errDF.newData(trans).load(em).to(response.getOutputStream()); - + } catch (Exception e) { trans.error().log(e,"unable to send response for",_msg); } @@ -256,12 +256,12 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. trans.error().log("Invalid Input",IN,REQUEST_CERT); return Result.err(Result.ERR_BadData,"Invalid Input"); } - + Result<CertResp> rcr = service.requestCert(trans,mapper.toReq(trans,request), ca); if (rcr.notOK()) { return Result.err(rcr); } - + Result<CERT> rc = mapper.toCert(trans, rcr, withTrust); if (rc.status == OK) { RosettaData<CERT> data = certDF.newData(trans).load(rc.value); @@ -279,7 +279,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. tt.done(); } } - + /* (non-Javadoc) * @see org.onap.aaf.auth.cm.facade.Facade#requestPersonalCert(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean) */ @@ -300,7 +300,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. trans.error().log("Invalid Input",IN,RENEW_CERT); return Result.err(Result.ERR_BadData,"Invalid Input"); } - + Result<CertResp> rcr = service.renewCert(trans,mapper.toRenew(trans,request)); Result<CERT> rc = mapper.toCert(trans, rcr, withTrust); @@ -333,7 +333,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. trans.error().log("Invalid Input",IN,DROP_CERT); return Result.err(Result.ERR_BadData,"Invalid Input"); } - + Result<Void> rv = service.dropCert(trans,mapper.toDrop(trans, request)); if (rv.status == OK) { setContentType(resp, certRequestDF.getOutType()); @@ -387,7 +387,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. trans.error().log("Invalid Input",IN,CREATE_ARTIFACTS); return Result.err(Result.ERR_BadData,"Invalid Input"); } - + return service.createArtifact(trans,mapper.toArtifact(trans,arti)); } catch (Exception e) { @@ -405,7 +405,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. String mechid = req.getParameter("mechid"); String machine = req.getParameter("machine"); String ns = req.getParameter("ns"); - + Result<ARTIFACTS> ra; if ( machine !=null && mechid == null) { ra = mapper.fromArtifacts(service.readArtifactsByMachine(trans, machine)); @@ -422,7 +422,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. } else { ra = Result.err(Status.ERR_BadData,"Invalid request inputs"); } - + if (ra.isOK()) { RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value); data.to(resp.getOutputStream()); @@ -477,7 +477,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. trans.error().log("Invalid Input",IN,UPDATE_ARTIFACTS); return Result.err(Result.ERR_BadData,"Invalid Input"); } - + return service.updateArtifact(trans,mapper.toArtifact(trans,arti)); } catch (Exception e) { trans.error().log(e,IN,UPDATE_ARTIFACTS); @@ -499,7 +499,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf. trans.error().log("Invalid Input",IN,DELETE_ARTIFACTS); return Result.err(Result.ERR_BadData,"Invalid Input"); } - + Result<Void> rv = service.deleteArtifact(trans,mapper.toArtifact(trans,arti)); if (rv.status == OK) { setContentType(resp, artiDF.getOutType()); diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java index 4a7019dd..90d1cf32 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -36,19 +36,19 @@ import org.onap.aaf.auth.layer.Result; public interface Mapper<REQ,CERT,ARTIFACTS,ERROR> { public enum API{ERROR,VOID,CERT,CERT_REQ,CERT_RENEW,CERT_DROP,ARTIFACTS}; - + public Class<?> getClass(API api); public<A> A newInstance(API api); public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, Object ... detail); - + public Result<CERT> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException; public Result<CERT> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in); public Result<CertReq> toReq(AuthzTrans trans, REQ req); public Result<CertRenew> toRenew(AuthzTrans trans, REQ req); public Result<CertDrop> toDrop(AuthzTrans trans, REQ req); - + public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, ARTIFACTS arti); public Result<ARTIFACTS> fromArtifacts(Result<List<ArtiDAO.Data>> readArtifactsByMachine); } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java index bce7eccd..bf5665af 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java @@ -8,9 +8,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -50,7 +50,7 @@ import certman.v1_0.CertificateRequest; public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { - + @Override public Class<?> getClass(API api) { switch(api) { @@ -233,7 +233,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { data.ns = trim(arti.getNs()); data.renewDays = arti.getRenewDays(); data.notify = trim(arti.getNotification()); - + // Ignored on way in for create/update data.sponsor = (arti.getSponsor()); if(arti.getSans()!=null) { @@ -279,8 +279,8 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { return Result.err(lArtiDAO); } } - - + + private String trim(String s) { if(s==null) { diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java index 283c828a..501fbcfe 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -49,7 +49,7 @@ import certman.v1_0.CertificateRequest; public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { - + @Override public Class<?> getClass(API api) { switch(api) { @@ -127,7 +127,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { } cout.setNotes(sb.toString()); } - + List<String> caIssuerDNs = cout.getCaIssuerDNs(); for (String s : cin.caIssuerDNs()) { caIssuerDNs.add(s); @@ -224,7 +224,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { data.ns = trim(arti.getNs()); data.renewDays = arti.getRenewDays(); data.notify = trim(arti.getNotification()); - + // Ignored on way in for create/update data.sponsor = trim(arti.getSponsor()); data.expires = null; @@ -274,7 +274,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> { return Result.err(lArtiDAO); } } - - + + }
\ No newline at end of file diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java index aa145f1c..88109437 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java @@ -80,7 +80,7 @@ public class CMService { // Limit total requests private static final int MAX_X509s = 200; // Need a "LIMIT Exception" DB. private static final String MAX_X509S_TAG = "cm_max_x509s"; // be able to adjust limit in future - + public static final String REQUEST = "request"; public static final String IGNORE_IPS = "ignoreIPs"; public static final String RENEW = "renew"; @@ -153,25 +153,25 @@ public class CMService { boolean dynamic_sans = false; if(req.value.fqdns.isEmpty()) { - fqdns = new ArrayList<>(); + fqdns = new ArrayList<>(); } else { - // Only Template or Dynamic permitted to pass in FQDNs - if (req.value.fqdns.get(0).startsWith("*")) { // Domain set + // Only Template or Dynamic permitted to pass in FQDNs + if (req.value.fqdns.get(0).startsWith("*")) { // Domain set if (trans.fish(new AAFPermission(null,ca.getPermType(), ca.getName(), DOMAIN))) { - domain_based = true; + domain_based = true; } else { return Result.err(Result.ERR_Denied, "Domain based Authorizations (" + req.value.fqdns.get(0) + ") requires Exception"); } - } else { - if(trans.fish(new AAFPermission(null, ca.getPermType(), ca.getName(),DYNAMIC_SANS))) { - dynamic_sans = true; - } else { + } else { + if(trans.fish(new AAFPermission(null, ca.getPermType(), ca.getName(),DYNAMIC_SANS))) { + dynamic_sans = true; + } else { return Result.err(Result.ERR_Denied, - "Dynamic SANs for (" + req.value.mechid + ") requires Permission"); - } - } - fqdns = new ArrayList<>(req.value.fqdns); + "Dynamic SANs for (" + req.value.mechid + ") requires Permission"); + } + } + fqdns = new ArrayList<>(req.value.fqdns); } String email = null; @@ -185,7 +185,7 @@ public class CMService { } else { ignoreIPs = false; } - + InetAddress primary = null; // Organize incoming information to get to appropriate Artifact @@ -197,8 +197,8 @@ public class CMService { String domain = fqdns.get(0).substring(1); // starts with *, see above fqdns.remove(0); if (fqdns.isEmpty()) { - return Result.err(Result.ERR_Denied, - "Requests using domain require machine declaration"); + return Result.err(Result.ERR_Denied, + "Requests using domain require machine declaration"); } if (!ignoreIPs) { @@ -212,7 +212,7 @@ public class CMService { } } else { - // Passed in FQDNs, but not starting with * + // Passed in FQDNs, but not starting with * if (!ignoreIPs) { for (String cn : req.value.fqdns) { try { @@ -254,37 +254,37 @@ public class CMService { return Result.err(Result.ERR_Denied,"Authorization must not include SANS when doing Dynamic SANS (%s, %s)", req.value.mechid, key); } } else { - if(domain_based) { - ra = artiDAO.read(trans, req.value.mechid, key); - if (ra.isOKhasData()) { // is the Template available? - add = ra.value.get(0); - add.machine = host; - for (String s : fqdns) { - if (!s.equals(add.machine)) { - add.sans(true).add(s); - } - } - Result<ArtiDAO.Data> rc = artiDAO.create(trans, add); // Create new Artifact from Template - if (rc.notOK()) { - return Result.err(rc); - } - } else { - return Result.err(Result.ERR_Denied,"No Authorization Template for %s, %s", req.value.mechid, key); - } - } else { + if(domain_based) { + ra = artiDAO.read(trans, req.value.mechid, key); + if (ra.isOKhasData()) { // is the Template available? + add = ra.value.get(0); + add.machine = host; + for (String s : fqdns) { + if (!s.equals(add.machine)) { + add.sans(true).add(s); + } + } + Result<ArtiDAO.Data> rc = artiDAO.create(trans, add); // Create new Artifact from Template + if (rc.notOK()) { + return Result.err(rc); + } + } else { + return Result.err(Result.ERR_Denied,"No Authorization Template for %s, %s", req.value.mechid, key); + } + } else { return Result.err(Result.ERR_Denied,"No Authorization found for %s, %s", req.value.mechid, key); - } + } } // Add Artifact listed FQDNs if(!dynamic_sans) { - if (add.sans != null) { - for (String s : add.sans) { - if (!fqdns.contains(s)) { - fqdns.add(s); - } - } - } + if (add.sans != null) { + for (String s : add.sans) { + if (!fqdns.contains(s)) { + fqdns.add(s); + } + } + } } // Policy 2: If Config marked as Expired, do not create or renew @@ -354,7 +354,7 @@ public class CMService { try { csrMeta = BCFactory.createCSRMeta(ca, req.value.mechid, email, fqdns); csrMeta.environment(ca.getEnv()); - + // Before creating, make sure they don't have too many if(!trans.fish(limitOverridePerm)) { Result<List<CertDAO.Data>> existing = certDAO.readID(trans, req.value.mechid); @@ -392,7 +392,7 @@ public class CMService { cdd.id = req.value.mechid; cdd.x500 = x509.getSubjectDN().getName(); cdd.x509 = Factory.toString(trans, x509); - + certDAO.create(trans, cdd); CredDAO.Data crdd = new CredDAO.Data(); diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java index fdf2447d..0a4a4abb 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -33,7 +33,7 @@ public abstract class Code extends HttpCode<AuthzTrans,Facade1_0> implements Clo // Note, the first "Code" will be created with default Facade, "JSON". // use clone for another Code with XML } - + public <D extends Code> D clone(Facade1_0 facade) throws Exception { @SuppressWarnings("unchecked") diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java index cdd501ce..eaee6dc5 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -31,9 +31,9 @@ import org.onap.aaf.auth.validation.Validator; /** * Validator * Consistently apply content rules for content (incoming) - * - * Note: We restrict content for usability in URLs (because RESTful service), and avoid - * issues with Regular Expressions, and other enabling technologies. + * + * Note: We restrict content for usability in URLs (because RESTful service), and avoid + * issues with Regular Expressions, and other enabling technologies. * @author Jonathan * */ @@ -49,12 +49,12 @@ public class CertmanValidator extends Validator{ private static final String IS_NULL = " is null."; private static final String ARTIFACTS_MUST_HAVE_AT_LEAST = "Artifacts must have at least "; private static final Pattern ALPHA_NUM = Pattern.compile("[a-zA-Z0-9]*"); - + private static boolean disallowTmp = true; public static void allowTmp() { disallowTmp=false; } - + public CertmanValidator nullBlankMin(String name, List<String> list, int min) { if (list==null) { msg(name + IS_NULL); @@ -97,7 +97,7 @@ public class CertmanValidator extends Validator{ } return this; } - + private CertmanValidator allRequired(Data a) { if (a==null) { msg("Artifact is null."); diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/JU_AAF_CM.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/JU_AAF_CM.java index 9f7497e0..39681cfa 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/JU_AAF_CM.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/JU_AAF_CM.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -65,20 +65,20 @@ public class JU_AAF_CM { @Mock AuthzEnv env; - + BasicEnv baseEnv; - + @Mock PropAccess access; - + AuthzTransImpl1 trans; - + AAF_CMImpl rosettaObj = null; - + @Before public void setUp() { initMocks(this); - + try { Mockito.doReturn(access).when(env).access(); Mockito.doReturn("test.test").when(access).getProperty(Config.AAF_ROOT_NS,"org.osaaf.aaf"); @@ -95,7 +95,7 @@ public class JU_AAF_CM { Mockito.doReturn(trans).when(env).newTrans(); // Mockito.doReturn("test").when(trans).getProperty("cm_ca.props.baseSubject",null); // Mockito.doReturn(Mockito.mock(TimeTaken.class)).when(trans).start("Clear Reset Deque",8); - + Mockito.doReturn("TLSv1.1").when(access).getProperty("cadi_protocols","test"); Mockito.doReturn("https://www.google.com").when(access).getProperty(Config.AAF_URL,null); Mockito.doReturn("test").when(env).getProperty(Config.AAF_ENV); @@ -126,10 +126,10 @@ public class JU_AAF_CM { PowerMockito.mockStatic(FacadeFactory.class); FacadeFactory factObj = PowerMockito.mock(FacadeFactory.class); PowerMockito.when(factObj.v1_0(tempObj,trans, null,Data.TYPE.JSON)).thenReturn(facadeObj); - + // Mockito.doReturn(Mockito.mock(Mapper.class)).when(facadeObj).mapper(); - + rosettaObj = new AAF_CMImpl(env); } catch (Exception e) { // TODO Auto-generated catch block @@ -137,13 +137,13 @@ public class JU_AAF_CM { assertTrue(e instanceof NullPointerException); } } - + @Test public void testTestCA() { CA obj = rosettaObj.getCA("props"); assertTrue(obj instanceof CA); } - + // @Test // public void testRoute() { // try { @@ -155,7 +155,7 @@ public class JU_AAF_CM { //// System.out.println(obj); //// assertTrue(obj instanceof CA); // } - + @Test public void testFilters() { try { @@ -168,31 +168,31 @@ public class JU_AAF_CM { } // assertTrue(obj instanceof CA); } - + class AAF_CMImpl extends AAF_CM{ public AAF_CMImpl(AuthzEnv env) throws Exception { super(env); // TODO Auto-generated constructor stub } - + @Override public synchronized AAFConHttp aafCon() throws CadiException, LocatorException { return Mockito.mock(AAFConHttp.class); } - + public CMService getService() { return Mockito.mock(CMService.class); } - + @Override public void route(HttpMethods meth, String path, API api, Code code) throws Exception { - + } } - - - + + + class AuthzTransImpl1 extends AuthzTransImpl{ public AuthzTransImpl1(AuthzEnv env) { @@ -204,22 +204,22 @@ public class JU_AAF_CM { protected TimeTaken newTimeTaken(String name, int flag, Object ... values) { // TODO Auto-generated method stub TimeTaken tt= new TimeTaken("nameTest", Env.XML) { - + @Override public void output(StringBuilder sb) { // TODO Auto-generated method stub - + } }; return tt; } - + @Override public Metric auditTrail(int indent, StringBuilder sb, int ... flag) { return null; } - + } - + } diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java index 31ee0727..c6a78b38 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java @@ -7,9 +7,9 @@ * * Licensed under the Apache License, Version 2.0 (the "License"); * * you may not use this file except in compliance with the License. * * You may obtain a copy of the License at - * * + * * * * http://www.apache.org/licenses/LICENSE-2.0 - * * + * * * * Unless required by applicable law or agreed to in writing, software * * distributed under the License is distributed on an "AS IS" BASIS, * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -42,19 +42,19 @@ import junit.framework.Assert; @RunWith(MockitoJUnitRunner.class) public class JU_API_Artifact { - + @Mock private static API_Artifact api; - + @Mock private static AAF_CM certManApi; - + private static AAF_CM noMockAPI; private static API_Artifact api_1; - + private static HttpServletRequest req; private static HttpServletResponse res; - + @BeforeClass public static void setUp() { AuthzTrans trans = mock(AuthzTrans.class); @@ -63,18 +63,18 @@ public class JU_API_Artifact { trans.setProperty("testTag", "UserValue"); trans.set(req,res); } - + @Rule public ExpectedException thrown= ExpectedException.none(); - + @Test public void placeholder() { Assert.assertTrue(true); } - + /* * These fail in builds. Need something better. - * + * * Also, they don't do much. Just catch some null pointers. @Test public void init_bothValued() { @@ -85,7 +85,7 @@ public class JU_API_Artifact { e.printStackTrace(); } } - + @Test public void init_Null_() { try { @@ -95,7 +95,7 @@ public class JU_API_Artifact { e.printStackTrace(); } } - + @Test public void init_NMC_Null() { try { @@ -105,7 +105,7 @@ public class JU_API_Artifact { e.printStackTrace(); } } - + @Test public void init_NMC() { try { diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java index 674e4edf..4c7888dc 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java @@ -7,9 +7,9 @@ * * Licensed under the Apache License, Version 2.0 (the "License"); * * you may not use this file except in compliance with the License. * * You may obtain a copy of the License at - * * + * * * * http://www.apache.org/licenses/LICENSE-2.0 - * * + * * * * Unless required by applicable law or agreed to in writing, software * * distributed under the License is distributed on an "AS IS" BASIS, * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -42,19 +42,19 @@ import org.onap.aaf.auth.env.AuthzTrans; @RunWith(MockitoJUnitRunner.class) public class JU_API_Cert { - + @Mock private static API_Cert api; - + @Mock private static AAF_CM certManApi; - + private static AAF_CM noMockAPI; private static API_Cert api_1; - + private static HttpServletRequest req; private static HttpServletResponse res; - + @BeforeClass public static void setUp() { AuthzTrans trans = mock(AuthzTrans.class); @@ -63,10 +63,10 @@ public class JU_API_Cert { trans.setProperty("testTag", "UserValue"); trans.set(req,res); } - + @Rule public ExpectedException thrown= ExpectedException.none(); - + @Test public void init_bothValued() { try { @@ -76,7 +76,7 @@ public class JU_API_Cert { e.printStackTrace(); } } - + @Test public void init_Null_() { try { @@ -86,7 +86,7 @@ public class JU_API_Cert { e.printStackTrace(); } } - + @Test public void init_NMC_Null() { try { @@ -96,7 +96,7 @@ public class JU_API_Cert { e.printStackTrace(); } } - + @Test public void init_NMC() { try { diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java index 48c81c50..5d91d704 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java @@ -7,9 +7,9 @@ * * Licensed under the Apache License, Version 2.0 (the "License"); * * you may not use this file except in compliance with the License. * * You may obtain a copy of the License at - * * + * * * * http://www.apache.org/licenses/LICENSE-2.0 - * * + * * * * Unless required by applicable law or agreed to in writing, software * * distributed under the License is distributed on an "AS IS" BASIS, * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -61,23 +61,23 @@ import org.onap.aaf.misc.env.Trans; //TODO: Gabe [JUnit] Import does not exist @RunWith(MockitoJUnitRunner.class) public class JU_AppCA { - + @Mock private static CachedCertDAO certDAO; - + @Mock private static HttpServletRequest req; - + @Mock private static CSRMeta csrMeta; - + static Trans trans; - + static X509andChain cert1; static byte [] name = {1,23,4,54,6,56}; - + private static LocalCA localCA; - + @BeforeClass public static void setUp() throws CertificateException, CertException, IOException { String str = "core java api"; @@ -86,196 +86,196 @@ public class JU_AppCA { req = mock(HttpServletRequest.class); localCA = mock(LocalCA.class); X509Certificate cert = new X509Certificate() { - + @Override public boolean hasUnsupportedCriticalExtension() { return false; } - + @Override public Set<String> getNonCriticalExtensionOIDs() { - + return null; } - + @Override public byte[] getExtensionValue(String oid) { - + return null; } - + @Override public Set<String> getCriticalExtensionOIDs() { - + return null; } - + @Override public void verify(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { - - + + } - + @Override public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { - - + + } - + @Override public String toString() { - + return null; } - + @Override public PublicKey getPublicKey() { - + return null; } - + @Override public byte[] getEncoded() throws CertificateEncodingException { - + return null; } - + @Override public int getVersion() { - + return 0; } - + @Override public byte[] getTBSCertificate() throws CertificateEncodingException { - + return null; } - + @Override public boolean[] getSubjectUniqueID() { - + return null; } - + @Override public Principal getSubjectDN() { - + return null; } - + @Override public byte[] getSignature() { - + return null; } - + @Override public byte[] getSigAlgParams() { - + return null; } - + @Override public String getSigAlgOID() { - + return null; } - + @Override public String getSigAlgName() { - + return null; } - + @Override public BigInteger getSerialNumber() { - + return null; } - + @Override public Date getNotBefore() { - + return null; } - + @Override public Date getNotAfter() { - + return null; } - + @Override public boolean[] getKeyUsage() { - + return null; } - + @Override public boolean[] getIssuerUniqueID() { - + return null; } - + @Override public Principal getIssuerDN() { - + return null; } - + @Override public int getBasicConstraints() { - + return 0; } - + @Override public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException { - - + + } - + @Override public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException { - + } }; X509andChain xac = new X509andChain(cert, new ArrayList<>()); when(localCA.sign(Mockito.any(Trans.class), Mockito.any(CSRMeta.class))).thenReturn(xac); certDAO = mock(CachedCertDAO.class, CALLS_REAL_METHODS); } - + @Test public void identity_True() throws CertificateException, IOException, CertException { assertNotNull(localCA.sign(trans, csrMeta)); } - - + + @Test public void identityNull() throws CertificateException { try { assertNotNull(localCA.sign(null, csrMeta)); } catch (IOException e) { - + e.printStackTrace(); } catch (CertException e) { - + e.printStackTrace(); } } - + @Test public void identityBothNull() throws CertificateException { try { assertNotNull(localCA.sign(null, null)); } catch (IOException e) { - + e.printStackTrace(); } catch (CertException e) { - + e.printStackTrace(); } } diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainTest.java index 4c6f7585..2560b4bf 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainTest.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainTest.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainWithIssuerTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainWithIssuerTest.java index dbae3fcd..c1b0f94f 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainWithIssuerTest.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainWithIssuerTest.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java index b5f35c3a..7e0a0845 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java @@ -7,9 +7,9 @@ * * Licensed under the Apache License, Version 2.0 (the "License"); * * you may not use this file except in compliance with the License. * * You may obtain a copy of the License at - * * + * * * * http://www.apache.org/licenses/LICENSE-2.0 - * * + * * * * Unless required by applicable law or agreed to in writing, software * * distributed under the License is distributed on an "AS IS" BASIS, * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -48,19 +48,19 @@ import org.onap.aaf.misc.env.Trans; @RunWith(MockitoJUnitRunner.class) public class JU_BCFactory { - + private static BCFactory bcFactory = new BCFactory(); - + private static BCFactory bcFact; - + private static PrivateKey pk; - - + + private static Trans trans; - - + + private static PKCS10CertificationRequest req; - + @BeforeClass public static void setUp() throws IOException { pk = new XYZKey(); @@ -68,29 +68,29 @@ public class JU_BCFactory { req = mock(PKCS10CertificationRequest.class); when(req.getEncoded()).thenReturn(new byte[1]); when(trans.start(Mockito.anyString(), Mockito.anyInt())).thenReturn(new TimeTaken(null, 0) { - + @Override public void output(StringBuilder sb) { // TODO Auto-generated method stub - + } }); bcFact = mock(BCFactory.class); } - + @Test public void toStrin() throws OperatorCreationException, IOException, CertException { assertNotNull(bcFactory.toString(req)); } - + @Test public void toStrinMoc() throws OperatorCreationException, IOException, CertException { assertNotNull(bcFact.toString(req)); } - + @Rule public ExpectedException thrown= ExpectedException.none(); - + @Test public void toCSR() { try { @@ -100,11 +100,11 @@ public class JU_BCFactory { e.printStackTrace(); } } - + } class XYZKey implements Key, PublicKey, PrivateKey { - + int rotValue; public XYZKey() { rotValue = 1200213; diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertReqTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertReqTest.java index 8b33036f..ea7f5a86 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertReqTest.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertReqTest.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertRespTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertRespTest.java index 37519a30..3424de06 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertRespTest.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertRespTest.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java index a9806439..7db1778d 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java @@ -7,9 +7,9 @@ * * Licensed under the Apache License, Version 2.0 (the "License"); * * you may not use this file except in compliance with the License. * * You may obtain a copy of the License at - * * + * * * * http://www.apache.org/licenses/LICENSE-2.0 - * * + * * * * Unless required by applicable law or agreed to in writing, software * * distributed under the License is distributed on an "AS IS" BASIS, * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -53,7 +53,7 @@ import org.onap.aaf.misc.env.TimeTaken; @RunWith(MockitoJUnitRunner.class) public class JU_FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> { - + private static AuthzTrans trans; private static HttpServletResponse resp; private static AAF_CM certman; @@ -62,10 +62,10 @@ public class JU_FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> { private Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper; private Data.TYPE dataType; private static AuthzEnv env; - + private static FacadeImpl fImpl; private static HttpServletRequest req; - + @Before public void setUp() throws APIException, IOException { fImpl = mock(FacadeImpl.class); @@ -76,111 +76,111 @@ public class JU_FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> { Result<Void> rvd = (Result) mock(Result.class); trans = mock(AuthzTrans.class); when(trans.error()).thenReturn(new LogTarget() { - + @Override public void printf(String fmt, Object... vars) {} - + @Override public void log(Throwable e, Object... msgs) { e.getMessage(); //e.printStackTrace(); msgs.toString(); - + } - + @Override public void log(Object... msgs) { } - + @Override public boolean isLoggable() { - + return false; } }); when(trans.start(Mockito.anyString(), Mockito.anyInt())).thenReturn(new TimeTaken("Now", 1) { - + @Override public void output(StringBuilder sb) { - + } }); when(fImpl.check(Mockito.any(AuthzTrans.class), Mockito.any(HttpServletResponse.class), Mockito.anyString())).thenReturn(rvd); when(resp.getOutputStream()).thenReturn(new ServletOutputStream() { - + @Override public void write(int b) throws IOException { - - + + } }); - + } - + @Test public void check() throws IOException { AAFPermission ap = new AAFPermission("str0","str1","str3","str2"); String perms = ap.getInstance(); assertNotNull(hImpl.check(trans, resp, perms)); } - + @Test public void checkNull() throws IOException { AAFPermission ap = new AAFPermission(null,null,"Str3","str2"); String perms = ap.getInstance(); assertNotNull(hImpl.check(trans, resp, perms)); } - + @Test public void checkTwoNull() throws IOException { AAFPermission ap = new AAFPermission(null,null,null,"str2"); String perms = ap.getInstance(); assertNotNull(fImpl.check(trans, resp, perms)); } - + @Test public void checkAllNull() throws IOException { AAFPermission ap = new AAFPermission(null,null,null,null); String perms = ap.getInstance(); assertNotNull(fImpl.check(trans, resp, perms)); } - + @Test public void checkTrans_null() throws IOException { AAFPermission ap = new AAFPermission("str0","str1","str3","str2"); String perms = ap.getInstance(); assertNotNull(hImpl.check(null, resp, perms)); } - + @Test public void checkRespNull() throws IOException { AAFPermission ap = new AAFPermission("str0","str1","str3","str2"); String perms = ap.getInstance(); assertNotNull(hImpl.check(trans, null, perms)); } - + @Test - public void requestCert() { + public void requestCert() { assertNotNull(hImpl.requestCert(trans, req, resp, null)); } - + @Test - public void renewCert() { + public void renewCert() { assertNotNull(hImpl.renewCert(trans, req, resp, true)); } - + @Test - public void dropCert() { + public void dropCert() { assertNotNull(hImpl.renewCert(trans, req, resp, true)); } - + @Test - public void createArtifacts() { + public void createArtifacts() { assertNotNull(hImpl.createArtifacts(trans, req, resp)); } - + @Test - public void readArtifacts() { + public void readArtifacts() { assertNotNull(hImpl.readArtifacts(trans, req, resp)); } } diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java index 80c9dbcc..f23acd83 100644 --- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java +++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -54,14 +54,14 @@ public class CertmanTest { // for (Item item = loc.first(); item!=null; item=loc.next(item)) { // System.out.println(loc.get(item)); // } -// -// +// +// // SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(env, HttpURLConnection.class); -// ss = new HBasicAuthSS(si,"m12345@aaf.att.com", +// ss = new HBasicAuthSS(si,"m12345@aaf.att.com", // env.decrypt("enc:gvptdJyo0iKdVZw2rzMb0woxa7YKMdqLuhfQ4OQfZ8k",false)); // env.decrypt("enc:jFfAnO3mOKb9Gzm2OFysslmXpbnyuAxuoNJK",false), si); // SecuritySetter<HttpURLConnection> ss = new X509SS(si, "aaf"); - + // hman = new HMangr(env,loc); // // reqDF = env.newDataFactory(CertificateRequest.class); @@ -85,13 +85,13 @@ public class CertmanTest { // @Test // public void testX500Name() throws Exception { -// +// // for ( InetAddress ia : InetAddress.getAllByName("aaf.dev.att.com")) { // System.out.printf("%s - %s\n", ia.getHostName(), ia.getHostAddress()); // InetAddress ia1 = InetAddress.getByName(ia.getHostAddress()); // System.out.printf("%s - %s\n", ia1.getHostName(), ia1.getHostAddress()); // } -// +// // hman.best(ss, new Retryable<Void>() { // @Override // public Void code(Rcli<?> client) throws APIException, CadiException { @@ -101,7 +101,7 @@ public class CertmanTest { // cr.getFqdns().add("mithrilcsp.sbc.com"); // cr.getFqdns().add("zld01907.vci.att.com"); // cr.getFqdns().add("aaftest.test.att.com"); -// +// // String path = "/cert/local"; // Local Test //// String path = "/cert/aaf"; // Official CA // long end=0,start = System.nanoTime(); @@ -131,12 +131,12 @@ public class CertmanTest { // return null; // } // }); -// -// +// +// // } // // public X500Principal ephemeral() { // return null; // } - + } |