summaryrefslogtreecommitdiffstats
path: root/auth/auth-certman
diff options
context:
space:
mode:
Diffstat (limited to 'auth/auth-certman')
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java30
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/LocalCAImpl.java6
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java20
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java24
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java40
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java46
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java32
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java16
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java22
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java20
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java24
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java24
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertDrop.java4
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertRenew.java4
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java10
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java24
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java46
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java10
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java6
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java60
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java10
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java12
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java14
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java90
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java6
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java16
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/JU_AAF_CM.java54
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java28
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java24
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java142
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainTest.java4
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainWithIssuerTest.java4
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java36
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertReqTest.java4
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertRespTest.java4
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java66
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java24
37 files changed, 503 insertions, 503 deletions
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
index aadb165e..d7571ab5 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
@@ -8,9 +8,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -92,12 +92,12 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
}
/**
* Construct AuthzAPI with all the Context Supporting Routes that Authz needs
- *
+ *
* @param env
- * @param si
- * @param dm
- * @param decryptor
- * @throws APIException
+ * @param si
+ * @param dm
+ * @param decryptor
+ * @throws APIException
*/
public AAF_CM(AuthzEnv env) throws Exception {
super(env.access(),env);
@@ -109,7 +109,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
if (aafEnv==null) {
throw new APIException("aaf_env needs to be set");
}
-
+
// Check for allowing /tmp in Properties
String allowTmp = env.getProperty(CM_ALLOW_TMP);
if("true".equalsIgnoreCase(allowTmp)) {
@@ -132,7 +132,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
String key = es.getKey().toString();
if (key.startsWith(CA.CM_CA_PREFIX)) {
int idx = key.indexOf('.');
- if (idx==key.lastIndexOf('.')) { // else it's a regular property
+ if (idx==key.lastIndexOf('.')) { // else it's a regular property
env.log(Level.INIT, "Loading Certificate Authority Module: " + key.substring(idx+1));
String[] segs = Split.split(',', env.getProperty(key));
if (segs.length>0) {
@@ -149,7 +149,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
pinst[0]=env;
pinst[1]= key.substring(idx+1);
pinst[2]= aafEnv;
- pinst[3] = multiParams;
+ pinst[3] = multiParams;
try {
CA ca = cons.newInstance(pinst);
certAuths.put(ca.getName(),ca);
@@ -170,7 +170,7 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
}
// note: Service knows how to shutdown Cluster on Shutdown, etc. See Constructor
facade1_0 = FacadeFactory.v1_0(this,trans, service,Data.TYPE.JSON); // Default Facade
- facade1_0_XML = FacadeFactory.v1_0(this,trans,service,Data.TYPE.XML);
+ facade1_0_XML = FacadeFactory.v1_0(this,trans,service,Data.TYPE.XML);
synchronized(env) {
@@ -194,19 +194,19 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
public CA getCA(String key) {
return certAuths.get(key);
}
-
+
/**
* Setup XML and JSON implementations for each supported Version type
- *
+ *
* We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
* to do Versions and Content switches
- *
+ *
*/
public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
String version = "1.0";
// Get Correct API Class from Mapper
- Class<?> respCls = facade1_0.mapper().getClass(api);
+ Class<?> respCls = facade1_0.mapper().getClass(api);
if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
// setup Application API HTML ContentTypes for JSON and Route
String application = applicationJSON(respCls, version);
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/LocalCAImpl.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/LocalCAImpl.java
index d32b67a3..dbc63ad1 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/LocalCAImpl.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/LocalCAImpl.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -35,7 +35,7 @@ public class LocalCAImpl extends CA {
super(access, caName, env);
// TODO Auto-generated constructor stub
}
-
+
public LocalCAImpl(Access access, final String name, final String env, final String[][] params) throws IOException, CertException {
super(access, name, env);
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java
index a3a30607..8ba4b127 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -34,7 +34,7 @@ import org.onap.aaf.auth.rserv.HttpMethods;
/**
* API Deployment Artifact Apis.. using Redirect for mechanism
- *
+ *
* @author Jonathan
*
*/
@@ -43,7 +43,7 @@ public class API_Artifact {
private static final String CERT_ARTIFACTS = "/cert/artifacts";
/**
* Normal Init level APIs
- *
+ *
* @param cmAPI
* @throws Exception
*/
@@ -79,7 +79,7 @@ public class API_Artifact {
cmAPI.route(HttpMethods.GET, "/cert/artifacts/:mechid/:machine", API.ARTIFACTS, new Code(cmAPI,GET_ARTIFACTS) {
@Override
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
-
+
Result<Void> r = context.readArtifacts(trans, resp, pathParam(req,":mechid"), pathParam(req,":machine"));
if (r.isOK()) {
resp.setStatus(HttpStatus.OK_200);
@@ -88,8 +88,8 @@ public class API_Artifact {
}
}
});
-
-
+
+
cmAPI.route(HttpMethods.PUT, CERT_ARTIFACTS, API.ARTIFACTS, new Code(cmAPI,"Update Artifacts") {
@Override
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
@@ -105,7 +105,7 @@ public class API_Artifact {
cmAPI.route(HttpMethods.DELETE, "/cert/artifacts/:mechid/:machine", API.VOID, new Code(cmAPI,"Delete Artifacts") {
@Override
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.deleteArtifacts(trans, resp,
+ Result<Void> r = context.deleteArtifacts(trans, resp,
pathParam(req, ":mechid"), pathParam(req,":machine"));
if (r.isOK()) {
resp.setStatus(HttpStatus.OK_200);
@@ -114,7 +114,7 @@ public class API_Artifact {
}
}
});
-
+
cmAPI.route(HttpMethods.DELETE, CERT_ARTIFACTS, API.VOID, new Code(cmAPI,"Delete Artifacts") {
@Override
@@ -127,7 +127,7 @@ public class API_Artifact {
}
}
});
-
+
}
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java
index 68354413..0f239ada 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -36,7 +36,7 @@ import org.onap.aaf.misc.env.Slot;
/**
* API Apis.. using Redirect for mechanism
- *
+ *
* @author Jonathan
*
*/
@@ -46,7 +46,7 @@ public class API_Cert {
/**
* Normal Init level APIs
- *
+ *
* @param aafCM
* @param facade
* @throws Exception
@@ -54,7 +54,7 @@ public class API_Cert {
public static void init(final AAF_CM aafCM) throws Exception {
// Check for Created Certificate Authorities in TRANS
sCertAuth = aafCM.env.slot(CERT_AUTH);
-
+
////////
// Overall APIs
///////
@@ -76,7 +76,7 @@ public class API_Cert {
}
}
});
-
+
aafCM.route(HttpMethods.GET,"/cert/:ca/personal",API.CERT,new Code(aafCM,"Request Personal Certificate") {
@Override
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
@@ -96,9 +96,9 @@ public class API_Cert {
}
});
-
+
/**
- *
+ *
*/
aafCM.route(HttpMethods.GET, "/cert/may/:perm", API.VOID, new Code(aafCM,"Check Permission") {
@Override
@@ -114,10 +114,10 @@ public class API_Cert {
});
/**
- * Get Cert by ID and Machine
+ * Get Cert by ID and Machine
*/
-
+
/**
* Get Certs by ID
*/
@@ -133,10 +133,10 @@ public class API_Cert {
}
});
-
+
/**
* Get Certs by Machine
*/
-
+
}
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
index ab304629..13876b14 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -54,11 +54,11 @@ public abstract class CA {
public static final Set<String> EMPTY = Collections.unmodifiableSet(new HashSet<>());
-
+
private final String name;
private final String env;
private MessageDigest messageDigest;
- private final String permNS;
+ private final String permNS;
private final String permType;
private final ArrayList<String> idDomains;
private String[] trustedCAs;
@@ -71,7 +71,7 @@ public abstract class CA {
trustedCAs = new String[4]; // starting array
this.name = caName;
this.env = env;
- this.env_tag = env==null || env.isEmpty()?false:
+ this.env_tag = env==null || env.isEmpty()?false:
Boolean.parseBoolean(access.getProperty(CM_CA_ENV_TAG, Boolean.FALSE.toString()));
permNS=null;
String prefix = CM_CA_PREFIX + name;
@@ -80,9 +80,9 @@ public abstract class CA {
throw new CertException(prefix + ".perm_type" + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
}
caIssuerDNs = Split.splitTrim(':', access.getProperty(Config.CADI_X509_ISSUERS, null));
-
+
String tag = CA.CM_CA_PREFIX+caName+CA.CM_CA_BASE_SUBJECT;
-
+
String fields = access.getProperty(tag, null);
if (fields==null) {
throw new CertException(tag + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
@@ -94,7 +94,7 @@ public abstract class CA {
throw new CertException("email address is not allowed in " + CM_CA_BASE_SUBJECT);
}
}
-
+
idDomains = new ArrayList<>();
StringBuilder sb = null;
for (String s : Split.splitTrim(',', access.getProperty(CA.CM_CA_PREFIX+caName+".idDomains", ""))) {
@@ -111,7 +111,7 @@ public abstract class CA {
if (sb!=null) {
access.printf(Level.INIT, "CA '%s' supports Personal Certificates for %s", caName, sb);
}
-
+
String dataDir = access.getProperty(CM_PUBLIC_DIR,null);
if (dataDir!=null) {
File data = new File(dataDir);
@@ -132,7 +132,7 @@ public abstract class CA {
FileInputStream fis = new FileInputStream(crt);
try {
int read = fis.read(bytes);
- if (read>0) {
+ if (read>0) {
addTrustedCA(new String(bytes));
}
} finally {
@@ -166,7 +166,7 @@ public abstract class CA {
caIssuerDNs = newsa;
}
}
-
+
protected synchronized void addTrustedCA(final String crtString) {
String crt;
if (crtString.endsWith("\n")) {
@@ -185,19 +185,19 @@ public abstract class CA {
temp[trustedCAs.length]=crt;
trustedCAs = temp;
}
-
+
public String[] getCaIssuerDNs() {
return caIssuerDNs;
}
-
+
public String[] getTrustedCAs() {
return trustedCAs;
}
-
+
public boolean shouldAddEnvTag() {
- return env_tag;
+ return env_tag;
}
-
+
public String getEnv() {
return env;
}
@@ -213,16 +213,16 @@ public abstract class CA {
public String getName() {
return name;
}
-
-
+
+
public String getPermNS() {
return permNS;
}
-
+
public String getPermType() {
return permType;
}
-
+
public abstract X509andChain sign(Trans trans, CSRMeta csrmeta) throws IOException, CertException;
/* (non-Javadoc)
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
index 4dd49199..51b962c8 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
@@ -9,9 +9,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -71,20 +71,20 @@ public class JscepCA extends CA {
super(access, name, env);
mxcwiS = new ConcurrentHashMap<>();
mxcwiC = new ConcurrentHashMap<>();
-
+
if (params.length<2) {
throw new CertException("No Trust Chain parameters are included");
- }
+ }
if (params[0].length<2) {
throw new CertException("User/Password required for JSCEP");
}
final String id = params[0][0];
- final String pw = params[0][1];
-
+ final String pw = params[0][1];
+
// Set this for NTLM password Microsoft
Authenticator.setDefault(new Authenticator() {
- @Override
- public PasswordAuthentication getPasswordAuthentication () {
+ @Override
+ public PasswordAuthentication getPasswordAuthentication () {
try {
return new PasswordAuthentication (id,access.decrypt(pw,true).toCharArray());
} catch (IOException e) {
@@ -93,16 +93,16 @@ public class JscepCA extends CA {
return null;
}
});
-
+
StringBuilder urlstr = new StringBuilder();
for (int i=1;i<params.length;++i) { // skip first section, which is user/pass
- // Work
+ // Work
if (i>1) {
urlstr.append(','); // delimiter
}
urlstr.append(params[i][0]);
-
+
String dir = access.getProperty(CM_PUBLIC_DIR, "");
if (!"".equals(dir) && !dir.endsWith("/")) {
dir = dir + '/';
@@ -125,12 +125,12 @@ public class JscepCA extends CA {
}
}
}
- }
+ }
clients = new JscepClientLocator(access,urlstr.toString());
}
// package on purpose
-
+
@Override
public X509ChainWithIssuer sign(Trans trans, CSRMeta csrmeta) throws IOException, CertException {
TimeTaken tt = trans.start("Generating CSR and Keys for New Certificate", Env.SUB);
@@ -139,14 +139,14 @@ public class JscepCA extends CA {
csr = csrmeta.generateCSR(trans);
if (trans.info().isLoggable()) {
trans.info().log(BCFactory.toString(csr));
- }
+ }
if (trans.info().isLoggable()) {
trans.info().log(csr);
}
} finally {
tt.done();
}
-
+
tt = trans.start("Enroll CSR", Env.SUB);
Client client = null;
Item item = null;
@@ -154,13 +154,13 @@ public class JscepCA extends CA {
try {
item = clients.best();
client = clients.get(item);
-
+
EnrollmentResponse er = client.enrol(
csrmeta.initialConversationCert(trans),
csrmeta.keypair(trans).getPrivate(),
csr,
MS_PROFILE /* profile... MS can't deal with blanks*/);
-
+
while (true) {
if (er.isSuccess()) {
trans.checkpoint("Cert from " + clients.info(item));
@@ -186,7 +186,7 @@ public class JscepCA extends CA {
i=MAX_RETRY;
} catch (ClientException e) {
trans.error().log(e,"SCEP Client Error, Temporarily Invalidating Client: " + clients.info(item));
- try {
+ try {
clients.invalidate(client);
if (!clients.hasItems()) {
clients.refresh();
@@ -202,13 +202,13 @@ public class JscepCA extends CA {
tt.done();
}
}
-
+
return null;
}
-
+
/**
* Locator specifically for Jscep Clients.
- *
+ *
* Class based client for access to common Map
*/
private class JscepClientLocator extends HotPeerLocator<Client> {
@@ -247,7 +247,7 @@ public class JscepCA extends CA {
protected void _destroy(Client client) {
mxcwiC.remove(client);
}
-
-
+
+
}
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
index c51ddbde..c2d6701a 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -79,22 +79,22 @@ public class LocalCA extends CA {
KeyPurposeId.id_kp_serverAuth, // WebServer
KeyPurposeId.id_kp_clientAuth // WebClient
};
-
+
private final PrivateKey caKey;
private final X500Name issuer;
private BigInteger serial;
private final X509ChainWithIssuer x509cwi; // "Cert" is CACert
-
-
+
+
public LocalCA(Access access, final String name, final String env, final String[][] params) throws IOException, CertException {
super(access, name, env);
-
+
serial = new BigInteger(64,new SecureRandom());
if (params.length<1 || params[0].length<2) {
throw new IOException("LocalCA expects cm_ca.<ca name>=org.onap.aaf.auth.cm.ca.LocalCA,<full path to key file>[;<Full Path to Trust Chain, ending with actual CA>]+");
}
-
+
// Read in the Private Key
String configured;
File f = new File(params[0][0]);
@@ -145,7 +145,7 @@ public class LocalCA extends CA {
} else {
throw new CertException("Unknown Keystore type from filename " + fileName);
}
-
+
KeyStore.ProtectionParameter keyPass;
try {
@@ -174,7 +174,7 @@ public class LocalCA extends CA {
}
PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry)entry;
caKey = privateKeyEntry.getPrivateKey();
-
+
x509cwi = new X509ChainWithIssuer(privateKeyEntry.getCertificateChain());
configured = "keystore \"" + fileName + "\", alias " + params[0][1];
} catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | UnrecoverableEntryException e) {
@@ -184,7 +184,7 @@ public class LocalCA extends CA {
} else {
throw new CertException("Private Key, " + f.getPath() + ", does not exist");
}
-
+
X500NameBuilder xnb = new X500NameBuilder();
List<RDN> rp = RDN.parse(',', x509cwi.getIssuerDN());
Collections.reverse(rp);
@@ -209,12 +209,12 @@ public class LocalCA extends CA {
TimeTaken tt = trans.start("Create/Sign Cert",Env.SUB);
try {
BigInteger bi;
-
+
synchronized(ONE) {
bi = serial;
serial = serial.add(ONE);
}
-
+
RSAPublicKey rpk = (RSAPublicKey)csrmeta.keypair(trans).getPublic();
X509v3CertificateBuilder xcb = new X509v3CertificateBuilder(
issuer,
@@ -238,7 +238,7 @@ public class LocalCA extends CA {
))
.addExtension(Extension.keyUsage,
true, new KeyUsage(KeyUsage.digitalSignature
- | KeyUsage.keyEncipherment
+ | KeyUsage.keyEncipherment
| KeyUsage.nonRepudiation))
.addExtension(Extension.extendedKeyUsage,
true, new ExtendedKeyUsage(ASN_WebUsage))
@@ -250,8 +250,8 @@ public class LocalCA extends CA {
false, new GeneralNames(sans))
// .addExtension(MiscObjectIdentifiers.netscape, true, new NetscapeCertType(
// NetscapeCertType.sslClient|NetscapeCertType.sslClient))
- ;
-
+ ;
+
x509 = new JcaX509CertificateConverter().getCertificate(
xcb.build(BCFactory.contentSigner(caKey)));
} catch (GeneralSecurityException|OperatorCreationException e) {
@@ -259,7 +259,7 @@ public class LocalCA extends CA {
} finally {
tt.done();
}
-
+
return new X509andChain(x509,x509cwi.trustChain);
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
index 30495d08..fde94b42 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -38,9 +38,9 @@ public class X509ChainWithIssuer extends X509andChain {
public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) {
super(x509,orig.trustChain);
- issuerDN=orig.issuerDN;
+ issuerDN=orig.issuerDN;
}
-
+
public X509ChainWithIssuer(final List<? extends Reader> rdrs) throws IOException, CertException {
// Trust Chain. Last one should be the CA
Collection<? extends Certificate> certs;
@@ -49,7 +49,7 @@ public class X509ChainWithIssuer extends X509andChain {
if (rdr==null) { // cover for badly formed array
continue;
}
-
+
byte[] bytes = Factory.decode(rdr,null);
try {
certs = Factory.toX509Certificate(bytes);
@@ -70,7 +70,7 @@ public class X509ChainWithIssuer extends X509andChain {
}
}
}
-
+
public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
X509Certificate x509;
for (int i=certs.length-1; i>=0; --i) {
@@ -79,8 +79,8 @@ public class X509ChainWithIssuer extends X509andChain {
if (subject!=null) {
addTrustChainEntry(x509);
if (i==0) { // last one is signer
- cert=x509;
- issuerDN= subject.toString();
+ cert=x509;
+ issuerDN= subject.toString();
}
}
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java
index 9a0e1c0d..b05747b6 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -30,21 +30,21 @@ import org.onap.aaf.cadi.configure.Factory;
/**
- * Have to put the Cert and resulting Trust Chain together.
+ * Have to put the Cert and resulting Trust Chain together.
* Treating them separately has caused issues
- *
+ *
* @author JonathanGathman
*
*/
public class X509andChain {
protected X509Certificate cert;
protected String[] trustChain;
-
+
public X509andChain() {
cert = null;
trustChain = null;
}
-
+
public X509andChain(X509Certificate cert, String[] tc) {
this.cert = cert;
trustChain=tc;
@@ -55,8 +55,8 @@ public class X509andChain {
trustChain = new String[chain.size()+1];
chain.toArray(trustChain);
}
-
-
+
+
public void addTrustChainEntry(X509Certificate x509) throws IOException, CertException {
if (trustChain==null) {
trustChain = new String[] {Factory.toString(NullTrans.singleton(),x509)};
@@ -67,14 +67,14 @@ public class X509andChain {
trustChain=temp;
}
}
-
+
public X509Certificate getX509() {
return cert;
}
-
+
public String[] getTrustChain() {
return trustChain;
}
-
+
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java
index b84816ab..9715422d 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -47,7 +47,7 @@ import org.onap.aaf.misc.env.Trans;
/**
* Additional Factory mechanisms for CSRs, and BouncyCastle. The main Factory
* utilizes only Java abstractions, and is useful in Client code.
- *
+ *
* @author JonathanGathman
*
*/
@@ -59,11 +59,11 @@ public class BCFactory extends Factory {
// Bouncy
jcsb = new JcaContentSignerBuilder(Factory.SIG_ALGO);
}
-
+
public static ContentSigner contentSigner(PrivateKey pk) throws OperatorCreationException {
return jcsb.build(pk);
}
-
+
public static String toString(PKCS10CertificationRequest csr) throws IOException, CertException {
if (csr==null) {
throw new CertException("x509 Certificate Request not built");
@@ -89,7 +89,7 @@ public class BCFactory extends Factory {
tt.done();
}
}
-
+
public static CSRMeta createCSRMeta(CA ca, String mechid, String sponsorEmail, List<String> fqdns) throws CertException {
CSRMeta csr = ca.newCSRMeta();
boolean first = true;
@@ -99,9 +99,9 @@ public class BCFactory extends Factory {
first = false;
csr.cn(fqdn);
}
- csr.san(fqdn); // duplicate CN in SAN, per RFC 5280 section 4.2.1.6
+ csr.san(fqdn); // duplicate CN in SAN, per RFC 5280 section 4.2.1.6
}
-
+
csr.challenge(new String(Symm.randomGen(24)));
csr.mechID(mechid);
csr.email(sponsorEmail);
@@ -111,7 +111,7 @@ public class BCFactory extends Factory {
}
return csr;
}
-
+
private static String validateApp(CSRMeta csr) {
CertmanValidator v = new CertmanValidator();
if (v.nullOrBlank("cn", csr.cn())
@@ -146,6 +146,6 @@ public class BCFactory extends Factory {
return null;
}
}
-
+
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
index f67f445f..04ba0b89 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
@@ -9,9 +9,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -90,15 +90,15 @@ public class CSRMeta {
}
return name;
}
-
-
+
+
public PKCS10CertificationRequest generateCSR(Trans trans) throws IOException, CertException {
PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(x500Name(),keypair(trans).getPublic());
if (challenge!=null) {
DERPrintableString password = new DERPrintableString(challenge);
builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, password);
}
-
+
int plus = email==null?0:1;
if (!sanList.isEmpty()) {
GeneralName[] gna = new GeneralName[sanList.size()+plus];
@@ -107,7 +107,7 @@ public class CSRMeta {
gna[++i]=new GeneralName(GeneralName.dNSName,s);
}
gna[++i]=new GeneralName(GeneralName.rfc822Name,email);
-
+
builder.addAttribute(
PKCSObjectIdentifiers.pkcs_9_at_extensionRequest,
new Extensions(new Extension[] {
@@ -122,7 +122,7 @@ public class CSRMeta {
throw new CertException(e);
}
}
-
+
@SuppressWarnings("deprecation")
public static void dump(PKCS10CertificationRequest csr) {
Attribute[] certAttributes = csr.getAttributes();
@@ -152,7 +152,7 @@ public class CSRMeta {
}
}
}
-
+
public X509Certificate initialConversationCert(Trans trans) throws CertificateException, OperatorCreationException {
GregorianCalendar gc = new GregorianCalendar();
Date start = gc.getTime();
@@ -209,15 +209,15 @@ public class CSRMeta {
public void environment(String env) {
environment = env;
}
-
+
/**
- *
+ *
* @return
*/
public String environment() {
return environment;
}
-
+
/**
* @return the mechID
*/
@@ -263,5 +263,5 @@ public class CSRMeta {
public void challenge(String challenge) {
this.challenge = challenge;
}
-
+
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java
index fe4e20ff..c43e614c 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -35,7 +35,7 @@ public class RDN {
public RDN(final String tagValue) throws CertException {
String[] tv = Split.splitTrim('=',tagValue);
switch(tv[0]) {
- case "cn":case "CN": aoi = BCStyle.CN;
+ case "cn":case "CN": aoi = BCStyle.CN;
break;
case "c":case "C": aoi = BCStyle.C;
break;
@@ -49,21 +49,21 @@ public class RDN {
break;
case "dc":case "DC": aoi = BCStyle.DC;
break;
- case "gn":case "GN": aoi = BCStyle.GIVENNAME;
+ case "gn":case "GN": aoi = BCStyle.GIVENNAME;
break;
- case "sn":case "SN": aoi = BCStyle.SN;
+ case "sn":case "SN": aoi = BCStyle.SN;
break; // surname
case "email":case "EMAIL":
case "emailaddress":
case "EMAILADDRESS": aoi = BCStyle.EmailAddress;
break; // should be SAN extension
- case "initials": aoi = BCStyle.INITIALS;
- break;
- case "pseudonym": aoi = BCStyle.PSEUDONYM;
+ case "initials": aoi = BCStyle.INITIALS;
+ break;
+ case "pseudonym": aoi = BCStyle.PSEUDONYM;
break;
- case "generationQualifier": aoi = BCStyle.GENERATION;
+ case "generationQualifier": aoi = BCStyle.GENERATION;
break;
- case "serialNumber": aoi = BCStyle.SERIALNUMBER;
+ case "serialNumber": aoi = BCStyle.SERIALNUMBER;
break;
default:
throw new CertException("Unknown ASN1ObjectIdentifier for " + tv[0] + " in " + tagValue);
@@ -71,7 +71,7 @@ public class RDN {
tag = tv[0];
value = tv[1];
}
-
+
/**
* Parse various forms of DNs into appropriate RDNs, which have the ASN1ObjectIdentifier
* @param delim
@@ -109,7 +109,7 @@ public class RDN {
}
return lrnd;
}
-
+
@Override
public String toString() {
return tag + '=' + value;
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertDrop.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertDrop.java
index 0a9d7661..e9e5d446 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertDrop.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertDrop.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertRenew.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertRenew.java
index 242a18ac..55e5a573 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertRenew.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertRenew.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java
index 3e2fb816..7de19944 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -37,13 +37,13 @@ public class CertReq {
public List<String> fqdns;
// Notify
public List<String> emails;
-
-
+
+
// These may be null
public String sponsor;
public XMLGregorianCalendar start;
public XMLGregorianCalendar end;
-
+
public CSRMeta getCSRMeta() throws CertException {
return BCFactory.createCSRMeta(certAuthority, mechid, sponsor,fqdns);
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java
index 9017763a..be0c251c 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java
@@ -9,9 +9,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -37,12 +37,12 @@ public class CertResp {
private CA ca;
private KeyPair keyPair;
private String challenge;
-
+
private String privateKey;
private String certString;
private String[] trustChain;
private String[] notes;
-
+
public CertResp(Trans trans, CA ca, X509Certificate x509, CSRMeta csrMeta, String[] trustChain, String[] notes) throws IOException, CertException {
keyPair = csrMeta.keypair(trans);
privateKey = Factory.toString(trans, keyPair.getPrivate());
@@ -58,35 +58,35 @@ public class CertResp {
certString = cert;
}
-
+
public String asCertString() {
return certString;
}
-
+
public String privateString() {
return privateKey;
}
-
+
public String challenge() {
return challenge==null?"":challenge;
}
-
+
public String[] notes() {
return notes;
}
-
+
public String[] caIssuerDNs() {
return ca.getCaIssuerDNs();
}
-
+
public String env() {
return ca.getEnv();
}
-
+
public String[] trustChain() {
return trustChain;
}
-
+
public String[] trustCAs() {
return ca.getTrustedCAs();
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java
index 2a49d3cd..3926422a 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -33,14 +33,14 @@ import org.onap.aaf.auth.layer.Result;
/**
- *
+ *
* @author Jonathan
*
*/
public interface Facade<REQ,CERT,ARTIFACTS,ERROR> {
///////////////////// STANDARD ELEMENTS //////////////////
- /**
+ /**
* @param trans
* @param response
* @param result
@@ -48,7 +48,7 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> {
void error(AuthzTrans trans, HttpServletResponse response, Result<?> result);
/**
- *
+ *
* @param trans
* @param response
* @param status
@@ -62,20 +62,20 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> {
* @param resp
* @param perm
* @return
- * @throws IOException
+ * @throws IOException
*/
Result<Void> check(AuthzTrans trans, HttpServletResponse resp, String perm) throws IOException;
/**
- *
+ *
* @return
*/
public Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper();
///////////////////// STANDARD ELEMENTS //////////////////
-
+
/**
- *
+ *
* @param trans
* @param resp
* @param rservlet
@@ -84,7 +84,7 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> {
public abstract Result<Void> requestCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca);
/**
- *
+ *
* @param trans
* @param resp
* @param rservlet
@@ -94,7 +94,7 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> {
/**
- *
+ *
* @param trans
* @param req
* @param resp
@@ -103,36 +103,36 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> {
public abstract Result<Void> renewCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, boolean withTrust);
/**
- *
+ *
* @param trans
* @param req
* @param resp
* @return
*/
public abstract Result<Void> dropCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
+
/**
- *
+ *
* @param trans
* @param resp
* @param pathParam
* @return
*/
public Result<Void> readCertsByMechID(AuthzTrans trans, HttpServletResponse resp, String mechID);
-
+
/**
- *
+ *
* @param trans
* @param req
* @param resp
* @return
*/
Result<Void> createArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
+
/**
- *
+ *
* @param trans
* @param req
* @param resp
@@ -141,7 +141,7 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> {
Result<Void> readArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
/**
- *
+ *
* @param trans
* @param resp
* @param mechid
@@ -151,16 +151,16 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> {
Result<Void> readArtifacts(AuthzTrans trans, HttpServletResponse resp, String mechid, String machine);
/**
- *
+ *
* @param trans
* @param req
* @param resp
* @return
*/
Result<Void> updateArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
+
/**
- *
+ *
* @param trans
* @param req
* @param resp
@@ -169,7 +169,7 @@ public interface Facade<REQ,CERT,ARTIFACTS,ERROR> {
Result<Void> deleteArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
/**
- *
+ *
* @param trans
* @param resp
* @param mechid
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java
index 4a3b5cbe..63859656 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -37,9 +37,9 @@ import certman.v1_0.CertInfo;
*
*/
public class Facade1_0 extends FacadeImpl<BaseRequest,CertInfo, Artifacts, Error> {
- public Facade1_0(AAF_CM certman,
- CMService service,
- Mapper<BaseRequest,CertInfo,Artifacts,Error> mapper,
+ public Facade1_0(AAF_CM certman,
+ CMService service,
+ Mapper<BaseRequest,CertInfo,Artifacts,Error> mapper,
Data.TYPE type) throws APIException {
super(certman, service, mapper, type);
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java
index e9ffb908..1519de14 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -35,7 +35,7 @@ public class FacadeFactory {
certman,
service,
new Mapper1_0(),
- type);
+ type);
}
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
index f381a9e8..513b8ea5 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
@@ -8,9 +8,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -59,7 +59,7 @@ import org.onap.aaf.misc.rosetta.env.RosettaData;
/**
* AuthzFacade
- *
+ *
* This Service Facade encapsulates the essence of the API Service can do, and provides
* a single created object for elements such as RosettaDF.
*
@@ -70,14 +70,14 @@ import org.onap.aaf.misc.rosetta.env.RosettaData;
* a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.
* 4) Log Service info, warnings and exceptions as necessary
* 5) When asked by the API layer, this will create and write Error content to the OutputStream
- *
- * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be
+ *
+ * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be
* clearly coordinated with the API Documentation
- *
+ *
* @author Jonathan
*
*/
-public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.auth.layer.FacadeImpl implements Facade<REQ,CERT,ARTIFACTS,ERROR>
+public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.auth.layer.FacadeImpl implements Facade<REQ,CERT,ARTIFACTS,ERROR>
{
private static final String TRUE = "TRUE";
private static final String REQUEST_CERT = "Request New Certificate";
@@ -100,8 +100,8 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
private final String voidResp;
public FacadeImpl(AAF_CM certman,
- CMService service,
- Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper,
+ CMService service,
+ Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper,
Data.TYPE dataType) throws APIException {
this.service = service;
this.mapper = mapper;
@@ -120,14 +120,14 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
voidResp = "application/Void+json;charset=utf-8;version=1.0,application/json;version=1.0,*/*";
}
}
-
+
public Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper() {
return mapper;
}
-
+
/* (non-Javadoc)
* @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int)
- *
+ *
* Note: Conforms to AT&T TSS RESTful Error Structure
*/
@Override
@@ -136,7 +136,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
result.details==null?"":result.details.trim(),
result.variables==null?Result.EMPTY_VARS:result.variables);
}
-
+
@Override
public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final Object ... _detail) {
String msgId;
@@ -158,7 +158,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
prefix = "Forbidden";
response.setStatus(/*httpstatus=*/403);
break;
-
+
case 404:
case ERR_NotFound:
msgId = "SVC1404";
@@ -172,21 +172,21 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
prefix = "Not Acceptable";
response.setStatus(/*httpstatus=*/406);
break;
-
+
case 409:
case ERR_ConflictAlreadyExists:
msgId = "SVC1409";
prefix = "Conflict Already Exists";
response.setStatus(/*httpstatus=*/409);
break;
-
+
case 501:
case ERR_NotImplemented:
msgId = "SVC1501";
- prefix = "Not Implemented";
+ prefix = "Not Implemented";
response.setStatus(/*httpstatus=*/501);
break;
-
+
default:
msgId = "SVC1500";
@@ -200,7 +200,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
StringBuilder holder = new StringBuilder();
ERROR em = mapper().errorFromMessage(holder, msgId,prefix + ": " + _msg,_detail);
trans.checkpoint(
- "ErrResp [" +
+ "ErrResp [" +
msgId +
"] " +
holder.toString(),
@@ -210,7 +210,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request");
}
errDF.newData(trans).load(em).to(response.getOutputStream());
-
+
} catch (Exception e) {
trans.error().log(e,"unable to send response for",_msg);
}
@@ -256,12 +256,12 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
trans.error().log("Invalid Input",IN,REQUEST_CERT);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
-
+
Result<CertResp> rcr = service.requestCert(trans,mapper.toReq(trans,request), ca);
if (rcr.notOK()) {
return Result.err(rcr);
}
-
+
Result<CERT> rc = mapper.toCert(trans, rcr, withTrust);
if (rc.status == OK) {
RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
@@ -279,7 +279,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
tt.done();
}
}
-
+
/* (non-Javadoc)
* @see org.onap.aaf.auth.cm.facade.Facade#requestPersonalCert(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean)
*/
@@ -300,7 +300,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
trans.error().log("Invalid Input",IN,RENEW_CERT);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
-
+
Result<CertResp> rcr = service.renewCert(trans,mapper.toRenew(trans,request));
Result<CERT> rc = mapper.toCert(trans, rcr, withTrust);
@@ -333,7 +333,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
trans.error().log("Invalid Input",IN,DROP_CERT);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
-
+
Result<Void> rv = service.dropCert(trans,mapper.toDrop(trans, request));
if (rv.status == OK) {
setContentType(resp, certRequestDF.getOutType());
@@ -387,7 +387,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
trans.error().log("Invalid Input",IN,CREATE_ARTIFACTS);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
-
+
return service.createArtifact(trans,mapper.toArtifact(trans,arti));
} catch (Exception e) {
@@ -405,7 +405,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
String mechid = req.getParameter("mechid");
String machine = req.getParameter("machine");
String ns = req.getParameter("ns");
-
+
Result<ARTIFACTS> ra;
if ( machine !=null && mechid == null) {
ra = mapper.fromArtifacts(service.readArtifactsByMachine(trans, machine));
@@ -422,7 +422,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
} else {
ra = Result.err(Status.ERR_BadData,"Invalid request inputs");
}
-
+
if (ra.isOK()) {
RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value);
data.to(resp.getOutputStream());
@@ -477,7 +477,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
trans.error().log("Invalid Input",IN,UPDATE_ARTIFACTS);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
-
+
return service.updateArtifact(trans,mapper.toArtifact(trans,arti));
} catch (Exception e) {
trans.error().log(e,IN,UPDATE_ARTIFACTS);
@@ -499,7 +499,7 @@ public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.
trans.error().log("Invalid Input",IN,DELETE_ARTIFACTS);
return Result.err(Result.ERR_BadData,"Invalid Input");
}
-
+
Result<Void> rv = service.deleteArtifact(trans,mapper.toArtifact(trans,arti));
if (rv.status == OK) {
setContentType(resp, artiDF.getOutType());
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java
index 4a7019dd..90d1cf32 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -36,19 +36,19 @@ import org.onap.aaf.auth.layer.Result;
public interface Mapper<REQ,CERT,ARTIFACTS,ERROR>
{
public enum API{ERROR,VOID,CERT,CERT_REQ,CERT_RENEW,CERT_DROP,ARTIFACTS};
-
+
public Class<?> getClass(API api);
public<A> A newInstance(API api);
public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, Object ... detail);
-
+
public Result<CERT> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException;
public Result<CERT> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in);
public Result<CertReq> toReq(AuthzTrans trans, REQ req);
public Result<CertRenew> toRenew(AuthzTrans trans, REQ req);
public Result<CertDrop> toDrop(AuthzTrans trans, REQ req);
-
+
public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, ARTIFACTS arti);
public Result<ARTIFACTS> fromArtifacts(Result<List<ArtiDAO.Data>> readArtifactsByMachine);
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
index bce7eccd..bf5665af 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
@@ -8,9 +8,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -50,7 +50,7 @@ import certman.v1_0.CertificateRequest;
public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
-
+
@Override
public Class<?> getClass(API api) {
switch(api) {
@@ -233,7 +233,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
data.ns = trim(arti.getNs());
data.renewDays = arti.getRenewDays();
data.notify = trim(arti.getNotification());
-
+
// Ignored on way in for create/update
data.sponsor = (arti.getSponsor());
if(arti.getSans()!=null) {
@@ -279,8 +279,8 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
return Result.err(lArtiDAO);
}
}
-
-
+
+
private String trim(String s) {
if(s==null) {
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java
index 283c828a..501fbcfe 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -49,7 +49,7 @@ import certman.v1_0.CertificateRequest;
public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
-
+
@Override
public Class<?> getClass(API api) {
switch(api) {
@@ -127,7 +127,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
}
cout.setNotes(sb.toString());
}
-
+
List<String> caIssuerDNs = cout.getCaIssuerDNs();
for (String s : cin.caIssuerDNs()) {
caIssuerDNs.add(s);
@@ -224,7 +224,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
data.ns = trim(arti.getNs());
data.renewDays = arti.getRenewDays();
data.notify = trim(arti.getNotification());
-
+
// Ignored on way in for create/update
data.sponsor = trim(arti.getSponsor());
data.expires = null;
@@ -274,7 +274,7 @@ public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
return Result.err(lArtiDAO);
}
}
-
-
+
+
} \ No newline at end of file
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
index aa145f1c..88109437 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
@@ -80,7 +80,7 @@ public class CMService {
// Limit total requests
private static final int MAX_X509s = 200; // Need a "LIMIT Exception" DB.
private static final String MAX_X509S_TAG = "cm_max_x509s"; // be able to adjust limit in future
-
+
public static final String REQUEST = "request";
public static final String IGNORE_IPS = "ignoreIPs";
public static final String RENEW = "renew";
@@ -153,25 +153,25 @@ public class CMService {
boolean dynamic_sans = false;
if(req.value.fqdns.isEmpty()) {
- fqdns = new ArrayList<>();
+ fqdns = new ArrayList<>();
} else {
- // Only Template or Dynamic permitted to pass in FQDNs
- if (req.value.fqdns.get(0).startsWith("*")) { // Domain set
+ // Only Template or Dynamic permitted to pass in FQDNs
+ if (req.value.fqdns.get(0).startsWith("*")) { // Domain set
if (trans.fish(new AAFPermission(null,ca.getPermType(), ca.getName(), DOMAIN))) {
- domain_based = true;
+ domain_based = true;
} else {
return Result.err(Result.ERR_Denied,
"Domain based Authorizations (" + req.value.fqdns.get(0) + ") requires Exception");
}
- } else {
- if(trans.fish(new AAFPermission(null, ca.getPermType(), ca.getName(),DYNAMIC_SANS))) {
- dynamic_sans = true;
- } else {
+ } else {
+ if(trans.fish(new AAFPermission(null, ca.getPermType(), ca.getName(),DYNAMIC_SANS))) {
+ dynamic_sans = true;
+ } else {
return Result.err(Result.ERR_Denied,
- "Dynamic SANs for (" + req.value.mechid + ") requires Permission");
- }
- }
- fqdns = new ArrayList<>(req.value.fqdns);
+ "Dynamic SANs for (" + req.value.mechid + ") requires Permission");
+ }
+ }
+ fqdns = new ArrayList<>(req.value.fqdns);
}
String email = null;
@@ -185,7 +185,7 @@ public class CMService {
} else {
ignoreIPs = false;
}
-
+
InetAddress primary = null;
// Organize incoming information to get to appropriate Artifact
@@ -197,8 +197,8 @@ public class CMService {
String domain = fqdns.get(0).substring(1); // starts with *, see above
fqdns.remove(0);
if (fqdns.isEmpty()) {
- return Result.err(Result.ERR_Denied,
- "Requests using domain require machine declaration");
+ return Result.err(Result.ERR_Denied,
+ "Requests using domain require machine declaration");
}
if (!ignoreIPs) {
@@ -212,7 +212,7 @@ public class CMService {
}
} else {
- // Passed in FQDNs, but not starting with *
+ // Passed in FQDNs, but not starting with *
if (!ignoreIPs) {
for (String cn : req.value.fqdns) {
try {
@@ -254,37 +254,37 @@ public class CMService {
return Result.err(Result.ERR_Denied,"Authorization must not include SANS when doing Dynamic SANS (%s, %s)", req.value.mechid, key);
}
} else {
- if(domain_based) {
- ra = artiDAO.read(trans, req.value.mechid, key);
- if (ra.isOKhasData()) { // is the Template available?
- add = ra.value.get(0);
- add.machine = host;
- for (String s : fqdns) {
- if (!s.equals(add.machine)) {
- add.sans(true).add(s);
- }
- }
- Result<ArtiDAO.Data> rc = artiDAO.create(trans, add); // Create new Artifact from Template
- if (rc.notOK()) {
- return Result.err(rc);
- }
- } else {
- return Result.err(Result.ERR_Denied,"No Authorization Template for %s, %s", req.value.mechid, key);
- }
- } else {
+ if(domain_based) {
+ ra = artiDAO.read(trans, req.value.mechid, key);
+ if (ra.isOKhasData()) { // is the Template available?
+ add = ra.value.get(0);
+ add.machine = host;
+ for (String s : fqdns) {
+ if (!s.equals(add.machine)) {
+ add.sans(true).add(s);
+ }
+ }
+ Result<ArtiDAO.Data> rc = artiDAO.create(trans, add); // Create new Artifact from Template
+ if (rc.notOK()) {
+ return Result.err(rc);
+ }
+ } else {
+ return Result.err(Result.ERR_Denied,"No Authorization Template for %s, %s", req.value.mechid, key);
+ }
+ } else {
return Result.err(Result.ERR_Denied,"No Authorization found for %s, %s", req.value.mechid, key);
- }
+ }
}
// Add Artifact listed FQDNs
if(!dynamic_sans) {
- if (add.sans != null) {
- for (String s : add.sans) {
- if (!fqdns.contains(s)) {
- fqdns.add(s);
- }
- }
- }
+ if (add.sans != null) {
+ for (String s : add.sans) {
+ if (!fqdns.contains(s)) {
+ fqdns.add(s);
+ }
+ }
+ }
}
// Policy 2: If Config marked as Expired, do not create or renew
@@ -354,7 +354,7 @@ public class CMService {
try {
csrMeta = BCFactory.createCSRMeta(ca, req.value.mechid, email, fqdns);
csrMeta.environment(ca.getEnv());
-
+
// Before creating, make sure they don't have too many
if(!trans.fish(limitOverridePerm)) {
Result<List<CertDAO.Data>> existing = certDAO.readID(trans, req.value.mechid);
@@ -392,7 +392,7 @@ public class CMService {
cdd.id = req.value.mechid;
cdd.x500 = x509.getSubjectDN().getName();
cdd.x509 = Factory.toString(trans, x509);
-
+
certDAO.create(trans, cdd);
CredDAO.Data crdd = new CredDAO.Data();
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java
index fdf2447d..0a4a4abb 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -33,7 +33,7 @@ public abstract class Code extends HttpCode<AuthzTrans,Facade1_0> implements Clo
// Note, the first "Code" will be created with default Facade, "JSON".
// use clone for another Code with XML
}
-
+
public <D extends Code> D clone(Facade1_0 facade) throws Exception {
@SuppressWarnings("unchecked")
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
index cdd501ce..eaee6dc5 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -31,9 +31,9 @@ import org.onap.aaf.auth.validation.Validator;
/**
* Validator
* Consistently apply content rules for content (incoming)
- *
- * Note: We restrict content for usability in URLs (because RESTful service), and avoid
- * issues with Regular Expressions, and other enabling technologies.
+ *
+ * Note: We restrict content for usability in URLs (because RESTful service), and avoid
+ * issues with Regular Expressions, and other enabling technologies.
* @author Jonathan
*
*/
@@ -49,12 +49,12 @@ public class CertmanValidator extends Validator{
private static final String IS_NULL = " is null.";
private static final String ARTIFACTS_MUST_HAVE_AT_LEAST = "Artifacts must have at least ";
private static final Pattern ALPHA_NUM = Pattern.compile("[a-zA-Z0-9]*");
-
+
private static boolean disallowTmp = true;
public static void allowTmp() {
disallowTmp=false;
}
-
+
public CertmanValidator nullBlankMin(String name, List<String> list, int min) {
if (list==null) {
msg(name + IS_NULL);
@@ -97,7 +97,7 @@ public class CertmanValidator extends Validator{
}
return this;
}
-
+
private CertmanValidator allRequired(Data a) {
if (a==null) {
msg("Artifact is null.");
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/JU_AAF_CM.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/JU_AAF_CM.java
index 9f7497e0..39681cfa 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/JU_AAF_CM.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/JU_AAF_CM.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -65,20 +65,20 @@ public class JU_AAF_CM {
@Mock
AuthzEnv env;
-
+
BasicEnv baseEnv;
-
+
@Mock
PropAccess access;
-
+
AuthzTransImpl1 trans;
-
+
AAF_CMImpl rosettaObj = null;
-
+
@Before
public void setUp() {
initMocks(this);
-
+
try {
Mockito.doReturn(access).when(env).access();
Mockito.doReturn("test.test").when(access).getProperty(Config.AAF_ROOT_NS,"org.osaaf.aaf");
@@ -95,7 +95,7 @@ public class JU_AAF_CM {
Mockito.doReturn(trans).when(env).newTrans();
// Mockito.doReturn("test").when(trans).getProperty("cm_ca.props.baseSubject",null);
// Mockito.doReturn(Mockito.mock(TimeTaken.class)).when(trans).start("Clear Reset Deque",8);
-
+
Mockito.doReturn("TLSv1.1").when(access).getProperty("cadi_protocols","test");
Mockito.doReturn("https://www.google.com").when(access).getProperty(Config.AAF_URL,null);
Mockito.doReturn("test").when(env).getProperty(Config.AAF_ENV);
@@ -126,10 +126,10 @@ public class JU_AAF_CM {
PowerMockito.mockStatic(FacadeFactory.class);
FacadeFactory factObj = PowerMockito.mock(FacadeFactory.class);
PowerMockito.when(factObj.v1_0(tempObj,trans, null,Data.TYPE.JSON)).thenReturn(facadeObj);
-
+
// Mockito.doReturn(Mockito.mock(Mapper.class)).when(facadeObj).mapper();
-
+
rosettaObj = new AAF_CMImpl(env);
} catch (Exception e) {
// TODO Auto-generated catch block
@@ -137,13 +137,13 @@ public class JU_AAF_CM {
assertTrue(e instanceof NullPointerException);
}
}
-
+
@Test
public void testTestCA() {
CA obj = rosettaObj.getCA("props");
assertTrue(obj instanceof CA);
}
-
+
// @Test
// public void testRoute() {
// try {
@@ -155,7 +155,7 @@ public class JU_AAF_CM {
//// System.out.println(obj);
//// assertTrue(obj instanceof CA);
// }
-
+
@Test
public void testFilters() {
try {
@@ -168,31 +168,31 @@ public class JU_AAF_CM {
}
// assertTrue(obj instanceof CA);
}
-
+
class AAF_CMImpl extends AAF_CM{
public AAF_CMImpl(AuthzEnv env) throws Exception {
super(env);
// TODO Auto-generated constructor stub
}
-
+
@Override
public synchronized AAFConHttp aafCon() throws CadiException, LocatorException {
return Mockito.mock(AAFConHttp.class);
}
-
+
public CMService getService() {
return Mockito.mock(CMService.class);
}
-
+
@Override
public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
-
+
}
}
-
-
-
+
+
+
class AuthzTransImpl1 extends AuthzTransImpl{
public AuthzTransImpl1(AuthzEnv env) {
@@ -204,22 +204,22 @@ public class JU_AAF_CM {
protected TimeTaken newTimeTaken(String name, int flag, Object ... values) {
// TODO Auto-generated method stub
TimeTaken tt= new TimeTaken("nameTest", Env.XML) {
-
+
@Override
public void output(StringBuilder sb) {
// TODO Auto-generated method stub
-
+
}
};
return tt;
}
-
+
@Override
public Metric auditTrail(int indent, StringBuilder sb, int ... flag) {
return null;
}
-
+
}
-
+
}
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java
index 31ee0727..c6a78b38 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java
@@ -7,9 +7,9 @@
* * Licensed under the Apache License, Version 2.0 (the "License");
* * you may not use this file except in compliance with the License.
* * You may obtain a copy of the License at
- * *
+ * *
* * http://www.apache.org/licenses/LICENSE-2.0
- * *
+ * *
* * Unless required by applicable law or agreed to in writing, software
* * distributed under the License is distributed on an "AS IS" BASIS,
* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -42,19 +42,19 @@ import junit.framework.Assert;
@RunWith(MockitoJUnitRunner.class)
public class JU_API_Artifact {
-
+
@Mock
private static API_Artifact api;
-
+
@Mock
private static AAF_CM certManApi;
-
+
private static AAF_CM noMockAPI;
private static API_Artifact api_1;
-
+
private static HttpServletRequest req;
private static HttpServletResponse res;
-
+
@BeforeClass
public static void setUp() {
AuthzTrans trans = mock(AuthzTrans.class);
@@ -63,18 +63,18 @@ public class JU_API_Artifact {
trans.setProperty("testTag", "UserValue");
trans.set(req,res);
}
-
+
@Rule
public ExpectedException thrown= ExpectedException.none();
-
+
@Test
public void placeholder() {
Assert.assertTrue(true);
}
-
+
/*
* These fail in builds. Need something better.
- *
+ *
* Also, they don't do much. Just catch some null pointers.
@Test
public void init_bothValued() {
@@ -85,7 +85,7 @@ public class JU_API_Artifact {
e.printStackTrace();
}
}
-
+
@Test
public void init_Null_() {
try {
@@ -95,7 +95,7 @@ public class JU_API_Artifact {
e.printStackTrace();
}
}
-
+
@Test
public void init_NMC_Null() {
try {
@@ -105,7 +105,7 @@ public class JU_API_Artifact {
e.printStackTrace();
}
}
-
+
@Test
public void init_NMC() {
try {
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java
index 674e4edf..4c7888dc 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java
@@ -7,9 +7,9 @@
* * Licensed under the Apache License, Version 2.0 (the "License");
* * you may not use this file except in compliance with the License.
* * You may obtain a copy of the License at
- * *
+ * *
* * http://www.apache.org/licenses/LICENSE-2.0
- * *
+ * *
* * Unless required by applicable law or agreed to in writing, software
* * distributed under the License is distributed on an "AS IS" BASIS,
* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -42,19 +42,19 @@ import org.onap.aaf.auth.env.AuthzTrans;
@RunWith(MockitoJUnitRunner.class)
public class JU_API_Cert {
-
+
@Mock
private static API_Cert api;
-
+
@Mock
private static AAF_CM certManApi;
-
+
private static AAF_CM noMockAPI;
private static API_Cert api_1;
-
+
private static HttpServletRequest req;
private static HttpServletResponse res;
-
+
@BeforeClass
public static void setUp() {
AuthzTrans trans = mock(AuthzTrans.class);
@@ -63,10 +63,10 @@ public class JU_API_Cert {
trans.setProperty("testTag", "UserValue");
trans.set(req,res);
}
-
+
@Rule
public ExpectedException thrown= ExpectedException.none();
-
+
@Test
public void init_bothValued() {
try {
@@ -76,7 +76,7 @@ public class JU_API_Cert {
e.printStackTrace();
}
}
-
+
@Test
public void init_Null_() {
try {
@@ -86,7 +86,7 @@ public class JU_API_Cert {
e.printStackTrace();
}
}
-
+
@Test
public void init_NMC_Null() {
try {
@@ -96,7 +96,7 @@ public class JU_API_Cert {
e.printStackTrace();
}
}
-
+
@Test
public void init_NMC() {
try {
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java
index 48c81c50..5d91d704 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java
@@ -7,9 +7,9 @@
* * Licensed under the Apache License, Version 2.0 (the "License");
* * you may not use this file except in compliance with the License.
* * You may obtain a copy of the License at
- * *
+ * *
* * http://www.apache.org/licenses/LICENSE-2.0
- * *
+ * *
* * Unless required by applicable law or agreed to in writing, software
* * distributed under the License is distributed on an "AS IS" BASIS,
* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -61,23 +61,23 @@ import org.onap.aaf.misc.env.Trans;
//TODO: Gabe [JUnit] Import does not exist
@RunWith(MockitoJUnitRunner.class)
public class JU_AppCA {
-
+
@Mock
private static CachedCertDAO certDAO;
-
+
@Mock
private static HttpServletRequest req;
-
+
@Mock
private static CSRMeta csrMeta;
-
+
static Trans trans;
-
+
static X509andChain cert1;
static byte [] name = {1,23,4,54,6,56};
-
+
private static LocalCA localCA;
-
+
@BeforeClass
public static void setUp() throws CertificateException, CertException, IOException {
String str = "core java api";
@@ -86,196 +86,196 @@ public class JU_AppCA {
req = mock(HttpServletRequest.class);
localCA = mock(LocalCA.class);
X509Certificate cert = new X509Certificate() {
-
+
@Override
public boolean hasUnsupportedCriticalExtension() {
return false;
}
-
+
@Override
public Set<String> getNonCriticalExtensionOIDs() {
-
+
return null;
}
-
+
@Override
public byte[] getExtensionValue(String oid) {
-
+
return null;
}
-
+
@Override
public Set<String> getCriticalExtensionOIDs() {
-
+
return null;
}
-
+
@Override
public void verify(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException,
InvalidKeyException, NoSuchProviderException, SignatureException {
-
-
+
+
}
-
+
@Override
public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException,
NoSuchProviderException, SignatureException {
-
-
+
+
}
-
+
@Override
public String toString() {
-
+
return null;
}
-
+
@Override
public PublicKey getPublicKey() {
-
+
return null;
}
-
+
@Override
public byte[] getEncoded() throws CertificateEncodingException {
-
+
return null;
}
-
+
@Override
public int getVersion() {
-
+
return 0;
}
-
+
@Override
public byte[] getTBSCertificate() throws CertificateEncodingException {
-
+
return null;
}
-
+
@Override
public boolean[] getSubjectUniqueID() {
-
+
return null;
}
-
+
@Override
public Principal getSubjectDN() {
-
+
return null;
}
-
+
@Override
public byte[] getSignature() {
-
+
return null;
}
-
+
@Override
public byte[] getSigAlgParams() {
-
+
return null;
}
-
+
@Override
public String getSigAlgOID() {
-
+
return null;
}
-
+
@Override
public String getSigAlgName() {
-
+
return null;
}
-
+
@Override
public BigInteger getSerialNumber() {
-
+
return null;
}
-
+
@Override
public Date getNotBefore() {
-
+
return null;
}
-
+
@Override
public Date getNotAfter() {
-
+
return null;
}
-
+
@Override
public boolean[] getKeyUsage() {
-
+
return null;
}
-
+
@Override
public boolean[] getIssuerUniqueID() {
-
+
return null;
}
-
+
@Override
public Principal getIssuerDN() {
-
+
return null;
}
-
+
@Override
public int getBasicConstraints() {
-
+
return 0;
}
-
+
@Override
public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
-
-
+
+
}
-
+
@Override
public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
-
+
}
};
X509andChain xac = new X509andChain(cert, new ArrayList<>());
when(localCA.sign(Mockito.any(Trans.class), Mockito.any(CSRMeta.class))).thenReturn(xac);
certDAO = mock(CachedCertDAO.class, CALLS_REAL_METHODS);
}
-
+
@Test
public void identity_True() throws CertificateException, IOException, CertException {
assertNotNull(localCA.sign(trans, csrMeta));
}
-
-
+
+
@Test
public void identityNull() throws CertificateException {
try {
assertNotNull(localCA.sign(null, csrMeta));
} catch (IOException e) {
-
+
e.printStackTrace();
} catch (CertException e) {
-
+
e.printStackTrace();
}
}
-
+
@Test
public void identityBothNull() throws CertificateException {
try {
assertNotNull(localCA.sign(null, null));
} catch (IOException e) {
-
+
e.printStackTrace();
} catch (CertException e) {
-
+
e.printStackTrace();
}
}
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainTest.java
index 4c6f7585..2560b4bf 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainTest.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainTest.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainWithIssuerTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainWithIssuerTest.java
index dbae3fcd..c1b0f94f 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainWithIssuerTest.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_X509ChainWithIssuerTest.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java
index b5f35c3a..7e0a0845 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java
@@ -7,9 +7,9 @@
* * Licensed under the Apache License, Version 2.0 (the "License");
* * you may not use this file except in compliance with the License.
* * You may obtain a copy of the License at
- * *
+ * *
* * http://www.apache.org/licenses/LICENSE-2.0
- * *
+ * *
* * Unless required by applicable law or agreed to in writing, software
* * distributed under the License is distributed on an "AS IS" BASIS,
* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -48,19 +48,19 @@ import org.onap.aaf.misc.env.Trans;
@RunWith(MockitoJUnitRunner.class)
public class JU_BCFactory {
-
+
private static BCFactory bcFactory = new BCFactory();
-
+
private static BCFactory bcFact;
-
+
private static PrivateKey pk;
-
-
+
+
private static Trans trans;
-
-
+
+
private static PKCS10CertificationRequest req;
-
+
@BeforeClass
public static void setUp() throws IOException {
pk = new XYZKey();
@@ -68,29 +68,29 @@ public class JU_BCFactory {
req = mock(PKCS10CertificationRequest.class);
when(req.getEncoded()).thenReturn(new byte[1]);
when(trans.start(Mockito.anyString(), Mockito.anyInt())).thenReturn(new TimeTaken(null, 0) {
-
+
@Override
public void output(StringBuilder sb) {
// TODO Auto-generated method stub
-
+
}
});
bcFact = mock(BCFactory.class);
}
-
+
@Test
public void toStrin() throws OperatorCreationException, IOException, CertException {
assertNotNull(bcFactory.toString(req));
}
-
+
@Test
public void toStrinMoc() throws OperatorCreationException, IOException, CertException {
assertNotNull(bcFact.toString(req));
}
-
+
@Rule
public ExpectedException thrown= ExpectedException.none();
-
+
@Test
public void toCSR() {
try {
@@ -100,11 +100,11 @@ public class JU_BCFactory {
e.printStackTrace();
}
}
-
+
}
class XYZKey implements Key, PublicKey, PrivateKey {
-
+
int rotValue;
public XYZKey() {
rotValue = 1200213;
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertReqTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertReqTest.java
index 8b33036f..ea7f5a86 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertReqTest.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertReqTest.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertRespTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertRespTest.java
index 37519a30..3424de06 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertRespTest.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/data/JU_CertRespTest.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java
index a9806439..7db1778d 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java
@@ -7,9 +7,9 @@
* * Licensed under the Apache License, Version 2.0 (the "License");
* * you may not use this file except in compliance with the License.
* * You may obtain a copy of the License at
- * *
+ * *
* * http://www.apache.org/licenses/LICENSE-2.0
- * *
+ * *
* * Unless required by applicable law or agreed to in writing, software
* * distributed under the License is distributed on an "AS IS" BASIS,
* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -53,7 +53,7 @@ import org.onap.aaf.misc.env.TimeTaken;
@RunWith(MockitoJUnitRunner.class)
public class JU_FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> {
-
+
private static AuthzTrans trans;
private static HttpServletResponse resp;
private static AAF_CM certman;
@@ -62,10 +62,10 @@ public class JU_FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> {
private Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper;
private Data.TYPE dataType;
private static AuthzEnv env;
-
+
private static FacadeImpl fImpl;
private static HttpServletRequest req;
-
+
@Before
public void setUp() throws APIException, IOException {
fImpl = mock(FacadeImpl.class);
@@ -76,111 +76,111 @@ public class JU_FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> {
Result<Void> rvd = (Result) mock(Result.class);
trans = mock(AuthzTrans.class);
when(trans.error()).thenReturn(new LogTarget() {
-
+
@Override
public void printf(String fmt, Object... vars) {}
-
+
@Override
public void log(Throwable e, Object... msgs) {
e.getMessage();
//e.printStackTrace();
msgs.toString();
-
+
}
-
+
@Override
public void log(Object... msgs) {
}
-
+
@Override
public boolean isLoggable() {
-
+
return false;
}
});
when(trans.start(Mockito.anyString(), Mockito.anyInt())).thenReturn(new TimeTaken("Now", 1) {
-
+
@Override
public void output(StringBuilder sb) {
-
+
}
});
when(fImpl.check(Mockito.any(AuthzTrans.class), Mockito.any(HttpServletResponse.class), Mockito.anyString())).thenReturn(rvd);
when(resp.getOutputStream()).thenReturn(new ServletOutputStream() {
-
+
@Override
public void write(int b) throws IOException {
-
-
+
+
}
});
-
+
}
-
+
@Test
public void check() throws IOException {
AAFPermission ap = new AAFPermission("str0","str1","str3","str2");
String perms = ap.getInstance();
assertNotNull(hImpl.check(trans, resp, perms));
}
-
+
@Test
public void checkNull() throws IOException {
AAFPermission ap = new AAFPermission(null,null,"Str3","str2");
String perms = ap.getInstance();
assertNotNull(hImpl.check(trans, resp, perms));
}
-
+
@Test
public void checkTwoNull() throws IOException {
AAFPermission ap = new AAFPermission(null,null,null,"str2");
String perms = ap.getInstance();
assertNotNull(fImpl.check(trans, resp, perms));
}
-
+
@Test
public void checkAllNull() throws IOException {
AAFPermission ap = new AAFPermission(null,null,null,null);
String perms = ap.getInstance();
assertNotNull(fImpl.check(trans, resp, perms));
}
-
+
@Test
public void checkTrans_null() throws IOException {
AAFPermission ap = new AAFPermission("str0","str1","str3","str2");
String perms = ap.getInstance();
assertNotNull(hImpl.check(null, resp, perms));
}
-
+
@Test
public void checkRespNull() throws IOException {
AAFPermission ap = new AAFPermission("str0","str1","str3","str2");
String perms = ap.getInstance();
assertNotNull(hImpl.check(trans, null, perms));
}
-
+
@Test
- public void requestCert() {
+ public void requestCert() {
assertNotNull(hImpl.requestCert(trans, req, resp, null));
}
-
+
@Test
- public void renewCert() {
+ public void renewCert() {
assertNotNull(hImpl.renewCert(trans, req, resp, true));
}
-
+
@Test
- public void dropCert() {
+ public void dropCert() {
assertNotNull(hImpl.renewCert(trans, req, resp, true));
}
-
+
@Test
- public void createArtifacts() {
+ public void createArtifacts() {
assertNotNull(hImpl.createArtifacts(trans, req, resp));
}
-
+
@Test
- public void readArtifacts() {
+ public void readArtifacts() {
assertNotNull(hImpl.readArtifacts(trans, req, resp));
}
}
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java
index 80c9dbcc..f23acd83 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -54,14 +54,14 @@ public class CertmanTest {
// for (Item item = loc.first(); item!=null; item=loc.next(item)) {
// System.out.println(loc.get(item));
// }
-//
-//
+//
+//
// SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(env, HttpURLConnection.class);
-// ss = new HBasicAuthSS(si,"m12345@aaf.att.com",
+// ss = new HBasicAuthSS(si,"m12345@aaf.att.com",
// env.decrypt("enc:gvptdJyo0iKdVZw2rzMb0woxa7YKMdqLuhfQ4OQfZ8k",false));
// env.decrypt("enc:jFfAnO3mOKb9Gzm2OFysslmXpbnyuAxuoNJK",false), si);
// SecuritySetter<HttpURLConnection> ss = new X509SS(si, "aaf");
-
+
// hman = new HMangr(env,loc);
//
// reqDF = env.newDataFactory(CertificateRequest.class);
@@ -85,13 +85,13 @@ public class CertmanTest {
// @Test
// public void testX500Name() throws Exception {
-//
+//
// for ( InetAddress ia : InetAddress.getAllByName("aaf.dev.att.com")) {
// System.out.printf("%s - %s\n", ia.getHostName(), ia.getHostAddress());
// InetAddress ia1 = InetAddress.getByName(ia.getHostAddress());
// System.out.printf("%s - %s\n", ia1.getHostName(), ia1.getHostAddress());
// }
-//
+//
// hman.best(ss, new Retryable<Void>() {
// @Override
// public Void code(Rcli<?> client) throws APIException, CadiException {
@@ -101,7 +101,7 @@ public class CertmanTest {
// cr.getFqdns().add("mithrilcsp.sbc.com");
// cr.getFqdns().add("zld01907.vci.att.com");
// cr.getFqdns().add("aaftest.test.att.com");
-//
+//
// String path = "/cert/local"; // Local Test
//// String path = "/cert/aaf"; // Official CA
// long end=0,start = System.nanoTime();
@@ -131,12 +131,12 @@ public class CertmanTest {
// return null;
// }
// });
-//
-//
+//
+//
// }
//
// public X500Principal ephemeral() {
// return null;
// }
-
+
}