summaryrefslogtreecommitdiffstats
path: root/auth/auth-oauth/src/main/java
diff options
context:
space:
mode:
Diffstat (limited to 'auth/auth-oauth/src/main/java')
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java44
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java20
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java8
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java8
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java12
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java10
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java4
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java4
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectOAFacadeImpl.java4
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java12
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java8
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java8
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java54
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java10
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java22
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java4
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java6
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java4
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java6
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java24
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java4
21 files changed, 138 insertions, 138 deletions
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java
index b4c9f97b..6f04ed5f 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -72,36 +72,36 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> {
private final OAuthService service;
private OAFacade1_0 facade1_0;
private final Question question;
- private TokenPermLoader tpLoader;
+ private TokenPermLoader tpLoader;
private final Cluster cluster;
-
+
/**
* Construct AuthzAPI with all the Context Supporting Routes that Authz needs
- *
+ *
* @param env
- * @param si
- * @param dm
- * @param decryptor
- * @throws APIException
+ * @param si
+ * @param dm
+ * @param decryptor
+ * @throws APIException
*/
public AAF_OAuth(final AuthzEnv env) throws Exception {
super(env.access(),env);
-
+
String aaf_env = env.getProperty(Config.AAF_ENV);
if (aaf_env==null) {
throw new APIException("aaf_env needs to be set");
}
-
+
// Initialize Facade for all uses
AuthzTrans trans = env.newTrans();
cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
-
+
aafLurPerm = aafCon().newLur();
// Note: If you need both Authn and Authz construct the following:
aafAuthn = aafCon().newAuthn(aafLurPerm);
// Start Background Processing
- // Question question =
+ // Question question =
question = new Question(trans, cluster, CassAccess.KEYSPACE);
question.startTimers(env);
@@ -114,21 +114,21 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> {
StringBuilder sb = new StringBuilder();
trans.auditTrail(2, sb);
trans.init().log(sb);
-
+
API_Token.init(this, facade1_0);
}
-
+
/**
* Setup XML and JSON implementations for each supported Version type
- *
+ *
* We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
* to do Versions and Content switches
- *
+ *
*/
public void route(HttpMethods meth, String path, API api, HttpCode<AuthzTrans, OAFacade<Introspect>> code) throws Exception {
String version = "1.0";
// Get Correct API Class from Mapper
- Class<?> respCls = facade1_0.mapper().getClass(api);
+ Class<?> respCls = facade1_0.mapper().getClass(api);
if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
// setup Application API HTML ContentTypes for JSON and Route
String application = applicationJSON(respCls, version);
@@ -138,7 +138,7 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> {
route(env,meth,path,code,application,"application/json;version="+version,"*/*");
}
}
-
+
@Override
public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
try {
@@ -150,7 +150,7 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> {
if (additionalTafLurs.length>0) {
System.arraycopy(additionalTafLurs, 0, atl, 2, additionalTafLurs.length);
}
-
+
return new Filter[] {
new AuthzTransFilter(env,aafCon(),
new AAFTrustChecker((Env)env),
@@ -160,7 +160,7 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> {
throw new CadiException("Invalid Property information", e);
}
}
-
+
@SuppressWarnings("unchecked")
@Override
public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException {
@@ -181,7 +181,7 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> {
}
super.destroy();
}
-
+
// For use in CADI ONLY
public TokenMgr.TokenPermLoader tpLoader() {
return tpLoader;
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java
index 3d863824..45a70e9e 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -80,7 +80,7 @@ public class DirectOAuthTAF implements HttpTaf {
String[] split = Split.split(',', alt_url);
int timeout = split.length>1?Integer.parseInt(split[1]):3000;
altIntrospectClient = tcf.newClient(split[0], timeout);
- altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null),
+ altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null),
access.getProperty(Config.AAF_ALT_CLIENT_SECRET,null));
} catch (GeneralSecurityException | IOException | LocatorException e) {
throw new CadiException(e);
@@ -125,7 +125,7 @@ public class DirectOAuthTAF implements HttpTaf {
password=s;
}
break;
- case "token":
+ case "token":
if (token!=null) { // Defined as both Bearer and Form Encoded - Error
return new OAuth2HttpTafResp(access, null, "Token Info found as both Bearer Token and Form Info", RESP.FAIL, resp, true);
}
@@ -136,12 +136,12 @@ public class DirectOAuthTAF implements HttpTaf {
// Ignore others
}
}
-
+
if (client_id==null || client_secret==null) {
return new OAuth2HttpTafResp(access, null, "client_id and client_secret required", RESP.TRY_ANOTHER_TAF, resp, false);
}
-
- if (token==null) { // No Token to work with, use only Client_ID and Client_Secret
+
+ if (token==null) { // No Token to work with, use only Client_ID and Client_Secret
AuthzTrans trans = (AuthzTrans)req.getAttribute(TransFilter.TRANS_TAG);
if (directUserPass.validate(client_id, Type.PASSWORD, client_secret.getBytes(), trans)) {
@@ -166,8 +166,8 @@ public class DirectOAuthTAF implements HttpTaf {
return new OAuth2HttpTafResp(access,null,"OAuth client_id " + client_id + " not authenticated ",RESP.FAIL,resp,true);
}
}
- }
-
+ }
+
// OK, have only a Token to validate
if (token!=null) {
AuthzTrans trans = (AuthzTrans)req.getAttribute(TransFilter.TRANS_TAG);
@@ -205,7 +205,7 @@ public class DirectOAuthTAF implements HttpTaf {
public ServiceTPL(AuthzTrans atrans) {
trans = atrans;
}
-
+
@Override
public org.onap.aaf.cadi.client.Result<TokenPerm> load(String accessToken, byte[] cred) throws APIException, CadiException, LocatorException {
Result<Introspect> ri = oaFacade.mappedIntrospect(trans, accessToken);
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java
index a0381c3e..082c0fb2 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -33,7 +33,7 @@ public abstract class OACode extends HttpCode<AuthzTrans, OAFacade<Introspect>>
super(facade, description, roles);
this.useJSON = useJSON;
}
-
+
public <D extends OACode> D clone(OAFacade<Introspect> facade, boolean useJSON) throws Exception {
@SuppressWarnings("unchecked")
D d = (D)clone();
@@ -41,5 +41,5 @@ public abstract class OACode extends HttpCode<AuthzTrans, OAFacade<Introspect>>
d.context = facade;
return d;
}
-
+
} \ No newline at end of file
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java
index 9777f564..a3242ec8 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -46,8 +46,8 @@ public class OAuth2Filter implements Filter {
HttpServletRequest hreq = (HttpServletRequest)request;
Principal p = hreq.getUserPrincipal();
if (request.getContentType().equals("application/x-www-form-urlencoded")) {
-
- } else if (p instanceof BearerPrincipal) {
+
+ } else if (p instanceof BearerPrincipal) {
for (String authz : Split.splitTrim(';', hreq.getHeader("Authorization"))) {
if (authz.startsWith("Bearer ")) {
((BearerPrincipal)p).setBearer(authz.substring(7));
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java
index f63daf89..2d76248e 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -36,23 +36,23 @@ public class OAuth2FormHttpTafResp extends AbsTafResp implements TafResp {
private HttpServletResponse httpResp;
private RESP status;
private final boolean wasFailed;
-
+
public OAuth2FormHttpTafResp(Access access, OAuth2FormPrincipal principal, String desc, RESP status, HttpServletResponse resp, boolean wasFailed) {
super(access,tafName,principal, desc);
httpResp = resp;
- this.status = status;
+ this.status = status;
this.wasFailed = wasFailed;
}
public OAuth2FormHttpTafResp(Access access, TrustPrincipal principal, String desc, RESP status,HttpServletResponse resp) {
super(access,tafName,principal, desc);
httpResp = resp;
- this.status = status;
+ this.status = status;
wasFailed = true; // if Trust Principal added, must be good
}
public RESP authenticate() throws IOException {
- httpResp.setStatus(401); // Unauthorized
+ httpResp.setStatus(401); // Unauthorized
return RESP.HTTP_REDIRECT_INVOKED;
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java
index 0ed4fbed..4babaf6b 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -42,10 +42,10 @@ import aafoauth.v2_0.Introspect;
public class API_Token {
// Hide Public Constructor
private API_Token() {}
-
+
/**
* Normal Init level APIs
- *
+ *
* @param authzAPI
* @param facade
* @throws Exception
@@ -65,7 +65,7 @@ public class API_Token {
}
}
});
-
+
authzAPI.route(HttpMethods.POST,"/introspect",API.INTROSPECT,new OACode(facade,"AAF Token Information", true) {
@Override
public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java
index 6aec5feb..3127ba18 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java
index 36f08b15..db401c78 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectOAFacadeImpl.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectOAFacadeImpl.java
index f71f7c15..a2a5b230 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectOAFacadeImpl.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectOAFacadeImpl.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java
index 23011d27..15ae4b1a 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -30,14 +30,14 @@ import org.onap.aaf.auth.oauth.service.OAuthService;
/**
- *
+ *
* @author Jonathan
*
*/
public interface OAFacade<INTROSPECT> {
///////////////////// STANDARD ELEMENTS //////////////////
- /**
+ /**
* @param trans
* @param response
* @param result
@@ -45,7 +45,7 @@ public interface OAFacade<INTROSPECT> {
public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result);
/**
- *
+ *
* @param trans
* @param response
* @param status
@@ -57,7 +57,7 @@ public interface OAFacade<INTROSPECT> {
public Result<Void> introspect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
public OAuthService service();
-
+
///////////////////// STANDARD ELEMENTS //////////////////
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java
index b0776d94..451ffbe0 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -37,9 +37,9 @@ import aafoauth.v2_0.TokenRequest;
*
*/
public class OAFacade1_0 extends OAFacadeImpl<TokenRequest,Token,Introspect,Error> {
- public OAFacade1_0(AAF_OAuth api,
+ public OAFacade1_0(AAF_OAuth api,
OAuthService service,
- Mapper<TokenRequest,Token,Introspect,Error> mapper,
+ Mapper<TokenRequest,Token,Introspect,Error> mapper,
Data.TYPE type) throws APIException {
super(api, service, mapper, type);
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java
index 11b7217e..0de4ae20 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -38,9 +38,9 @@ public class OAFacadeFactory {
certman,
service,
new Mapper1_0(),
- type);
+ type);
}
-
+
public static DirectIntrospect<Introspect> directV1_0(OAuthService service) {
return new DirectIntrospectImpl<Introspect>(service, new MapperIntrospect1_0());
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java
index 63306641..221508e9 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -61,7 +61,7 @@ import aaf.v2_0.Perms;
/**
* AuthzFacade
- *
+ *
* This Service Facade encapsulates the essence of the API Service can do, and provides
* a single created object for elements such as RosettaDF.
*
@@ -72,14 +72,14 @@ import aaf.v2_0.Perms;
* a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.
* 4) Log Service info, warnings and exceptions as necessary
* 5) When asked by the API layer, this will create and write Error content to the OutputStream
- *
- * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be
+ *
+ * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be
* clearly coordinated with the API Documentation
- *
+ *
* @author Jonathan
*
*/
-public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
+public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
extends DirectIntrospectImpl<INTROSPECT> implements OAFacade<INTROSPECT> {
private static final String INVALID_INPUT = "Invalid Input";
private final RosettaDF<TOKEN> tokenDF;
@@ -88,9 +88,9 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
private final RosettaDF<ERROR> errDF;
public final RosettaDF<Perms> permsDF;
private final Mapper<TOKEN_REQ, TOKEN, INTROSPECT, ERROR> mapper;
-
+
public OAFacadeImpl(AAF_OAuth api,
- OAuthService service,
+ OAuthService service,
Mapper<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> mapper,
Data.TYPE dataType) throws APIException {
super(service, mapper);
@@ -102,13 +102,13 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
(permsDF = env.newDataFactory(Perms.class)).in(dataType).out(dataType);
(errDF = env.newDataFactory(mapper.getClass(API.ERROR))).in(dataType).out(dataType);
}
-
+
///////////////////////////
// Tokens
///////////////////////////
public static final String CREATE_TOKEN = "createToken";
public static final String INTROSPECT = "introspect";
-
+
/* (non-Javadoc)
* @see org.onap.aaf.auth.oauth.facade.OAFacade#getToken(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, org.onap.aaf.auth.oauth.service.OAuthAPI)
*/
@@ -145,7 +145,7 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
rp = Result.err(rs);
}
switch(rp.status) {
- case OK:
+ case OK:
RosettaData<TOKEN> data = tokenDF.newData(trans).load(rp.value);
if (Question.willSpecialLog(trans, trans.user())) {
Question.logEncryptTrace(trans,data.asString());
@@ -186,10 +186,10 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
setContentType(resp,tokenDF.getOutType());
return Result.ok();
} else if (p instanceof OAuth2FormPrincipal) {
- token = req.getParameter("token");
+ token = req.getParameter("token");
}
}
-
+
if (token==null) {
token = req.getParameter("access_token");
if (token==null || token.isEmpty()) {
@@ -207,7 +207,7 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
Result<INTROSPECT> rti = mappedIntrospect(trans,token);
switch(rti.status) {
- case OK:
+ case OK:
RosettaData<INTROSPECT> data = introspectDF.newData(trans).load(rti.value);
if (Question.willSpecialLog(trans, trans.user())) {
Question.logEncryptTrace(trans,data.asString());
@@ -226,11 +226,11 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
tt.done();
}
}
-
+
/* (non-Javadoc)
* @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int)
- *
+ *
* Note: Conforms to AT&T TSS RESTful Error Structure
*/
@Override
@@ -239,7 +239,7 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
result.details==null?"":result.details.trim(),
result.variables==null?Result.EMPTY_VARS:result.variables);
}
-
+
@Override
public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final Object ... _detail) {
String msgId;
@@ -261,7 +261,7 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
prefix = "Forbidden";
response.setStatus(/*httpstatus=*/403);
break;
-
+
case 404:
case ERR_NotFound:
msgId = "SVC1404";
@@ -275,21 +275,21 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
prefix = "Not Acceptable";
response.setStatus(/*httpstatus=*/406);
break;
-
+
case 409:
case ERR_ConflictAlreadyExists:
msgId = "SVC1409";
prefix = "Conflict Already Exists";
response.setStatus(/*httpstatus=*/409);
break;
-
+
case 501:
case ERR_NotImplemented:
msgId = "SVC1501";
- prefix = "Not Implemented";
+ prefix = "Not Implemented";
response.setStatus(/*httpstatus=*/501);
break;
-
+
default:
msgId = "SVC1500";
@@ -303,7 +303,7 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
StringBuilder holder = new StringBuilder();
ERROR em = mapper.errorFromMessage(holder, msgId,prefix + ": " + _msg,_detail);
trans.checkpoint(
- "ErrResp [" +
+ "ErrResp [" +
msgId +
"] " +
holder.toString(),
@@ -313,16 +313,16 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
em = mapper.errorFromMessage(holder, msgId, "Server had an issue processing this request");
}
errDF.newData(trans).load(em).to(response.getOutputStream());
-
+
} catch (Exception e) {
trans.error().log(e,"unable to send response for",_msg);
}
}
-
+
public Mapper<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> mapper() {
return mapper;
}
-
+
/* (non-Javadoc)
* @see org.onap.aaf.auth.oauth.facade.OAFacade#service()
*/
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java
index d741469c..95f0217b 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -31,16 +31,16 @@ import org.onap.aaf.cadi.client.Holder;
import org.onap.aaf.cadi.oauth.OAuth2Principal;
public interface Mapper<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> extends MapperIntrospect<INTROSPECT>
-{
+{
public enum API{TOKEN_REQ, TOKEN,INTROSPECT, ERROR,VOID};
-
+
public Class<?> getClass(API api);
public<A> A newInstance(API api);
public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, Object ... detail);
public TOKEN_REQ tokenReqFromParams(HttpServletRequest req);
public OCreds credsFromReq(TOKEN_REQ tokReq);
-
+
public OAuthTokenDAO.Data clientTokenReq(TOKEN_REQ tokReq, Holder<GRANT_TYPE> hgt);
public Result<TOKEN> tokenFromData(Result<OAuthTokenDAO.Data> rs);
public INTROSPECT fromPrincipal(OAuth2Principal p);
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java
index d4852c1a..ddc306c4 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -49,7 +49,7 @@ public class Mapper1_0 extends MapperIntrospect1_0 implements Mapper<TokenReques
@Override
public Class<?> getClass(API api) {
switch(api) {
- case TOKEN_REQ: return TokenRequest.class;
+ case TOKEN_REQ: return TokenRequest.class;
case TOKEN: return Token.class;
case INTROSPECT: return Introspect.class;
case ERROR: return Error.class;
@@ -134,12 +134,12 @@ public class Mapper1_0 extends MapperIntrospect1_0 implements Mapper<TokenReques
}
break;
- }
+ }
}
return data?tr:null;
}
-
-
+
+
/* (non-Javadoc)
* @see org.onap.aaf.auth.oauth.mapper.Mapper#credsFromReq(javax.servlet.http.HttpServletRequest)
@@ -156,19 +156,19 @@ public class Mapper1_0 extends MapperIntrospect1_0 implements Mapper<TokenReques
@Override
public Data clientTokenReq(TokenRequest tokReq, Holder<GRANT_TYPE> hgt) {
OAuthTokenDAO.Data tdd = new OAuthTokenDAO.Data();
- tdd.client_id = tokReq.getClientId();
+ tdd.client_id = tokReq.getClientId();
tdd.user = tokReq.getUsername();
if (tokReq.getRefreshToken()!=null) {
tdd.refresh=tokReq.getRefreshToken();
}
-
+
for (GRANT_TYPE ttt : GRANT_TYPE.values()) {
if (ttt.name().equals(tokReq.getGrantType())) {
hgt.set(ttt);
break;
}
}
-
+
switch(hgt.get()) {
case client_credentials:
case password:
@@ -179,14 +179,14 @@ public class Mapper1_0 extends MapperIntrospect1_0 implements Mapper<TokenReques
tdd.type = CLIENT_TYPE.unknown.ordinal();
break;
}
- String scopes=tokReq.getScope();
+ String scopes=tokReq.getScope();
if (scopes!=null) {
Set<String> ss = tdd.scopes(true);
for (String s: Split.split(' ', tokReq.getScope())) {
ss.add(s);
}
}
-
+
tdd.state = tokReq.getState();
return tdd;
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java
index 27f40ecf..58bd417a 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java
index 33df05fa..05b99c32 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -56,7 +56,7 @@ public class MapperIntrospect1_0 implements MapperIntrospect<Introspect> {
}
return Result.err(rs);
}
-
+
protected static String getScopes(Set<String> scopes) {
StringBuilder sb = new StringBuilder();
boolean start = true;
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java
index 51120870..0126c2e2 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java
index e3179aea..f163f21c 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -89,7 +89,7 @@ public class JSONPermLoaderFactory {
if (pd.notOK()) {
return Result.err(pd);
}
- // Since we know it is
+ // Since we know it is
StringBuilder sb = new StringBuilder("{\"perm\":[");
boolean first = true;
for (PermDAO.Data d : pd.value) {
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java
index 1e4b6cbb..4e1dd5b9 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -54,13 +54,13 @@ import org.onap.aaf.misc.env.APIException;
import aafoauth.v2_0.Introspect;
public class OAuthService {
-
+
private static final int TOK_EXP = 60*60*1000; // 1 hour, millis.
public enum TOKEN_TYPE {unknown,bearer,refresh}
public enum GRANT_TYPE {unknown,password,client_credentials,refresh_token};
public enum CLIENT_TYPE {unknown,confidential};
-
+
// Additional Expires
private final DAO<AuthzTrans, ?>[] daos;
public final OAuthTokenDAO tokenDAO;
@@ -87,7 +87,7 @@ public class OAuthService {
String[] split = Split.split(',', alt_url);
int timeout = split.length>1?Integer.parseInt(split[1]):3000;
altIntrospectClient = tcf.newClient(split[0], timeout);
- altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null),
+ altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null),
access.getProperty(Config.AAF_ALT_CLIENT_SECRET,null));
altDomain = '@'+access.getProperty(Config.AAF_ALT_OAUTH2_DOMAIN,null);
} else {
@@ -97,7 +97,7 @@ public class OAuthService {
} catch (GeneralSecurityException | CadiException | LocatorException e) {
throw new APIException("Could not construct TokenClientFactory",e);
}
-
+
}
public Result<Void> validate(AuthzTrans trans, OCreds creds) {
@@ -119,7 +119,7 @@ public class OAuthService {
return Result.err(Result.ERR_BadData, "Unknown Grant Type");
}
}
-
+
private Result<Data> createBearerToken(AuthzTrans trans, OAuthTokenDAO.Data odd) {
if (odd.user==null) {
odd.user = trans.user();
@@ -131,7 +131,7 @@ public class OAuthService {
odd.expires = new Date(exp=(System.currentTimeMillis()+TOK_EXP));
odd.exp_sec = exp/1000;
odd.req_ip = trans.ip();
-
+
try {
Result<Data> rd = loadToken(trans, odd);
if (rd.notOK()) {
@@ -142,7 +142,7 @@ public class OAuthService {
}
return tokenDAO.create(trans, odd);
}
-
+
private Result<Data> loadToken(AuthzTrans trans, Data odd) throws APIException, CadiException {
Result<String> rs = permLoader.loadJSONPerms(trans,odd.user,odd.scopes(false));
if (rs.isOK()) {
@@ -156,8 +156,8 @@ public class OAuthService {
return Result.err(Result.ERR_Backend,"Error accessing AAF Info: %s",rs.errorString());
}
}
-
-
+
+
private Result<Data> refreshBearerToken(AuthzTrans trans, Data odd) {
Result<List<Data>> rld = tokenDAO.readByUser(trans, trans.user());
@@ -189,7 +189,7 @@ public class OAuthService {
break;
}
}
-
+
if (token==null) {
trans.audit().printf("Duplicate Refresh Token (%s) attempted for %s. Possible Replay Attack",odd.refresh.toString(),trans.user());
return Result.err(Result.ERR_Security,"Invalid Refresh Token");
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java
index af15d4c2..0e10b1b5 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java
@@ -7,9 +7,9 @@
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.