diff options
Diffstat (limited to 'auth/auth-oauth/src/main/java')
21 files changed, 138 insertions, 138 deletions
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java index b4c9f97b..6f04ed5f 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -72,36 +72,36 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> { private final OAuthService service; private OAFacade1_0 facade1_0; private final Question question; - private TokenPermLoader tpLoader; + private TokenPermLoader tpLoader; private final Cluster cluster; - + /** * Construct AuthzAPI with all the Context Supporting Routes that Authz needs - * + * * @param env - * @param si - * @param dm - * @param decryptor - * @throws APIException + * @param si + * @param dm + * @param decryptor + * @throws APIException */ public AAF_OAuth(final AuthzEnv env) throws Exception { super(env.access(),env); - + String aaf_env = env.getProperty(Config.AAF_ENV); if (aaf_env==null) { throw new APIException("aaf_env needs to be set"); } - + // Initialize Facade for all uses AuthzTrans trans = env.newTrans(); cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null); - + aafLurPerm = aafCon().newLur(); // Note: If you need both Authn and Authz construct the following: aafAuthn = aafCon().newAuthn(aafLurPerm); // Start Background Processing - // Question question = + // Question question = question = new Question(trans, cluster, CassAccess.KEYSPACE); question.startTimers(env); @@ -114,21 +114,21 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> { StringBuilder sb = new StringBuilder(); trans.auditTrail(2, sb); trans.init().log(sb); - + API_Token.init(this, facade1_0); } - + /** * Setup XML and JSON implementations for each supported Version type - * + * * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties * to do Versions and Content switches - * + * */ public void route(HttpMethods meth, String path, API api, HttpCode<AuthzTrans, OAFacade<Introspect>> code) throws Exception { String version = "1.0"; // Get Correct API Class from Mapper - Class<?> respCls = facade1_0.mapper().getClass(api); + Class<?> respCls = facade1_0.mapper().getClass(api); if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name()); // setup Application API HTML ContentTypes for JSON and Route String application = applicationJSON(respCls, version); @@ -138,7 +138,7 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> { route(env,meth,path,code,application,"application/json;version="+version,"*/*"); } } - + @Override public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException { try { @@ -150,7 +150,7 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> { if (additionalTafLurs.length>0) { System.arraycopy(additionalTafLurs, 0, atl, 2, additionalTafLurs.length); } - + return new Filter[] { new AuthzTransFilter(env,aafCon(), new AAFTrustChecker((Env)env), @@ -160,7 +160,7 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> { throw new CadiException("Invalid Property information", e); } } - + @SuppressWarnings("unchecked") @Override public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException { @@ -181,7 +181,7 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> { } super.destroy(); } - + // For use in CADI ONLY public TokenMgr.TokenPermLoader tpLoader() { return tpLoader; diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java index 3d863824..45a70e9e 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -80,7 +80,7 @@ public class DirectOAuthTAF implements HttpTaf { String[] split = Split.split(',', alt_url); int timeout = split.length>1?Integer.parseInt(split[1]):3000; altIntrospectClient = tcf.newClient(split[0], timeout); - altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null), + altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null), access.getProperty(Config.AAF_ALT_CLIENT_SECRET,null)); } catch (GeneralSecurityException | IOException | LocatorException e) { throw new CadiException(e); @@ -125,7 +125,7 @@ public class DirectOAuthTAF implements HttpTaf { password=s; } break; - case "token": + case "token": if (token!=null) { // Defined as both Bearer and Form Encoded - Error return new OAuth2HttpTafResp(access, null, "Token Info found as both Bearer Token and Form Info", RESP.FAIL, resp, true); } @@ -136,12 +136,12 @@ public class DirectOAuthTAF implements HttpTaf { // Ignore others } } - + if (client_id==null || client_secret==null) { return new OAuth2HttpTafResp(access, null, "client_id and client_secret required", RESP.TRY_ANOTHER_TAF, resp, false); } - - if (token==null) { // No Token to work with, use only Client_ID and Client_Secret + + if (token==null) { // No Token to work with, use only Client_ID and Client_Secret AuthzTrans trans = (AuthzTrans)req.getAttribute(TransFilter.TRANS_TAG); if (directUserPass.validate(client_id, Type.PASSWORD, client_secret.getBytes(), trans)) { @@ -166,8 +166,8 @@ public class DirectOAuthTAF implements HttpTaf { return new OAuth2HttpTafResp(access,null,"OAuth client_id " + client_id + " not authenticated ",RESP.FAIL,resp,true); } } - } - + } + // OK, have only a Token to validate if (token!=null) { AuthzTrans trans = (AuthzTrans)req.getAttribute(TransFilter.TRANS_TAG); @@ -205,7 +205,7 @@ public class DirectOAuthTAF implements HttpTaf { public ServiceTPL(AuthzTrans atrans) { trans = atrans; } - + @Override public org.onap.aaf.cadi.client.Result<TokenPerm> load(String accessToken, byte[] cred) throws APIException, CadiException, LocatorException { Result<Introspect> ri = oaFacade.mappedIntrospect(trans, accessToken); diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java index a0381c3e..082c0fb2 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -33,7 +33,7 @@ public abstract class OACode extends HttpCode<AuthzTrans, OAFacade<Introspect>> super(facade, description, roles); this.useJSON = useJSON; } - + public <D extends OACode> D clone(OAFacade<Introspect> facade, boolean useJSON) throws Exception { @SuppressWarnings("unchecked") D d = (D)clone(); @@ -41,5 +41,5 @@ public abstract class OACode extends HttpCode<AuthzTrans, OAFacade<Introspect>> d.context = facade; return d; } - + }
\ No newline at end of file diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java index 9777f564..a3242ec8 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -46,8 +46,8 @@ public class OAuth2Filter implements Filter { HttpServletRequest hreq = (HttpServletRequest)request; Principal p = hreq.getUserPrincipal(); if (request.getContentType().equals("application/x-www-form-urlencoded")) { - - } else if (p instanceof BearerPrincipal) { + + } else if (p instanceof BearerPrincipal) { for (String authz : Split.splitTrim(';', hreq.getHeader("Authorization"))) { if (authz.startsWith("Bearer ")) { ((BearerPrincipal)p).setBearer(authz.substring(7)); diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java index f63daf89..2d76248e 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -36,23 +36,23 @@ public class OAuth2FormHttpTafResp extends AbsTafResp implements TafResp { private HttpServletResponse httpResp; private RESP status; private final boolean wasFailed; - + public OAuth2FormHttpTafResp(Access access, OAuth2FormPrincipal principal, String desc, RESP status, HttpServletResponse resp, boolean wasFailed) { super(access,tafName,principal, desc); httpResp = resp; - this.status = status; + this.status = status; this.wasFailed = wasFailed; } public OAuth2FormHttpTafResp(Access access, TrustPrincipal principal, String desc, RESP status,HttpServletResponse resp) { super(access,tafName,principal, desc); httpResp = resp; - this.status = status; + this.status = status; wasFailed = true; // if Trust Principal added, must be good } public RESP authenticate() throws IOException { - httpResp.setStatus(401); // Unauthorized + httpResp.setStatus(401); // Unauthorized return RESP.HTTP_REDIRECT_INVOKED; } diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java index 0ed4fbed..4babaf6b 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -42,10 +42,10 @@ import aafoauth.v2_0.Introspect; public class API_Token { // Hide Public Constructor private API_Token() {} - + /** * Normal Init level APIs - * + * * @param authzAPI * @param facade * @throws Exception @@ -65,7 +65,7 @@ public class API_Token { } } }); - + authzAPI.route(HttpMethods.POST,"/introspect",API.INTROSPECT,new OACode(facade,"AAF Token Information", true) { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java index 6aec5feb..3127ba18 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java index 36f08b15..db401c78 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectOAFacadeImpl.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectOAFacadeImpl.java index f71f7c15..a2a5b230 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectOAFacadeImpl.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectOAFacadeImpl.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java index 23011d27..15ae4b1a 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -30,14 +30,14 @@ import org.onap.aaf.auth.oauth.service.OAuthService; /** - * + * * @author Jonathan * */ public interface OAFacade<INTROSPECT> { ///////////////////// STANDARD ELEMENTS ////////////////// - /** + /** * @param trans * @param response * @param result @@ -45,7 +45,7 @@ public interface OAFacade<INTROSPECT> { public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result); /** - * + * * @param trans * @param response * @param status @@ -57,7 +57,7 @@ public interface OAFacade<INTROSPECT> { public Result<Void> introspect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp); public OAuthService service(); - + ///////////////////// STANDARD ELEMENTS ////////////////// diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java index b0776d94..451ffbe0 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -37,9 +37,9 @@ import aafoauth.v2_0.TokenRequest; * */ public class OAFacade1_0 extends OAFacadeImpl<TokenRequest,Token,Introspect,Error> { - public OAFacade1_0(AAF_OAuth api, + public OAFacade1_0(AAF_OAuth api, OAuthService service, - Mapper<TokenRequest,Token,Introspect,Error> mapper, + Mapper<TokenRequest,Token,Introspect,Error> mapper, Data.TYPE type) throws APIException { super(api, service, mapper, type); } diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java index 11b7217e..0de4ae20 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -38,9 +38,9 @@ public class OAFacadeFactory { certman, service, new Mapper1_0(), - type); + type); } - + public static DirectIntrospect<Introspect> directV1_0(OAuthService service) { return new DirectIntrospectImpl<Introspect>(service, new MapperIntrospect1_0()); } diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java index 63306641..221508e9 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -61,7 +61,7 @@ import aaf.v2_0.Perms; /** * AuthzFacade - * + * * This Service Facade encapsulates the essence of the API Service can do, and provides * a single created object for elements such as RosettaDF. * @@ -72,14 +72,14 @@ import aaf.v2_0.Perms; * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request. * 4) Log Service info, warnings and exceptions as necessary * 5) When asked by the API layer, this will create and write Error content to the OutputStream - * - * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be + * + * Note: This Class does NOT set the HTTP Status Code. That is up to the API layer, so that it can be * clearly coordinated with the API Documentation - * + * * @author Jonathan * */ -public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> +public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> extends DirectIntrospectImpl<INTROSPECT> implements OAFacade<INTROSPECT> { private static final String INVALID_INPUT = "Invalid Input"; private final RosettaDF<TOKEN> tokenDF; @@ -88,9 +88,9 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> private final RosettaDF<ERROR> errDF; public final RosettaDF<Perms> permsDF; private final Mapper<TOKEN_REQ, TOKEN, INTROSPECT, ERROR> mapper; - + public OAFacadeImpl(AAF_OAuth api, - OAuthService service, + OAuthService service, Mapper<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> mapper, Data.TYPE dataType) throws APIException { super(service, mapper); @@ -102,13 +102,13 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> (permsDF = env.newDataFactory(Perms.class)).in(dataType).out(dataType); (errDF = env.newDataFactory(mapper.getClass(API.ERROR))).in(dataType).out(dataType); } - + /////////////////////////// // Tokens /////////////////////////// public static final String CREATE_TOKEN = "createToken"; public static final String INTROSPECT = "introspect"; - + /* (non-Javadoc) * @see org.onap.aaf.auth.oauth.facade.OAFacade#getToken(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, org.onap.aaf.auth.oauth.service.OAuthAPI) */ @@ -145,7 +145,7 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> rp = Result.err(rs); } switch(rp.status) { - case OK: + case OK: RosettaData<TOKEN> data = tokenDF.newData(trans).load(rp.value); if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); @@ -186,10 +186,10 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> setContentType(resp,tokenDF.getOutType()); return Result.ok(); } else if (p instanceof OAuth2FormPrincipal) { - token = req.getParameter("token"); + token = req.getParameter("token"); } } - + if (token==null) { token = req.getParameter("access_token"); if (token==null || token.isEmpty()) { @@ -207,7 +207,7 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> Result<INTROSPECT> rti = mappedIntrospect(trans,token); switch(rti.status) { - case OK: + case OK: RosettaData<INTROSPECT> data = introspectDF.newData(trans).load(rti.value); if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); @@ -226,11 +226,11 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> tt.done(); } } - + /* (non-Javadoc) * @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int) - * + * * Note: Conforms to AT&T TSS RESTful Error Structure */ @Override @@ -239,7 +239,7 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> result.details==null?"":result.details.trim(), result.variables==null?Result.EMPTY_VARS:result.variables); } - + @Override public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final Object ... _detail) { String msgId; @@ -261,7 +261,7 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> prefix = "Forbidden"; response.setStatus(/*httpstatus=*/403); break; - + case 404: case ERR_NotFound: msgId = "SVC1404"; @@ -275,21 +275,21 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> prefix = "Not Acceptable"; response.setStatus(/*httpstatus=*/406); break; - + case 409: case ERR_ConflictAlreadyExists: msgId = "SVC1409"; prefix = "Conflict Already Exists"; response.setStatus(/*httpstatus=*/409); break; - + case 501: case ERR_NotImplemented: msgId = "SVC1501"; - prefix = "Not Implemented"; + prefix = "Not Implemented"; response.setStatus(/*httpstatus=*/501); break; - + default: msgId = "SVC1500"; @@ -303,7 +303,7 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> StringBuilder holder = new StringBuilder(); ERROR em = mapper.errorFromMessage(holder, msgId,prefix + ": " + _msg,_detail); trans.checkpoint( - "ErrResp [" + + "ErrResp [" + msgId + "] " + holder.toString(), @@ -313,16 +313,16 @@ public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> em = mapper.errorFromMessage(holder, msgId, "Server had an issue processing this request"); } errDF.newData(trans).load(em).to(response.getOutputStream()); - + } catch (Exception e) { trans.error().log(e,"unable to send response for",_msg); } } - + public Mapper<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> mapper() { return mapper; } - + /* (non-Javadoc) * @see org.onap.aaf.auth.oauth.facade.OAFacade#service() */ diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java index d741469c..95f0217b 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -31,16 +31,16 @@ import org.onap.aaf.cadi.client.Holder; import org.onap.aaf.cadi.oauth.OAuth2Principal; public interface Mapper<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> extends MapperIntrospect<INTROSPECT> -{ +{ public enum API{TOKEN_REQ, TOKEN,INTROSPECT, ERROR,VOID}; - + public Class<?> getClass(API api); public<A> A newInstance(API api); public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, Object ... detail); public TOKEN_REQ tokenReqFromParams(HttpServletRequest req); public OCreds credsFromReq(TOKEN_REQ tokReq); - + public OAuthTokenDAO.Data clientTokenReq(TOKEN_REQ tokReq, Holder<GRANT_TYPE> hgt); public Result<TOKEN> tokenFromData(Result<OAuthTokenDAO.Data> rs); public INTROSPECT fromPrincipal(OAuth2Principal p); diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java index d4852c1a..ddc306c4 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -49,7 +49,7 @@ public class Mapper1_0 extends MapperIntrospect1_0 implements Mapper<TokenReques @Override public Class<?> getClass(API api) { switch(api) { - case TOKEN_REQ: return TokenRequest.class; + case TOKEN_REQ: return TokenRequest.class; case TOKEN: return Token.class; case INTROSPECT: return Introspect.class; case ERROR: return Error.class; @@ -134,12 +134,12 @@ public class Mapper1_0 extends MapperIntrospect1_0 implements Mapper<TokenReques } break; - } + } } return data?tr:null; } - - + + /* (non-Javadoc) * @see org.onap.aaf.auth.oauth.mapper.Mapper#credsFromReq(javax.servlet.http.HttpServletRequest) @@ -156,19 +156,19 @@ public class Mapper1_0 extends MapperIntrospect1_0 implements Mapper<TokenReques @Override public Data clientTokenReq(TokenRequest tokReq, Holder<GRANT_TYPE> hgt) { OAuthTokenDAO.Data tdd = new OAuthTokenDAO.Data(); - tdd.client_id = tokReq.getClientId(); + tdd.client_id = tokReq.getClientId(); tdd.user = tokReq.getUsername(); if (tokReq.getRefreshToken()!=null) { tdd.refresh=tokReq.getRefreshToken(); } - + for (GRANT_TYPE ttt : GRANT_TYPE.values()) { if (ttt.name().equals(tokReq.getGrantType())) { hgt.set(ttt); break; } } - + switch(hgt.get()) { case client_credentials: case password: @@ -179,14 +179,14 @@ public class Mapper1_0 extends MapperIntrospect1_0 implements Mapper<TokenReques tdd.type = CLIENT_TYPE.unknown.ordinal(); break; } - String scopes=tokReq.getScope(); + String scopes=tokReq.getScope(); if (scopes!=null) { Set<String> ss = tdd.scopes(true); for (String s: Split.split(' ', tokReq.getScope())) { ss.add(s); } } - + tdd.state = tokReq.getState(); return tdd; } diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java index 27f40ecf..58bd417a 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java index 33df05fa..05b99c32 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -56,7 +56,7 @@ public class MapperIntrospect1_0 implements MapperIntrospect<Introspect> { } return Result.err(rs); } - + protected static String getScopes(Set<String> scopes) { StringBuilder sb = new StringBuilder(); boolean start = true; diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java index 51120870..0126c2e2 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java index e3179aea..f163f21c 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -89,7 +89,7 @@ public class JSONPermLoaderFactory { if (pd.notOK()) { return Result.err(pd); } - // Since we know it is + // Since we know it is StringBuilder sb = new StringBuilder("{\"perm\":["); boolean first = true; for (PermDAO.Data d : pd.value) { diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java index 1e4b6cbb..4e1dd5b9 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -54,13 +54,13 @@ import org.onap.aaf.misc.env.APIException; import aafoauth.v2_0.Introspect; public class OAuthService { - + private static final int TOK_EXP = 60*60*1000; // 1 hour, millis. public enum TOKEN_TYPE {unknown,bearer,refresh} public enum GRANT_TYPE {unknown,password,client_credentials,refresh_token}; public enum CLIENT_TYPE {unknown,confidential}; - + // Additional Expires private final DAO<AuthzTrans, ?>[] daos; public final OAuthTokenDAO tokenDAO; @@ -87,7 +87,7 @@ public class OAuthService { String[] split = Split.split(',', alt_url); int timeout = split.length>1?Integer.parseInt(split[1]):3000; altIntrospectClient = tcf.newClient(split[0], timeout); - altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null), + altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null), access.getProperty(Config.AAF_ALT_CLIENT_SECRET,null)); altDomain = '@'+access.getProperty(Config.AAF_ALT_OAUTH2_DOMAIN,null); } else { @@ -97,7 +97,7 @@ public class OAuthService { } catch (GeneralSecurityException | CadiException | LocatorException e) { throw new APIException("Could not construct TokenClientFactory",e); } - + } public Result<Void> validate(AuthzTrans trans, OCreds creds) { @@ -119,7 +119,7 @@ public class OAuthService { return Result.err(Result.ERR_BadData, "Unknown Grant Type"); } } - + private Result<Data> createBearerToken(AuthzTrans trans, OAuthTokenDAO.Data odd) { if (odd.user==null) { odd.user = trans.user(); @@ -131,7 +131,7 @@ public class OAuthService { odd.expires = new Date(exp=(System.currentTimeMillis()+TOK_EXP)); odd.exp_sec = exp/1000; odd.req_ip = trans.ip(); - + try { Result<Data> rd = loadToken(trans, odd); if (rd.notOK()) { @@ -142,7 +142,7 @@ public class OAuthService { } return tokenDAO.create(trans, odd); } - + private Result<Data> loadToken(AuthzTrans trans, Data odd) throws APIException, CadiException { Result<String> rs = permLoader.loadJSONPerms(trans,odd.user,odd.scopes(false)); if (rs.isOK()) { @@ -156,8 +156,8 @@ public class OAuthService { return Result.err(Result.ERR_Backend,"Error accessing AAF Info: %s",rs.errorString()); } } - - + + private Result<Data> refreshBearerToken(AuthzTrans trans, Data odd) { Result<List<Data>> rld = tokenDAO.readByUser(trans, trans.user()); @@ -189,7 +189,7 @@ public class OAuthService { break; } } - + if (token==null) { trans.audit().printf("Duplicate Refresh Token (%s) attempted for %s. Possible Replay Attack",odd.refresh.toString(),trans.user()); return Result.err(Result.ERR_Security,"Invalid Refresh Token"); diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java index af15d4c2..0e10b1b5 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |