summaryrefslogtreecommitdiffstats
path: root/auth/auth-service
diff options
context:
space:
mode:
Diffstat (limited to 'auth/auth-service')
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java5
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java35
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java1
3 files changed, 24 insertions, 17 deletions
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java
index 751825c1..e311513e 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java
@@ -2290,7 +2290,6 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE
try {
Result<CredDAO.Data> rcred = mapper.cred(trans, from, true);
if (rcred.isOKhasData()) {
- byte[] rawCred = rcred.value.cred.array();
rcred = ques.userCredSetup(trans, rcred.value);
final ServiceValidator v = new ServiceValidator();
@@ -2333,7 +2332,9 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE
// Note: ASPR specifies character differences, but we don't actually store the
// password to validate char differences.
- rb = ques.userCredCheck(trans, curr, rawCred);
+// byte[] rawCred = rcred.value.type==CredDAO.RAW?null:;
+
+ rb = ques.userCredCheck(trans, curr, rcred.value.cred.array());
if (rb.notOK()) {
return Result.err(rb);
} else if (rb.value){
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java
index 72a24d21..187f4e39 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java
@@ -509,22 +509,27 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo
CredDAO.Data to = new CredDAO.Data();
to.id=from.getId();
to.ns = Question.domain2ns(to.id);
- String passwd = from.getPassword();
- if (requiresPass) {
- String ok = trans.org().isValidPassword(trans, to.id,passwd);
- if (ok.length()>0) {
- return Result.err(Status.ERR_BadData,ok);
- }
- } else {
- to.type=0;
- }
- if (passwd != null) {
- to.cred = ByteBuffer.wrap(passwd.getBytes());
- to.type = CredDAO.RAW;
+ to.type = from.getType();
+ if(to.type!=null && to.type==CredDAO.FQI) {
+ to.cred = null;
} else {
- to.type = 0;
- }
-
+ String passwd = from.getPassword();
+ if (requiresPass) {
+ String ok = trans.org().isValidPassword(trans, to.id,passwd);
+ if (ok.length()>0) {
+ return Result.err(Status.ERR_BadData,ok);
+ }
+ } else {
+ to.type=0;
+ }
+ if (passwd != null) {
+ to.cred = ByteBuffer.wrap(passwd.getBytes());
+ to.type = CredDAO.RAW;
+ } else {
+ to.type = CredDAO.FQI;
+ }
+ }
+
// Note: Ensure requested EndDate created will match Organization Password Rules
// P.S. Do not apply TempPassword rule here. Do that when you know you are doing a Create/Reset (see Service)
to.expires = getExpires(trans.org(),Expiration.Password,base,from.getId());
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java
index 128fdcd1..adff4612 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java
@@ -162,6 +162,7 @@ public class ServiceValidator extends Validator {
} else {
switch(cd.type) {
case CredDAO.BASIC_AUTH_SHA256:
+ case CredDAO.FQI:
// ok
break;
default: