diff options
Diffstat (limited to 'auth/auth-service')
3 files changed, 24 insertions, 17 deletions
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java index 751825c1..e311513e 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java @@ -2290,7 +2290,6 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE try { Result<CredDAO.Data> rcred = mapper.cred(trans, from, true); if (rcred.isOKhasData()) { - byte[] rawCred = rcred.value.cred.array(); rcred = ques.userCredSetup(trans, rcred.value); final ServiceValidator v = new ServiceValidator(); @@ -2333,7 +2332,9 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // Note: ASPR specifies character differences, but we don't actually store the // password to validate char differences. - rb = ques.userCredCheck(trans, curr, rawCred); +// byte[] rawCred = rcred.value.type==CredDAO.RAW?null:; + + rb = ques.userCredCheck(trans, curr, rcred.value.cred.array()); if (rb.notOK()) { return Result.err(rb); } else if (rb.value){ diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java index 72a24d21..187f4e39 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java @@ -509,22 +509,27 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo CredDAO.Data to = new CredDAO.Data(); to.id=from.getId(); to.ns = Question.domain2ns(to.id); - String passwd = from.getPassword(); - if (requiresPass) { - String ok = trans.org().isValidPassword(trans, to.id,passwd); - if (ok.length()>0) { - return Result.err(Status.ERR_BadData,ok); - } - } else { - to.type=0; - } - if (passwd != null) { - to.cred = ByteBuffer.wrap(passwd.getBytes()); - to.type = CredDAO.RAW; + to.type = from.getType(); + if(to.type!=null && to.type==CredDAO.FQI) { + to.cred = null; } else { - to.type = 0; - } - + String passwd = from.getPassword(); + if (requiresPass) { + String ok = trans.org().isValidPassword(trans, to.id,passwd); + if (ok.length()>0) { + return Result.err(Status.ERR_BadData,ok); + } + } else { + to.type=0; + } + if (passwd != null) { + to.cred = ByteBuffer.wrap(passwd.getBytes()); + to.type = CredDAO.RAW; + } else { + to.type = CredDAO.FQI; + } + } + // Note: Ensure requested EndDate created will match Organization Password Rules // P.S. Do not apply TempPassword rule here. Do that when you know you are doing a Create/Reset (see Service) to.expires = getExpires(trans.org(),Expiration.Password,base,from.getId()); diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java index 128fdcd1..adff4612 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java @@ -162,6 +162,7 @@ public class ServiceValidator extends Validator { } else { switch(cd.type) { case CredDAO.BASIC_AUTH_SHA256: + case CredDAO.FQI: // ok break; default: |