summaryrefslogtreecommitdiffstats
path: root/auth
diff options
context:
space:
mode:
Diffstat (limited to 'auth')
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Future.java21
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NsAttrib.java39
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java22
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java34
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java8
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java34
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java62
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java88
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java25
9 files changed, 164 insertions, 169 deletions
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Future.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Future.java
index a2dc6b65..948e65be 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Future.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Future.java
@@ -44,12 +44,12 @@ import com.datastax.driver.core.SimpleStatement;
import com.datastax.driver.core.Statement;
public class Future implements CacheChange.Data, Comparable<Future> {
- public static final Map<UUID,Future> data = new TreeMap<UUID,Future>();
- public static final Map<String,List<Future>> byRole = new TreeMap<String,List<Future>>();
+ public static final Map<UUID,Future> data = new TreeMap<>();
+ public static final Map<String,List<Future>> byRole = new TreeMap<>();
public final FutureDAO.Data fdd;
public final String role; // derived
- private final static CacheChange<Future> cache = new CacheChange<Future>();
+ private static final CacheChange<Future> cache = new CacheChange<>();
public final UUID id() {
@@ -102,13 +102,16 @@ public class Future implements CacheChange.Data, Comparable<Future> {
++count;
Future f = creator.create(row);
data.put(f.fdd.id,f);
- if(f.role!=null) {
- List<Future> lf = byRole.get(f.role);
- if(lf==null) {
- byRole.put(f.role,lf = new ArrayList<Future>());
- }
- lf.add(f);
+ if(f.role==null) {
+ continue;
}
+ List<Future> lf = byRole.get(f.role);
+ if(lf==null) {
+ lf = new ArrayList<>();
+ byRole.put(f.role,lf);
+ }
+ lf.add(f);
+
}
} finally {
tt.done();
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NsAttrib.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NsAttrib.java
index bb76c34c..eafbe909 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NsAttrib.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NsAttrib.java
@@ -23,6 +23,7 @@ package org.onap.aaf.auth.helpers;
import java.util.ArrayList;
import java.util.List;
+import java.util.SortedMap;
import java.util.TreeMap;
import org.onap.aaf.misc.env.Env;
@@ -36,11 +37,24 @@ import com.datastax.driver.core.SimpleStatement;
import com.datastax.driver.core.Statement;
public class NsAttrib {
- public static final List<NsAttrib> data = new ArrayList<NsAttrib>();
- public static final TreeMap<String,List<NsAttrib>> byKey = new TreeMap<String,List<NsAttrib>>();
- public static final TreeMap<String,List<NsAttrib>> byNS = new TreeMap<String,List<NsAttrib>>();
+ public static final List<NsAttrib> data = new ArrayList<>();
+ public static final SortedMap<String,List<NsAttrib>> byKey = new TreeMap<>();
+ public static final SortedMap<String,List<NsAttrib>> byNS = new TreeMap<>();
- public final String ns,key,value;
+ public final String ns;
+ public final String key;
+ public final String value;
+ public static Creator<NsAttrib> v2_0_11 = new Creator<NsAttrib>() {
+ @Override
+ public NsAttrib create(Row row) {
+ return new NsAttrib(row.getString(0), row.getString(1), row.getString(2));
+ }
+
+ @Override
+ public String select() {
+ return "select ns,key,value from authz.ns_attrib";
+ }
+ };
public NsAttrib(String ns, String key, String value) {
this.ns = ns;
@@ -69,14 +83,14 @@ public class NsAttrib {
List<NsAttrib> lna = byKey.get(ur.key);
if(lna==null) {
- lna = new ArrayList<NsAttrib>();
+ lna = new ArrayList<>();
byKey.put(ur.key, lna);
}
lna.add(ur);
lna = byNS.get(ur.ns);
if(lna==null) {
- lna = new ArrayList<NsAttrib>();
+ lna = new ArrayList<>();
byNS.put(ur.ns, lna);
}
lna.add(ur);
@@ -87,19 +101,6 @@ public class NsAttrib {
}
}
- public static Creator<NsAttrib> v2_0_11 = new Creator<NsAttrib>() {
- @Override
- public NsAttrib create(Row row) {
- return new NsAttrib(row.getString(0), row.getString(1), row.getString(2));
- }
-
- @Override
- public String select() {
- return "select ns,key,value from authz.ns_attrib";
- }
- };
-
-
public String toString() {
return '"' + ns + "\",\"" + key + "\",\"" + value +'"';
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
index c90dcccf..ea726480 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
@@ -53,7 +53,8 @@ public abstract class CA {
public static final Set<String> EMPTY = Collections.unmodifiableSet(new HashSet<String>());
- private final String name,env;
+ private final String name;
+ private final String env;
private MessageDigest messageDigest;
private final String permType;
private Set<String> caIssuerDNs;
@@ -70,7 +71,7 @@ public abstract class CA {
if(permType==null) {
throw new CertException(CM_CA_PREFIX + name + ".perm_type" + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
}
- caIssuerDNs = new HashSet<String>();
+ caIssuerDNs = new HashSet<>();
String tag = CA.CM_CA_PREFIX+caName+CA.CM_CA_BASE_SUBJECT;
@@ -79,13 +80,14 @@ public abstract class CA {
throw new CertException(tag + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
}
access.log(Level.INFO, tag, "=",fields);
- for(RDN rdn : rdns = RDN.parse('/',fields)) {
+ rdns = RDN.parse('/',fields);
+ for(RDN rdn : rdns) {
if(rdn.aoi==BCStyle.EmailAddress) { // Cert Specs say Emails belong in Subject
throw new CertException("email address is not allowed in " + CM_CA_BASE_SUBJECT);
}
}
- idDomains = new ArrayList<String>();
+ idDomains = new ArrayList<>();
StringBuilder sb = null;
for(String s : Split.splitTrim(',', access.getProperty(CA.CM_CA_PREFIX+caName+".idDomains", ""))) {
if(s.length()>0) {
@@ -102,14 +104,14 @@ public abstract class CA {
access.printf(Level.INIT, "CA '%s' supports Personal Certificates for %s", caName, sb);
}
- String data_dir = access.getProperty(CM_PUBLIC_DIR,null);
- if(data_dir!=null) {
- File data = new File(data_dir);
+ String dataDir = access.getProperty(CM_PUBLIC_DIR,null);
+ if(dataDir!=null) {
+ File data = new File(dataDir);
byte[] bytes;
if(data.exists()) {
- String trust_cas = access.getProperty(CM_TRUST_CAS,null);
- if(trust_cas!=null) {
- for(String fname : Split.splitTrim(',', trust_cas)) {
+ String trustCas = access.getProperty(CM_TRUST_CAS,null);
+ if(trustCas!=null) {
+ for(String fname : Split.splitTrim(',', trustCas)) {
File crt = new File(data,fname);
if(crt.exists()) {
access.printf(Level.INIT, "Loading CA Cert from %s", crt.getAbsolutePath());
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
index 0d494acd..ee73dbdc 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
@@ -59,21 +59,21 @@ public class JscepCA extends CA {
static final String CA_PREFIX = "http://";
static final String CA_POSTFIX="/certsrv/mscep_admin/mscep.dll";
- private final static String MS_PROFILE="1";
- private final static int MAX_RETRY=3;
+ private static final String MS_PROFILE="1";
+ private static final int MAX_RETRY=3;
public static final long INVALIDATE_TIME = 1000*60*10L; // 10 mins
// package on purpose
- private Map<String,X509ChainWithIssuer> mxcwi_s;
- private Map<Client,X509ChainWithIssuer> mxcwi_c;
+ private Map<String,X509ChainWithIssuer> mxcwiS;
+ private Map<Client,X509ChainWithIssuer> mxcwiC;
private JscepClientLocator clients;
public JscepCA(final Access access, final String name, final String env, String [][] params) throws IOException, CertException, LocatorException {
super(access, name, env);
- mxcwi_s = new ConcurrentHashMap<String,X509ChainWithIssuer>();
- mxcwi_c = new ConcurrentHashMap<Client,X509ChainWithIssuer>();
+ mxcwiS = new ConcurrentHashMap<>();
+ mxcwiC = new ConcurrentHashMap<>();
if(params.length<2) {
throw new CertException("No Trust Chain parameters are included");
@@ -110,7 +110,7 @@ public class JscepCA extends CA {
dir = dir + '/';
}
String path;
- List<FileReader> frs = new ArrayList<FileReader>(params.length-1);
+ List<FileReader> frs = new ArrayList<>(params.length-1);
try {
for(int j=1; j<params[i].length; ++j) { // first 3 taken up, see above
path = !params[i][j].contains("/")?dir+params[i][j]:params[i][j];
@@ -119,7 +119,7 @@ public class JscepCA extends CA {
}
X509ChainWithIssuer xcwi = new X509ChainWithIssuer(frs);
addCaIssuerDN(xcwi.getIssuerDN());
- mxcwi_s.put(params[i][0],xcwi);
+ mxcwiS.put(params[i][0],xcwi);
} finally {
for(FileReader fr : frs) {
if(fr!=null) {
@@ -173,26 +173,16 @@ public class JscepCA extends CA {
break;
}
}
- X509ChainWithIssuer mxcwi = mxcwi_c.get(client);
+ X509ChainWithIssuer mxcwi = mxcwiC.get(client);
return new X509ChainWithIssuer(mxcwi,x509);
-// break;
+
} else if (er.isPending()) {
trans.checkpoint("Polling, waiting on CA to complete");
Thread.sleep(3000);
} else if (er.isFailure()) {
-// switch(er.getFailInfo()) {
-// case badMessageCheck:
-// throw new ClientException("Received BadMessageCheck from Jscep");
-// case badAlg:
-// case badCertId:
-// case badRequest:
-// case badTime:
-// default:
-// }
throw new CertException(clients.info(item)+':'+er.getFailInfo().toString());
}
}
- //i=MAX_RETRY;
} catch(LocatorException e) {
trans.error().log(e);
i=MAX_RETRY;
@@ -246,7 +236,7 @@ public class JscepCA extends CA {
}
);
// Map URL to Client, because Client doesn't expose Connection
- mxcwi_c.put(c,mxcwi_s.get(urlinfo));
+ mxcwiC.put(c, mxcwiS.get(urlinfo));
return c;
} catch (MalformedURLException e) {
throw new LocatorException(e);
@@ -260,7 +250,7 @@ public class JscepCA extends CA {
@Override
protected void _destroy(Client client) {
- mxcwi_c.remove(client);
+ mxcwiC.remove(client);
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
index cd8886da..e2287c3b 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
@@ -97,7 +97,7 @@ public class LocalCA extends CA {
String fileName = f.getName();
if(fileName.endsWith(".key")) {
caKey = Factory.toPrivateKey(NullTrans.singleton(),f);
- List<FileReader> frs = new ArrayList<FileReader>(params.length-1);
+ List<FileReader> frs = new ArrayList<>(params.length-1);
try {
String dir = access.getProperty(CM_PUBLIC_DIR, "");
if(!"".equals(dir) && !dir.endsWith("/")) {
@@ -128,8 +128,8 @@ public class LocalCA extends CA {
KeyStore keyStore;
FileInputStream fis = null;
if(fileName.endsWith(".pkcs11")) {
- String ksType;
- p = Factory.getSecurityProvider(ksType="PKCS11",params);
+ String ksType="PKCS11";
+ p = Factory.getSecurityProvider(ksType,params);
keyStore = KeyStore.getInstance(ksType,p);
} else if(fileName.endsWith(".jks")) {
keyStore = KeyStore.getInstance("JKS");
@@ -216,7 +216,7 @@ public class LocalCA extends CA {
SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(new RSAKeyParameters(false,rpk.getModulus(),rpk.getPublicExponent()))
// new SubjectPublicKeyInfo(ASN1Sequence.getInstance(caCert.getPublicKey().getEncoded()))
);
- List<GeneralName> lsan = new ArrayList<GeneralName>();
+ List<GeneralName> lsan = new ArrayList<>();
for(String s : csrmeta.sans()) {
lsan.add(new GeneralName(GeneralName.dNSName,s));
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
index 6f3062bb..6ba5a37f 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
@@ -45,24 +45,26 @@ public class X509ChainWithIssuer extends X509andChain {
Collection<? extends Certificate> certs;
X509Certificate x509;
for(Reader rdr : rdrs) {
- if(rdr!=null) { // cover for badly formed array
- byte[] bytes = Factory.decode(rdr);
- try {
- certs = Factory.toX509Certificate(bytes);
- } catch (CertificateException e) {
- throw new CertException(e);
+ if(rdr==null) { // cover for badly formed array
+ continue;
+ }
+ byte[] bytes = Factory.decode(rdr);
+ try {
+ certs = Factory.toX509Certificate(bytes);
+ } catch (CertificateException e) {
+ throw new CertException(e);
+ }
+ for(Certificate c : certs) {
+ x509=(X509Certificate)c;
+ Principal subject = x509.getSubjectDN();
+ if(subject==null) {
+ continue;
}
- for(Certificate c : certs) {
- x509=(X509Certificate)c;
- Principal subject = x509.getSubjectDN();
- if(subject!=null) {
- if(cert==null) { // first in Trust Chain
- issuerDN= subject.toString();
- }
- addTrustChainEntry(x509);
- cert=x509; // adding each time makes sure last one is signer.
- }
+ if(cert==null) { // first in Trust Chain
+ issuerDN = subject.toString();
}
+ addTrustChainEntry(x509);
+ cert=x509; // adding each time makes sure last one is signer.
}
}
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
index 2541bea0..2b763f7f 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
@@ -60,17 +60,16 @@ public class CSRMeta {
private String email;
private String challenge;
private List<RDN> rdns;
-
- public CSRMeta(List<RDN> rdns) {
- this.rdns = rdns;
- }
-
- private ArrayList<String> sanList = new ArrayList<String>();
+ private ArrayList<String> sanList = new ArrayList<>();
private KeyPair keyPair;
private X500Name name = null;
private SecureRandom random = new SecureRandom();
- public X500Name x500Name() throws IOException {
+ public CSRMeta(List<RDN> rdns) {
+ this.rdns = rdns;
+ }
+
+ public X500Name x500Name() {
if(name==null) {
X500NameBuilder xnb = new X500NameBuilder();
xnb.addRDN(BCStyle.CN,cn);
@@ -99,7 +98,7 @@ public class CSRMeta {
}
int plus = email==null?0:1;
- if(sanList.size()>0) {
+ if(!sanList.isEmpty()) {
GeneralName[] gna = new GeneralName[sanList.size()+plus];
int i=-1;
for(String s : sanList) {
@@ -114,10 +113,7 @@ public class CSRMeta {
})
);
}
-
- if(email!=null) {
-
- }
+
try {
return builder.build(BCFactory.contentSigner(keypair(trans).getPrivate()));
} catch (OperatorCreationException e) {
@@ -129,27 +125,29 @@ public class CSRMeta {
public static void dump(PKCS10CertificationRequest csr) {
Attribute[] certAttributes = csr.getAttributes();
for (Attribute attribute : certAttributes) {
- if (attribute.getAttrType().equals(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest)) {
- Extensions extensions = Extensions.getInstance(attribute.getAttrValues().getObjectAt(0));
- GeneralNames gns = GeneralNames.fromExtensions(extensions,Extension.subjectAlternativeName);
- GeneralName[] names = gns.getNames();
- for(int k=0; k < names.length; k++) {
- String title = "";
- if(names[k].getTagNo() == GeneralName.dNSName) {
- title = "dNSName";
- } else if(names[k].getTagNo() == GeneralName.iPAddress) {
- title = "iPAddress";
- // Deprecated, but I don't see anything better to use.
- names[k].toASN1Object();
- } else if(names[k].getTagNo() == GeneralName.otherName) {
- title = "otherName";
- } else if(names[k].getTagNo() == GeneralName.rfc822Name) {
- title = "email";
- }
+ if (!attribute.getAttrType().equals(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest)) {
+ continue;
+ }
+
+ Extensions extensions = Extensions.getInstance(attribute.getAttrValues().getObjectAt(0));
+ GeneralNames gns = GeneralNames.fromExtensions(extensions,Extension.subjectAlternativeName);
+ GeneralName[] names = gns.getNames();
+ for(int k=0; k < names.length; k++) {
+ String title = "";
+ if(names[k].getTagNo() == GeneralName.dNSName) {
+ title = "dNSName";
+ } else if(names[k].getTagNo() == GeneralName.iPAddress) {
+ title = "iPAddress";
+ // Deprecated, but I don't see anything better to use.
+ names[k].toASN1Object();
+ } else if(names[k].getTagNo() == GeneralName.otherName) {
+ title = "otherName";
+ } else if(names[k].getTagNo() == GeneralName.rfc822Name) {
+ title = "email";
+ }
- System.out.println(title + ": "+ names[k].getName());
- }
- }
+ System.out.println(title + ": "+ names[k].getName());
+ }
}
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
index 3d865d30..16517c95 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
@@ -97,50 +97,51 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
*/
@Override
public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException {
- if(in.isOK()) {
- CertResp cin = in.value;
- CertInfo cout = newInstance(API.CERT);
- cout.setPrivatekey(cin.privateString());
- String value;
- if((value=cin.challenge())!=null) {
- cout.setChallenge(value);
- }
- cout.getCerts().add(cin.asCertString());
- if(cin.trustChain()!=null) {
- for(String c : cin.trustChain()) {
- if(c!=null) {
- cout.getCerts().add(c);
- }
+ if(!in.isOK()) {
+ return Result.err(in);
+ }
+
+ CertResp cin = in.value;
+ CertInfo cout = newInstance(API.CERT);
+ cout.setPrivatekey(cin.privateString());
+ String value;
+ if((value=cin.challenge())!=null) {
+ cout.setChallenge(value);
+ }
+ cout.getCerts().add(cin.asCertString());
+ if(cin.trustChain()!=null) {
+ for(String c : cin.trustChain()) {
+ if(c!=null) {
+ cout.getCerts().add(c);
}
}
- // Adding all the Certs in one response is a mistake. Makes it very hard for Agent to setup
- // Certs in keystore versus Truststore. Separate in Version 2_0
- if(cin.trustCAs()!=null) {
- for(String c : cin.trustCAs()) {
- if(c!=null) {
- cout.getCerts().add(c);
- }
+ }
+ // Adding all the Certs in one response is a mistake. Makes it very hard for Agent to setup
+ // Certs in keystore versus Truststore. Separate in Version 2_0
+ if(cin.trustCAs()!=null) {
+ for(String c : cin.trustCAs()) {
+ if(c!=null) {
+ cout.getCerts().add(c);
}
}
- if(cin.notes()!=null) {
- boolean first = true;
- StringBuilder sb = new StringBuilder();
- for(String n : cin.notes()) {
- if(first) {
- first = false;
- } else {
- sb.append('\n');
- }
- sb.append(n);
+ }
+ if(cin.notes()!=null) {
+ boolean first = true;
+ StringBuilder sb = new StringBuilder();
+ for(String n : cin.notes()) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append('\n');
}
- cout.setNotes(sb.toString());
+ sb.append(n);
}
- cout.getCaIssuerDNs().addAll(cin.caIssuerDNs());
- cout.setEnv(cin.env());
- return Result.ok(cout);
- } else {
- return Result.err(in);
+ cout.setNotes(sb.toString());
}
+ cout.getCaIssuerDNs().addAll(cin.caIssuerDNs());
+ cout.setEnv(cin.env());
+ return Result.ok(cout);
+
}
@Override
@@ -171,9 +172,10 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
CertReq out = new CertReq();
CertmanValidator v = new CertmanValidator();
- v.isNull("CertRequest", req)
- .nullOrBlank("MechID", out.mechid=in.getMechid());
- v.nullBlankMin("FQDNs", out.fqdns=in.getFqdns(),1);
+ out.mechid=in.getMechid();
+ out.fqdns=in.getFqdns();
+ v.isNull("CertRequest", req).nullOrBlank("MechID", out.mechid);
+ v.nullBlankMin("FQDNs", out.fqdns,1);
if(v.err()) {
return Result.err(Result.ERR_BadData, v.errs());
}
@@ -206,7 +208,7 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
*/
@Override
public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) {
- List<ArtiDAO.Data> ladd = new ArrayList<ArtiDAO.Data>();
+ List<ArtiDAO.Data> ladd = new ArrayList<>();
for(Artifact arti : artifacts.getArtifact()) {
ArtiDAO.Data data = new ArtiDAO.Data();
data.mechid = arti.getMechid();
@@ -226,10 +228,8 @@ public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
// Derive Optional Data from Machine (Domain) if exists
if(data.machine!=null) {
- if(data.ca==null) {
- if(data.machine.endsWith(".att.com")) {
+ if(data.ca==null && data.machine.endsWith(".att.com")) {
data.ca = "aaf"; // default
- }
}
if(data.ns==null ) {
data.ns=FQI.reverseDomain(data.machine);
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java
index da552aeb..bc9811ba 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java
@@ -135,12 +135,12 @@ public class ApprovalForm extends Page {
@Override
public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
final String userParam = trans.get(sUser, null);
- ArrayList<AbsCell[]> rv = new ArrayList<AbsCell[]>();
+ ArrayList<AbsCell[]> rv = new ArrayList<>();
String msg = null;
TimeTaken tt = trans.start("AAF Get Approvals for Approver",Env.REMOTE);
try {
- final List<Approval> pendingApprovals = new ArrayList<Approval>();
- final List<Integer> beginIndicesPerApprover = new ArrayList<Integer>();
+ final List<Approval> pendingApprovals = new ArrayList<>();
+ final List<Integer> beginIndicesPerApprover = new ArrayList<>();
int numLeft = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Integer>() {
@Override
public Integer code(Rcli<?> client) throws CadiException, ConnectException, APIException {
@@ -150,12 +150,10 @@ public class ApprovalForm extends Page {
if(fa.value!=null) {
for (Approval appr : fa.value.getApprovals()) {
- if (appr.getStatus().equals("pending")) {
- if (userParam!=null) {
- if (!appr.getUser().equalsIgnoreCase(userParam)) {
+ if ("pending".equals(appr.getStatus())) {
+ if (userParam!=null && !appr.getUser().equalsIgnoreCase(userParam)) {
numLeft++;
continue;
- }
}
pendingApprovals.add(appr);
}
@@ -178,7 +176,7 @@ public class ApprovalForm extends Page {
}
});
- if (pendingApprovals.size() > 0) {
+ if (!pendingApprovals.isEmpty()) {
// Only add select all links if we have approvals
AbsCell[] selectAllRow = new AbsCell[] {
AbsCell.Null,
@@ -191,7 +189,7 @@ public class ApprovalForm extends Page {
int line=-1;
- while (beginIndicesPerApprover.size() > 0) {
+ while (!beginIndicesPerApprover.isEmpty()) {
int beginIndex = beginIndicesPerApprover.remove(0);
int endIndex = (beginIndicesPerApprover.isEmpty()?pendingApprovals.size():beginIndicesPerApprover.get(0));
List<Approval> currApproverList = pendingApprovals.subList(beginIndex, endIndex);
@@ -243,7 +241,7 @@ public class ApprovalForm extends Page {
} else {
Identity au = org.getIdentity(trans, user);
if(au!=null) {
- if(au.type().equals("MECHID")) {
+ if("MECHID".equals(au.type())) {
Identity managedBy = au.responsibleTo();
if(managedBy==null) {
title ="title=" + au.type();
@@ -258,12 +256,13 @@ public class ApprovalForm extends Page {
title="title=Not a User at " + org.getName();
}
}
- userCell = new RefCell(prevUser=user,
+ prevUser=user;
+ userCell = new RefCell(prevUser,
TODO_ILM_INFO+user.substring(0, user.length()-DOMAIN_OF_USER.length()),
true,
title);
} else {
- userCell = new TextCell(prevUser=user);
+ userCell = new TextCell(prevUser);
}
AbsCell[] sa = new AbsCell[] {
userCell,
@@ -280,7 +279,7 @@ public class ApprovalForm extends Page {
if(numLeft>0) {
msg = "After these, there will be " + numLeft + " approvals left to process";
}
- if(rv.size()==0) {
+ if(rv.isEmpty()) {
if (numLeft>0) {
msg = "No Approvals to process at this time for user " + userParam +". You have "
+ numLeft + " other approvals to process.";