diff options
Diffstat (limited to 'auth')
20 files changed, 80 insertions, 53 deletions
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/Batch.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/Batch.java index 6d9252e2..ad2de10f 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/Batch.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/Batch.java @@ -369,11 +369,15 @@ public abstract class Batch { return ld; } protected int count(String str, char c) { - int count=str==null||str.isEmpty()?0:1; - for(int i=str.indexOf(c);i>=0;i=str.indexOf(c,i+1)) { - ++count; + if(str==null || str.isEmpty()) { + return 0; + } else { + int count=1; + for(int i=str.indexOf(c);i>=0;i=str.indexOf(c,i+1)) { + ++count; + } + return count; } - return count; } public final void close(AuthzTrans trans) { diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Email.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Email.java index 346e517f..0687364b 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Email.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Email.java @@ -167,6 +167,7 @@ public class Email implements Action<Organization,Void, String>{ try { Thread.sleep(wait); } catch (InterruptedException e) { + return exec(trans,org,sb); } } return exec(trans,org,sb); diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/AbsCassDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/AbsCassDAO.java index 9794b2e5..89fb12fe 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/AbsCassDAO.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/AbsCassDAO.java @@ -357,6 +357,7 @@ public abstract class AbsCassDAO<TRANS extends TransStore,DATA> { private static final String NEW_CASSANDRA_SESSION_CREATED = "New Cassandra Session Created"; private static final String NEW_CASSANDRA_CLUSTER_OBJECT_CREATED = "New Cassandra Cluster Object Created"; private static final String NEW_CASSANDRA_SESSION = "New Cassandra Session"; + private static final Object LOCK = new Object(); private static class ResetRequest { //package on purpose @@ -398,7 +399,7 @@ public abstract class AbsCassDAO<TRANS extends TransStore,DATA> { Cluster tempCluster = null; Session tempSession = null; try { - synchronized(NEW_CASSANDRA_SESSION_CREATED) { + synchronized(LOCK) { boolean reset = false; for(ResetRequest r : resetDeque) { if(r.session == session) { diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassDAOImpl.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassDAOImpl.java index bd6d0863..f7cdec5e 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassDAOImpl.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassDAOImpl.java @@ -185,7 +185,7 @@ public class CassDAOImpl<TRANS extends TransStore,DATA> extends AbsCassDAO<TRANS */ public Result<DATA> create(TRANS trans, DATA data) { if(createPS==null) { - Result.err(Result.ERR_NotImplemented,"Create is disabled for %s",getClass().getSimpleName()); + return Result.err(Result.ERR_NotImplemented,"Create is disabled for %s",getClass().getSimpleName()); } if(async) /*ResultSetFuture */ { Result<ResultSetFuture> rs = createPS.execAsync(trans, C_TEXT, data); @@ -207,21 +207,21 @@ public class CassDAOImpl<TRANS extends TransStore,DATA> extends AbsCassDAO<TRANS */ public Result<List<DATA>> read(TRANS trans, DATA data) { if(readPS==null) { - Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName()); + return Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName()); } return readPS.read(trans, R_TEXT, data); } public Result<List<DATA>> read(TRANS trans, Object ... key) { if(readPS==null) { - Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName()); + return Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName()); } return readPS.read(trans, R_TEXT, key); } public Result<DATA> readPrimKey(TRANS trans, Object ... key) { if(readPS==null) { - Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName()); + return Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName()); } Result<List<DATA>> rld = readPS.read(trans, R_TEXT, key); if(rld.isOK()) { @@ -241,7 +241,7 @@ public class CassDAOImpl<TRANS extends TransStore,DATA> extends AbsCassDAO<TRANS public Result<Void> update(TRANS trans, DATA data, boolean async) { if(updatePS==null) { - Result.err(Result.ERR_NotImplemented,"Update is disabled for %s",getClass().getSimpleName()); + return Result.err(Result.ERR_NotImplemented,"Update is disabled for %s",getClass().getSimpleName()); } if(async)/* ResultSet rs =*/ { Result<ResultSetFuture> rs = updatePS.execAsync(trans, U_TEXT, data); @@ -262,7 +262,7 @@ public class CassDAOImpl<TRANS extends TransStore,DATA> extends AbsCassDAO<TRANS // This method Sig for Cached... public Result<Void> delete(TRANS trans, DATA data, boolean reread) { if(deletePS==null) { - Result.err(Result.ERR_NotImplemented,"Delete is disabled for %s",getClass().getSimpleName()); + return Result.err(Result.ERR_NotImplemented,"Delete is disabled for %s",getClass().getSimpleName()); } // Since Deleting will be stored off, for possible re-constitution, need the whole thing if(reread) { diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CertDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CertDAO.java index a47b8c9e..28e27497 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CertDAO.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CertDAO.java @@ -163,12 +163,12 @@ public class CertDAO extends CassDAOImpl<AuthzTrans,CertDAO.Data> { data.x509 = readString(is,buff); data.ca = readString(is,buff); int i = is.readInt(); - if(i<0) { - data.serial=null; - } else { + data.serial=null; + if(i>=0) { byte[] bytes = new byte[i]; // a bit dangerous, but lessened because of all the previous sized data reads - is.read(bytes); - data.serial = new BigInteger(bytes); + if(is.read(bytes)>0) { + data.serial = new BigInteger(bytes); + } } } } diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java index 46dc12bf..7a85ae1a 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java @@ -182,9 +182,8 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> { data.notes = readString(is,buff); int i = is.readInt(); - if(i<0) { - data.cred=null; - } else { + data.cred=null; + if(i>=0) { byte[] bytes = new byte[i]; // a bit dangerous, but lessened because of all the previous sized data reads is.read(bytes); data.cred = ByteBuffer.wrap(bytes); diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java index 6b0bb17b..3634af97 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java @@ -367,10 +367,14 @@ public class Question { if (r.isOKhasData()) { return Result.ok(r.value.get(0)); } else { - int dot = child == null ? -1 : child.lastIndexOf('.'); + int dot; + if(child==null) { + return Result.err(Status.ERR_NsNotFound, "No Namespace"); + } else { + dot = child.lastIndexOf('.'); + } if (dot < 0) { - return Result.err(Status.ERR_NsNotFound, - "No Namespace for [%s]", child); + return Result.err(Status.ERR_NsNotFound, "No Namespace for [%s]", child); } else { return deriveNs(trans, child.substring(0, dot)); } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java index 521c5016..00b0b378 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java @@ -115,8 +115,10 @@ public abstract class CA { bytes = new byte[(int)crt.length()]; FileInputStream fis = new FileInputStream(crt); try { - fis.read(bytes); - addTrustedCA(new String(bytes)); + int read = fis.read(bytes); + if(read>0) { + addTrustedCA(new String(bytes)); + } } finally { fis.close(); } diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java index ae4e21aa..0d494acd 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java @@ -61,7 +61,7 @@ public class JscepCA extends CA { private final static String MS_PROFILE="1"; private final static int MAX_RETRY=3; - public static final long INVALIDATE_TIME = 1000*60*10; // 10 mins + public static final long INVALIDATE_TIME = 1000*60*10L; // 10 mins // package on purpose private Map<String,X509ChainWithIssuer> mxcwi_s; diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java index f6407d90..4ef5472a 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java @@ -643,7 +643,7 @@ public class CMService { || trans.user().equals(sponsor)) { return artiDAO.delete(trans, add, false); } - return null; + return Result.err(Result.ERR_Denied, "%1 is not allowed to delete this item",trans.user()); } public Result<Void> deleteArtifact(AuthzTrans trans, List<ArtiDAO.Data> list) { diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java index e8069b8e..1961b1f5 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java @@ -324,7 +324,7 @@ public class AAFcli { try { ret = c.exec(++idx, largs); if (delay+globalDelay > 0) { - Thread.sleep(delay+globalDelay); + Thread.sleep((long)(delay+globalDelay)); } } catch (Exception e) { if (expect.contains(-1)) { diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java index cc0d2586..19caa4f4 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java @@ -83,15 +83,17 @@ public class Attrib extends BaseCmd<NS> { default: throw new CadiException("Bad Argument"); }; - - if(fp.get(AAFcli.timeout())) { - pw().println(message); + if(fp==null) { + return 500; } else { - error(fp); - return fp.code(); + if(fp.get(AAFcli.timeout())) { + pw().println(message); + } else { + error(fp); + } + + return fp.code(); } - - return fp==null?500:fp.code(); } }); } diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java index 4bb2ae30..10333091 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java @@ -109,6 +109,9 @@ public class Cred extends Cmd { // case 4: // return clean.exec(cleanIDX, args); } + if(fp==null) { + return null; // get by Sonar check. + } if(fp.get(AAFcli.timeout())) { pw().print(verb); pw().print(cr.getId()); diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java index 5c87f906..a977431c 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java @@ -53,7 +53,7 @@ public class List extends BaseCmd<User> { Collections.sort(sorted, new Comparator<aaf.v2_0.Users.User>() { @Override public int compare(aaf.v2_0.Users.User u1, aaf.v2_0.Users.User u2) { - if(u2==null || u2 == null) { + if(u1==null || u2 == null) { return -1; } return u1.getId().compareTo(u2.getId()); diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/local/AbsData.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/local/AbsData.java index 40e0b22c..d9f7ac96 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/local/AbsData.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/local/AbsData.java @@ -71,7 +71,7 @@ public abstract class AbsData implements Iterable<String> { public void open(AuthzTrans trans, long timeout) throws IOException { TimeTaken tt = trans.start("Open Data File", Env.SUB); - boolean opened = false, first = true; + boolean first = true; try { if(!dataf.exists()) { throw new FileNotFoundException("Data File Missing:" + dataf.getCanonicalPath()); @@ -102,14 +102,10 @@ public abstract class AbsData implements Iterable<String> { throw e; } ti.open(); - opened = true; } finally { tt.done(); } - if(!opened) { - throw new IOException("DataFile pair for " + name + " was not able to be opened in " + timeout + "ms"); - } } private synchronized void ensureIdxGood(AuthzTrans trans) throws IOException { diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/local/TextIndex.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/local/TextIndex.java index 5169cf88..cbb3603e 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/local/TextIndex.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/local/TextIndex.java @@ -132,8 +132,12 @@ public class TextIndex { TimeTaken tt2 = trans.start("Open Files", Env.SUB); try { raf = new RandomAccessFile(file,"rw"); - raf.setLength(0L); - fos = raf.getChannel(); + try { + raf.setLength(0L); + fos = raf.getChannel(); + } finally { + raf.close(); + } } finally { tt2.done(); } diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/validation/Validator.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/validation/Validator.java index 16c0d3ba..7078cf0f 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/validation/Validator.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/validation/Validator.java @@ -146,8 +146,12 @@ public class Validator { } public final Validator permType(String type, String ns) { - if(nob(type,NAME_CHARS)) { - msg("Perm Type [" + (ns==null?"":ns+(type.length()==0?"":'.'))+type + "] is invalid."); + if(type==null) { + msg("Perm Type is null"); + } else if(ns==null) { + msg("Perm NS is null"); + } else if(nob(type,NAME_CHARS)) { + msg("Perm Type [" + (ns+(type.length()==0?"":'.'))+type + "] is invalid."); } return this; } @@ -175,7 +179,10 @@ public class Validator { } public final Validator ns(String ns) { - if(nob(ns,NAME_CHARS)){ + if(ns==null) { + msg("NS is null"); + return this; + } else if(nob(ns,NAME_CHARS)) { msg("NS [" + ns + "] is invalid."); } for(String s : nsKeywords) { diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java index 1ce9821f..fdb02c70 100644 --- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java +++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java @@ -275,6 +275,7 @@ public abstract class LocateFacadeImpl<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,ERROR> ex } public final static String GET_ENDPOINTS = "getEndpoints"; + private final static Object LOCK = new Object(); /* (non-Javadoc) * @see org.onap.aaf.auth.locate.facade.GwFacade#getEndpoints(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String) */ @@ -284,7 +285,7 @@ public abstract class LocateFacadeImpl<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,ERROR> ex try { String output=null; long temp=System.currentTimeMillis(); - synchronized(GET_ENDPOINTS) { + synchronized(LOCK) { if(cacheClear<temp) { epsCache.clear(); cacheClear = temp+1000*60*2; // 2 mins standard cache clear @@ -302,7 +303,7 @@ public abstract class LocateFacadeImpl<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,ERROR> ex return Result.err(reps); } else { output = epDF.newData(trans).load(reps.value).asString(); - synchronized(GET_ENDPOINTS) { + synchronized(LOCK) { epsCache.put(key, output); } } @@ -338,7 +339,7 @@ public abstract class LocateFacadeImpl<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,ERROR> ex Result<Void> rp = service.putMgmtEndPoints(trans, rreq); switch(rp.status) { case OK: - synchronized(GET_ENDPOINTS) { + synchronized(LOCK) { cacheClear = 0L; } setContentType(resp,mepDF.getOutType()); @@ -374,7 +375,7 @@ public abstract class LocateFacadeImpl<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,ERROR> ex Result<Void> rp = service.removeMgmtEndPoints(trans, rreq); switch(rp.status) { case OK: - synchronized(GET_ENDPOINTS) { + synchronized(LOCK) { cacheClear = 0L; } setContentType(resp,mepDF.getOutType()); diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java index 74c9947d..e602e863 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java @@ -37,12 +37,12 @@ import org.onap.aaf.auth.layer.Result; import org.onap.aaf.auth.oauth.facade.DirectIntrospect; import org.onap.aaf.auth.rserv.TransFilter; import org.onap.aaf.cadi.CachedPrincipal; +import org.onap.aaf.cadi.CachedPrincipal.Resp; import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.CredVal.Type; import org.onap.aaf.cadi.Hash; import org.onap.aaf.cadi.LocatorException; import org.onap.aaf.cadi.PropAccess; -import org.onap.aaf.cadi.CachedPrincipal.Resp; -import org.onap.aaf.cadi.CredVal.Type; import org.onap.aaf.cadi.Taf.LifeForm; import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.oauth.OAuth2HttpTafResp; @@ -50,8 +50,8 @@ import org.onap.aaf.cadi.oauth.OAuth2Principal; import org.onap.aaf.cadi.oauth.TokenClient; import org.onap.aaf.cadi.oauth.TokenClientFactory; import org.onap.aaf.cadi.oauth.TokenMgr; -import org.onap.aaf.cadi.oauth.TokenPerm; import org.onap.aaf.cadi.oauth.TokenMgr.TokenPermLoader; +import org.onap.aaf.cadi.oauth.TokenPerm; import org.onap.aaf.cadi.principal.OAuth2FormPrincipal; import org.onap.aaf.cadi.taf.HttpTaf; import org.onap.aaf.cadi.taf.TafResp; @@ -137,7 +137,7 @@ public class DirectOAuthTAF implements HttpTaf { } } - if(client_id==null && client_secret==null) { + if(client_id==null || client_secret==null) { return new OAuth2HttpTafResp(access, null, "client_id and client_secret required", RESP.TRY_ANOTHER_TAF, resp, false); } diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java index fa099111..5c8526a9 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java @@ -2913,6 +2913,9 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS } } } + if(udr==null) { + return Result.err(Result.ERR_NotFound,"No User Data found"); + } if (udr.isOK()) { return Result.ok(); } |