diff options
Diffstat (limited to 'auth')
40 files changed, 288 insertions, 174 deletions
diff --git a/auth/auth-batch/pom.xml b/auth/auth-batch/pom.xml index 802538ab..8f9db7c6 100644 --- a/auth/auth-batch/pom.xml +++ b/auth/auth-batch/pom.xml @@ -25,7 +25,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> @@ -45,22 +45,6 @@ </roles> </developer> <developer> - <name>Gabe Maurer</name> - <email>gabe.maurer@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> - <name>Ian Howell</name> - <email>ian.howell@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> <name>Sai Gandham</name> <email>sai.gandham@att.com</email> <organization>ATT</organization> @@ -123,12 +107,6 @@ <groupId>org.onap.aaf.authz</groupId> <artifactId>aaf-auth-deforg</artifactId> </dependency> - - <!--dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - </dependency --> - </dependencies> <build> diff --git a/auth/auth-batch/src/assemble/auth-batch.xml b/auth/auth-batch/src/assemble/auth-batch.xml index 1ba34da3..25b37b73 100644 --- a/auth/auth-batch/src/assemble/auth-batch.xml +++ b/auth/auth-batch/src/assemble/auth-batch.xml @@ -38,7 +38,20 @@ <include>org.onap.aaf.authz:aaf-cadi-core</include> <include>org.onap.aaf.authz:aaf-misc-env</include> <include>org.onap.aaf.authz:aaf-misc-rosetta</include> + <include>javax.xml.bind:jaxb-api</include> + <include>org.glassfish.jaxb:jaxb-runtime</include> </includes --> + <includes> + <include>org.onap.aaf.authz:aaf-auth-batch</include> + <include>org.onap.aaf.authz:aaf-auth-core</include> + <include>org.onap.aaf.authz:aaf-cadi-core</include> + <include>org.onap.aaf.authz:aaf-misc-env</include> + <include>org.onap.aaf.authz:aaf-misc-rosetta</include> + <include>javax.xml.bind:jaxb-api</include> + <include>org.glassfish.jaxb:jaxb-runtime</include> + <include>com.sun.istack:istack-commons-runtime</include> + <include>javax.activation:javax.activation-api</include> + </includes> </dependencySet> </dependencySets> </assembly>
\ No newline at end of file diff --git a/auth/auth-cass/pom.xml b/auth/auth-cass/pom.xml index d8e25cc3..5e86ba60 100644 --- a/auth/auth-cass/pom.xml +++ b/auth/auth-cass/pom.xml @@ -17,7 +17,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> @@ -37,22 +37,6 @@ </roles> </developer> <developer> - <name>Gabe Maurer</name> - <email>gabe.maurer@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> - <name>Ian Howell</name> - <email>ian.howell@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> <name>Sai Gandham</name> <email>sai.gandham@att.com</email> <organization>ATT</organization> diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java index 75efdfae..31e5069b 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/FileGetter.java @@ -129,7 +129,7 @@ public class FileGetter { public static void main(String[] args) { PropAccess access = new PropAccess(args); - access.setProperty(AAF_FILEGETTER,"/Users/jg1555/cred.dat"); + access.setProperty(AAF_FILEGETTER,"/opt/app/aaf/data/cred.dat"); FileGetter fg = FileGetter.singleton(access); for(String id : new String[] {"m01891@aaf.att.com","bogus"}) { diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java index 0d5c487d..e5cde35c 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java @@ -227,7 +227,6 @@ public class Function { if (rparent.notOK()) { return Result.err(rparent); } - parent = rparent.value.parent; if (!fromApproval) { rparent = q.mayUser(trans, user, rparent.value, Access.write); if (rparent.notOK()) { diff --git a/auth/auth-certman/pom.xml b/auth/auth-certman/pom.xml index 69465b7d..64ab8372 100644 --- a/auth/auth-certman/pom.xml +++ b/auth/auth-certman/pom.xml @@ -20,7 +20,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/api/CmpClient.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/api/CmpClient.java new file mode 100644 index 00000000..38429ad9 --- /dev/null +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/api/CmpClient.java @@ -0,0 +1,85 @@ +/* + * Copyright (C) 2019 Ericsson Software Technology AB. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +package org.onap.aaf.auth.cm.cmpv2client.api; + +import java.security.cert.Certificate; +import java.util.Date; +import org.onap.aaf.auth.cm.cert.CSRMeta; +import org.onap.aaf.auth.cm.cmpv2client.impl.CAOfflineException; +import org.onap.aaf.auth.cm.cmpv2client.impl.CmpClientException; + +/** + * This class represent CmpV2Client Interface for obtaining X.509 Digital Certificates in a Public Key Infrastructure + * (PKI), making use of Certificate Management Protocol (CMPv2) operating on newest version: cmp2000(2). + */ +public interface CmpClient { + + /** + * Requests for a External Root CA Certificate to be created for the passed public keyPair wrapped in a CSRMeta with + * common details, accepts self-signed certificate. Basic Authentication using IAK/RV, Verification of the signature + * (proof-of-possession) on the request is performed and an Exception thrown if verification fails or issue + * encountered in fetching certificate from CA. + * + * @param caName Information about the External Root Certificate Authority (CA) performing the event CA Name. + * Could be {@code null}. + * @param profile Profile on CA server Client/RA Mode configuration on Server. Could be {@code null}. + * @param csrMeta Certificate Signing Request Meta Data. Must not be {@code null}. + * @param csr Certificate Signing Request {.cer} file. Must not be {@code null}. + * @param notBefore An optional validity to set in the created certificate, Certificate not valid before this date. + * @param notAfter An optional validity to set in the created certificate, Certificate not valid after this date. + * @return The newly created Certificate. + * + * @throws CAOfflineException if External CA that is offline + * @throws CmpClientException if client error occurs. + */ + Certificate createCertRequest(String caName, String profile, CSRMeta csrMeta, Certificate csr, + Date notBefore, Date notAfter) + throws CAOfflineException, CmpClientException; + + /** + * Requests for a External Root CA Certificate to be created for the passed public keyPair wrapped in a CSRMeta with + * common details, accepts self-signed certificate. Basic Authentication using IAK/RV, Verification of the signature + * (proof-of-possession) on the request is performed and an Exception thrown if verification fails or issue + * encountered in fetching certificate from CA. + * + * @param caName Information about the External Root Certificate Authority (CA) performing the event CA Name. Could + * be {@code null}. + * @param csrMeta Certificate Signing Request Meta Data. Must not be {@code null}. + * @param csr Certificate Signing Request {.cer} file. Must not be {@code null}. + * @return The newly created Certificate. + * + * @throws CAOfflineException if External CA that is offline + * @throws CmpClientException if client error occurs. + */ + Certificate createCertRequest(String caName, String profile, CSRMeta csrMeta, Certificate csr) + throws CAOfflineException, CmpClientException; + + /** + * Requests to Revoke a Certificate. If the certificate is deemed to be no longer trustable prior to its expiration + * date, it can be revoked by the issuing Certificate Authority (CA). Methods of revocation to be used, Certificate + * Revocation List (CRL) Or Online Certificate Status Protocol (OCSP) responses. + * + * @param caName CA name. Could be {@code null}. + * @param cert Target certificate. Must not be {@code null}. + * @param reason Revocation reason. + * @param invalidityTime Invalidity time. Could be {@code null}. + * @return return Certificate. + * + * @throws CmpClientException if client error occurs. + */ + Certificate revokeCertRequest(String caName, Certificate cert, int reason, Date invalidityTime) + throws CAOfflineException, CmpClientException; +} diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/impl/CAOfflineException.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/impl/CAOfflineException.java new file mode 100644 index 00000000..d1484f30 --- /dev/null +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/impl/CAOfflineException.java @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2019 Ericsson Software Technology AB. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +package org.onap.aaf.auth.cm.cmpv2client.impl; + +/** + * The CAOfflineException wraps java.net.ConnectException. Exception thrown during Http Method call towards External CA + * Server if Offline. Signals an error occurred while attempting to connect a socket to a remote address and port. The + * connection was refused remotely (e.g., no process is listening on the remote address/port). + */ +public class CAOfflineException extends Exception { + + private static final long serialVersionUID = 2L; + + /** + * Creates a new instance without detail message. + */ + public CAOfflineException() { + super(); + } + + /** + * Constructs an instance with the specified detail message. + * + * @param msg the detail message. + */ + public CAOfflineException(String msg) { + super(msg); + } +} diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/impl/CmpClientException.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/impl/CmpClientException.java new file mode 100644 index 00000000..2a17ab10 --- /dev/null +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/impl/CmpClientException.java @@ -0,0 +1,45 @@ +/* + * Copyright (C) 2019 Ericsson Software Technology AB. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +package org.onap.aaf.auth.cm.cmpv2client.impl; + +/** + * The CmpClientException wraps all Exceptions occur internally to Cmpv2Client Api code. + */ +public class CmpClientException extends Exception { + + private static final long serialVersionUID = 1L; + + /** + * Creates a new instance with detail message. + */ + public CmpClientException(String message) { + super(message); + } + + /** + * Creates a new instance with detail Throwable cause. + */ + public CmpClientException(Throwable cause) { + super(cause); + } + + /** + * Creates a new instance with detail message and Throwable cause. + */ + public CmpClientException(String message, Throwable cause) { + super(message, cause); + } +} diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/impl/CmpClientImpl.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/impl/CmpClientImpl.java new file mode 100644 index 00000000..19cf634c --- /dev/null +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cmpv2client/impl/CmpClientImpl.java @@ -0,0 +1,54 @@ +/* + * Copyright (C) 2019 Ericsson Software Technology AB. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +package org.onap.aaf.auth.cm.cmpv2client.impl; + +import java.security.cert.Certificate; +import java.util.Date; +import org.onap.aaf.auth.cm.cert.CSRMeta; +import org.onap.aaf.auth.cm.cmpv2client.api.CmpClient; + +/** + * Implementation of the CmpClient Interface conforming to RFC4210 (Certificate Management Protocol (CMP)) and RFC4211 ( + * Certificate Request Message Format (CRMF)) standards. + */ +public final class CmpClientImpl implements CmpClient { + + @Override + public Certificate createCertRequest(final String caName, final String profile, final CSRMeta csrMeta, + final Certificate csr, final Date notBefore, final Date notAfter) + throws CAOfflineException, CmpClientException { + + // TODO Auto-generated method stub + return null; + } + + @Override + public Certificate createCertRequest(final String caName, final String profile, final CSRMeta csrMeta, + final Certificate csr) + throws CAOfflineException, CmpClientException { + // TODO Auto-generated method stub + return null; + } + + @Override + public Certificate revokeCertRequest(final String caName, final Certificate cert, final int reason, + final Date invalidityTime) + throws CAOfflineException, CmpClientException { + // TODO Auto-generated method stub + return null; + } +} + diff --git a/auth/auth-cmd/pom.xml b/auth/auth-cmd/pom.xml index 6de09de5..2e7cb2d9 100644 --- a/auth/auth-cmd/pom.xml +++ b/auth/auth-cmd/pom.xml @@ -18,7 +18,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> @@ -58,22 +58,6 @@ </roles> </developer> <developer> - <name>Gabe Maurer</name> - <email>gabe.maurer@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> - <name>Ian Howell</name> - <email>ian.howell@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> <name>Sai Gandham</name> <email>sai.gandham@att.com</email> <organization>ATT</organization> diff --git a/auth/auth-cmd/src/assemble/auth-cmd.xml b/auth/auth-cmd/src/assemble/auth-cmd.xml index 013010b5..ba312423 100644 --- a/auth/auth-cmd/src/assemble/auth-cmd.xml +++ b/auth/auth-cmd/src/assemble/auth-cmd.xml @@ -42,6 +42,10 @@ <include>org.onap.aaf.authz:aaf-misc-env</include> <include>org.onap.aaf.authz:aaf-misc-rosetta</include> <include>jline:jline</include> + <include>javax.xml.bind:jaxb-api</include> + <include>org.glassfish.jaxb:jaxb-runtime</include> + <include>com.sun.istack:istack-commons-runtime</include> + <include>javax.activation:javax.activation-api</include> </includes> </dependencySet> diff --git a/auth/auth-core/pom.xml b/auth/auth-core/pom.xml index 91517836..5409a327 100644 --- a/auth/auth-core/pom.xml +++ b/auth/auth-core/pom.xml @@ -25,7 +25,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> @@ -45,22 +45,6 @@ </roles> </developer> <developer> - <name>Gabe Maurer</name> - <email>gabe.maurer@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> - <name>Ian Howell</name> - <email>ian.howell@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> <name>Sai Gandham</name> <email>sai.gandham@att.com</email> <organization>ATT</organization> diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java index 867d2984..6d559de5 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java @@ -131,13 +131,13 @@ public class OrganizationFactory { } env.init().printf("Instantiated %s with %s%s",orgNS,orgClass,(isDefault?" as default":"")); } - if (org==null) { - if (defaultOrg!=null) { + if ( (org==null) && (defaultOrg!=null)){ + org=defaultOrg; orgs.put(orgNS, org); } } - } + return org; } diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Acceptor.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Acceptor.java index bd718e46..bf9f57e3 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Acceptor.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Acceptor.java @@ -45,8 +45,7 @@ class Acceptor<TRANS extends Trans> { } private boolean eval(HttpCode<TRANS,?> code, String str, List<String> props) { -// int plus = str.indexOf('+'); -// if (plus<0) { + boolean ok = false; boolean any = false; for (Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type : types) { @@ -61,23 +60,7 @@ class Acceptor<TRANS extends Trans> { } } } -// } else { // Handle Accepts with "+" as in application/xaml+xml -// int prev = str.indexOf('/')+1; -// String first = str.substring(0,prev); -// String nstr; -// while (prev!=0) { -// nstr = first + (plus<0?str.substring(prev):str.substring(prev,plus)); -// -// for (Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type : types) { -// if (type.x.equals(nstr)) { -// acceptable.add(type); -// return type; -// } -// } -// prev = plus+1; -// plus=str.indexOf('+', prev); -// }; -// } + return any; } @@ -93,9 +76,9 @@ class Acceptor<TRANS extends Trans> { if (type.y!=null) { for (Pair<String,Object> prop : type.y.y){ if (tag.equals(prop.x)) { - if (tag.equals("charset")) { + if ( "charset".equals(tag)) { return prop.x==null?false:prop.y.equals(value.toLowerCase()); // return True if Matched - } else if (tag.equals("version")) { + } else if ("version".equals(tag)) { return prop.y.equals(new Version(value)); // Note: Version Class knows Minor Version encoding } else if (tag.equals(Content.Q)) { // replace Q value try { diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CodeSetter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CodeSetter.java index 761fd8cc..172f386e 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CodeSetter.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CodeSetter.java @@ -41,7 +41,7 @@ class CodeSetter<TRANS extends Trans> { this.resp = resp; } - public boolean matches(Route<TRANS> route) throws IOException, ServletException { + public boolean matches(Route<TRANS> route) { // Find best Code in Route based on "Accepts (Get) or Content-Type" (if exists) return (code = route.getCode(trans, req, resp))!=null; } diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Route.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Route.java index f8c5ae19..03d6dfe2 100644 --- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Route.java +++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Route.java @@ -21,10 +21,9 @@ package org.onap.aaf.auth.rserv; -import java.io.IOException; + import java.util.List; -import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; diff --git a/auth/auth-deforg/pom.xml b/auth/auth-deforg/pom.xml index 353d4b91..e9bee7b8 100644 --- a/auth/auth-deforg/pom.xml +++ b/auth/auth-deforg/pom.xml @@ -26,7 +26,7 @@ <artifactId>authparent</artifactId> <relativePath>../pom.xml</relativePath> <groupId>org.onap.aaf.authz</groupId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> </parent> <artifactId>aaf-auth-deforg</artifactId> @@ -45,22 +45,6 @@ </roles> </developer> <developer> - <name>Gabe Maurer</name> - <email>gabe.maurer@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> - <name>Ian Howell</name> - <email>ian.howell@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> <name>Sai Gandham</name> <email>sai.gandham@att.com</email> <organization>ATT</organization> diff --git a/auth/auth-fs/pom.xml b/auth/auth-fs/pom.xml index 7b871267..87763650 100644 --- a/auth/auth-fs/pom.xml +++ b/auth/auth-fs/pom.xml @@ -17,7 +17,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> @@ -57,22 +57,6 @@ </roles> </developer> <developer> - <name>Gabe Maurer</name> - <email>gabe.maurer@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> - <name>Ian Howell</name> - <email>ian.howell@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> <name>Sai Gandham</name> <email>sai.gandham@att.com</email> <organization>ATT</organization> diff --git a/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java b/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java index 19a150da..64d93539 100644 --- a/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java +++ b/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java @@ -44,7 +44,7 @@ import org.onap.aaf.cadi.PropAccess; import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.register.Registrant; import org.onap.aaf.cadi.register.RemoteRegistrant; -import org.onap.aaf.misc.env.APIException; + public class AAF_FS extends AbsService<AuthzEnv, AuthzTrans> { @@ -58,7 +58,7 @@ public class AAF_FS extends AbsService<AuthzEnv, AuthzTrans> { // creates StaticSlot, needed for CachingFileAccess, and sets to public Dir env.staticSlot(CachingFileAccess.CFA_WEB_PATH,"aaf_public_dir"); - CachingFileAccess<AuthzTrans> cfa = new CachingFileAccess<AuthzTrans>(env); + CachingFileAccess<AuthzTrans> cfa = new CachingFileAccess<>(env); route(env,GET,"/:key*", cfa); final String aaf_locate_url = Config.getAAFLocateUrl(access); if (aaf_locate_url == null) { diff --git a/auth/auth-gui/pom.xml b/auth/auth-gui/pom.xml index 6b003051..f93fb7e4 100644 --- a/auth/auth-gui/pom.xml +++ b/auth/auth-gui/pom.xml @@ -17,7 +17,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> diff --git a/auth/auth-hello/pom.xml b/auth/auth-hello/pom.xml index 2cb8f571..47285766 100644 --- a/auth/auth-hello/pom.xml +++ b/auth/auth-hello/pom.xml @@ -17,7 +17,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> diff --git a/auth/auth-locate/pom.xml b/auth/auth-locate/pom.xml index 3ea432b8..8df23909 100644 --- a/auth/auth-locate/pom.xml +++ b/auth/auth-locate/pom.xml @@ -17,7 +17,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java index 962b9859..c77e9a85 100644 --- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java +++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java @@ -59,7 +59,7 @@ public class API_Proxy { * @param facade * @throws Exception */ - public static void init(final AAF_Locate gwAPI, LocateFacade facade) throws Exception { + public static void init(final AAF_Locate gwAPI, LocateFacade facade) { String aafurl = gwAPI.access.getProperty(Config.AAF_URL,null); if (aafurl!=null) { diff --git a/auth/auth-oauth/pom.xml b/auth/auth-oauth/pom.xml index 5e0c56fb..cc0ed53e 100644 --- a/auth/auth-oauth/pom.xml +++ b/auth/auth-oauth/pom.xml @@ -17,7 +17,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java index 0126c2e2..a0644fd1 100644 --- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java +++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java @@ -28,6 +28,7 @@ import org.onap.aaf.auth.layer.Result; import org.onap.aaf.cadi.CadiException; import org.onap.aaf.misc.env.APIException; +@FunctionalInterface public interface JSONPermLoader { public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException; diff --git a/auth/auth-service/pom.xml b/auth/auth-service/pom.xml index 63585f94..9f9ca869 100644 --- a/auth/auth-service/pom.xml +++ b/auth/auth-service/pom.xml @@ -17,7 +17,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> diff --git a/auth/docker/Dockerfile.base b/auth/docker/Dockerfile.base index e7ae6432..4874f1aa 100644 --- a/auth/docker/Dockerfile.base +++ b/auth/docker/Dockerfile.base @@ -19,6 +19,9 @@ # # Use dbuild.sh input parameter to set registry FROM ${REGISTRY}/openjdk:8-jre-alpine +#FROM openjdk:12-jdk-alpine +#FROM openjdk:13-jdk-alpine + MAINTAINER AAF Team, AT&T 2018 LABEL description="aaf_base" diff --git a/auth/docker/agent.sh b/auth/docker/agent.sh index 575e21f9..f59bd228 100644 --- a/auth/docker/agent.sh +++ b/auth/docker/agent.sh @@ -28,7 +28,8 @@ fi . ./aaf.props DOCKER=${DOCKER:=docker} -CADI_VERSION=${CADI_VERSION:=2.1.16} +VERSION=${VERSION} +CADI_VERSION=${CADI_VERSION:=${VERSION}} for V in VERSION DOCKER_REPOSITORY HOSTNAME CONTAINER_NS AAF_FQDN AAF_FQDN_IP DEPLOY_FQI APP_FQDN APP_FQI VOLUME DRIVER LATITUDE LONGITUDE; do if [ "$(grep $V ./aaf.props)" = "" ]; then diff --git a/auth/docker/d.props.csit b/auth/docker/d.props.csit index cdb6b5a0..27f539bb 100644 --- a/auth/docker/d.props.csit +++ b/auth/docker/d.props.csit @@ -28,7 +28,7 @@ ORG=onap PROJECT=aaf DOCKER_PULL_REGISTRY=nexus3.onap.org:10001 DOCKER_REPOSITORY=nexus3.onap.org:10003 -VERSION=2.1.16-SNAPSHOT +VERSION=2.1.17-SNAPSHOT CONF_ROOT_DIR=/opt/app/osaaf # For local builds, set PREFIX= PREFIX="$DOCKER_REPOSITORY/" diff --git a/auth/docker/d.props.init b/auth/docker/d.props.init index 41a30244..8ef2e31a 100644 --- a/auth/docker/d.props.init +++ b/auth/docker/d.props.init @@ -23,7 +23,7 @@ PROJECT=aaf # Note: Override can happen on dbuild.sh Commandline, -r <registry> DOCKER_PULL_REGISTRY=nexus3.onap.org:10001 DOCKER_REPOSITORY=nexus3.onap.org:10003 -VERSION=2.1.16-SNAPSHOT +VERSION=2.1.17-SNAPSHOT CONF_ROOT_DIR=/opt/app/osaaf # For local builds, set PREFIX= PREFIX="$DOCKER_REPOSITORY/" diff --git a/auth/docker/dclean.sh b/auth/docker/dclean.sh index 4fb4e07a..0e974aa6 100644 --- a/auth/docker/dclean.sh +++ b/auth/docker/dclean.sh @@ -23,7 +23,7 @@ DOCKER=${DOCKER:=docker} if [ "$1" == "" ]; then - AAF_COMPONENTS="$(cat components) config core agent " + AAF_COMPONENTS="$(cat components) config core agent base " else AAF_COMPONENTS="$@" fi diff --git a/auth/docker/pom.xml b/auth/docker/pom.xml index b4d3545c..9bfb80c8 100644 --- a/auth/docker/pom.xml +++ b/auth/docker/pom.xml @@ -25,7 +25,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>authparent</artifactId> - <version>2.1.16</version> + <version>2.1.17-SNAPSHOT</version> <relativePath>../pom.xml</relativePath> </parent> diff --git a/auth/helm/.gitignore b/auth/helm/.gitignore index 44cae669..e106bce2 100644 --- a/auth/helm/.gitignore +++ b/auth/helm/.gitignore @@ -2,3 +2,6 @@ aaf.orig/ pause/ aaf.new/ aaf.props +.DS_Store +current +*.tgz diff --git a/auth/helm/aaf-hello/values.yaml b/auth/helm/aaf-hello/values.yaml index 5a3931c2..130fa74e 100644 --- a/auth/helm/aaf-hello/values.yaml +++ b/auth/helm/aaf-hello/values.yaml @@ -37,8 +37,8 @@ image: # repository: localhost:5000/ service: - agentImage: onap/aaf/aaf_agent:2.1.16-SNAPSHOT - image: onap/aaf/aaf_hello:2.1.16-SNAPSHOT + agentImage: onap/aaf/aaf_agent:2.1.17-SNAPSHOT + image: onap/aaf/aaf_hello:2.1.17-SNAPSHOT app_ns: "org.osaaf.aaf" fqi: "aaf@aaf.osaaf.org" fqdn: "aaf-hello" diff --git a/auth/helm/aaf/Chart.yaml b/auth/helm/aaf/Chart.yaml index f83041e9..976e2efe 100644 --- a/auth/helm/aaf/Chart.yaml +++ b/auth/helm/aaf/Chart.yaml @@ -22,4 +22,4 @@ apiVersion: v1 appVersion: "1.0" description: AAF Helm Chart name: aaf -version: 2.1.16-SNAPSHOT +version: 2.1.17-SNAPSHOT diff --git a/auth/helm/aaf/values.yaml b/auth/helm/aaf/values.yaml index b320d9c8..9cfee331 100644 --- a/auth/helm/aaf/values.yaml +++ b/auth/helm/aaf/values.yaml @@ -104,7 +104,7 @@ image: # When using Docker Repo, add, and include trailing "/" # repository: nexus3.onap.org:10003/ # repository: localhost:5000/ - version: 2.1.16-SNAPSHOT + version: 2.1.17-SNAPSHOT resources: {} # We usually recommend not to specify default resources and to leave this as a conscious diff --git a/auth/pom.xml b/auth/pom.xml index 27abccdb..eb65a5d3 100644 --- a/auth/pom.xml +++ b/auth/pom.xml @@ -26,7 +26,7 @@ <parent> <groupId>org.onap.aaf.authz</groupId> <artifactId>parent</artifactId> - <version>2.1.16-SNAPSHOT</version> + <version>2.1.17-SNAPSHOT</version> </parent> <artifactId>authparent</artifactId> <name>AAF Auth Parent</name> @@ -66,22 +66,6 @@ </roles> </developer> <developer> - <name>Gabe Maurer</name> - <email>gabe.maurer@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> - <name>Ian Howell</name> - <email>ian.howell@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> <name>Sai Gandham</name> <email>sai.gandham@att.com</email> <organization>ATT</organization> diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh index 4768d81c..4132e6ca 100755 --- a/auth/sample/bin/client.sh +++ b/auth/sample/bin/client.sh @@ -21,7 +21,7 @@ # This script is run when starting client Container. # It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite) # -JAVA=/usr/bin/java +JAVA=${JAVA_HOME}/bin/java AAF_INTERFACE_VERSION=2.1 # Extract Name, Domain and NS from FQI diff --git a/auth/sample/bin/service.sh b/auth/sample/bin/service.sh index bddd42c9..10a3e15e 100644 --- a/auth/sample/bin/service.sh +++ b/auth/sample/bin/service.sh @@ -39,7 +39,7 @@ cadi_longitude=${cadi_longitude:-"${LONGITUDE}"} cadi_x509_issuers=${cadi_x509_issuers:-"${CADI_X509_ISSUERS}"} aaf_locate_url=${aaf_locate_url:-"https://${HOSTNAME}:8095"} -JAVA=/usr/bin/java +JAVA=${JAVA_HOME}/bin/java OSAAF=/opt/app/osaaf LOCAL=$OSAAF/local |