diff options
Diffstat (limited to 'cadi/core')
24 files changed, 1516 insertions, 1516 deletions
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java index 0a1f38db..b697f373 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java @@ -114,7 +114,7 @@ public class CmdLine { // One still needs access to the keyfile to read. // July 2016 - thought of a tool "CMPass" to regurgitate from properties, but only if allowed. } else if (("regurgitate".equalsIgnoreCase(args[0]) || "undigest".equalsIgnoreCase(args[0])) - && args.length>2) { + && args.length>2) { try { Symm symm; FileInputStream fis = new FileInputStream(args[2]); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java b/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java index 9f4b4b9f..1bf0230e 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java @@ -48,9 +48,9 @@ public class PropAccess implements Access { // Sonar says cannot be static... it's ok. not too many PropAccesses created. private final SimpleDateFormat iso8601 = newISO8601(); private Symm symm; - + public static SimpleDateFormat newISO8601() { - return new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ"); + return new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ"); } public static final Level DEFAULT = Level.AUDIT; @@ -135,12 +135,12 @@ public class PropAccess implements Access { load(props.getProperty(Config.CADI_PROP_FILES)); if(sLevel==null) { // if LogLev wasn't set before, check again after Chained Load - sLevel = props.getProperty(Config.CADI_LOGLEVEL); - if (sLevel==null) { - level=DEFAULT.maskOf(); - } else { - level=Level.valueOf(sLevel).maskOf(); - } + sLevel = props.getProperty(Config.CADI_LOGLEVEL); + if (sLevel==null) { + level=DEFAULT.maskOf(); + } else { + level=Level.valueOf(sLevel).maskOf(); + } } // Setup local Symmetrical key encryption if (symm==null) { @@ -179,15 +179,15 @@ public class PropAccess implements Access { // Only load props from recursion which are not already in props // meaning top Property file takes precedence for(Entry<Object, Object> es : fileProps.entrySet()) { - if(props.get(es.getKey())==null) { - String key = es.getKey().toString(); - String value = es.getValue().toString(); - props.put(key, value); - if(key.contains("pass")) { - value = "XXXXXXX"; - } - printf(Level.DEBUG," %s=%s",key,value); - } + if(props.get(es.getKey())==null) { + String key = es.getKey().toString(); + String value = es.getValue().toString(); + props.put(key, value); + if(key.contains("pass")) { + value = "XXXXXXX"; + } + printf(Level.DEBUG," %s=%s",key,value); + } } // Recursively Load String chainProp = fileProps.getProperty(Config.CADI_PROP_FILES); @@ -272,64 +272,64 @@ public class PropAccess implements Access { * Need to pass in DateFormat per thread, because not marked as thread safe */ public static StringBuilder buildMsg(final String name, final DateFormat sdf, Level level, Object[] elements) { - final StringBuilder sb; + final StringBuilder sb; int end = elements.length; - if(sdf==null) { - sb = new StringBuilder(); - write(true,sb,elements); - } else { - sb = new StringBuilder( - sdf.format(new Date()) - ); + if(sdf==null) { + sb = new StringBuilder(); + write(true,sb,elements); + } else { + sb = new StringBuilder( + sdf.format(new Date()) + ); sb.append(' '); sb.append(level.name()); sb.append(" ["); sb.append(name); - if (end<=0) { - sb.append("] "); - } else { - int idx = 0; - if(elements[idx]!=null && - elements[idx] instanceof Integer) { - sb.append('-'); - sb.append(elements[idx]); - ++idx; - } - sb.append("] "); - write(true,sb,elements); - } - } + if (end<=0) { + sb.append("] "); + } else { + int idx = 0; + if(elements[idx]!=null && + elements[idx] instanceof Integer) { + sb.append('-'); + sb.append(elements[idx]); + ++idx; + } + sb.append("] "); + write(true,sb,elements); + } + } return sb; } private static boolean write(boolean first, StringBuilder sb, Object[] elements) { - String s; + String s; for (Object o : elements) { if (o!=null) { - if(o.getClass().isArray()) { - first = write(first,sb,(Object[])o); - } else if(o instanceof Throwable) { - ByteArrayOutputStream baos = new ByteArrayOutputStream(); - PrintStream ps = new PrintStream(baos); - ((Throwable)o).printStackTrace(ps); - sb.append(baos.toString()); - } else { - s=o.toString(); - if (first) { - first = false; - } else { - int l = s.length(); - if (l>0) { - switch(s.charAt(l-1)) { - case ' ': - break; - default: - sb.append(' '); - } - } - } - sb.append(s); - } + if(o.getClass().isArray()) { + first = write(first,sb,(Object[])o); + } else if(o instanceof Throwable) { + ByteArrayOutputStream baos = new ByteArrayOutputStream(); + PrintStream ps = new PrintStream(baos); + ((Throwable)o).printStackTrace(ps); + sb.append(baos.toString()); + } else { + s=o.toString(); + if (first) { + first = false; + } else { + int l = s.length(); + if (l>0) { + switch(s.charAt(l-1)) { + case ' ': + break; + default: + sb.append(' '); + } + } + } + sb.append(s); + } } } return first; @@ -337,10 +337,10 @@ public class PropAccess implements Access { @Override public void log(Exception e, Object... elements) { - StringWriter sw = new StringWriter(); - PrintWriter pw = new PrintWriter(sw); - pw.println(); - e.printStackTrace(pw); + StringWriter sw = new StringWriter(); + PrintWriter pw = new PrintWriter(sw); + pw.println(); + e.printStackTrace(pw); log(Level.ERROR,elements,sw.toString()); } @@ -436,6 +436,6 @@ public class PropAccess implements Access { } public String toString() { - return props.toString(); + return props.toString(); } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java index 9a66d313..e7533610 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java @@ -82,7 +82,7 @@ public class Symm { private byte[] keyBytes = null; //Note: AES Encryption is not Thread Safe. It is Synchronized //private AES aes = null; // only initialized from File, and only if needed for Passwords - private String name; + private String name; /** * This is the standard base64 Key Set. @@ -900,6 +900,6 @@ public class Symm { @Override public String toString() { - return name; + return name; } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java index 30508b7d..7bd578a5 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java @@ -275,10 +275,10 @@ public class Config { Access access = si.access; RegistrationPropHolder rph; try { - rph = new RegistrationPropHolder(access, 0); - } catch (UnknownHostException e2) { - throw new CadiException(e2); - } + rph = new RegistrationPropHolder(access, 0); + } catch (UnknownHostException e2) { + throw new CadiException(e2); + } ///////////////////////////////////////////////////// // Setup AAFCon for any following ///////////////////////////////////////////////////// @@ -504,7 +504,7 @@ public class Config { // Any Additional Tafs passed in Constructor ///////////////////////////////////////////////////// if (additionalTafLurs!=null) { - int i=0; + int i=0; for (Object additional : additionalTafLurs) { if (additional instanceof BasicHttpTaf) { BasicHttpTaf ht = (BasicHttpTaf)additional; @@ -556,17 +556,17 @@ public class Config { // just return the one taf = htlist.get(0).t; } else { - Collections.sort(htlist); + Collections.sort(htlist); HttpTaf[] htarray = new HttpTaf[htlist.size()]; int i=-1; StringBuilder sb = new StringBuilder("Tafs processed in this order:\n"); for(Priori<HttpTaf> pht : htlist) { - htarray[++i] = pht.t; - sb.append(" "); - sb.append(pht.t.getClass().getName()); - sb.append('('); - sb.append(pht.priority); - sb.append(")\n"); + htarray[++i] = pht.t; + sb.append(" "); + sb.append(pht.t.getClass().getName()); + sb.append('('); + sb.append(pht.priority); + sb.append(")\n"); } access.log(Level.INIT, sb); @@ -585,13 +585,13 @@ public class Config { public static String logProp(RegistrationPropHolder rph, String tag, String def) { String rv = rph.access().getProperty(tag, def); if (rv == null) { - rph.access().log(Level.INIT,tag,"is not explicitly set"); + rph.access().log(Level.INIT,tag,"is not explicitly set"); } else { - rv = rph.replacements("Config.logProp",rv, null, null); - rph.access().log(Level.INIT,tag,"is set to",rv); + rv = rph.replacements("Config.logProp",rv, null, null); + rph.access().log(Level.INIT,tag,"is set to",rv); } return rv; - + } public static String logProp(Access access,String tag, String def) { @@ -608,10 +608,10 @@ public class Config { Access access = si.access; RegistrationPropHolder rph; try { - rph = new RegistrationPropHolder(access, 0); - } catch (UnknownHostException e2) { - throw new CadiException(e2); - } + rph = new RegistrationPropHolder(access, 0); + } catch (UnknownHostException e2) { + throw new CadiException(e2); + } List<Priori<Lur>> lurs = new ArrayList<>(); @@ -728,7 +728,7 @@ public class Config { // Any Additional passed in Constructor ///////////////////////////////////////////////////// if (additionalTafLurs!=null) { - int i=0; + int i=0; for (Object additional : additionalTafLurs) { if (additional instanceof Lur) { lurs.add(new Priori<Lur>((Lur)additional,50+i++)); @@ -754,17 +754,17 @@ public class Config { return lurs.get(0).t; // Only one, just return it, save processing default: // Multiple Lurs, use EpiLUR to handle - Collections.sort(lurs); + Collections.sort(lurs); Lur[] la = new Lur[lurs.size()]; int i=-1; StringBuilder sb = new StringBuilder("Lurs processed in this order:\n"); for(Priori<Lur> pht : lurs) { - la[++i] = pht.t; - sb.append(" "); - sb.append(pht.t.getClass().getName()); - sb.append('('); - sb.append(pht.priority); - sb.append(")\n"); + la[++i] = pht.t; + sb.append(" "); + sb.append(pht.t.getClass().getName()); + sb.append('('); + sb.append(pht.priority); + sb.append(")\n"); } access.log(Level.INIT, sb); return new EpiLur(la); @@ -855,53 +855,53 @@ public class Config { if (_url==null) { access.log(Level.INIT,"No URL passed to 'loadLocator'. Disabled"); } else { - try { - Class<?> aalCls = Class.forName("org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator"); - Method aalMth = aalCls.getMethod("create", String.class,String.class); - int colon = _url.lastIndexOf(':'); - if(colon>=0) { - int slash = _url.indexOf('/',colon); - String version; - if(slash<0) { - version = _url.substring(colon+1); - } else { - version = _url.substring(colon+1,slash); - } - slash = _url.lastIndexOf('/',colon); - if(slash>=0) { - Object aal = aalMth.invoke(null/*static*/, _url.substring(slash+1, colon),version); - return (Locator<URI>)aal; - } - } - } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { - String msg; - char quote; - if(e.getCause()!=null) { - msg=e.getCause().getMessage(); - quote='"'; - } else { - msg = "-"; - quote=' '; - } - access.printf(Level.DEBUG, "Configured AbsAAFLocator not found%c%s%cContinuing Locator creation ",quote,msg,quote); - } + try { + Class<?> aalCls = Class.forName("org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator"); + Method aalMth = aalCls.getMethod("create", String.class,String.class); + int colon = _url.lastIndexOf(':'); + if(colon>=0) { + int slash = _url.indexOf('/',colon); + String version; + if(slash<0) { + version = _url.substring(colon+1); + } else { + version = _url.substring(colon+1,slash); + } + slash = _url.lastIndexOf('/',colon); + if(slash>=0) { + Object aal = aalMth.invoke(null/*static*/, _url.substring(slash+1, colon),version); + return (Locator<URI>)aal; + } + } + } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + String msg; + char quote; + if(e.getCause()!=null) { + msg=e.getCause().getMessage(); + quote='"'; + } else { + msg = "-"; + quote=' '; + } + access.printf(Level.DEBUG, "Configured AbsAAFLocator not found%c%s%cContinuing Locator creation ",quote,msg,quote); + } // String url = _url.replace("/AAF_NS.", "/%C%CID%AAF_NS."); // String root_ns = access.getProperty(Config.AAF_ROOT_NS, null); - String url; + String url; RegistrationPropHolder rph; try { - rph = new RegistrationPropHolder(access, 0); - url = rph.replacements("Config.loadLocator",_url, null, null); - access.printf(Level.INFO, "loadLocator URL is %s",url); - } catch (UnknownHostException | CadiException e1) { - throw new LocatorException(e1); - } + rph = new RegistrationPropHolder(access, 0); + url = rph.replacements("Config.loadLocator",_url, null, null); + access.printf(Level.INFO, "loadLocator URL is %s",url); + } catch (UnknownHostException | CadiException e1) { + throw new LocatorException(e1); + } String aaf_locator_class; if(_url.equals(url) && !url.contains("/locate/")) { - aaf_locator_class = "org.onap.aaf.cadi.locator.DNSLocator"; + aaf_locator_class = "org.onap.aaf.cadi.locator.DNSLocator"; } else { - aaf_locator_class = AAF_LOCATOR_CLASS_DEF; + aaf_locator_class = AAF_LOCATOR_CLASS_DEF; } try { Class<?> lcls = loadClass(access,aaf_locator_class); @@ -945,83 +945,83 @@ public class Config { } public static String getAAFLocateUrl(Access access) { - String rv = null; - String cont = access.getProperty(AAF_LOCATOR_CONTAINER,null); - if(cont!=null) { - rv = access.getProperty(AAF_LOCATE_URL + '.' +cont, null); - } - if(rv==null) { - rv = access.getProperty(AAF_LOCATE_URL, null); - } - return rv; + String rv = null; + String cont = access.getProperty(AAF_LOCATOR_CONTAINER,null); + if(cont!=null) { + rv = access.getProperty(AAF_LOCATE_URL + '.' +cont, null); + } + if(rv==null) { + rv = access.getProperty(AAF_LOCATE_URL, null); + } + return rv; } private static class Priori<T> implements Comparable<Priori<T>> { - public final T t; - public final int priority; - - public Priori(final T t, final int priority) { - this.t = t; - this.priority = priority; - } + public final T t; + public final int priority; + + public Priori(final T t, final int priority) { + this.t = t; + this.priority = priority; + } - @Override - public int compareTo(Priori<T> o) { - if(priority==o.priority) { - return 0; - } else if(priority<o.priority) { - return -1; - } else { - return 1; - } - } - public static<T> void add(Access access, final String tag, List<Priori<T>> list) { - String plugins = access.getProperty(tag, null); - if(plugins!=null) { - access.log(Level.INIT, "Adding TAF Plugins: ", plugins); - for(String tafs : Split.splitTrim(';', plugins)) { - String[] pluginArray = Split.splitTrim(',', tafs); - String clssn = null; - int priority = 60; - switch(pluginArray.length) { - case 0: - break; - case 1: - clssn = tafs; - break; - default: - clssn = pluginArray[0]; - try { - priority = Integer.parseInt(pluginArray[1]); - } catch (NumberFormatException nfe) { - access.printf(Level.ERROR, "%s format is <classname>,priority[;...]\n",CADI_ADD_TAFS); - } - } - - if(clssn!=null) { - Class<?> cls = loadClass(access, clssn); - if(cls!=null) { - try { - @SuppressWarnings("unchecked") - Constructor<T> cnst = (Constructor<T>)cls.getConstructor(Access.class); - try { - list.add(new Priori<T>(cnst.newInstance(access),priority)); - } catch (InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { - String hostname = access.getProperty(Config.HOSTNAME,null); - if(hostname==null) { - access.printf(Level.ERROR, "%s cannot be constructed on this machine. Set valid 'hostname' in your properties\n",clssn); - } else { - access.printf(Level.ERROR, "%s cannot be constructed on %s with Access.\n",clssn, hostname); - } - } - } catch (NoSuchMethodException | SecurityException e) { - access.printf(Level.ERROR, "%s needs a Constructor taking Access as sole param.\n",clssn); - } - } - } - } - } - } + @Override + public int compareTo(Priori<T> o) { + if(priority==o.priority) { + return 0; + } else if(priority<o.priority) { + return -1; + } else { + return 1; + } + } + public static<T> void add(Access access, final String tag, List<Priori<T>> list) { + String plugins = access.getProperty(tag, null); + if(plugins!=null) { + access.log(Level.INIT, "Adding TAF Plugins: ", plugins); + for(String tafs : Split.splitTrim(';', plugins)) { + String[] pluginArray = Split.splitTrim(',', tafs); + String clssn = null; + int priority = 60; + switch(pluginArray.length) { + case 0: + break; + case 1: + clssn = tafs; + break; + default: + clssn = pluginArray[0]; + try { + priority = Integer.parseInt(pluginArray[1]); + } catch (NumberFormatException nfe) { + access.printf(Level.ERROR, "%s format is <classname>,priority[;...]\n",CADI_ADD_TAFS); + } + } + + if(clssn!=null) { + Class<?> cls = loadClass(access, clssn); + if(cls!=null) { + try { + @SuppressWarnings("unchecked") + Constructor<T> cnst = (Constructor<T>)cls.getConstructor(Access.class); + try { + list.add(new Priori<T>(cnst.newInstance(access),priority)); + } catch (InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + String hostname = access.getProperty(Config.HOSTNAME,null); + if(hostname==null) { + access.printf(Level.ERROR, "%s cannot be constructed on this machine. Set valid 'hostname' in your properties\n",clssn); + } else { + access.printf(Level.ERROR, "%s cannot be constructed on %s with Access.\n",clssn, hostname); + } + } + } catch (NoSuchMethodException | SecurityException e) { + access.printf(Level.ERROR, "%s needs a Constructor taking Access as sole param.\n",clssn); + } + } + } + } + } + } } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java index 2a8760f4..f73179a9 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/RegistrationPropHolder.java @@ -29,259 +29,259 @@ import org.onap.aaf.cadi.CadiException; import org.onap.aaf.cadi.util.Split; public class RegistrationPropHolder { - private final String PUBLIC_NAME="%NS.%N"; - private final String REGI="RegistrationProperty: %s='%s'"; - private final Access access; - public String hostname; - private int port; - public String public_fqdn; - private Integer public_port; - public Float latitude; - public Float longitude; - public final String default_fqdn; - public final String default_container_ns; - public final String default_name; - public final String lentries; - public final String lcontainer; - public final String default_container; - private static boolean firstlog = true; + private final String PUBLIC_NAME="%NS.%N"; + private final String REGI="RegistrationProperty: %s='%s'"; + private final Access access; + public String hostname; + private int port; + public String public_fqdn; + private Integer public_port; + public Float latitude; + public Float longitude; + public final String default_fqdn; + public final String default_container_ns; + public final String default_name; + public final String lentries; + public final String lcontainer; + public final String default_container; + private static boolean firstlog = true; - public RegistrationPropHolder(final Access access, final int port) throws UnknownHostException, CadiException { - this.access = access; - StringBuilder errs = new StringBuilder(); - String str; - this.port = port; + public RegistrationPropHolder(final Access access, final int port) throws UnknownHostException, CadiException { + this.access = access; + StringBuilder errs = new StringBuilder(); + String str; + this.port = port; - lentries=access.getProperty(Config.AAF_LOCATOR_ENTRIES,""); - default_container = access.getProperty(Config.AAF_LOCATOR_CONTAINER, ""); - if(firstlog) { - access.printf(Level.INIT, REGI,"default_container",default_container); - } - if(!default_container.isEmpty()) { - lcontainer=',' + default_container; // "" makes a blank default Public Entry - str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_PORT+'.'+default_container, null); - if(str==null) { - str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_PORT, null); - } - } else { - lcontainer=default_container; - str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_PORT, null); - } - if(str!=null) { - public_port=Integer.decode(str); - } - if(firstlog) { - access.printf(Level.INIT, "RegistrationProperty: public_port='%d'",public_port); - } + lentries=access.getProperty(Config.AAF_LOCATOR_ENTRIES,""); + default_container = access.getProperty(Config.AAF_LOCATOR_CONTAINER, ""); + if(firstlog) { + access.printf(Level.INIT, REGI,"default_container",default_container); + } + if(!default_container.isEmpty()) { + lcontainer=',' + default_container; // "" makes a blank default Public Entry + str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_PORT+'.'+default_container, null); + if(str==null) { + str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_PORT, null); + } + } else { + lcontainer=default_container; + str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_PORT, null); + } + if(str!=null) { + public_port=Integer.decode(str); + } + if(firstlog) { + access.printf(Level.INIT, "RegistrationProperty: public_port='%d'",public_port); + } - hostname = access.getProperty(Config.HOSTNAME, null); - if (hostname==null) { - hostname = Inet4Address.getLocalHost().getHostName(); - } - if (hostname==null) { - mustBeDefined(errs,Config.HOSTNAME); - } - if(firstlog) { - access.printf(Level.INIT, REGI,"hostname",hostname); - } + hostname = access.getProperty(Config.HOSTNAME, null); + if (hostname==null) { + hostname = Inet4Address.getLocalHost().getHostName(); + } + if (hostname==null) { + mustBeDefined(errs,Config.HOSTNAME); + } + if(firstlog) { + access.printf(Level.INIT, REGI,"hostname",hostname); + } - public_fqdn = access.getProperty(Config.AAF_LOCATOR_PUBLIC_FQDN, hostname); - if(firstlog) { - access.printf(Level.INIT, REGI,"public_fqdn",public_fqdn); - } + public_fqdn = access.getProperty(Config.AAF_LOCATOR_PUBLIC_FQDN, hostname); + if(firstlog) { + access.printf(Level.INIT, REGI,"public_fqdn",public_fqdn); + } - // Allow Container to reset the standard name for public - String container_public_name = access.getProperty(Config.AAF_LOCATOR_PUBLIC_NAME+'.'+default_container, null); - if(container_public_name==null) { - container_public_name = access.getProperty(Config.AAF_LOCATOR_PUBLIC_NAME, null); - if(container_public_name==null) { - container_public_name = access.getProperty(Config.AAF_LOCATOR_NAME, PUBLIC_NAME); - } - } - default_name = container_public_name; - - if(firstlog) { - access.printf(Level.INIT, REGI,"default_name",default_name); - } - - latitude=null; - String slatitude = access.getProperty(Config.CADI_LATITUDE, null); - if(slatitude == null) { - mustBeDefined(errs,Config.CADI_LATITUDE); - } else { - latitude = Float.parseFloat(slatitude); - } - if(firstlog) { - access.printf(Level.INIT, REGI,"latitude",slatitude); - } + // Allow Container to reset the standard name for public + String container_public_name = access.getProperty(Config.AAF_LOCATOR_PUBLIC_NAME+'.'+default_container, null); + if(container_public_name==null) { + container_public_name = access.getProperty(Config.AAF_LOCATOR_PUBLIC_NAME, null); + if(container_public_name==null) { + container_public_name = access.getProperty(Config.AAF_LOCATOR_NAME, PUBLIC_NAME); + } + } + default_name = container_public_name; + + if(firstlog) { + access.printf(Level.INIT, REGI,"default_name",default_name); + } + + latitude=null; + String slatitude = access.getProperty(Config.CADI_LATITUDE, null); + if(slatitude == null) { + mustBeDefined(errs,Config.CADI_LATITUDE); + } else { + latitude = Float.parseFloat(slatitude); + } + if(firstlog) { + access.printf(Level.INIT, REGI,"latitude",slatitude); + } - longitude=null; - String slongitude = access.getProperty(Config.CADI_LONGITUDE, null); - if(slongitude == null) { - mustBeDefined(errs,Config.CADI_LONGITUDE); - } else { - longitude = Float.parseFloat(slongitude); - } - if(firstlog) { - access.printf(Level.INIT, REGI,"longitude",slongitude); - } + longitude=null; + String slongitude = access.getProperty(Config.CADI_LONGITUDE, null); + if(slongitude == null) { + mustBeDefined(errs,Config.CADI_LONGITUDE); + } else { + longitude = Float.parseFloat(slongitude); + } + if(firstlog) { + access.printf(Level.INIT, REGI,"longitude",slongitude); + } - String dot_le; - // Note: only one of the ports can be public... Therefore, only the last - for(String le : Split.splitTrim(',', lcontainer)) { - dot_le = le.isEmpty()?le :"."+le; - str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_FQDN+dot_le,null); - if( str != null && !str.isEmpty()) { - public_fqdn=str; - if(firstlog) { - access.printf(Level.INIT, "RegistrationProperty: public_hostname(overloaded by %s)='%s'",dot_le,public_fqdn); - } - } - } - - default_fqdn = access.getProperty(Config.AAF_LOCATOR_FQDN, hostname); - if(firstlog) { - access.printf(Level.INIT, REGI,"default_fqdn",default_fqdn); - } - default_container_ns = access.getProperty(Config.AAF_LOCATOR_CONTAINER_NS,""); - if(firstlog) { - access.printf(Level.INIT, REGI,"default_container_ns",default_container_ns); - } - if(errs.length()>0) { - throw new CadiException(errs.toString()); - } - firstlog = false; - } + String dot_le; + // Note: only one of the ports can be public... Therefore, only the last + for(String le : Split.splitTrim(',', lcontainer)) { + dot_le = le.isEmpty()?le :"."+le; + str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_FQDN+dot_le,null); + if( str != null && !str.isEmpty()) { + public_fqdn=str; + if(firstlog) { + access.printf(Level.INIT, "RegistrationProperty: public_hostname(overloaded by %s)='%s'",dot_le,public_fqdn); + } + } + } + + default_fqdn = access.getProperty(Config.AAF_LOCATOR_FQDN, hostname); + if(firstlog) { + access.printf(Level.INIT, REGI,"default_fqdn",default_fqdn); + } + default_container_ns = access.getProperty(Config.AAF_LOCATOR_CONTAINER_NS,""); + if(firstlog) { + access.printf(Level.INIT, REGI,"default_container_ns",default_container_ns); + } + if(errs.length()>0) { + throw new CadiException(errs.toString()); + } + firstlog = false; + } - private void mustBeDefined(StringBuilder errs, String propname) { - errs.append('\n'); - errs.append(propname); - errs.append(" must be defined."); - - } + private void mustBeDefined(StringBuilder errs, String propname) { + errs.append('\n'); + errs.append(propname); + errs.append(" must be defined."); + + } - public String getEntryFQDN(final String entry, final String dot_le) { - String str; - if(public_fqdn!=null && dot_le.isEmpty()) { - str = public_fqdn; - } else { - str = access.getProperty(Config.AAF_LOCATOR_FQDN+dot_le, default_fqdn); - } - return replacements("RegistrationPropHolder.getEntryFQDN",str,entry,dot_le); - } - - public String getEntryName(final String entry, final String dot_le) { - String str; - if(dot_le.isEmpty()) { - str = default_name; - } else { - str = access.getProperty(Config.AAF_LOCATOR_NAME+dot_le, default_name); - } - return replacements("RegistrationPropHolder.getEntryName",str,entry,dot_le); - } - - public String getPublicEntryName(final String entry, final String dot_le) { - String str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_NAME+dot_le, null); - if(str==null) { - str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_NAME,null); - } - if(str==null) { - str = default_name; - } - return replacements("RegistrationPropHolder.getEntryName",str,entry,dot_le); - } - - - private String getNS(String dot_le) { - String ns; - ns = access.getProperty(Config.AAF_LOCATOR_APP_NS+dot_le,null); - if(ns==null) { - ns = access.getProperty(Config.AAF_LOCATOR_APP_NS, "AAF_NS"); - } - return ns; - } + public String getEntryFQDN(final String entry, final String dot_le) { + String str; + if(public_fqdn!=null && dot_le.isEmpty()) { + str = public_fqdn; + } else { + str = access.getProperty(Config.AAF_LOCATOR_FQDN+dot_le, default_fqdn); + } + return replacements("RegistrationPropHolder.getEntryFQDN",str,entry,dot_le); + } + + public String getEntryName(final String entry, final String dot_le) { + String str; + if(dot_le.isEmpty()) { + str = default_name; + } else { + str = access.getProperty(Config.AAF_LOCATOR_NAME+dot_le, default_name); + } + return replacements("RegistrationPropHolder.getEntryName",str,entry,dot_le); + } + + public String getPublicEntryName(final String entry, final String dot_le) { + String str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_NAME+dot_le, null); + if(str==null) { + str = access.getProperty(Config.AAF_LOCATOR_PUBLIC_NAME,null); + } + if(str==null) { + str = default_name; + } + return replacements("RegistrationPropHolder.getEntryName",str,entry,dot_le); + } + + + private String getNS(String dot_le) { + String ns; + ns = access.getProperty(Config.AAF_LOCATOR_APP_NS+dot_le,null); + if(ns==null) { + ns = access.getProperty(Config.AAF_LOCATOR_APP_NS, "AAF_NS"); + } + return ns; + } - - public String replacements(final String fromCode, final String source, final String name, final String _dot_le) { - if(source == null) { - return ""; - } else if(source.isEmpty()) { - return source; - } - String value = source; - String dot_le; - if(_dot_le==null) { - dot_le = default_container.isEmpty()?"":'.'+default_container; - } else { - dot_le = _dot_le; - } + + public String replacements(final String fromCode, final String source, final String name, final String _dot_le) { + if(source == null) { + return ""; + } else if(source.isEmpty()) { + return source; + } + String value = source; + String dot_le; + if(_dot_le==null) { + dot_le = default_container.isEmpty()?"":'.'+default_container; + } else { + dot_le = _dot_le; + } String aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL+dot_le,null); if(aaf_locator_host==null) { - aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL,null); + aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL,null); } String str; if(aaf_locator_host!=null) { - if("https://AAF_LOCATE_URL".equals(value)) { - value = aaf_locator_host; - } else { - str = aaf_locator_host; - if(value.indexOf(Config.AAF_LOCATE_URL_TAG)>=0) { - if(!str.endsWith("/")) { - str+='/'; - } - if(!str.endsWith("/locate/")) { - str+="locate/"; - } - if(value.startsWith("http:")) { - value = value.replace("http://AAF_LOCATE_URL/", str); - } else { - value = value.replace("https://AAF_LOCATE_URL/", str); - - } - } - } + if("https://AAF_LOCATE_URL".equals(value)) { + value = aaf_locator_host; + } else { + str = aaf_locator_host; + if(value.indexOf(Config.AAF_LOCATE_URL_TAG)>=0) { + if(!str.endsWith("/")) { + str+='/'; + } + if(!str.endsWith("/locate/")) { + str+="locate/"; + } + if(value.startsWith("http:")) { + value = value.replace("http://AAF_LOCATE_URL/", str); + } else { + value = value.replace("https://AAF_LOCATE_URL/", str); + + } + } + } } - int atC = value.indexOf("%C"); - if(atC>=0) { - // aaf_locator_container_ns - str = access.getProperty(Config.AAF_LOCATOR_CONTAINER_NS+dot_le, default_container_ns); - if(str.isEmpty()) { - value = value.replace("%CNS"+'.', str); - } - value = value.replace("%CNS", str); - - str = access.getProperty(Config.AAF_LOCATOR_CONTAINER+dot_le,default_container); - if(str.isEmpty()) { - value = value.replace("%C"+'.', str); - } - value = value.replace("%C", str); - } - - if(value.indexOf("%NS")>=0) { - str = getNS(dot_le); - if(str==null || str.isEmpty()) { - value = value.replace("%NS"+'.', ""); - } else { - value = value.replace("%NS", str); - } - } + int atC = value.indexOf("%C"); + if(atC>=0) { + // aaf_locator_container_ns + str = access.getProperty(Config.AAF_LOCATOR_CONTAINER_NS+dot_le, default_container_ns); + if(str.isEmpty()) { + value = value.replace("%CNS"+'.', str); + } + value = value.replace("%CNS", str); + + str = access.getProperty(Config.AAF_LOCATOR_CONTAINER+dot_le,default_container); + if(str.isEmpty()) { + value = value.replace("%C"+'.', str); + } + value = value.replace("%C", str); + } + + if(value.indexOf("%NS")>=0) { + str = getNS(dot_le); + if(str==null || str.isEmpty()) { + value = value.replace("%NS"+'.', ""); + } else { + value = value.replace("%NS", str); + } + } - // aaf_root_ns - if(value.indexOf("AAF_NS")>=0) { - str = access.getProperty(Config.AAF_ROOT_NS, Config.AAF_ROOT_NS_DEF) + '.'; - String temp = value.replace("%AAF_NS.", str); - if(temp.equals(value)) { // intended - value = value.replace("AAF_NS.", str); // Backward Compatibility - } else { - value = temp; - } - } + // aaf_root_ns + if(value.indexOf("AAF_NS")>=0) { + str = access.getProperty(Config.AAF_ROOT_NS, Config.AAF_ROOT_NS_DEF) + '.'; + String temp = value.replace("%AAF_NS.", str); + if(temp.equals(value)) { // intended + value = value.replace("AAF_NS.", str); // Backward Compatibility + } else { + value = temp; + } + } - - if(value.indexOf('%')>=0) { + + if(value.indexOf('%')>=0) { // These shouldn't be expected to have dot elements if(name!=null) { value = value.replace("%N", name); @@ -292,21 +292,21 @@ public class RegistrationPropHolder { if(public_fqdn!=null) { value = value.replace("%PH", public_fqdn); } - } - access.printf(Level.DEBUG, - "RegistrationReplacement from %s, source: %s, dot_le: %s, value: %s", - fromCode,source,dot_le,value); + } + access.printf(Level.DEBUG, + "RegistrationReplacement from %s, source: %s, dot_le: %s, value: %s", + fromCode,source,dot_le,value); - return value; - } - - public int getEntryPort(final String dot_le) { - return public_port!=null && dot_le.isEmpty()? - public_port: - port; - } + return value; + } + + public int getEntryPort(final String dot_le) { + return public_port!=null && dot_le.isEmpty()? + public_port: + port; + } - public Access access() { - return access; - } + public Access access() { + return access; + } }
\ No newline at end of file diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java index 5d1d23fa..8dbc38e1 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfo.java @@ -56,12 +56,12 @@ import org.onap.aaf.cadi.util.NetMask; import org.onap.aaf.cadi.util.Split; public class SecurityInfo { - private static final String SECURITY_ALGO = "RSA"; + private static final String SECURITY_ALGO = "RSA"; private static final String HTTPS_PROTOCOLS = "https.protocols"; private static final String JDK_TLS_CLIENT_PROTOCOLS = "jdk.tls.client.protocols"; private static final String INITIALIZING_ERR_FMT = "Error initializing %s: %s"; - private static final String LOADED_FROM_CADI_PROPERTIES = "%s loaded from CADI Properties"; - private static final String LOADED_FROM_SYSTEM_PROPERTIES = "%s loaded from System Properties"; + private static final String LOADED_FROM_CADI_PROPERTIES = "%s loaded from CADI Properties"; + private static final String LOADED_FROM_SYSTEM_PROPERTIES = "%s loaded from System Properties"; public static final String SSL_KEY_MANAGER_FACTORY_ALGORITHM; @@ -86,26 +86,26 @@ public class SecurityInfo { public SecurityInfo(final Access access) throws CadiException { - String msgHelp = ""; + String msgHelp = ""; try { this.access = access; // reuse DME2 Properties for convenience if specific Properties don't exist String str = access.getProperty(Config.CADI_ALIAS, null); if(str==null || str.isEmpty()) { - defaultAlias = null; + defaultAlias = null; } else { - defaultAlias = str; + defaultAlias = str; } str = access.getProperty(Config.CADI_CLIENT_ALIAS, null); if(str==null) { - defaultClientAlias = defaultAlias; + defaultClientAlias = defaultAlias; } else if(str.isEmpty()) { - // intentionally off, i.e. cadi_client_alias= - defaultClientAlias = null; + // intentionally off, i.e. cadi_client_alias= + defaultClientAlias = null; } else { - defaultClientAlias = str; + defaultClientAlias = str; } msgHelp = String.format(INITIALIZING_ERR_FMT,"Keystore", access.getProperty(Config.CADI_KEYSTORE, "")); @@ -134,34 +134,34 @@ public class SecurityInfo { public static void setHTTPProtocols(Access access) { String httpsProtocols = System.getProperty(Config.HTTPS_PROTOCOLS); if(httpsProtocols!=null) { - access.printf(Level.INIT, LOADED_FROM_SYSTEM_PROPERTIES, HTTPS_PROTOCOLS); + access.printf(Level.INIT, LOADED_FROM_SYSTEM_PROPERTIES, HTTPS_PROTOCOLS); } else { - httpsProtocols = access.getProperty(Config.HTTPS_PROTOCOLS,null); - if(httpsProtocols!=null) { - access.printf(Level.INIT, LOADED_FROM_CADI_PROPERTIES, HTTPS_PROTOCOLS); - } else { - httpsProtocols = access.getProperty(HTTPS_PROTOCOLS, Config.HTTPS_PROTOCOLS_DEFAULT); - access.printf(Level.INIT, "%s set by %s in CADI Properties",Config.HTTPS_PROTOCOLS,Config.CADI_PROTOCOLS); - } - // This needs to be set when people do not. + httpsProtocols = access.getProperty(Config.HTTPS_PROTOCOLS,null); + if(httpsProtocols!=null) { + access.printf(Level.INIT, LOADED_FROM_CADI_PROPERTIES, HTTPS_PROTOCOLS); + } else { + httpsProtocols = access.getProperty(HTTPS_PROTOCOLS, Config.HTTPS_PROTOCOLS_DEFAULT); + access.printf(Level.INIT, "%s set by %s in CADI Properties",Config.HTTPS_PROTOCOLS,Config.CADI_PROTOCOLS); + } + // This needs to be set when people do not. System.setProperty(HTTPS_PROTOCOLS, httpsProtocols); } String httpsClientProtocols = System.getProperty(JDK_TLS_CLIENT_PROTOCOLS,null); if(httpsClientProtocols!=null) { - access.printf(Level.INIT, LOADED_FROM_SYSTEM_PROPERTIES, JDK_TLS_CLIENT_PROTOCOLS); + access.printf(Level.INIT, LOADED_FROM_SYSTEM_PROPERTIES, JDK_TLS_CLIENT_PROTOCOLS); } else { - httpsClientProtocols = access.getProperty(Config.HTTPS_CLIENT_PROTOCOLS, null); - if(httpsClientProtocols!=null) { - access.printf(Level.INIT, LOADED_FROM_CADI_PROPERTIES, Config.HTTPS_CLIENT_PROTOCOLS); - } else { - httpsClientProtocols = Config.HTTPS_PROTOCOLS_DEFAULT; - access.printf(Level.INIT, "%s set from %s",Config.HTTPS_CLIENT_PROTOCOLS, "Default Protocols"); - } - System.setProperty(JDK_TLS_CLIENT_PROTOCOLS, httpsClientProtocols); + httpsClientProtocols = access.getProperty(Config.HTTPS_CLIENT_PROTOCOLS, null); + if(httpsClientProtocols!=null) { + access.printf(Level.INIT, LOADED_FROM_CADI_PROPERTIES, Config.HTTPS_CLIENT_PROTOCOLS); + } else { + httpsClientProtocols = Config.HTTPS_PROTOCOLS_DEFAULT; + access.printf(Level.INIT, "%s set from %s",Config.HTTPS_CLIENT_PROTOCOLS, "Default Protocols"); + } + System.setProperty(JDK_TLS_CLIENT_PROTOCOLS, httpsClientProtocols); } - } + } - /** + /** * @return the scf */ public SSLSocketFactory getSSLSocketFactory() { @@ -201,7 +201,7 @@ public class SecurityInfo { protected void initializeKeyManager() throws CadiException, IOException, NoSuchAlgorithmException, KeyStoreException, CertificateException, UnrecoverableKeyException { String keyStore = access.getProperty(Config.CADI_KEYSTORE, null); if(keyStore==null) { - return; + return; } else if (!new File(keyStore).exists()) { throw new CadiException(keyStore + " does not exist"); } @@ -244,20 +244,20 @@ public class SecurityInfo { StringBuilder sb = null; for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) { if (keyManager instanceof X509KeyManager) { - X509KeyManager xkm = (X509KeyManager)keyManager; + X509KeyManager xkm = (X509KeyManager)keyManager; keyManagers.add(xkm); if(defaultAlias!=null) { - sb=new StringBuilder("X509 Chain\n"); - x509Info(sb,xkm.getCertificateChain(defaultAlias)); + sb=new StringBuilder("X509 Chain\n"); + x509Info(sb,xkm.getCertificateChain(defaultAlias)); } if(defaultClientAlias!=null && !defaultClientAlias.equals(defaultAlias)) { - if(sb==null) { - sb = new StringBuilder(); - } else { - sb.append('\n'); - } - sb.append("X509 Client Chain\n"); - x509Info(sb,xkm.getCertificateChain(defaultAlias)); + if(sb==null) { + sb = new StringBuilder(); + } else { + sb.append('\n'); + } + sb.append("X509 Client Chain\n"); + x509Info(sb,xkm.getCertificateChain(defaultAlias)); } } } @@ -265,32 +265,32 @@ public class SecurityInfo { keyManagers.toArray(x509KeyManager); if(sb!=null) { - access.log(Level.INIT, sb); + access.log(Level.INIT, sb); } } private void x509Info(StringBuilder sb, X509Certificate[] chain) { - if(chain!=null) { - int i=0; - for(X509Certificate x : chain) { - sb.append(" "); - sb.append(i++); - sb.append(')'); - sb.append("\n Subject: "); - sb.append(x.getSubjectDN()); - sb.append("\n Issuer : "); - sb.append(x.getIssuerDN()); - sb.append("\n Expires: "); - sb.append(x.getNotAfter()); - sb.append('\n'); - } - } + if(chain!=null) { + int i=0; + for(X509Certificate x : chain) { + sb.append(" "); + sb.append(i++); + sb.append(')'); + sb.append("\n Subject: "); + sb.append(x.getSubjectDN()); + sb.append("\n Issuer : "); + sb.append(x.getIssuerDN()); + sb.append("\n Expires: "); + sb.append(x.getNotAfter()); + sb.append('\n'); + } + } } protected void initializeTrustManager() throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException, CadiException { String trustStore = access.getProperty(Config.CADI_TRUSTSTORE, null); if(trustStore==null) { - return; + return; } else if(!new File(trustStore).exists()) { throw new CadiException(trustStore + " does not exist"); } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java index e32b30d0..292f8e1c 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiApiEnforcementFilter.java @@ -45,92 +45,92 @@ import org.onap.aaf.cadi.util.Split; * @author Instrumental(Jonathan) */ public class CadiApiEnforcementFilter implements Filter { - private String type; - private Map<String,List<String>> publicPaths; - private Access access; - - - public CadiApiEnforcementFilter(Access access, String enforce) throws ServletException { - this.access = access; - init(enforce); - } + private String type; + private Map<String,List<String>> publicPaths; + private Access access; + + + public CadiApiEnforcementFilter(Access access, String enforce) throws ServletException { + this.access = access; + init(enforce); + } - @Override - public void init(FilterConfig fc) throws ServletException { - init(fc.getInitParameter(Config.CADI_API_ENFORCEMENT)); + @Override + public void init(FilterConfig fc) throws ServletException { + init(fc.getInitParameter(Config.CADI_API_ENFORCEMENT)); // need the Context for Logging, instantiating ClassLoader, etc ServletContextAccess sca=new ServletContextAccess(fc); if (access==null) { access = sca; } - } - - private void init(final String ptypes) throws ServletException { - if(ptypes==null) { - throw new ServletException("CadiApiEnforcement requires " + Config.CADI_API_ENFORCEMENT + " property"); - } - String[] full = Split.splitTrim(';', ptypes); - if(full.length==0) { - throw new ServletException(Config.CADI_API_ENFORCEMENT + " property is empty"); - } - if(full.length>0) { - type=full[0]; - } - publicPaths = new TreeMap<String,List<String>>(); - if(full.length>1) { - for(int i=1;i<full.length;++i) { - String pubArray[] = Split.split(':', full[i]); - if(pubArray.length==2) { - List<String> ls = publicPaths.get(pubArray[0]); - if(ls==null) { - ls = new ArrayList<String>(); - publicPaths.put(pubArray[0], ls); - } - ls.add(pubArray[1]); - } - } - } - } + } + + private void init(final String ptypes) throws ServletException { + if(ptypes==null) { + throw new ServletException("CadiApiEnforcement requires " + Config.CADI_API_ENFORCEMENT + " property"); + } + String[] full = Split.splitTrim(';', ptypes); + if(full.length==0) { + throw new ServletException(Config.CADI_API_ENFORCEMENT + " property is empty"); + } + if(full.length>0) { + type=full[0]; + } + publicPaths = new TreeMap<String,List<String>>(); + if(full.length>1) { + for(int i=1;i<full.length;++i) { + String pubArray[] = Split.split(':', full[i]); + if(pubArray.length==2) { + List<String> ls = publicPaths.get(pubArray[0]); + if(ls==null) { + ls = new ArrayList<String>(); + publicPaths.put(pubArray[0], ls); + } + ls.add(pubArray[1]); + } + } + } + } - @Override - public void doFilter(ServletRequest req, ServletResponse resp, FilterChain fc) throws IOException, ServletException { - HttpServletRequest hreq = (HttpServletRequest)req; - final String meth = hreq.getMethod(); - String path = hreq.getContextPath()+hreq.getPathInfo(); - - if(path == null || path.isEmpty() || "null".equals(path)) - path = hreq.getRequestURI().substring(hreq.getContextPath().length()); - - List<String> list = publicPaths.get(meth); - if(list!=null) { - for( String p : publicPaths.get(meth)) { - if(path.startsWith(p)) { - access.printf(Level.INFO, "%s accessed public API %s %s\n", - hreq.getUserPrincipal().getName(), - meth, - path); - fc.doFilter(req, resp); - return; - } - } - } - if(hreq.isUserInRole(type + '|'+path+'|'+meth)) { - access.printf(Level.INFO, "%s is allowed access to %s %s\n", - hreq.getUserPrincipal().getName(), - meth, - path); - fc.doFilter(req, resp); - } else { - access.printf(Level.AUDIT, "%s is denied access to %s %s\n", - hreq.getUserPrincipal().getName(), - meth, - path); - } - } + @Override + public void doFilter(ServletRequest req, ServletResponse resp, FilterChain fc) throws IOException, ServletException { + HttpServletRequest hreq = (HttpServletRequest)req; + final String meth = hreq.getMethod(); + String path = hreq.getContextPath()+hreq.getPathInfo(); + + if(path == null || path.isEmpty() || "null".equals(path)) + path = hreq.getRequestURI().substring(hreq.getContextPath().length()); + + List<String> list = publicPaths.get(meth); + if(list!=null) { + for( String p : publicPaths.get(meth)) { + if(path.startsWith(p)) { + access.printf(Level.INFO, "%s accessed public API %s %s\n", + hreq.getUserPrincipal().getName(), + meth, + path); + fc.doFilter(req, resp); + return; + } + } + } + if(hreq.isUserInRole(type + '|'+path+'|'+meth)) { + access.printf(Level.INFO, "%s is allowed access to %s %s\n", + hreq.getUserPrincipal().getName(), + meth, + path); + fc.doFilter(req, resp); + } else { + access.printf(Level.AUDIT, "%s is denied access to %s %s\n", + hreq.getUserPrincipal().getName(), + meth, + path); + } + } - @Override - public void destroy() { - } + @Override + public void destroy() { + } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java index 01bf6f2e..50efe8b4 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java @@ -161,7 +161,7 @@ public class CadiFilter implements Filter { cf= (Class<Filter>) Class.forName("org.onap.aaf.cadi.oauth.OAuthFilter"); sideChain.add(cf.newInstance()); } catch (ClassNotFoundException e) { - access.log(Level.DEBUG, "OAuthFilter not enabled"); + access.log(Level.DEBUG, "OAuthFilter not enabled"); } } catch (Exception e) { access.log(Level.INIT, "AAFTrustChecker cannot be loaded",e.getMessage()); @@ -229,7 +229,7 @@ public class CadiFilter implements Filter { // Add API Enforcement Point String enforce = getter.get(Config.CADI_API_ENFORCEMENT, null, true); if(enforce!=null && enforce.length()>0) { - sideChain.add(new CadiApiEnforcementFilter(access,enforce)); + sideChain.add(new CadiApiEnforcementFilter(access,enforce)); } // Remove Getter getter = Get.NULL; @@ -304,11 +304,11 @@ public class CadiFilter implements Filter { if (pathExceptions!=null) { String pi = hreq.getPathInfo(); if (pi==null) { - // Attempt to get from URI only (Daniel Rose) + // Attempt to get from URI only (Daniel Rose) pi = hreq.getRequestURI().substring(hreq.getContextPath().length()); if(pi==null) { - // Nothing works. - return false; // JBoss sometimes leaves null + // Nothing works. + return false; // JBoss sometimes leaves null } } for (String pe : pathExceptions) { diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java index 5920a260..0a89af0c 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java @@ -56,12 +56,12 @@ import org.onap.aaf.cadi.util.UserChainManip; */ public class CadiHTTPManip { private static final String ACCESS_DENIED = "Access Denied"; - private static final String NO_TAF_WILL_AUTHORIZE = "No TAF will authorize"; - private static final String AUTHENTICATION_FAILURE = "Authentication Failure"; - private static final String AUTHENTICATING_VIA_REDIRECTION = "Authenticating via redirection"; - private static final String MSG_FMT = "user=%s,ip=%s:%d,msg=\"%s: %s\""; - private static final String AUTHENTICATED = "Authenticated"; - private static final String ACCESS_CADI_CONTROL = ".access|cadi|control"; + private static final String NO_TAF_WILL_AUTHORIZE = "No TAF will authorize"; + private static final String AUTHENTICATION_FAILURE = "Authentication Failure"; + private static final String AUTHENTICATING_VIA_REDIRECTION = "Authenticating via redirection"; + private static final String MSG_FMT = "user=%s,ip=%s:%d,msg=\"%s: %s\""; + private static final String AUTHENTICATED = "Authenticated"; + private static final String ACCESS_CADI_CONTROL = ".access|cadi|control"; private static final String METH = "OPTIONS"; private static final String CADI = "/cadi/"; private static final String CADI_CACHE_PRINT = "/cadi/cache/print"; @@ -127,38 +127,38 @@ public class CadiHTTPManip { switch(tresp.isAuthenticated()) { case IS_AUTHENTICATED: access.printf(Level.DEBUG,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(), - hreq.getRemotePort(),AUTHENTICATED,tresp.desc()); + hreq.getRemotePort(),AUTHENTICATED,tresp.desc()); break; case TRY_AUTHENTICATING: switch (tresp.authenticate()) { case IS_AUTHENTICATED: - access.printf(Level.DEBUG,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(), - hreq.getRemotePort(),AUTHENTICATED,tresp.desc()); + access.printf(Level.DEBUG,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(), + hreq.getRemotePort(),AUTHENTICATED,tresp.desc()); break; case HTTP_REDIRECT_INVOKED: - access.printf(Level.DEBUG,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(), - hreq.getRemotePort(),AUTHENTICATING_VIA_REDIRECTION,tresp.desc()); + access.printf(Level.DEBUG,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(), + hreq.getRemotePort(),AUTHENTICATING_VIA_REDIRECTION,tresp.desc()); break; case NO_FURTHER_PROCESSING: access.printf(Level.AUDIT,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(), - hreq.getRemotePort(),AUTHENTICATION_FAILURE,tresp.desc()); + hreq.getRemotePort(),AUTHENTICATION_FAILURE,tresp.desc()); hresp.sendError(403, tresp.desc()); // Forbidden break; default: - access.printf(Level.AUDIT,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(), - hreq.getRemotePort(),NO_TAF_WILL_AUTHORIZE,tresp.desc()); + access.printf(Level.AUDIT,MSG_FMT,tresp.getTarget(),hreq.getRemoteAddr(), + hreq.getRemotePort(),NO_TAF_WILL_AUTHORIZE,tresp.desc()); hresp.sendError(403, tresp.desc()); // Forbidden } break; case NO_FURTHER_PROCESSING: access.printf(Level.AUDIT,MSG_FMT, tresp.getTarget(),hreq.getRemoteAddr(), - hreq.getRemotePort(),NO_TAF_WILL_AUTHORIZE,tresp.desc()); + hreq.getRemotePort(),NO_TAF_WILL_AUTHORIZE,tresp.desc()); hresp.sendError(403, ACCESS_DENIED); // FORBIDDEN break; default: - access.printf(Level.AUDIT,MSG_FMT, tresp.getTarget(),hreq.getRemoteAddr(), - hreq.getRemotePort(),NO_TAF_WILL_AUTHORIZE,tresp.desc()); + access.printf(Level.AUDIT,MSG_FMT, tresp.getTarget(),hreq.getRemoteAddr(), + hreq.getRemotePort(),NO_TAF_WILL_AUTHORIZE,tresp.desc()); hresp.sendError(403, ACCESS_DENIED); // FORBIDDEN } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapBathConverter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapBathConverter.java index 36372eb3..8c616f4a 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapBathConverter.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/MapBathConverter.java @@ -59,7 +59,7 @@ import org.onap.aaf.cadi.util.CSV.Visitor; */ public class MapBathConverter { private static final String BASIC = "Basic "; - private final Map<String,String> map; + private final Map<String,String> map; /** * Create with colon separated name value pairs @@ -78,53 +78,53 @@ public class MapBathConverter { final SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd"); final Date now = new Date(); csv.visit(new Visitor() { - @Override - public void visit(List<String> row) throws CadiException { - if(row.size()<3) { - throw new CadiException("CSV file " + csv + " must have at least 2 Basic Auth columns and an Expiration Date(YYYY-MM-DD) in each row"); - } - try { - Date date = sdf.parse(row.get(2)); - String oldID = row.get(0); - String newID = row.get(1); - if(date.after(now)) { - if(!oldID.startsWith(BASIC) && newID.startsWith(BASIC)) { - throw new CadiException("CSV file " + csv + ": Uncredentialed ID " + idFromBasic(oldID,null) + - " may not transfer to credentialed ID " + idFromBasic(newID,null)); - } else { - map.put(oldID,newID); - access.printf(Level.INIT, "ID Conversion from %s to %s enabled", - idFromBasic(oldID,null), - idFromBasic(newID,null)); - } - } else { - access.printf(Level.INIT, "ID Conversion from %s to %s has expired.", - idFromBasic(oldID,null), - idFromBasic(newID,null)); - } - } catch (ParseException e) { - throw new CadiException("Cannot Parse Date: " + row.get(2)); - } catch (IOException e) { - throw new CadiException(e); - } - } - }); + @Override + public void visit(List<String> row) throws CadiException { + if(row.size()<3) { + throw new CadiException("CSV file " + csv + " must have at least 2 Basic Auth columns and an Expiration Date(YYYY-MM-DD) in each row"); + } + try { + Date date = sdf.parse(row.get(2)); + String oldID = row.get(0); + String newID = row.get(1); + if(date.after(now)) { + if(!oldID.startsWith(BASIC) && newID.startsWith(BASIC)) { + throw new CadiException("CSV file " + csv + ": Uncredentialed ID " + idFromBasic(oldID,null) + + " may not transfer to credentialed ID " + idFromBasic(newID,null)); + } else { + map.put(oldID,newID); + access.printf(Level.INIT, "ID Conversion from %s to %s enabled", + idFromBasic(oldID,null), + idFromBasic(newID,null)); + } + } else { + access.printf(Level.INIT, "ID Conversion from %s to %s has expired.", + idFromBasic(oldID,null), + idFromBasic(newID,null)); + } + } catch (ParseException e) { + throw new CadiException("Cannot Parse Date: " + row.get(2)); + } catch (IOException e) { + throw new CadiException(e); + } + } + }); } private static String idFromBasic(String bath, Holder<String> hpass) throws IOException, CadiException { - if(bath.startsWith(BASIC)) { - String cred = Symm.base64noSplit.decode(bath.substring(6)); - int colon = cred.indexOf(':'); - if(colon<0) { - throw new CadiException("Invalid Authentication Credential for " + cred); - } - if(hpass!=null) { - hpass.value = cred.substring(colon+1); - } - return cred.substring(0, colon); - } else { - return bath; - } + if(bath.startsWith(BASIC)) { + String cred = Symm.base64noSplit.decode(bath.substring(6)); + int colon = cred.indexOf(':'); + if(colon<0) { + throw new CadiException("Invalid Authentication Credential for " + cred); + } + if(hpass!=null) { + hpass.value = cred.substring(colon+1); + } + return cred.substring(0, colon); + } else { + return bath; + } } /** @@ -137,40 +137,40 @@ public class MapBathConverter { } public String convert(Access access, final String bath) { - String rv = map.get(bath); + String rv = map.get(bath); - String cred; - String tcred=null; - Holder<String> hpass=null; - try { - if(bath.startsWith(BASIC)) { - cred = idFromBasic(bath,(hpass=new Holder<String>())); - if(rv==null) { - rv = map.get(cred); - } - } else { - cred = bath; - } + String cred; + String tcred=null; + Holder<String> hpass=null; + try { + if(bath.startsWith(BASIC)) { + cred = idFromBasic(bath,(hpass=new Holder<String>())); + if(rv==null) { + rv = map.get(cred); + } + } else { + cred = bath; + } - if(rv==null) { - // Nothing here, just return original - rv = bath; - } else { - if(rv.startsWith(BASIC)) { - tcred = idFromBasic(rv,null); - } else { - if(hpass!=null) { - tcred = rv; - rv = BASIC + Symm.base64noSplit.encode(rv+':'+hpass.value); - } - } - if(tcred != null) { - access.printf(Level.AUDIT, "ID %s converted to %s",cred,tcred); - } - } - } catch (IOException | CadiException e) { - access.log(e,"Invalid Authorization"); - } - return rv==null?bath:rv; + if(rv==null) { + // Nothing here, just return original + rv = bath; + } else { + if(rv.startsWith(BASIC)) { + tcred = idFromBasic(rv,null); + } else { + if(hpass!=null) { + tcred = rv; + rv = BASIC + Symm.base64noSplit.encode(rv+':'+hpass.value); + } + } + if(tcred != null) { + access.printf(Level.AUDIT, "ID %s converted to %s",cred,tcred); + } + } + } catch (IOException | CadiException e) { + access.log(e,"Invalid Authorization"); + } + return rv==null?bath:rv; } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/SideChain.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/SideChain.java index 8283b4dd..18e76b96 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/SideChain.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/SideChain.java @@ -38,36 +38,36 @@ import javax.xml.ws.Holder; * */ public class SideChain { - private List<Filter> sideChain; - - public SideChain() { - sideChain = new ArrayList<Filter>(); - } - - public void add(Filter f) { - sideChain.add(f); - } - + private List<Filter> sideChain; + + public SideChain() { + sideChain = new ArrayList<Filter>(); + } + + public void add(Filter f) { + sideChain.add(f); + } + public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)throws IOException, ServletException { - final Holder<Boolean> hbool = new Holder<Boolean>(Boolean.TRUE); - FilterChain truth = new FilterChain() { - @Override - public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { - hbool.value=Boolean.TRUE; - } - public String toString() { - return hbool.value.toString(); - } - }; - for(Filter f : sideChain) { - hbool.value=Boolean.FALSE; - f.doFilter(request, response, truth); - if(!hbool.value) { - return; - } - } - if(hbool.value) { - chain.doFilter(request, response); - } + final Holder<Boolean> hbool = new Holder<Boolean>(Boolean.TRUE); + FilterChain truth = new FilterChain() { + @Override + public void doFilter(ServletRequest request, ServletResponse response) throws IOException, ServletException { + hbool.value=Boolean.TRUE; + } + public String toString() { + return hbool.value.toString(); + } + }; + for(Filter f : sideChain) { + hbool.value=Boolean.FALSE; + f.doFilter(request, response, truth); + if(!hbool.value) { + return; + } + } + if(hbool.value) { + chain.doFilter(request, response); + } } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java index 364a0728..f420f41f 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/AbsTafResp.java @@ -127,14 +127,14 @@ public abstract class AbsTafResp implements TafResp { } /* (non-Javadoc) - * @see org.onap.aaf.cadi.taf.TafResp#getTarget() - */ - @Override - public String getTarget() { - return target; - } - - /** + * @see org.onap.aaf.cadi.taf.TafResp#getTarget() + */ + @Override + public String getTarget() { + return target; + } + + /** * getAccess() * * Get the Access object from the TAF, so that appropriate Logging, etc can be coordinated. diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java index fb66ec08..b3b7fb59 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/NullTafResp.java @@ -61,14 +61,14 @@ class NullTafResp implements TafResp { } /* (non-Javadoc) - * @see org.onap.aaf.cadi.taf.TafResp#getTarget() - */ - @Override - public String getTarget() { - return "unknown"; - } + * @see org.onap.aaf.cadi.taf.TafResp#getTarget() + */ + @Override + public String getTarget() { + return "unknown"; + } - public Access getAccess() { + public Access getAccess() { return Access.NULL; } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java index 3bc278e5..6bb57d36 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/PuntTafResp.java @@ -64,14 +64,14 @@ public class PuntTafResp implements TafResp { } /* (non-Javadoc) - * @see org.onap.aaf.cadi.taf.TafResp#getTarget() - */ - @Override - public String getTarget() { - return "punt"; - } + * @see org.onap.aaf.cadi.taf.TafResp#getTarget() + */ + @Override + public String getTarget() { + return "punt"; + } - public Access getAccess() { + public Access getAccess() { return NullTafResp.singleton().getAccess(); } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java index f397cbab..dee0ba07 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustNotTafResp.java @@ -63,14 +63,14 @@ public class TrustNotTafResp implements TafResp { } /* (non-Javadoc) - * @see org.onap.aaf.cadi.taf.TafResp#getTarget() - */ - @Override - public String getTarget() { - return delegate.getTarget(); - } + * @see org.onap.aaf.cadi.taf.TafResp#getTarget() + */ + @Override + public String getTarget() { + return delegate.getTarget(); + } - @Override + @Override public Access getAccess() { return delegate.getAccess(); } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java index 061d4e2f..2701c27a 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/TrustTafResp.java @@ -65,14 +65,14 @@ public class TrustTafResp implements TafResp { } /* (non-Javadoc) - * @see org.onap.aaf.cadi.taf.TafResp#getTarget() - */ - @Override - public String getTarget() { - return delegate.getTarget(); - } + * @see org.onap.aaf.cadi.taf.TafResp#getTarget() + */ + @Override + public String getTarget() { + return delegate.getTarget(); + } - @Override + @Override public Access getAccess() { return delegate.getAccess(); } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java index dcd27d63..93360761 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java @@ -70,7 +70,7 @@ public class BasicHttpTaf implements HttpTaf { private Map<String,CredVal> rbacs = new TreeMap<>(); private boolean warn; private long timeToLive; - private MapBathConverter mapIds; + private MapBathConverter mapIds; public BasicHttpTaf(Access access, CredVal rbac, String realm, long timeToLive, boolean turnOnWarning) { this.access = access; @@ -80,13 +80,13 @@ public class BasicHttpTaf implements HttpTaf { this.timeToLive = timeToLive; String csvFile = access.getProperty(Config.CADI_BATH_CONVERT, null); if(csvFile==null) { - mapIds=null; + mapIds=null; } else { - try { - mapIds = new MapBathConverter(access, new CSV(access,csvFile)); - } catch (IOException | CadiException e) { - access.log(e,"Bath Map Conversion is not initialzed (non fatal)"); - } + try { + mapIds = new MapBathConverter(access, new CSV(access,csvFile)); + } catch (IOException | CadiException e) { + access.log(e,"Bath Map Conversion is not initialzed (non fatal)"); + } } } @@ -134,7 +134,7 @@ public class BasicHttpTaf implements HttpTaf { access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel"); } if(mapIds != null) { - authz = mapIds.convert(access, authz); + authz = mapIds.convert(access, authz); } try { CachedBasicPrincipal ba = new CachedBasicPrincipal(this,authz,realm,timeToLive); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java index 5f5ff574..914c57b5 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java @@ -137,52 +137,52 @@ public class X509Taf implements HttpTaf { access.printf(Level.DEBUG,"Client Certificate found\n Subject '%s'\n Issuer '%s'",subject,issuer); if (cadiIssuers.contains(issuer)) { // avoiding extra object creation, since this is validated EVERY transaction with a Cert - int start = 0; - int end = 1; - int comma; - int length = subject.length(); - - compare: - while(start<length) { - while(Character.isWhitespace(subject.charAt(start))) { - if(++start>length) { - break compare; - } - } - comma = subject.indexOf(',',start); - if(comma<0) { - end = subject.length(); - } else { - end = comma<=0?0:comma-1; - } - while(Character.isWhitespace(subject.charAt(end))) { - if(--end < 0) { - break compare; - } - } - if(subject.regionMatches(start, "OU=", 0, 3) || - subject.regionMatches(start, "CN=", 0, 3)) { - int at = subject.indexOf('@', start); - if(at<end && at>=0) { + int start = 0; + int end = 1; + int comma; + int length = subject.length(); + + compare: + while(start<length) { + while(Character.isWhitespace(subject.charAt(start))) { + if(++start>length) { + break compare; + } + } + comma = subject.indexOf(',',start); + if(comma<0) { + end = subject.length(); + } else { + end = comma<=0?0:comma-1; + } + while(Character.isWhitespace(subject.charAt(end))) { + if(--end < 0) { + break compare; + } + } + if(subject.regionMatches(start, "OU=", 0, 3) || + subject.regionMatches(start, "CN=", 0, 3)) { + int at = subject.indexOf('@', start); + if(at<end && at>=0) { String[] sa = Split.splitTrim(':', subject, start+3,end+1); if (sa.length==1 || (sa.length>1 && env!=null && env.equals(sa[1]))) { // Check Environment return new X509HttpTafResp(access, new X509Principal(sa[0], certarr[0],(byte[])null,bht), "X509Taf validated " + sa[0] + (sa.length<2?"":" for aaf_env " + env ), RESP.IS_AUTHENTICATED); } else { - access.printf(Level.DEBUG,"Certificate is not for environment '%s'",env); - break; + access.printf(Level.DEBUG,"Certificate is not for environment '%s'",env); + break; } - } - } - start = comma+1; - } - access.log(Level.DEBUG,"Certificate is not acceptable for Authentication"); + } + } + start = comma+1; + } + access.log(Level.DEBUG,"Certificate is not acceptable for Authentication"); } else { - access.log(Level.DEBUG,"Issuer is not trusted for Authentication"); + access.log(Level.DEBUG,"Issuer is not trusted for Authentication"); } } else { - access.log(Level.DEBUG,"There is no client certificate on the transaction"); + access.log(Level.DEBUG,"There is no client certificate on the transaction"); } @@ -266,7 +266,7 @@ public class X509Taf implements HttpTaf { // if Principal is found, check for "AS_USER" and whether this entity is trusted to declare if (prin!=null) { - // Note: Tag for Certs is Fingerprint, but that takes computation... leaving off + // Note: Tag for Certs is Fingerprint, but that takes computation... leaving off return new X509HttpTafResp( access, prin, diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/CSV.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/CSV.java index 35d85b9a..fbaa4a5a 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/CSV.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/CSV.java @@ -41,240 +41,240 @@ import org.onap.aaf.cadi.CadiException; * */ public class CSV { - private File csv; - private Access access; - private boolean processAll; - private char delimiter = ','; - - public CSV(Access access, File file) { - this.access = access; - csv = file; - processAll = false; - } - - public CSV(Access access, String csvFilename) { - this.access = access; - csv = new File(csvFilename); - processAll = false; - } - - public CSV setDelimiter(char delimiter) { - this.delimiter = delimiter; - return this; - } - - public String name() { - return csv.getName(); - } + private File csv; + private Access access; + private boolean processAll; + private char delimiter = ','; + + public CSV(Access access, File file) { + this.access = access; + csv = file; + processAll = false; + } + + public CSV(Access access, String csvFilename) { + this.access = access; + csv = new File(csvFilename); + processAll = false; + } + + public CSV setDelimiter(char delimiter) { + this.delimiter = delimiter; + return this; + } + + public String name() { + return csv.getName(); + } - public CSV processAll() { - processAll = true; - return this; - } - /* - * Create your code to accept the List<String> row. - * - * Your code may keep the List... CSV does not hold onto it. - * - * @author Instrumental(Jonathan) - * - */ - public interface Visitor { - void visit(List<String> row) throws IOException, CadiException; - } - - public void visit(Visitor visitor) throws IOException, CadiException { - BufferedReader br = new BufferedReader(new FileReader(csv)); - try { - String line; - StringBuilder sb = new StringBuilder(); - while((line = br.readLine())!=null) { - line=line.trim(); - if(!line.startsWith("#") && line.length()>0) { -// System.out.println(line); uncomment to debug - List<String> row = new ArrayList<>(); - boolean quotes=false; - boolean escape=false; - char c = 0; - for(int i=0;i<line.length();++i) { - switch(c=line.charAt(i)) { - case '"': - if(quotes) { - if(i<line.length()-1) { // may look ahead - if('"' == line.charAt(i+1)) { - sb.append(c); - ++i; - } else { - quotes = false; - } - } else { - quotes=false; - } - } else { - quotes=true; - } - break; - case '\\': - if(escape) { - sb.append(c); - escape = false; - } else { - escape = true; - } - break; - case 'n': - if(escape) { - sb.append("\\n"); - escape=false; - } else { - sb.append(c); - } - break; - default: - if(delimiter==c) { - if(quotes) { - sb.append(c); - } else { - row.add(sb.toString()); - sb.setLength(0); - } - } else { - sb.append(c); - } - } - } - if(sb.length()>0 || c==',') { - row.add(sb.toString()); - sb.setLength(0); - } - try { - visitor.visit(row); - } catch (CadiException e) { - if(processAll) { - access.log(Level.ERROR,e); - } else { - throw e; - } - } - } - } - } finally { - br.close(); - } - } - - public Writer writer() throws FileNotFoundException { - return new Writer(false); - } + public CSV processAll() { + processAll = true; + return this; + } + /* + * Create your code to accept the List<String> row. + * + * Your code may keep the List... CSV does not hold onto it. + * + * @author Instrumental(Jonathan) + * + */ + public interface Visitor { + void visit(List<String> row) throws IOException, CadiException; + } + + public void visit(Visitor visitor) throws IOException, CadiException { + BufferedReader br = new BufferedReader(new FileReader(csv)); + try { + String line; + StringBuilder sb = new StringBuilder(); + while((line = br.readLine())!=null) { + line=line.trim(); + if(!line.startsWith("#") && line.length()>0) { +// System.out.println(line); uncomment to debug + List<String> row = new ArrayList<>(); + boolean quotes=false; + boolean escape=false; + char c = 0; + for(int i=0;i<line.length();++i) { + switch(c=line.charAt(i)) { + case '"': + if(quotes) { + if(i<line.length()-1) { // may look ahead + if('"' == line.charAt(i+1)) { + sb.append(c); + ++i; + } else { + quotes = false; + } + } else { + quotes=false; + } + } else { + quotes=true; + } + break; + case '\\': + if(escape) { + sb.append(c); + escape = false; + } else { + escape = true; + } + break; + case 'n': + if(escape) { + sb.append("\\n"); + escape=false; + } else { + sb.append(c); + } + break; + default: + if(delimiter==c) { + if(quotes) { + sb.append(c); + } else { + row.add(sb.toString()); + sb.setLength(0); + } + } else { + sb.append(c); + } + } + } + if(sb.length()>0 || c==',') { + row.add(sb.toString()); + sb.setLength(0); + } + try { + visitor.visit(row); + } catch (CadiException e) { + if(processAll) { + access.log(Level.ERROR,e); + } else { + throw e; + } + } + } + } + } finally { + br.close(); + } + } + + public Writer writer() throws FileNotFoundException { + return new Writer(false); + } - public Writer writer(boolean append) throws FileNotFoundException { - return new Writer(append); - } + public Writer writer(boolean append) throws FileNotFoundException { + return new Writer(append); + } - public interface RowSetter { - public void row(Object ... objs); - } - - public static class Saver implements RowSetter { - List<String> ls= new ArrayList<>(); - - @Override - public void row(Object ... objs) { - if(objs.length>0) { - for(Object o : objs) { - if(o != null) { - if(o instanceof String[]) { - for(String str : (String[])o) { - ls.add(str); - } - } else { - ls.add(o.toString()); - } - } - } - } - } - - public List<String> asList() { - List<String> rv = ls; - ls = new ArrayList<>(); - return rv; - } - } + public interface RowSetter { + public void row(Object ... objs); + } + + public static class Saver implements RowSetter { + List<String> ls= new ArrayList<>(); + + @Override + public void row(Object ... objs) { + if(objs.length>0) { + for(Object o : objs) { + if(o != null) { + if(o instanceof String[]) { + for(String str : (String[])o) { + ls.add(str); + } + } else { + ls.add(o.toString()); + } + } + } + } + } + + public List<String> asList() { + List<String> rv = ls; + ls = new ArrayList<>(); + return rv; + } + } - public class Writer implements RowSetter { - private PrintStream ps; - private Writer(final boolean append) throws FileNotFoundException { - ps = new PrintStream(new FileOutputStream(csv,append)); - } - - @Override - public void row(Object ... objs) { - if(objs.length>0) { - boolean first = true; - for(Object o : objs) { - if(first) { - first = false; - } else { - ps.append(delimiter); - } - if(o == null) { - } else if(o instanceof String[]) { - for(String str : (String[])o) { - print(str); - } - } else { - print(o.toString()); - } - } - ps.println(); - } - } - - private void print(String s) { - boolean quote = s.matches(".*[,|\"].*"); - if(quote) { - ps.append('"'); - ps.print(s.replace("\"", "\"\"") - .replace("'", "''") - .replace("\\", "\\\\")); - ps.append('"'); - } else { - ps.append(s); - } + public class Writer implements RowSetter { + private PrintStream ps; + private Writer(final boolean append) throws FileNotFoundException { + ps = new PrintStream(new FileOutputStream(csv,append)); + } + + @Override + public void row(Object ... objs) { + if(objs.length>0) { + boolean first = true; + for(Object o : objs) { + if(first) { + first = false; + } else { + ps.append(delimiter); + } + if(o == null) { + } else if(o instanceof String[]) { + for(String str : (String[])o) { + print(str); + } + } else { + print(o.toString()); + } + } + ps.println(); + } + } + + private void print(String s) { + boolean quote = s.matches(".*[,|\"].*"); + if(quote) { + ps.append('"'); + ps.print(s.replace("\"", "\"\"") + .replace("'", "''") + .replace("\\", "\\\\")); + ps.append('"'); + } else { + ps.append(s); + } - - } - /** - * Note: CSV files do not actually support Comments as a standard, but it is useful - * @param comment - */ - public void comment(String comment, Object ... objs) { - ps.print("# "); - ps.printf(comment,objs); - ps.println(); - } - - public void flush() { - ps.flush(); - } - - public void close() { - flush(); - ps.close(); - } - - public String toString() { - return csv.getAbsolutePath(); - } - } + + } + /** + * Note: CSV files do not actually support Comments as a standard, but it is useful + * @param comment + */ + public void comment(String comment, Object ... objs) { + ps.print("# "); + ps.printf(comment,objs); + ps.println(); + } + + public void flush() { + ps.flush(); + } + + public void close() { + flush(); + ps.close(); + } + + public String toString() { + return csv.getAbsolutePath(); + } + } - public void delete() { - csv.delete(); - } - - public String toString() { - return csv.getAbsolutePath(); - } + public void delete() { + csv.delete(); + } + + public String toString() { + return csv.getAbsolutePath(); + } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java index b4085361..f2c6be6f 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FixURIinfo.java @@ -30,37 +30,37 @@ import java.net.URI; * */ public class FixURIinfo { - private String auth; - private String host; - private int port; - - public FixURIinfo(URI uri) { - auth = uri.getAuthority(); - host = uri.getHost(); - if(host==null || (auth!=null && auth.startsWith(host))) { - if(auth!=null) { - int colon = auth.indexOf(':'); - if(colon >= 0 ) { - host = auth.substring(0, colon); - port = Integer.parseInt(auth.substring(colon+1)); - } else { - host = auth; - port = uri.getPort(); - } - auth=null; - } - } - } - - public String getHost() { - return host; - } - - public int getPort() { - return port; - } + private String auth; + private String host; + private int port; + + public FixURIinfo(URI uri) { + auth = uri.getAuthority(); + host = uri.getHost(); + if(host==null || (auth!=null && auth.startsWith(host))) { + if(auth!=null) { + int colon = auth.indexOf(':'); + if(colon >= 0 ) { + host = auth.substring(0, colon); + port = Integer.parseInt(auth.substring(colon+1)); + } else { + host = auth; + port = uri.getPort(); + } + auth=null; + } + } + } + + public String getHost() { + return host; + } + + public int getPort() { + return port; + } - public String getUserInfo() { - return auth; - } + public String getUserInfo() { + return auth; + } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java index c6f8bd0a..4f41629d 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java @@ -31,93 +31,93 @@ package org.onap.aaf.cadi.util; */ public class Split { - private static final String[] EMPTY = new String[0]; + private static final String[] EMPTY = new String[0]; - public static String[] split(char c, String value) { - if (value==null) { - return EMPTY; - } + public static String[] split(char c, String value) { + if (value==null) { + return EMPTY; + } - return split(c,value,0,value.length()); - } + return split(c,value,0,value.length()); + } - public static String[] split(char c, String value, int start, int end) { - if (value==null) { - return EMPTY; - } + public static String[] split(char c, String value, int start, int end) { + if (value==null) { + return EMPTY; + } - // Count items to preallocate Array (memory alloc is more expensive than counting twice) - int count,idx; - for (count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count); - String[] rv = new String[count]; - if (count==1) { - rv[0]=value.substring(start,end); - } else { - int last=0; - count=-1; - for (idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) { - rv[++count]=value.substring(last,idx); - last = ++idx; - } - rv[++count]=value.substring(last,end); - } - return rv; - } + // Count items to preallocate Array (memory alloc is more expensive than counting twice) + int count,idx; + for (count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count); + String[] rv = new String[count]; + if (count==1) { + rv[0]=value.substring(start,end); + } else { + int last=0; + count=-1; + for (idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) { + rv[++count]=value.substring(last,idx); + last = ++idx; + } + rv[++count]=value.substring(last,end); + } + return rv; + } - public static String[] splitTrim(char c, String value, int start, int end) { - if (value==null) { - return EMPTY; - } + public static String[] splitTrim(char c, String value, int start, int end) { + if (value==null) { + return EMPTY; + } - // Count items to preallocate Array (memory alloc is more expensive than counting twice) - int count,idx; - for (count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count); - String[] rv = new String[count]; - if (count==1) { - rv[0]=value.substring(start,end).trim(); - } else { - int last=start; - count=-1; - for (idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) { - rv[++count]=value.substring(last,idx).trim(); - last = ++idx; - } - rv[++count]=value.substring(last,end).trim(); - } - return rv; - } + // Count items to preallocate Array (memory alloc is more expensive than counting twice) + int count,idx; + for (count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count); + String[] rv = new String[count]; + if (count==1) { + rv[0]=value.substring(start,end).trim(); + } else { + int last=start; + count=-1; + for (idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) { + rv[++count]=value.substring(last,idx).trim(); + last = ++idx; + } + rv[++count]=value.substring(last,end).trim(); + } + return rv; + } - public static String[] splitTrim(char c, String value) { - if (value==null) { - return EMPTY; - } - return splitTrim(c,value,0,value.length()); - } + public static String[] splitTrim(char c, String value) { + if (value==null) { + return EMPTY; + } + return splitTrim(c,value,0,value.length()); + } - public static String[] splitTrim(char c, String value, int size) { - if (value==null) { - return EMPTY; - } + public static String[] splitTrim(char c, String value, int size) { + if (value==null) { + return EMPTY; + } - int idx; - String[] rv = new String[size]; - if (size==1) { - rv[0]=value.trim(); - } else { - int last=0; - int count=-1; - size-=2; - for (idx=value.indexOf(c);idx>=0 && count<size;idx=value.indexOf(c,idx)) { - rv[++count]=value.substring(last,idx).trim(); - last = ++idx; - } - if (idx>0) { - rv[++count]=value.substring(last,idx).trim(); - } else { - rv[++count]=value.substring(last).trim(); - } - } - return rv; - } + int idx; + String[] rv = new String[size]; + if (size==1) { + rv[0]=value.trim(); + } else { + int last=0; + int count=-1; + size-=2; + for (idx=value.indexOf(c);idx>=0 && count<size;idx=value.indexOf(c,idx)) { + rv[++count]=value.substring(last,idx).trim(); + last = ++idx; + } + if (idx>0) { + rv[++count]=value.substring(last,idx).trim(); + } else { + rv[++count]=value.substring(last).trim(); + } + } + return rv; + } } diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_MapBathConverter.java b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_MapBathConverter.java index d9a5a0eb..2be51ece 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_MapBathConverter.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_MapBathConverter.java @@ -50,199 +50,199 @@ import junit.framework.Assert; * */ public class JU_MapBathConverter { - private static final String NEW_USER_SOMETHING_ORG = "NEW_USER@Something.org"; - private static final String OLD_ID = "OLD_ID"; - private static final String SHARED_PASS = "SHARED_PASS"; - private static CSV csv; - private static ArrayList<String> expected; - private static final Access access = new PropAccess(); + private static final String NEW_USER_SOMETHING_ORG = "NEW_USER@Something.org"; + private static final String OLD_ID = "OLD_ID"; + private static final String SHARED_PASS = "SHARED_PASS"; + private static CSV csv; + private static ArrayList<String> expected; + private static final Access access = new PropAccess(); private final static SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd"); - @BeforeClass - public static void createFile() throws IOException { - // Note, you cate a "MapBathConverter" by access to a File. - // We will create that file now. Local is fine. - csv = new CSV(access,"JU_MapBathConverter.csv"); - } - - @BeforeClass - public static void beforeClass() { - expected = new ArrayList<>(); - } - - @Before - public void before() { - expected.clear(); - } - - @Test - public void test() throws IOException, CadiException { - CSV.Writer cw = csv.writer(); - GregorianCalendar gc = new GregorianCalendar(); - gc.add(GregorianCalendar.MONTH, 6); - try { - try { - // CSV can simply be OLD ID and NEW, no passwords - cw.row(exp(OLD_ID), exp(NEW_USER_SOMETHING_ORG),sdf.format(gc.getTime())); - - // Style 1 - Incoming ID/pass, create new cred with NweID and same Pass - cw.row(exp(bath(OLD_ID,SHARED_PASS)), exp(NEW_USER_SOMETHING_ORG),sdf.format(gc.getTime())); - // the response should be Basic with NEW_ID and OLD_PASS - - // Style 2 - cw.row(exp(bath(OLD_ID,"OLD_PASS")), exp(bath(NEW_USER_SOMETHING_ORG,"NEW_PASS")),sdf.format(gc.getTime())); - - } finally { - cw.close(); - } - - final Iterator<String> exp = expected.iterator(); - csv.visit(new Visitor() { - @Override - public void visit(List<String> row) { - int i=0; - for(String s : row) { - switch(i++) { - case 0: - case 1: - Assert.assertEquals(exp.next(), s); - break; - case 2: - try { - Date.valueOf(s); - } catch (Exception e) { - Assert.assertTrue("Last entry should be a date",false); - } - break; - default: - Assert.fail("There should only be 3 columns in this test case."); - } - } - } - }); - - MapBathConverter mbc = new MapBathConverter(access, csv); - - // Check no lookup just returns the same - Assert.assertEquals("NonKey", "NonKey"); // if not in map, expect same value - - Iterator<String> exp1 = expected.iterator(); - // there's no passwords in CSV - String old = exp1.next(); - String nw = exp1.next(); - Assert.assertEquals(nw, mbc.convert(access,old)); - - Assert.assertEquals(bath(NEW_USER_SOMETHING_ORG,SHARED_PASS), mbc.convert(access,bath(OLD_ID,SHARED_PASS))); - - // Style 1 (new cred, old password) - old = exp1.next(); - nw = bath(exp1.next(),SHARED_PASS); - Assert.assertEquals(nw, mbc.convert(access,old)); - - // Style 2 - old = exp1.next(); - nw = exp1.next(); - Assert.assertEquals(nw, mbc.convert(access,old)); - - } finally { - csv.delete(); - } - } - - @Test - public void testInsecureRole() throws IOException { - CSV.Writer cw = csv.writer(); - GregorianCalendar gc = new GregorianCalendar(); - gc.add(GregorianCalendar.MONTH, 6); - try { - try { - // Invalid Scenario - Non Authenticated ID to authenticated User - cw.row(exp(OLD_ID), exp(bath(NEW_USER_SOMETHING_ORG,"NEW_PASS")),sdf.format(gc.getTime())); - - } finally { - cw.close(); - } - - try { - new MapBathConverter(access, csv); - Assert.fail("Invalid Data should throw Exception"); - } catch (CadiException e) { - Assert.assertTrue("Invalid Data should throw Exception",true); - } - - } finally { - csv.delete(); - } - } - - @Test - public void testTooFewColumns() throws IOException, CadiException { - CSV.Writer cw = csv.writer(); - try { - try { - cw.row(exp(bath(OLD_ID,"OLD_PASS")), exp(bath(NEW_USER_SOMETHING_ORG,"NEW_PASS"))); - } finally { - cw.close(); - } - - try { - new MapBathConverter(access, csv); - Assert.fail("file with too few rows should throw exception"); - } catch(CadiException | IOException e) { - Assert.assertTrue("Correctly thrown Exception",true); - } - } finally { - csv.delete(); - } - } - - @Test - public void testNoFile() { - try { - new MapBathConverter(access, new CSV(access,"Bogus")); - Assert.fail("Non Existent File should throw exception"); - } catch(CadiException | IOException e) { - Assert.assertTrue("Correctly thrown Exception",true); - } - } - - @Test - public void testBadRows() throws IOException { - try { - Writer cw = csv.writer(); - try { - cw.row("Single Column"); - } finally { - cw.close(); - } - - try { - new MapBathConverter(access,csv); - Assert.fail("Non Existent File should throw exception"); - } catch(CadiException | IOException e) { - Assert.assertTrue("Correctly thrown Exception",true); - } - } finally { - csv.delete(); - } - - // Check for deletion - Assert.assertFalse(csv.toString() + "should have been deleted",new File(csv.toString()).exists()); - } - - private String bath(String user, String password) throws IOException { - StringBuilder sb = new StringBuilder(user); - sb.append(':'); - sb.append(password); - byte[] encoded = Symm.base64noSplit.encode(sb.toString().getBytes()); - sb.setLength(0); - sb.append("Basic "); - sb.append(new String(encoded)); - return sb.toString(); - } - - private String exp(String s) { - expected.add(s); - return s; - } + @BeforeClass + public static void createFile() throws IOException { + // Note, you cate a "MapBathConverter" by access to a File. + // We will create that file now. Local is fine. + csv = new CSV(access,"JU_MapBathConverter.csv"); + } + + @BeforeClass + public static void beforeClass() { + expected = new ArrayList<>(); + } + + @Before + public void before() { + expected.clear(); + } + + @Test + public void test() throws IOException, CadiException { + CSV.Writer cw = csv.writer(); + GregorianCalendar gc = new GregorianCalendar(); + gc.add(GregorianCalendar.MONTH, 6); + try { + try { + // CSV can simply be OLD ID and NEW, no passwords + cw.row(exp(OLD_ID), exp(NEW_USER_SOMETHING_ORG),sdf.format(gc.getTime())); + + // Style 1 - Incoming ID/pass, create new cred with NweID and same Pass + cw.row(exp(bath(OLD_ID,SHARED_PASS)), exp(NEW_USER_SOMETHING_ORG),sdf.format(gc.getTime())); + // the response should be Basic with NEW_ID and OLD_PASS + + // Style 2 + cw.row(exp(bath(OLD_ID,"OLD_PASS")), exp(bath(NEW_USER_SOMETHING_ORG,"NEW_PASS")),sdf.format(gc.getTime())); + + } finally { + cw.close(); + } + + final Iterator<String> exp = expected.iterator(); + csv.visit(new Visitor() { + @Override + public void visit(List<String> row) { + int i=0; + for(String s : row) { + switch(i++) { + case 0: + case 1: + Assert.assertEquals(exp.next(), s); + break; + case 2: + try { + Date.valueOf(s); + } catch (Exception e) { + Assert.assertTrue("Last entry should be a date",false); + } + break; + default: + Assert.fail("There should only be 3 columns in this test case."); + } + } + } + }); + + MapBathConverter mbc = new MapBathConverter(access, csv); + + // Check no lookup just returns the same + Assert.assertEquals("NonKey", "NonKey"); // if not in map, expect same value + + Iterator<String> exp1 = expected.iterator(); + // there's no passwords in CSV + String old = exp1.next(); + String nw = exp1.next(); + Assert.assertEquals(nw, mbc.convert(access,old)); + + Assert.assertEquals(bath(NEW_USER_SOMETHING_ORG,SHARED_PASS), mbc.convert(access,bath(OLD_ID,SHARED_PASS))); + + // Style 1 (new cred, old password) + old = exp1.next(); + nw = bath(exp1.next(),SHARED_PASS); + Assert.assertEquals(nw, mbc.convert(access,old)); + + // Style 2 + old = exp1.next(); + nw = exp1.next(); + Assert.assertEquals(nw, mbc.convert(access,old)); + + } finally { + csv.delete(); + } + } + + @Test + public void testInsecureRole() throws IOException { + CSV.Writer cw = csv.writer(); + GregorianCalendar gc = new GregorianCalendar(); + gc.add(GregorianCalendar.MONTH, 6); + try { + try { + // Invalid Scenario - Non Authenticated ID to authenticated User + cw.row(exp(OLD_ID), exp(bath(NEW_USER_SOMETHING_ORG,"NEW_PASS")),sdf.format(gc.getTime())); + + } finally { + cw.close(); + } + + try { + new MapBathConverter(access, csv); + Assert.fail("Invalid Data should throw Exception"); + } catch (CadiException e) { + Assert.assertTrue("Invalid Data should throw Exception",true); + } + + } finally { + csv.delete(); + } + } + + @Test + public void testTooFewColumns() throws IOException, CadiException { + CSV.Writer cw = csv.writer(); + try { + try { + cw.row(exp(bath(OLD_ID,"OLD_PASS")), exp(bath(NEW_USER_SOMETHING_ORG,"NEW_PASS"))); + } finally { + cw.close(); + } + + try { + new MapBathConverter(access, csv); + Assert.fail("file with too few rows should throw exception"); + } catch(CadiException | IOException e) { + Assert.assertTrue("Correctly thrown Exception",true); + } + } finally { + csv.delete(); + } + } + + @Test + public void testNoFile() { + try { + new MapBathConverter(access, new CSV(access,"Bogus")); + Assert.fail("Non Existent File should throw exception"); + } catch(CadiException | IOException e) { + Assert.assertTrue("Correctly thrown Exception",true); + } + } + + @Test + public void testBadRows() throws IOException { + try { + Writer cw = csv.writer(); + try { + cw.row("Single Column"); + } finally { + cw.close(); + } + + try { + new MapBathConverter(access,csv); + Assert.fail("Non Existent File should throw exception"); + } catch(CadiException | IOException e) { + Assert.assertTrue("Correctly thrown Exception",true); + } + } finally { + csv.delete(); + } + + // Check for deletion + Assert.assertFalse(csv.toString() + "should have been deleted",new File(csv.toString()).exists()); + } + + private String bath(String user, String password) throws IOException { + StringBuilder sb = new StringBuilder(user); + sb.append(':'); + sb.append(password); + byte[] encoded = Symm.base64noSplit.encode(sb.toString().getBytes()); + sb.setLength(0); + sb.append("Basic "); + sb.append(new String(encoded)); + return sb.toString(); + } + + private String exp(String s) { + expected.add(s); + return s; + } } diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java index 68235e1a..1fe6a753 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/config/test/JU_RegistrationPropHolder.java @@ -33,117 +33,117 @@ import org.onap.aaf.cadi.config.RegistrationPropHolder; public class JU_RegistrationPropHolder { - @Test - public void testBlank() { - PropAccess pa = new PropAccess(); - RegistrationPropHolder rph; - int ju_port = 20; - try { - //////////////// - // Check Required Properties - //////////////// - try { - rph = new RegistrationPropHolder(pa,20); - } catch (CadiException e) { - Assert.assertEquals( - "\ncadi_latitude must be defined." + - "\ncadi_longitude must be defined.",e.getMessage()); - } - - try { - pa.setProperty(Config.CADI_LATITUDE, "32.7"); - rph = new RegistrationPropHolder(pa,20); - } catch (CadiException e) { - Assert.assertEquals( - "\ncadi_longitude must be defined.",e.getMessage()); - } - - pa.setProperty(Config.CADI_LONGITUDE, "-72.0"); - rph = new RegistrationPropHolder(pa,ju_port); - - //////////////// - // Validate Default Properties - //////////////// - for(String dot_le : new String[] {"",".helm"}) { - assertEquals(rph.hostname,rph.default_fqdn); - assertEquals("",rph.lcontainer); - assertEquals(rph.hostname,rph.public_fqdn); - assertEquals(ju_port,rph.getEntryPort(dot_le)); - assertEquals(rph.hostname,rph.getEntryFQDN("",dot_le)); - } + @Test + public void testBlank() { + PropAccess pa = new PropAccess(); + RegistrationPropHolder rph; + int ju_port = 20; + try { + //////////////// + // Check Required Properties + //////////////// + try { + rph = new RegistrationPropHolder(pa,20); + } catch (CadiException e) { + Assert.assertEquals( + "\ncadi_latitude must be defined." + + "\ncadi_longitude must be defined.",e.getMessage()); + } + + try { + pa.setProperty(Config.CADI_LATITUDE, "32.7"); + rph = new RegistrationPropHolder(pa,20); + } catch (CadiException e) { + Assert.assertEquals( + "\ncadi_longitude must be defined.",e.getMessage()); + } + + pa.setProperty(Config.CADI_LONGITUDE, "-72.0"); + rph = new RegistrationPropHolder(pa,ju_port); + + //////////////// + // Validate Default Properties + //////////////// + for(String dot_le : new String[] {"",".helm"}) { + assertEquals(rph.hostname,rph.default_fqdn); + assertEquals("",rph.lcontainer); + assertEquals(rph.hostname,rph.public_fqdn); + assertEquals(ju_port,rph.getEntryPort(dot_le)); + assertEquals(rph.hostname,rph.getEntryFQDN("",dot_le)); + } - String ns = "myns"; - pa.setProperty(Config.AAF_LOCATOR_APP_NS, ns); - for(String dot_le : new String[] {"",".helm"}) { - assertEquals(rph.hostname,rph.default_fqdn); - assertEquals("",rph.lcontainer); - assertEquals(rph.hostname,rph.public_fqdn); - assertEquals(ju_port,rph.getEntryPort(dot_le)); - assertEquals(rph.hostname,rph.getEntryFQDN("",dot_le)); - } + String ns = "myns"; + pa.setProperty(Config.AAF_LOCATOR_APP_NS, ns); + for(String dot_le : new String[] {"",".helm"}) { + assertEquals(rph.hostname,rph.default_fqdn); + assertEquals("",rph.lcontainer); + assertEquals(rph.hostname,rph.public_fqdn); + assertEquals(ju_port,rph.getEntryPort(dot_le)); + assertEquals(rph.hostname,rph.getEntryFQDN("",dot_le)); + } - String ns2 = "onap"; - pa.setProperty(Config.AAF_LOCATOR_APP_NS+".helm", ns2); - for(String dot_le : new String[] {"",".helm"}) { - assertEquals(rph.hostname,rph.default_fqdn); - assertEquals("",rph.lcontainer); - assertEquals(rph.hostname,rph.public_fqdn); - assertEquals(ju_port,rph.getEntryPort(dot_le)); - assertEquals(rph.hostname,rph.getEntryFQDN("",dot_le)); - } + String ns2 = "onap"; + pa.setProperty(Config.AAF_LOCATOR_APP_NS+".helm", ns2); + for(String dot_le : new String[] {"",".helm"}) { + assertEquals(rph.hostname,rph.default_fqdn); + assertEquals("",rph.lcontainer); + assertEquals(rph.hostname,rph.public_fqdn); + assertEquals(ju_port,rph.getEntryPort(dot_le)); + assertEquals(rph.hostname,rph.getEntryFQDN("",dot_le)); + } - //////////////// - // Validate Public Host and Port settings - //////////////// - String public_hostname = "com.public.hostname"; - int public_port = 999; - pa.setProperty(Config.AAF_LOCATOR_PUBLIC_FQDN, public_hostname); - pa.setProperty(Config.AAF_LOCATOR_PUBLIC_PORT,Integer.toString(public_port)); - RegistrationPropHolder pubRPH = new RegistrationPropHolder(pa,ju_port); - assertEquals(public_hostname,pubRPH.public_fqdn); - assertEquals(public_port,pubRPH.getEntryPort("")); + //////////////// + // Validate Public Host and Port settings + //////////////// + String public_hostname = "com.public.hostname"; + int public_port = 999; + pa.setProperty(Config.AAF_LOCATOR_PUBLIC_FQDN, public_hostname); + pa.setProperty(Config.AAF_LOCATOR_PUBLIC_PORT,Integer.toString(public_port)); + RegistrationPropHolder pubRPH = new RegistrationPropHolder(pa,ju_port); + assertEquals(public_hostname,pubRPH.public_fqdn); + assertEquals(public_port,pubRPH.getEntryPort("")); - final String url = "https://aaf.osaaf.org:8095/org.osaaf.aaf.service:2.1"; - String name="theName"; - assertEquals(url,rph.replacements(getClass().getSimpleName(),url, name, "")); - - String alu = "aaf.osaaf.org:8095"; - String curl = url.replace(alu, Config.AAF_LOCATE_URL_TAG); - pa.setProperty(Config.AAF_LOCATE_URL,"https://"+alu); - assertEquals(url.replace("8095","8095/locate"),rph.replacements(getClass().getSimpleName(),curl, name, "")); - - String root_ns = "org.osaaf.aaf"; - curl = url.replace(root_ns, "AAF_NS"); - pa.setProperty(Config.AAF_ROOT_NS,root_ns); - assertEquals(url,rph.replacements(getClass().getSimpleName(),curl, name, "")); - - curl = url.replace(root_ns, "%AAF_NS"); - pa.setProperty(Config.AAF_ROOT_NS,root_ns); - assertEquals(url,rph.replacements(getClass().getSimpleName(),curl, name, "")); - - final String fqdn = "%C.%CNS.%NS.%N"; - String target = "myns.theName"; - assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, "")); + final String url = "https://aaf.osaaf.org:8095/org.osaaf.aaf.service:2.1"; + String name="theName"; + assertEquals(url,rph.replacements(getClass().getSimpleName(),url, name, "")); + + String alu = "aaf.osaaf.org:8095"; + String curl = url.replace(alu, Config.AAF_LOCATE_URL_TAG); + pa.setProperty(Config.AAF_LOCATE_URL,"https://"+alu); + assertEquals(url.replace("8095","8095/locate"),rph.replacements(getClass().getSimpleName(),curl, name, "")); + + String root_ns = "org.osaaf.aaf"; + curl = url.replace(root_ns, "AAF_NS"); + pa.setProperty(Config.AAF_ROOT_NS,root_ns); + assertEquals(url,rph.replacements(getClass().getSimpleName(),curl, name, "")); + + curl = url.replace(root_ns, "%AAF_NS"); + pa.setProperty(Config.AAF_ROOT_NS,root_ns); + assertEquals(url,rph.replacements(getClass().getSimpleName(),curl, name, "")); + + final String fqdn = "%C.%CNS.%NS.%N"; + String target = "myns.theName"; + assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, "")); - pa.setProperty(Config.AAF_LOCATOR_CONTAINER_NS+".hello", "mycontns"); - target = "mycontns.myns.theName"; - assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, ".hello")); - - pa.setProperty(Config.AAF_LOCATOR_CONTAINER+".hello","helloC"); - target = "helloC.mycontns.myns.theName"; - assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, ".hello")); - - pa.setProperty(Config.AAF_LOCATOR_CONTAINER_NS,"c_ns"); - target = "c_ns.myns.theName"; - assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, "")); + pa.setProperty(Config.AAF_LOCATOR_CONTAINER_NS+".hello", "mycontns"); + target = "mycontns.myns.theName"; + assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, ".hello")); + + pa.setProperty(Config.AAF_LOCATOR_CONTAINER+".hello","helloC"); + target = "helloC.mycontns.myns.theName"; + assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, ".hello")); + + pa.setProperty(Config.AAF_LOCATOR_CONTAINER_NS,"c_ns"); + target = "c_ns.myns.theName"; + assertEquals(target,rph.replacements(getClass().getSimpleName(),fqdn, name, "")); - } catch (UnknownHostException | CadiException e) { - e.printStackTrace(); - Assert.fail(); - } - } - + } catch (UnknownHostException | CadiException e) { + e.printStackTrace(); + Assert.fail(); + } + } + } diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_CSV.java b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_CSV.java index 9df6de7b..d4feac6f 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_CSV.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/util/test/JU_CSV.java @@ -43,83 +43,83 @@ import org.onap.aaf.cadi.util.CSV.Writer; public class JU_CSV { - private String filename; - private File file; - private static ArrayList<Object> expected; + private String filename; + private File file; + private static ArrayList<Object> expected; - @Before - public void start() { - filename = "Sample.csv"; - file = new File(filename); - } - - @After - public void end() { - if(file!=null) { - file.delete(); - } - } + @Before + public void start() { + filename = "Sample.csv"; + file = new File(filename); + } + + @After + public void end() { + if(file!=null) { + file.delete(); + } + } - @BeforeClass - public static void before() { - expected = new ArrayList<>(); - } - - @Test - public void test() throws IOException, CadiException { - Access access = new PropAccess(); - CSV csv = new CSV(access,file); - // Can't visit for file that doesn't exist - try { - csv.visit(new Visitor() { - @Override - public void visit(List<String> row) { - }}); - } catch(IOException e) { - Assert.assertTrue("CSV correctly created exception",true); - } - - Writer writer = csv.writer(); - try { - writer.row(add("\"hello\"")); - writer.comment("Ignore Comments"); - writer.row(add("dXNlcjpwYXNzd29yZA=="),add("dXNlckBzb21ldGhpbmcub3JnOm90aGVyUGFzc3dvcmQ=")); - writer.row(); // no output - writer.row(add("There is, but one thing to say"), add(" and that is"), add("\"All the best\"")); - } finally { - writer.close(); - } - - PrintStream garbage = new PrintStream(new FileOutputStream(file, true)); - try { - garbage.println("# Ignore empty spaces, etc"); - garbage.println(" "); - garbage.println("# Ignore blank lines"); - garbage.println(); - } finally { - garbage.close(); - } + @BeforeClass + public static void before() { + expected = new ArrayList<>(); + } + + @Test + public void test() throws IOException, CadiException { + Access access = new PropAccess(); + CSV csv = new CSV(access,file); + // Can't visit for file that doesn't exist + try { + csv.visit(new Visitor() { + @Override + public void visit(List<String> row) { + }}); + } catch(IOException e) { + Assert.assertTrue("CSV correctly created exception",true); + } + + Writer writer = csv.writer(); + try { + writer.row(add("\"hello\"")); + writer.comment("Ignore Comments"); + writer.row(add("dXNlcjpwYXNzd29yZA=="),add("dXNlckBzb21ldGhpbmcub3JnOm90aGVyUGFzc3dvcmQ=")); + writer.row(); // no output + writer.row(add("There is, but one thing to say"), add(" and that is"), add("\"All the best\"")); + } finally { + writer.close(); + } + + PrintStream garbage = new PrintStream(new FileOutputStream(file, true)); + try { + garbage.println("# Ignore empty spaces, etc"); + garbage.println(" "); + garbage.println("# Ignore blank lines"); + garbage.println(); + } finally { + garbage.close(); + } - - //////////// - // Tests - //////////// - final Holder<Integer> hi = new Holder<>(0); - csv.visit(new CSV.Visitor() { - @Override - public void visit(List<String> row) { - for(String s: row) { -// System.out.println(hi.value + ") " + s); - Assert.assertEquals(expected.get(hi.value++),s); - } - } - }); + + //////////// + // Tests + //////////// + final Holder<Integer> hi = new Holder<>(0); + csv.visit(new CSV.Visitor() { + @Override + public void visit(List<String> row) { + for(String s: row) { +// System.out.println(hi.value + ") " + s); + Assert.assertEquals(expected.get(hi.value++),s); + } + } + }); - } + } - private String add(String s) { - expected.add(s); - return s; - } + private String add(String s) { + expected.add(s); + return s; + } } |