diff options
Diffstat (limited to 'cadi')
129 files changed, 1488 insertions, 1488 deletions
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java index c4876f29..be1d3922 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java @@ -50,7 +50,7 @@ public class AAFPermission implements Permission { type = name; this.instance = instance; this.action = action; - if(ns==null) { + if (ns==null) { key = type + '|' + instance + '|' + action; } else { key = ns + '|' + type + '|' + instance + '|' + action; @@ -64,7 +64,7 @@ public class AAFPermission implements Permission { type = name; this.instance = instance; this.action = action; - if(ns==null) { + if (ns==null) { key = type + '|' + instance + '|' + action; } else { key = ns + '|' + type + '|' + instance + '|' + action; @@ -87,7 +87,7 @@ public class AAFPermission implements Permission { String aafType; String aafInstance; String aafAction; - if(p instanceof AAFPermission) { + if (p instanceof AAFPermission) { AAFPermission ap = (AAFPermission)p; // Note: In AAF > 1.0, Accepting "*" from name would violate multi-tenancy // Current solution is only allow direct match on Type. @@ -125,15 +125,15 @@ public class AAFPermission implements Permission { } } boolean typeMatches; - if(aafNS==null) { - if(ns==null) { + if (aafNS==null) { + if (ns==null) { typeMatches = aafType.equals(type); } else { typeMatches = aafType.equals(ns+'.'+type); } - } else if(ns==null) { + } else if (ns==null) { typeMatches = type.equals(aafNS+'.'+aafType); - } else if(aafNS.length() == ns.length()) { + } else if (aafNS.length() == ns.length()) { typeMatches = aafNS.equals(ns) && aafType.equals(type); } else { // Allow for restructuring of NS/Perm structure typeMatches = (aafNS+'.'+aafType).equals(ns+'.'+type); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java index f64eb276..c12b2e6d 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/PermEval.java @@ -44,13 +44,13 @@ public class PermEval { * Changing this will break existing users, like Cassandra. Jonathan 9-4-2015 */ public static boolean evalInstance(String sInst, String pInst) { - if(sInst == null || pInst == null) { + if (sInst == null || pInst == null) { return false; } if (sInst == "" || pInst == "") { return false; } - if(ASTERIX.equals(sInst)) { + if (ASTERIX.equals(sInst)) { return true; // If Server's String is "*", then it accepts every Instance } char firstChar = pInst.charAt(0); @@ -63,29 +63,29 @@ public class PermEval { case START_INST_KEY_CHAR: // Evaluate a special Key field, i.e.:xyz:*:!df.* case ALT_START_INST_KEY_CHAR: // Also allow '/' as special Key Field, i.e. /xyz/*/!.* - if(sInst.charAt(0)==startChar) { // To compare key-to-key, both strings must be keys + if (sInst.charAt(0)==startChar) { // To compare key-to-key, both strings must be keys String[] skeys=Split.split(startChar,sInst); String[] pkeys=Split.split(startChar,pInst); - if(skeys.length!=pkeys.length) return false; + if (skeys.length!=pkeys.length) return false; boolean pass = true; - for(int i=1;pass && i<skeys.length;++i) { // We start at 1, because the first one, being ":" is always "" - if(ASTERIX.equals(skeys[i]))continue; // Server data accepts all for this key spot + for (int i=1;pass && i<skeys.length;++i) { // We start at 1, because the first one, being ":" is always "" + if (ASTERIX.equals(skeys[i]))continue; // Server data accepts all for this key spot pass = false; - for(String sItem : Split.split(LIST_SEP,skeys[i])) { // allow for "," definition in Action - if(pkeys[i].length()==0) { - if(pass=sItem.length()==0) { + for (String sItem : Split.split(LIST_SEP,skeys[i])) { // allow for "," definition in Action + if (pkeys[i].length()==0) { + if (pass=sItem.length()==0) { break; // Both Empty, keep checking } - } else if(sItem.charAt(0)==START_REGEX_CHAR) { // Check Server side when wildcarding like * - if(pass=pkeys[i].matches(sItem.substring(1))) { + } else if (sItem.charAt(0)==START_REGEX_CHAR) { // Check Server side when wildcarding like * + if (pass=pkeys[i].matches(sItem.substring(1))) { break; // Matches, keep checking } - } else if(skeys[i].endsWith(ASTERIX)) { - if(pass=endAsterixCompare(skeys[i],pkeys[i])) { + } else if (skeys[i].endsWith(ASTERIX)) { + if (pass=endAsterixCompare(skeys[i],pkeys[i])) { break; } - } else if(pass=sItem.equals(pkeys[i])) { + } else if (pass=sItem.equals(pkeys[i])) { break; // Equal, keep checking } } @@ -94,10 +94,10 @@ public class PermEval { } return false; // if first chars aren't the same, further String compare not necessary default: // Evaluate as String Compare - for(String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," separator //TODO is this only for actions? - if((sItem.endsWith(ASTERIX)) && (endAsterixCompare(sInst, pInst))) { + for (String sItem : Split.split(LIST_SEP,sInst)) { // allow for "," separator //TODO is this only for actions? + if ((sItem.endsWith(ASTERIX)) && (endAsterixCompare(sInst, pInst))) { return true; - } else if(sItem.equals(pInst)) { + } else if (sItem.equals(pInst)) { return true; } } @@ -107,11 +107,11 @@ public class PermEval { private static boolean endAsterixCompare(String sInst, String pInst) { final int len = sInst.length()-1; - if(pInst.length()<len) { + if (pInst.length()<len) { return false; } - for(int j=0;j<len;++j) { - if(pInst.charAt(j)!=sInst.charAt(j)) { + for (int j=0;j<len;++j) { + if (pInst.charAt(j)!=sInst.charAt(j)) { return false; } } @@ -126,9 +126,9 @@ public class PermEval { * Action is not quite as complex. But we write it in this function so it can be consistent */ public static boolean evalAction(String sAction,String pAction) { - if(ASTERIX.equals(sAction))return true; // If Server's String is "*", then it accepts every Action - if(pAction == "") return false; - for(String sItem : Split.split(LIST_SEP,sAction)) { // allow for "," definition in Action + if (ASTERIX.equals(sAction))return true; // If Server's String is "*", then it accepts every Action + if (pAction == "") return false; + for (String sItem : Split.split(LIST_SEP,sAction)) { // allow for "," definition in Action if (pAction.charAt(0)==START_REGEX_CHAR? // First char sItem.matches(pAction.substring(1)): // Evaluate as Regular Expression sItem.equals(pAction)) // Evaluate as String Compare diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java index e9c90288..ccba7c1a 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/TestConnectivity.java @@ -51,24 +51,24 @@ import org.onap.aaf.misc.env.APIException; public class TestConnectivity { public static void main(String[] args) { - if(args.length<1) { + if (args.length<1) { System.out.println("Usage: ConnectivityTester <cadi_prop_files> [<AAF FQDN (i.e. aaf.dev.att.com)>]"); } else { print(true,"START OF CONNECTIVITY TESTS",new Date().toString(),System.getProperty("user.name"), "Note: All API Calls are /authz/perms/user/<AppID/Alias of the caller>"); - if(!args[0].contains(Config.CADI_PROP_FILES+'=')) { + if (!args[0].contains(Config.CADI_PROP_FILES+'=')) { args[0]=Config.CADI_PROP_FILES+'='+args[0]; } PropAccess access = new PropAccess(args); String aaflocate; - if(args.length>1) { + if (args.length>1) { aaflocate = "https://" + args[1]; access.setProperty(Config.AAF_LOCATE_URL, "https://" + args[1]); } else { aaflocate = access.getProperty(Config.AAF_LOCATE_URL); - if(aaflocate==null) { + if (aaflocate==null) { print(true,"Properties must contain ",Config.AAF_LOCATE_URL); } } @@ -81,7 +81,7 @@ public class TestConnectivity { print(true,"Test Connections driven by AAFLocator"); URI serviceURI = new URI(Defaults.AAF_URL); - for(URI uri : new URI[] { + for (URI uri : new URI[] { serviceURI, new URI(Defaults.OAUTH2_TOKEN_URL), new URI(Defaults.OAUTH2_INTROSPECT_URL), @@ -102,19 +102,19 @@ public class TestConnectivity { ///////// print(true,"Test Service for Perms driven by AAFLocator"); Locator<URI> locator = new AAFLocator(si,serviceURI); - for(SecuritySetter<HttpURLConnection> ss : lss) { + for (SecuritySetter<HttpURLConnection> ss : lss) { permTest(locator,ss); } ////////// print(true,"Test essential BasicAuth Service call, driven by AAFLocator"); - for(SecuritySetter<HttpURLConnection> ss : lss) { - if(ss instanceof HBasicAuthSS) { + for (SecuritySetter<HttpURLConnection> ss : lss) { + if (ss instanceof HBasicAuthSS) { basicAuthTest(new AAFLocator(si, serviceURI),ss); } } - } catch(Exception e) { + } catch (Exception e) { e.printStackTrace(System.err); } finally { print(true,"END OF TESTS"); @@ -131,7 +131,7 @@ public class TestConnectivity { try { HBasicAuthSS hbass = new HBasicAuthSS(si,true); - if(hbass==null || hbass.getID()==null) { + if (hbass==null || hbass.getID()==null) { access.log(Level.INFO, "BasicAuth Information is not available in configuration, BasicAuth tests will not be conducted... Continuing"); } else { access.log(Level.INFO, "BasicAuth Information found with ID",hbass.getID(),". BasicAuth tests will be performed."); @@ -143,7 +143,7 @@ public class TestConnectivity { try { HX509SS hxss = new HX509SS(user,si); - if(hxss==null || hxss.getID()==null) { + if (hxss==null || hxss.getID()==null) { access.log(Level.INFO, "X509 (Client certificate) Information is not available in configuration, X509 tests will not be conducted... Continuing"); } else { access.log(Level.INFO, "X509 (Client certificate) Information found with ID",hxss.getID(),". X509 tests will be performed."); @@ -155,7 +155,7 @@ public class TestConnectivity { String tokenURL = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL); String locateURL=access.getProperty(Config.AAF_LOCATE_URL); - if(tokenURL==null || (tokenURL.contains("/locate/") && locateURL!=null)) { + if (tokenURL==null || (tokenURL.contains("/locate/") && locateURL!=null)) { tokenURL=Defaults.OAUTH2_TOKEN_URL+"/token"; } @@ -168,7 +168,7 @@ public class TestConnectivity { } tokenURL = access.getProperty(Config.AAF_ALT_OAUTH2_TOKEN_URL); - if(tokenURL==null) { + if (tokenURL==null) { access.log(Level.INFO, "AAF Alternative OAUTH2 requires",Config.AAF_ALT_OAUTH2_TOKEN_URL, "OAuth2 tests to", tokenURL, "will not be conducted... Continuing"); } else { try { @@ -186,22 +186,22 @@ public class TestConnectivity { private static void print(Boolean strong, String ... args) { PrintStream out = System.out; out.println(); - if(strong) { - for(int i=0;i<70;++i) { + if (strong) { + for (int i=0;i<70;++i) { out.print('='); } out.println(); } - for(String s : args) { + for (String s : args) { out.print(strong?"== ":"------ "); out.print(s); - if(!strong) { + if (!strong) { out.print(" ------"); } out.println(); } - if(strong) { - for(int i=0;i<70;++i) { + if (strong) { + for (int i=0;i<70;++i) { out.print('='); } } @@ -212,8 +212,8 @@ public class TestConnectivity { URI uri; Socket socket; print(false,"TCP/IP Connect test to all Located Services for " + locatorURI.toString() ); - for(Item li = dl.first();li!=null;li=dl.next(li)) { - if((uri = dl.get(li)) == null) { + for (Item li = dl.first();li!=null;li=dl.next(li)) { + if ((uri = dl.get(li)) == null) { System.out.println("Locator Item empty"); } else { socket = new Socket(); @@ -238,14 +238,14 @@ public class TestConnectivity { private static void permTest(Locator<URI> dl, SecuritySetter<HttpURLConnection> ss) { try { URI uri = dl.get(dl.best()); - if(uri==null) { + if (uri==null) { System.out.print("No URI available using " + ss.getClass().getSimpleName()); System.out.println(); return; } else { System.out.print("Resolved to: " + uri + " using " + ss.getClass().getSimpleName()); } - if(ss instanceof HRenewingTokenSS) { + if (ss instanceof HRenewingTokenSS) { System.out.println(" " + ((HRenewingTokenSS)ss).tokenURL()); } else { System.out.println(); @@ -253,16 +253,16 @@ public class TestConnectivity { HClient client = new HClient(ss, uri, 3000); client.setMethod("GET"); String user = ss.getID(); - if(user.indexOf('@')<0) { + if (user.indexOf('@')<0) { user+="@isam.att.com"; } client.setPathInfo("/authz/perms/user/"+user); client.send(); Future<String> future = client.futureReadString(); - if(future.get(7000)) { + if (future.get(7000)) { System.out.println(future.body()); } else { - if(future.code()==401 && ss instanceof HX509SS) { + if (future.code()==401 && ss instanceof HX509SS) { System.out.println(" Authentication denied with 401 for Certificate.\n\t" + "This means Certificate isn't valid for this environment, and has attempted another method of Authentication"); } else { @@ -287,7 +287,7 @@ public class TestConnectivity { Future<String> future = client.futureReadString(); - if(future.get(7000)) { + if (future.get(7000)) { System.out.println("BasicAuth Validated"); } else { System.out.println("Failure " + future.code() + ":" + future.body()); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java index dd8b1262..dd3cde7e 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/cert/AAFListedCertIdentity.java @@ -69,13 +69,13 @@ public class AAFListedCertIdentity implements CertIdentity { public AAFListedCertIdentity(Access access, AAFCon<?> aafcon) throws APIException { synchronized(AAFListedCertIdentity.class) { - if(certIDs==null) { + if (certIDs==null) { String cip = access.getProperty(Config.AAF_CERT_IDS, null); - if(cip!=null) { + if (cip!=null) { certIDs = Split.split(',',cip); } } - if(certIDs!=null && certs==null) { + if (certIDs!=null && certs==null) { TimerTask cu = new CertUpdate(aafcon); cu.run(); // want this to run in this thread first... new Timer("AAF Identity Refresh Timer",true).scheduleAtFixedRate(cu, EIGHT_HOURS,EIGHT_HOURS); @@ -88,11 +88,11 @@ public class AAFListedCertIdentity implements CertIdentity { } public TaggedPrincipal identity(HttpServletRequest req, X509Certificate cert, byte[] certBytes) throws CertificateException { - if(cert==null && certBytes==null)return null; - if(certBytes==null)certBytes = cert.getEncoded(); + if (cert==null && certBytes==null)return null; + if (certBytes==null)certBytes = cert.getEncoded(); byte[] fingerprint = X509Taf.getFingerPrint(certBytes); String id = certs.get(new ByteArrayHolder(fingerprint)); - if(id!=null) { // Caller is Validated + if (id!=null) { // Caller is Validated return new X509Principal(id,cert,certBytes,null); } return null; @@ -121,19 +121,19 @@ public class AAFListedCertIdentity implements CertIdentity { TreeMap<ByteArrayHolder, String> newCertsMap = new TreeMap<>(); Map<String,Set<String>> newTrustMap = new TreeMap<>(); Set<String> userLookup = new HashSet<>(); - for(String s : certIDs) { + for (String s : certIDs) { userLookup.add(s); } - for(String authMech : authMechanisms) { + for (String authMech : authMechanisms) { Future<Users> fusr = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authz/users/perm/com.att.aaf.trust/"+authMech+"/authenticate", Users.class, aafcon.usersDF); - if(fusr.get(5000)) { + if (fusr.get(5000)) { List<User> users = fusr.value.getUser(); - if(users.isEmpty()) { + if (users.isEmpty()) { aafcon.access.log(Level.WARN, "AAF Lookup-No IDs in Role com.att.aaf.trustForID <> "+authMech); } else { aafcon.access.log(Level.INFO,"Loading Trust Authentication Info for",authMech); Set<String> hsUser = new HashSet<>(); - for(User u : users) { + for (User u : users) { userLookup.add(u.getId()); hsUser.add(u.getId()); } @@ -145,17 +145,17 @@ public class AAFListedCertIdentity implements CertIdentity { } - for(String u : userLookup) { + for (String u : userLookup) { Future<Certs> fc = aafcon.client(Config.AAF_DEFAULT_VERSION).read("/authn/cert/id/"+u, Certs.class, aafcon.certsDF); XMLGregorianCalendar now = Chrono.timeStamp(); - if(fc.get(5000)) { + if (fc.get(5000)) { List<Cert> certs = fc.value.getCert(); - if(certs.isEmpty()) { + if (certs.isEmpty()) { aafcon.access.log(Level.WARN, "No Cert Associations for",u); } else { - for(Cert c : fc.value.getCert()) { + for (Cert c : fc.value.getCert()) { XMLGregorianCalendar then =c.getExpires(); - if(then !=null && then.compare(now)>0) { + if (then !=null && then.compare(now)>0) { newCertsMap.put(new ByteArrayHolder(c.getFingerprint()), c.getId()); aafcon.access.log(Level.INIT,"Associating "+ c.getId() + " expiring " + Chrono.dateOnlyStamp(c.getExpires()) + " with " + c.getX500()); } @@ -168,7 +168,7 @@ public class AAFListedCertIdentity implements CertIdentity { certs = newCertsMap; trusted = newTrustMap; - } catch(Exception e) { + } catch (Exception e) { aafcon.access.log(e, "Failure to update Certificate Identities from AAF"); } } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java index e878d740..55421262 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/ErrMessage.java @@ -76,7 +76,7 @@ public class ErrMessage { public StringBuilder toMsg(StringBuilder sb, Future<?> future) { try { toMsg(sb,errDF.newData().in(TYPE.JSON).load(future.body()).asObject()); - } catch(Exception e) { + } catch (Exception e) { //just print what we can sb.append(future.code()); sb.append(": "); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java index 0cf48de6..70ca577a 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/client/Examples.java @@ -63,23 +63,23 @@ public class Examples { String className = null; String version = null; TYPE type = TYPE.JSON; // default - if(nameOrContentType.startsWith("application/")) { - for(String ct : nameOrContentType.split("\\s*,\\s*")) { - for(String elem : ct.split("\\s*;\\s*")) { - if(elem.endsWith("+json")) { + if (nameOrContentType.startsWith("application/")) { + for (String ct : nameOrContentType.split("\\s*,\\s*")) { + for (String elem : ct.split("\\s*;\\s*")) { + if (elem.endsWith("+json")) { type = TYPE.JSON; className = elem.substring(elem.indexOf('/')+1, elem.length()-5); - } else if(elem.endsWith("+xml")) { + } else if (elem.endsWith("+xml")) { type = TYPE.XML; className = elem.substring(elem.indexOf('/')+1, elem.length()-4); - } else if(elem.startsWith("version=")) { + } else if (elem.startsWith("version=")) { version = elem.substring(8); } } - if(className!=null && version!=null) + if (className!=null && version!=null) break; } - if(className==null) { + if (className==null) { throw new APIException(nameOrContentType + " does not contain Class Information"); } } else { @@ -91,9 +91,9 @@ public class Examples { if ("Void".equals(className)) return ""; - if("1.1".equals(version)) { + if ("1.1".equals(version)) { version = "v1_0"; - } else if(version!=null) { + } else if (version!=null) { version = "v" + version.replace('.', '_'); } else { version = "v2_0"; @@ -151,7 +151,7 @@ public class Examples { pkey.setAction("myAction"); rpr.setPerm(pkey); rpr.setRole("org.osaaf.myns.myrole"); - if(optional)setOptional(rpr); + if (optional)setOptional(rpr); return rpr; } @@ -200,7 +200,7 @@ public class Examples { pr.setType("org.osaaf.myns.myType"); pr.setInstance("myInstance"); pr.setAction("myAction"); - if(optional) { + if (optional) { pr.setDescription("Short and meaningful verbiage about the Permission"); setOptional(pr); @@ -217,7 +217,7 @@ public class Examples { pr.getRoles().add("org.osaaf.aaf.myRole"); pr.getRoles().add("org.osaaf.aaf.myRole2"); pr.setDescription("This is my description, and I'm sticking with it"); - if(optional) { + if (optional) { pr.setDescription("Short and meaningful verbiage about the Permission"); } return pr; @@ -262,7 +262,7 @@ public class Examples { UserRoleRequest urr = new UserRoleRequest(); urr.setRole("org.osaaf.myns.myRole"); urr.setUser("ab1234@people.osaaf.org"); - if(optional) setOptional(urr); + if (optional) setOptional(urr); return urr; } @@ -274,7 +274,7 @@ public class Examples { nr.getResponsible().add("cd5678@people.osaaf.org"); nr.getAdmin().add("zy9876@people.osaaf.org"); nr.getAdmin().add("xw5432@people.osaaf.org"); - if(optional) { + if (optional) { nr.setDescription("This is my Namespace to set up"); nr.setType("APP"); setOptional(nr); @@ -309,7 +309,7 @@ public class Examples { private static RoleRequest newRoleRequestv2_0(boolean optional) { RoleRequest rr = new RoleRequest(); rr.setName("org.osaaf.myns.myRole"); - if(optional) { + if (optional) { rr.setDescription("This is my Role"); setOptional(rr); } @@ -320,7 +320,7 @@ public class Examples { private static CredRequest newCredRequestv2_0(boolean optional) { CredRequest cr = new CredRequest(); cr.setId("myID@fully.qualified.domain"); - if(optional) { + if (optional) { cr.setType(2); cr.setEntry("0x125AB256344CE"); } else { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java index edacdfdd..167fae9f 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFAuthn.java @@ -95,8 +95,8 @@ public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> { byte[] bytes = password.getBytes(); User<AAFPermission> usr = getUser(user,bytes); - if(usr != null && !usr.permExpired()) { - if(usr.principal==null) { + if (usr != null && !usr.permExpired()) { + if (usr.principal==null) { return "User already denied"; } else { return null; // good @@ -108,7 +108,7 @@ public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> { // Statement switch(cp.revalidate(state)) { case REVALIDATED: - if(usr!=null) { + if (usr!=null) { usr.principal = cp; } else { addUser(new User<AAFPermission>(cp,con.timeout)); @@ -139,13 +139,13 @@ public class AAFAuthn<CLIENT> extends AbsUserCache<AAFPermission> { public Resp revalidate(Object state) { try { Miss missed = missed(getName(),getCred()); - if(missed==null || missed.mayContinue()) { + if (missed==null || missed.mayContinue()) { Rcli<CLIENT> client = con.client(Config.AAF_DEFAULT_VERSION).forUser(con.basicAuth(getName(), new String(getCred()))); Future<String> fp = client.read( "/authn/basicAuth", "text/plain" ); - if(fp.get(con.timeout)) { + if (fp.get(con.timeout)) { expires = System.currentTimeMillis() + timeToLive; addUser(new User<AAFPermission>(this, expires)); return Resp.REVALIDATED; diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java index cda6dfb9..b6644368 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFCon.java @@ -89,7 +89,7 @@ public abstract class AAFCon<CLIENT> implements Connector { */ public Rcli<CLIENT> client(String apiVersion) throws CadiException { Rcli<CLIENT> client = clients.get(apiVersion); - if(client==null) { + if (client==null) { client = rclient(initURI(),si.defSS); client.apiVersion(apiVersion) .readTimeout(connTimeout); @@ -136,12 +136,12 @@ public abstract class AAFCon<CLIENT> implements Connector { } protected AAFCon(Access access, String tag, SecurityInfoC<CLIENT> si) throws CadiException{ - if(tag==null) { + if (tag==null) { throw new CadiException("AAFCon cannot be constructed without a property tag or URL"); } else { String str = access.getProperty(tag,null); - if(str==null) { - if(tag.contains("://")) { // assume a URL + if (str==null) { + if (tag.contains("://")) { // assume a URL str = tag; } else { throw new CadiException("A URL or " + tag + " property is required."); @@ -152,18 +152,18 @@ public abstract class AAFCon<CLIENT> implements Connector { try { this.access = access; this.si = si; - if(si.defSS.getID().equals(SecurityInfoC.DEF_ID)) { // it's the Preliminary SS, try to get a better one + if (si.defSS.getID().equals(SecurityInfoC.DEF_ID)) { // it's the Preliminary SS, try to get a better one String mechid = access.getProperty(Config.AAF_APPID, null); - if(mechid==null) { + if (mechid==null) { mechid=access.getProperty(Config.OAUTH_CLIENT_ID,null); } String encpass = access.getProperty(Config.AAF_APPPASS, null); - if(encpass==null) { + if (encpass==null) { encpass = access.getProperty(Config.OAUTH_CLIENT_SECRET,null); } - if(encpass==null) { + if (encpass==null) { String alias = access.getProperty(Config.CADI_ALIAS, mechid); - if(alias==null) { + if (alias==null) { access.printf(Access.Level.WARN,"%s, %s or %s required before use.", Config.CADI_ALIAS, Config.AAF_APPID, Config.OAUTH_CLIENT_ID); set(si.defSS); } else { @@ -171,7 +171,7 @@ public abstract class AAFCon<CLIENT> implements Connector { set(si.defSS); } } else { - if(mechid!=null) { + if (mechid!=null) { si.defSS=basicAuth(mechid, encpass); set(si.defSS); } else { @@ -231,16 +231,16 @@ public abstract class AAFCon<CLIENT> implements Connector { * @return */ public static final AAFCon<?> obtain(Object servletRequest) { - if(servletRequest instanceof CadiWrap) { + if (servletRequest instanceof CadiWrap) { Lur lur = ((CadiWrap)servletRequest).getLur(); - if(lur != null) { - if(lur instanceof EpiLur) { + if (lur != null) { + if (lur instanceof EpiLur) { AbsAAFLur<?> aal = (AbsAAFLur<?>) ((EpiLur)lur).subLur(AbsAAFLur.class); - if(aal!=null) { + if (aal!=null) { return aal.aaf; } } else { - if(lur instanceof AbsAAFLur) { + if (lur instanceof AbsAAFLur) { return ((AbsAAFLur<?>)lur).aaf; } } @@ -265,7 +265,7 @@ public abstract class AAFCon<CLIENT> implements Connector { public AAFLurPerm newLur() throws CadiException { try { - if(lur==null) { + if (lur==null) { lur = new AAFLurPerm(this); return lur; } else { @@ -327,7 +327,7 @@ public abstract class AAFCon<CLIENT> implements Connector { public SecuritySetter<CLIENT> set(final SecuritySetter<CLIENT> ss) { si.set(ss); - for(Rcli<CLIENT> client : clients.values()) { + for (Rcli<CLIENT> client : clients.values()) { client.setSecuritySetter(ss); } return ss; @@ -338,14 +338,14 @@ public abstract class AAFCon<CLIENT> implements Connector { } public String defID() { - if(si!=null) { + if (si!=null) { return si.defSS.getID(); } return "unknown"; } public void invalidate() throws CadiException { - for(Rcli<CLIENT> client : clients.values()) { + for (Rcli<CLIENT> client : clients.values()) { client.invalidate(); } clients.clear(); @@ -353,9 +353,9 @@ public abstract class AAFCon<CLIENT> implements Connector { public String readableErrMsg(Future<?> f) { String text = f.body(); - if(text==null || text.length()==0) { + if (text==null || text.length()==0) { text = f.code() + ": **No Message**"; - } else if(text.contains("%")) { + } else if (text.contains("%")) { try { Error err = errDF.newData().in(TYPE.JSON).load(f.body()).asObject(); return Vars.convert(err.getText(),err.getVariables()); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java index cc70ae3c..9b5e9389 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFConHttp.java @@ -104,7 +104,7 @@ public class AAFConHttp extends AAFCon<HttpURLConnection> { */ @Override public SecuritySetter<HttpURLConnection> basicAuth(String user, String password) throws CadiException { - if(password.startsWith("enc:")) { + if (password.startsWith("enc:")) { try { password = access.decrypt(password, true); } catch (IOException e) { @@ -131,7 +131,7 @@ public class AAFConHttp extends AAFCon<HttpURLConnection> { */ @Override protected Rcli<HttpURLConnection> rclient(URI ignoredURI, SecuritySetter<HttpURLConnection> ss) throws CadiException { - if(hman.loc==null) { + if (hman.loc==null) { throw new CadiException("No Locator set in AAFConHttp"); } try { @@ -200,7 +200,7 @@ public class AAFConHttp extends AAFCon<HttpURLConnection> { protected URI initURI() { try { Item item = hman.loc.best(); - if(item!=null) { + if (item!=null) { return hman.loc.get(item); } } catch (LocatorException e) { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java index 468bb915..35ef9990 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLocator.java @@ -53,7 +53,7 @@ public class AAFLocator extends AbsAAFLocator<BasicTrans> { public AAFLocator(SecurityInfoC<HttpURLConnection> si, URI locatorURI) throws LocatorException { super(si.access, nameFromLocatorURI(locatorURI), 10000L /* Wait at least 10 seconds between refreshes */); synchronized(sr) { - if(env==null) { + if (env==null) { env = new RosettaEnv(access.getProperties()); } } @@ -62,10 +62,10 @@ public class AAFLocator extends AbsAAFLocator<BasicTrans> { try { String[] path = Split.split('/',locatorURI.getPath()); String host = locatorURI.getHost(); - if(host==null) { + if (host==null) { host = locatorURI.getAuthority(); // this happens when no port } - if("AAF_LOCATE_URL".equals(host)) { + if ("AAF_LOCATE_URL".equals(host)) { URI uri = new URI( locatorURI.getScheme(), locatorURI.getUserInfo(), @@ -76,9 +76,9 @@ public class AAFLocator extends AbsAAFLocator<BasicTrans> { null ); client = createClient(si.defSS, uri, connectTimeout); - } else if(path.length>1 && "locate".equals(path[1])) { + } else if (path.length>1 && "locate".equals(path[1])) { StringBuilder sb = new StringBuilder(); - for(int i=3;i<path.length;++i) { + for (int i=3;i<path.length;++i) { sb.append('/'); sb.append(path[i]); } @@ -108,9 +108,9 @@ public class AAFLocator extends AbsAAFLocator<BasicTrans> { client.setMethod("GET"); client.send(); Future<Endpoints> fr = client.futureRead(epsDF, TYPE.JSON); - if(fr.get(client.timeout())) { + if (fr.get(client.timeout())) { List<EP> epl = new LinkedList<>(); - for(Endpoint endpoint : fr.value.getEndpoint()) { + for (Endpoint endpoint : fr.value.getEndpoint()) { epl.add(new EP(endpoint,latitude,longitude)); } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java index b1c600a0..dc0e2cae 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java @@ -88,8 +88,8 @@ public class AAFLurPerm extends AbsAAFLur<AAFPermission> { private void attachOAuth2(AAFCon<?> con) throws APIException { String oauth2_url; Class<?> tmcls = Config.loadClass(access,"org.osaaf.cadi.oauth.TokenMgr"); - if(tmcls!=null) { - if((oauth2_url = con.access.getProperty(Config.CADI_OAUTH2_URL,null))!=null) { + if (tmcls!=null) { + if ((oauth2_url = con.access.getProperty(Config.CADI_OAUTH2_URL,null))!=null) { try { Constructor<?> tmconst = tmcls.getConstructor(AAFCon.class,String.class); Object tokMangr = tmconst.newInstance(con,oauth2_url); @@ -124,7 +124,7 @@ public class AAFLurPerm extends AbsAAFLur<AAFPermission> { // In the meantime, lookup User, create if necessary User<AAFPermission> user = getUser(principal); Principal p; - if(user!=null && user.principal == null) { + if (user!=null && user.principal == null) { p = new Principal() {// Create a holder for lookups private String n = name; public String getName() { @@ -135,20 +135,20 @@ public class AAFLurPerm extends AbsAAFLur<AAFPermission> { p = principal; } - if(user==null) { + if (user==null) { addUser(user = new User<AAFPermission>(p,aaf.userExpires)); // no password } // OK, done all we can, now get content boolean ok = fp.get(aaf.timeout); remote.set(Timing.millis(remoteStart)); - if(ok) { + if (ok) { success[0]=true; Map<String, Permission> newMap = user.newMap(); boolean willLog = aaf.access.willLog(Level.DEBUG); - for(Perm perm : fp.value.getPerm()) { + for (Perm perm : fp.value.getPerm()) { user.add(newMap,new AAFPermission(perm.getNs(),perm.getType(),perm.getInstance(),perm.getAction(),perm.getRoles())); - if(willLog) { + if (willLog) { aaf.access.log(Level.DEBUG, name,"has '",perm.getType(),'|',perm.getInstance(),'|',perm.getAction(),'\''); } } @@ -198,13 +198,13 @@ public class AAFLurPerm extends AbsAAFLur<AAFPermission> { // OK, done all we can, now get content boolean ok = fp.get(aaf.timeout); remote.set(Timing.millis(remoteStart)); - if(ok) { + if (ok) { success.set(true); Map<String,Permission> newMap = user.newMap(); boolean willLog = aaf.access.willLog(Level.DEBUG); - for(Perm perm : fp.value.getPerm()) { + for (Perm perm : fp.value.getPerm()) { user.add(newMap, new AAFPermission(perm.getNs(),perm.getType(),perm.getInstance(),perm.getAction(),perm.getRoles())); - if(willLog) { + if (willLog) { aaf.access.log(Level.DEBUG, name,"has",perm.getType(),perm.getInstance(),perm.getAction()); } } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java index 2cfe1227..d4d11bbb 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTaf.java @@ -84,27 +84,27 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT // Note: Either Carbon or Silicon based LifeForms ok String authz = req.getHeader("Authorization"); - if(authz != null && authz.startsWith("Basic ")) { - if(warn&&!req.isSecure()) { + if (authz != null && authz.startsWith("Basic ")) { + if (warn&&!req.isSecure()) { aaf.access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel"); } try { final CachedBasicPrincipal bp; - if(req.getUserPrincipal() instanceof CachedBasicPrincipal) { + if (req.getUserPrincipal() instanceof CachedBasicPrincipal) { bp = (CachedBasicPrincipal)req.getUserPrincipal(); } else { bp = new CachedBasicPrincipal(this,authz,aaf.getRealm(),aaf.userExpires); } // First try Cache final User<AAFPermission> usr = getUser(bp); - if(usr != null + if (usr != null && usr.principal instanceof GetCred && Hash.isEqual(bp.getCred(),((GetCred)usr.principal).getCred())) { return new BasicHttpTafResp(aaf.access,bp,bp.getName()+" authenticated by cached AAF password",RESP.IS_AUTHENTICATED,resp,aaf.getRealm(),false); } Miss miss = missed(bp.getName(), bp.getCred()); - if(miss!=null && !miss.mayContinue()) { + if (miss!=null && !miss.mayContinue()) { return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req, "User/Pass Retry limit exceeded"), RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),true); @@ -120,8 +120,8 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT @Override public BasicHttpTafResp code(Rcli<?> client) throws CadiException, APIException { Future<String> fp = client.read("/authn/basicAuth", "text/plain"); - if(fp.get(aaf.timeout)) { - if(usr!=null) { + if (fp.get(aaf.timeout)) { + if (usr!=null) { usr.principal = bp; } else { addUser(new User<AAFPermission>(bp,aaf.userExpires)); @@ -130,7 +130,7 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT } else { // Note: AddMiss checks for miss==null, and is part of logic boolean rv= addMiss(bp.getName(),bp.getCred()); - if(rv) { + if (rv) { return new BasicHttpTafResp(aaf.access,null,buildMsg(bp,req, "user/pass combo invalid via AAF from " + req.getRemoteAddr()), RESP.TRY_AUTHENTICATING,resp,aaf.getRealm(),true); @@ -163,10 +163,10 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT private String buildMsg(Principal pr, HttpServletRequest req, Object... msg) { StringBuilder sb = new StringBuilder(); - for(Object s : msg) { + for (Object s : msg) { sb.append(s.toString()); } - if(pr!=null) { + if (pr!=null) { sb.append(" for "); sb.append(pr.getName()); } @@ -181,7 +181,7 @@ public class AAFTaf<CLIENT> extends AbsUserCache<AAFPermission> implements HttpT public Resp revalidate(CachedPrincipal prin, Object state) { // !!!! TEST THIS.. Things may not be revalidated, if not BasicPrincipal - if(prin instanceof BasicPrincipal) { + if (prin instanceof BasicPrincipal) { Future<String> fp; try { Rcli<CLIENT> userAAF = aaf.client(Config.AAF_DEFAULT_VERSION).forUser(aaf.transferSS((BasicPrincipal)prin)); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java index db6ae963..43e71e56 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFTrustChecker.java @@ -53,7 +53,7 @@ public class AAFTrustChecker implements TrustChecker { id = env.getProperty(Config.CADI_ALIAS,env.getProperty(Config.AAF_APPID)); // share between components String str = env.getProperty(Config.CADI_TRUST_PERM); AAFPermission temp=null; - if(str!=null) { + if (str!=null) { String[] sp = Split.splitTrim('|', str); switch(sp.length) { case 3: @@ -72,7 +72,7 @@ public class AAFTrustChecker implements TrustChecker { id = access.getProperty(Config.CADI_ALIAS,access.getProperty(Config.AAF_APPID,null)); // share between components String str = access.getProperty(Config.CADI_TRUST_PERM,null); AAFPermission temp=null; - if(str!=null) { + if (str!=null) { String[] sp = Split.splitTrim('|', str); switch(sp.length) { case 3: @@ -111,11 +111,11 @@ public class AAFTrustChecker implements TrustChecker { } String principalName = tresp.getPrincipal().getName(); - if(principalName.equals(id) // We do trust our own App Components: if a trust entry is made with self, always accept + if (principalName.equals(id) // We do trust our own App Components: if a trust entry is made with self, always accept || lur.fish(tresp.getPrincipal(), perm)) { // Have Perm set by Config.CADI_TRUST_PERM String desc = " " + flds[0] + " validated using " + flds[2] + " by " + flds[1] + ','; return new TrustTafResp(tresp, new TrustPrincipal(tresp.getPrincipal(), flds[0]), desc); - } else if(principalName.equals(flds[0])) { // Ignore if same identity + } else if (principalName.equals(flds[0])) { // Ignore if same identity return tresp; } else { String desc = tresp.getPrincipal().getName() + " requested trust as " + flds[0] + ", but does not have Authorization"; diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java index 3f6d7475..09f007c9 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLocator.java @@ -66,7 +66,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> public AbsAAFLocator(Access access, String name, final long refreshMin) throws LocatorException { aaf_locator_host = access.getProperty(Config.AAF_LOCATE_URL, null); - if(aaf_locator_host==null) { + if (aaf_locator_host==null) { aaf_locator_uri = null; } else { try { @@ -82,19 +82,19 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> this.access = access; String lat = access.getProperty(Config.CADI_LATITUDE,null); String lng = access.getProperty(Config.CADI_LONGITUDE,null); - if(lat==null || lng==null) { + if (lat==null || lng==null) { throw new LocatorException(Config.CADI_LATITUDE + " and " + Config.CADI_LONGITUDE + " properties are required."); } else { latitude = Double.parseDouble(lat); longitude = Double.parseDouble(lng); } - if(name.startsWith(Defaults.AAF_NS)) { + if (name.startsWith(Defaults.AAF_NS)) { String root_ns = access.getProperty(Config.AAF_ROOT_NS, null); - if(root_ns!=null) { + if (root_ns!=null) { name=name.replace(Defaults.AAF_NS, root_ns); } } - if(name.startsWith("http")) { // simple URL + if (name.startsWith("http")) { // simple URL this.name = name; this.version = Config.AAF_DEFAULT_VERSION; } else { @@ -118,11 +118,11 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> String version = Config.AAF_DEFAULT_VERSION; String pathInfo = null; int prev = key.indexOf("/locate"); - if(prev>0) { + if (prev>0) { prev = key.indexOf('/',prev+6); - if(prev>0) { + if (prev>0) { int next = key.indexOf('/',++prev); - if(next>0) { + if (next>0) { name = key.substring(prev, next); pathInfo=key.substring(next); } else { @@ -141,11 +141,11 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> } } - if(key.startsWith("http")) { - if(name!=null) { - if(locatorCreator != null) { + if (key.startsWith("http")) { + if (name!=null) { + if (locatorCreator != null) { AbsAAFLocator<?> aal = locatorCreator.create(name, version); - if(pathInfo!=null) { + if (pathInfo!=null) { aal.setPathInfo(pathInfo); } return aal; @@ -168,7 +168,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> protected static String nameFromLocatorURI(URI locatorURI) { String[] path = Split.split('/', locatorURI.getPath()); - if(path.length>2 && "locate".equals(path[1])) { + if (path.length>2 && "locate".equals(path[1])) { return path[2]; } else { return locatorURI.toString(); @@ -185,7 +185,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> public static void setCreatorSelf(final String hostname, final int port) { - if(locatorCreator!=null) { + if (locatorCreator!=null) { locatorCreator.setSelf(hostname,port); } } @@ -202,8 +202,8 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> private final boolean _refresh() { boolean rv = false; long now=System.currentTimeMillis(); - if(noEntries()) { - if(earliest<now) { + if (noEntries()) { + if (earliest<now) { synchronized(epList) { rv = refresh(); earliest = now + refreshWait; // call only up to 10 seconds. @@ -221,9 +221,9 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> @Override public URI get(Item item) throws LocatorException { - if(item==null) { + if (item==null) { return null; - } else if(item instanceof AAFLItem) { + } else if (item instanceof AAFLItem) { return getURI(((AAFLItem)item).uri); } else { throw new LocatorException(item.getClass().getName() + " does not belong to AAFLocator"); @@ -233,16 +233,16 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> @Override public boolean hasItems() { boolean isEmpty = epList.isEmpty(); - if(!isEmpty) { - for(Iterator<EP> iter = epList.iterator(); iter.hasNext(); ) { + if (!isEmpty) { + for (Iterator<EP> iter = epList.iterator(); iter.hasNext(); ) { EP ep = iter.next(); - if(ep.valid) { + if (ep.valid) { return true; } } isEmpty = true; } - if(_refresh()) { // is refreshed... check again + if (_refresh()) { // is refreshed... check again isEmpty = epList.isEmpty(); } return !isEmpty; @@ -250,8 +250,8 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> @Override public void invalidate(Item item) throws LocatorException { - if(item!=null) { - if(item instanceof AAFLItem) { + if (item!=null) { + if (item instanceof AAFLItem) { AAFLItem ali =(AAFLItem)item; EP ep = ali.ep; synchronized(epList) { @@ -267,7 +267,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> @Override public Item best() throws LocatorException { - if(!hasItems()) { + if (!hasItems()) { throw new LocatorException("No Entries found for '" + aaf_locator_uri.toString() + "/locate/" + name + ':' + version + '\''); } List<EP> lep = new ArrayList<>(); @@ -275,14 +275,14 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> // Note: Deque is sorted on the way by closest distance Iterator<EP> iter = getIterator(); EP ep; - while(iter.hasNext()) { + while (iter.hasNext()) { ep = iter.next(); - if(ep.valid) { - if(first==null) { + if (ep.valid) { + if (first==null) { first = ep; lep.add(first); } else { - if(Math.abs(ep.distance-first.distance)<.1) { // allow for nearby/precision issues. + if (Math.abs(ep.distance-first.distance)<.1) { // allow for nearby/precision issues. lep.add(ep); } else { break; @@ -298,7 +298,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> default: int rand = sr.nextInt(); // Sonar chokes without. int i = Math.abs(rand)%lep.size(); - if(i<0) { + if (i<0) { return null; } else { return new AAFLItem(iter,lep.get(i)); @@ -309,7 +309,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> private Iterator<EP> getIterator() { Object[] epa = epList.toArray(); - if(epa.length==0) { + if (epa.length==0) { _refresh(); epa = epList.toArray(); } @@ -329,12 +329,12 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> @Override public boolean hasNext() { - if(idx<0) { + if (idx<0) { return false; } else { Object obj; - while(idx<epa.length) { - if((obj=epa[idx])==null || !((EP)obj).valid) { + while (idx<epa.length) { + if ((obj=epa[idx])==null || !((EP)obj).valid) { ++idx; continue; } @@ -346,7 +346,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> @Override public EP next() { - if(!hasNext() ) { + if (!hasNext() ) { throw new NoSuchElementException(); } return (EP)epa[idx++]; @@ -354,7 +354,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> @Override public void remove() { - if(idx>=0 && idx<epa.length) { + if (idx>=0 && idx<epa.length) { synchronized(epList) { epList.remove(epa[idx]); } @@ -366,7 +366,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> public Item first() { Iterator<EP> iter = getIterator(); EP ep = AAFLItem.next(iter); - if(ep==null) { + if (ep==null) { return null; } return new AAFLItem(iter,ep); @@ -374,23 +374,23 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> @Override public Item next(Item prev) throws LocatorException { - if(prev==null) { + if (prev==null) { StringBuilder sb = new StringBuilder("Locator Item passed in next(item) is null."); int lines = 0; - for(StackTraceElement st : Thread.currentThread().getStackTrace()) { + for (StackTraceElement st : Thread.currentThread().getStackTrace()) { sb.append("\n\t"); sb.append(st.toString()); - if(++lines > 5) { + if (++lines > 5) { sb.append("\n\t..."); break; } } access.log(Level.ERROR, sb); } else { - if(prev instanceof AAFLItem) { + if (prev instanceof AAFLItem) { AAFLItem ali = (AAFLItem)prev; EP ep = AAFLItem.next(ali.iter); - if(ep!=null) { + if (ep!=null) { return new AAFLItem(ali.iter,ep); } } else { @@ -413,7 +413,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> private static EP next(Iterator<EP> iter) { EP ep=null; - while(iter.hasNext() && (ep==null || !ep.valid)) { + while (iter.hasNext() && (ep==null || !ep.valid)) { ep = iter.next(); } return ep; @@ -441,9 +441,9 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> @Override public int compareTo(EP o) { - if(distance<o.distance) { + if (distance<o.distance) { return -1; - } else if(distance>o.distance) { + } else if (distance>o.distance) { return 1; } else { return 0; @@ -491,7 +491,7 @@ public abstract class AbsAAFLocator<TRANS extends Trans> implements Locator<URI> protected abstract URI getURI(); protected URI getURI(URI rv) throws LocatorException { - if(additional) { + if (additional) { try { return new URI(rv.getScheme(),rv.getUserInfo(),rv.getHost(),rv.getPort(),pathInfo,query,fragment); } catch (URISyntaxException e) { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java index e347ffb6..cfecc533 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AbsAAFLur.java @@ -71,15 +71,15 @@ public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PE @Override public final boolean handles(Principal principal) { - if(preemptiveLur!=null) { - if(preemptiveLur.handles(principal)) { + if (preemptiveLur!=null) { + if (preemptiveLur.handles(principal)) { return true; } } String userName=principal.getName(); - if(userName!=null) { - for(String s : supports) { - if(userName.endsWith(s)) + if (userName!=null) { + for (String s : supports) { + if (userName.endsWith(s)) return true; } } @@ -91,25 +91,25 @@ public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PE // This is where you build AAF CLient Code. Answer the question "Is principal "bait" in the "pond" public boolean fish(Principal bait, Permission ... pond) { - if(preemptiveLur!=null && preemptiveLur.handles(bait)) { + if (preemptiveLur!=null && preemptiveLur.handles(bait)) { return preemptiveLur.fish(bait, pond); } else { - if(pond==null) { + if (pond==null) { return false; } - if(isDebug(bait)) { + if (isDebug(bait)) { boolean rv = false; StringBuilder sb = new StringBuilder("Log for "); sb.append(bait); - if(handles(bait)) { + if (handles(bait)) { User<PERM> user = getUser(bait); - if(user==null) { + if (user==null) { sb.append("\n\tUser is not in Cache"); } else { - if(user.noPerms()) { + if (user.noPerms()) { sb.append("\n\tUser has no Perms"); } - if(user.permExpired()) { + if (user.permExpired()) { sb.append("\n\tUser's perm expired ["); sb.append(new Date(user.permExpires())); sb.append(']'); @@ -119,15 +119,15 @@ public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PE sb.append(']'); } } - if(user==null || user.permsUnloaded() || user.permExpired()) { + if (user==null || user.permsUnloaded() || user.permExpired()) { user = loadUser(bait); sb.append("\n\tloadUser called"); } for (Permission p : pond) { - if(user==null) { + if (user==null) { sb.append("\n\tUser was not Loaded"); break; - } else if(user.contains(p)) { + } else if (user.contains(p)) { sb.append("\n\tUser contains "); sb.append(p.getKey()); rv = true; @@ -136,7 +136,7 @@ public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PE sb.append(p.getKey()); List<Permission> perms = new ArrayList<>(); user.copyPermsTo(perms); - for(Permission perm : perms) { + for (Permission perm : perms) { sb.append("\n\t\t"); sb.append(perm.getKey()); } @@ -151,16 +151,16 @@ public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PE return rv; } else { boolean rv = false; - if(handles(bait)) { + if (handles(bait)) { User<PERM> user = getUser(bait); - if(user==null || user.permsUnloaded() || user.permExpired()) { + if (user==null || user.permsUnloaded() || user.permExpired()) { user = loadUser(bait); } - if(user==null) { + if (user==null) { return false; } else { - for(Permission p : pond) { - if(rv=user.contains(p)) { + for (Permission p : pond) { + if (rv=user.contains(p)) { break; } } @@ -172,21 +172,21 @@ public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PE } public void fishAll(Principal bait, List<Permission> perms) { - if(preemptiveLur!=null && preemptiveLur.handles(bait)) { + if (preemptiveLur!=null && preemptiveLur.handles(bait)) { preemptiveLur.fishAll(bait, perms); } else { - if(isDebug(bait)) { + if (isDebug(bait)) { StringBuilder sb = new StringBuilder("Log for "); sb.append(bait); - if(handles(bait)) { + if (handles(bait)) { User<PERM> user = getUser(bait); - if(user==null) { + if (user==null) { sb.append("\n\tUser is not in Cache"); } else { - if(user.noPerms()) { + if (user.noPerms()) { sb.append("\n\tUser has no Perms"); } - if(user.permExpired()) { + if (user.permExpired()) { sb.append("\n\tUser's perm expired ["); sb.append(new Date(user.permExpires())); sb.append(']'); @@ -196,16 +196,16 @@ public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PE sb.append(']'); } } - if(user==null || user.permsUnloaded() || user.permExpired()) { + if (user==null || user.permsUnloaded() || user.permExpired()) { user = loadUser(bait); sb.append("\n\tloadUser called"); } - if(user==null) { + if (user==null) { sb.append("\n\tUser was not Loaded"); } else { sb.append("\n\tCopying Perms "); user.copyPermsTo(perms); - for(Permission p : perms) { + for (Permission p : perms) { sb.append("\n\t\t"); sb.append(p.getKey()); } @@ -217,12 +217,12 @@ public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PE } aaf.access.log(Level.INFO, sb); } else { - if(handles(bait)) { + if (handles(bait)) { User<PERM> user = getUser(bait); - if(user==null || user.permsUnloaded() || user.permExpired()) { + if (user==null || user.permsUnloaded() || user.permExpired()) { user = loadUser(bait); } - if(user!=null) { + if (user!=null) { user.copyPermsTo(perms); } } @@ -236,13 +236,13 @@ public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PE } private boolean isDebug(Principal p) { - if(debug!=null) { - if(debug.length==1 && "all".equals(debug[0])) { + if (debug!=null) { + if (debug.length==1 && "all".equals(debug[0])) { return true; } String name = p.getName(); - for(String s : debug) { - if(s.equals(name)) { + for (String s : debug) { + if (s.equals(name)) { return true; } } @@ -260,15 +260,15 @@ public abstract class AbsAAFLur<PERM extends Permission> extends AbsUserCache<PE */ public<A> void fishOneOf(Principal princ, A obj, String type, String instance, List<Action<A>> actions) { User<PERM> user = getUser(princ); - if(user==null || user.permsUnloaded() || user.permExpired()) { + if (user==null || user.permsUnloaded() || user.permExpired()) { user = loadUser(princ); } - if(user!=null) { + if (user!=null) { ReuseAAFPermission perm = new ReuseAAFPermission(type,instance); - for(Action<A> action : actions) { + for (Action<A> action : actions) { perm.setAction(action.getName()); - if(user.contains(perm)) { - if(action.exec(obj))return; + if (user.contains(perm)) { + if (action.exec(obj))return; } } } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java index 83204d1b..a2642221 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Agent.java @@ -112,10 +112,10 @@ public class Agent { public static void main(String[] args) { int exitCode = 0; doExit = true; - if(args.length>0 && "cadi".equals(args[0])) { + if (args.length>0 && "cadi".equals(args[0])) { String[] newArgs = new String[args.length-1]; System.arraycopy(args, 1, newArgs, 0, newArgs.length); - if(newArgs.length==0) { + if (newArgs.length==0) { System.out.println(HASHES); System.out.println("Note: Cadi CmdLine is a separate component. When running with\n\t" + "Agent, always preface with \"cadi\",\n\tex: cadi keygen [<keyfile>]"); @@ -127,7 +127,7 @@ public class Agent { AAFSSO aafsso=null; PropAccess access; - if(args.length>1 && args[0].equals("validate") ) { + if (args.length>1 && args[0].equals("validate") ) { int idx = args[1].indexOf('='); aafsso = null; access = new PropAccess( @@ -138,7 +138,7 @@ public class Agent { aafsso= new AAFSSO(args, new AAFSSO.ProcessArgs() { @Override public Properties process(String[] args, Properties props) { - if(args.length>1) { + if (args.length>1) { if (!args[0].equals("keypairgen")) { props.put("aaf_id", args[1]); } @@ -149,23 +149,23 @@ public class Agent { access = aafsso.access(); } - if(aafsso!=null && aafsso.loginOnly()) { + if (aafsso!=null && aafsso.loginOnly()) { aafsso.setLogDefault(); aafsso.writeFiles(); System.out.println("AAF SSO information created in ~/.aaf"); } else { env = new RosettaEnv(access.getProperties()); Deque<String> cmds = new ArrayDeque<String>(); - for(String p : args) { - if("-noexit".equalsIgnoreCase(p)) { + for (String p : args) { + if ("-noexit".equalsIgnoreCase(p)) { doExit = false; - } else if(p.indexOf('=') < 0) { + } else if (p.indexOf('=') < 0) { cmds.add(p); } } - if(cmds.size()==0) { - if(aafsso!=null) { + if (cmds.size()==0) { + if (aafsso!=null) { aafsso.setLogDefault(); } // NOTE: CHANGE IN CMDS should be reflected in AAFSSO constructor, to get FQI->aaf-id or not @@ -209,18 +209,18 @@ public class Agent { Trans trans = env.newTrans(); String token; - if((token=access.getProperty("oauth_token"))!=null) { + if ((token=access.getProperty("oauth_token"))!=null) { trans.setProperty("oauth_token", token); } try { - if(aafsso!=null) { + if (aafsso!=null) { // show Std out again aafsso.setLogDefault(); aafsso.setStdErrDefault(); // if CM_URL can be obtained, add to sso.props, if written String cm_url = getProperty(access,env,false, Config.CM_URL,Config.CM_URL+": "); - if(cm_url!=null) { + if (cm_url!=null) { aafsso.addProp(Config.CM_URL, cm_url); } aafsso.writeFiles(); @@ -255,7 +255,7 @@ public class Agent { keypairGen(trans, access, cmds); break; case "config": - if(access.getProperty(Config.CADI_PROP_FILES)!=null) { + if (access.getProperty(Config.CADI_PROP_FILES)!=null) { // Get Properties from initialization Prop Files config(trans,access,null,cmds); } else { @@ -280,11 +280,11 @@ public class Agent { } finally { StringBuilder sb = new StringBuilder(); trans.auditTrail(4, sb, Trans.REMOTE); - if(sb.length()>0) { + if (sb.length()>0) { trans.info().log("Trans Info\n",sb); } } - if(aafsso!=null) { + if (aafsso!=null) { aafsso.close(); } } @@ -292,13 +292,13 @@ public class Agent { e.printStackTrace(); } } - if(exitCode != 0 && doExit) { + if (exitCode != 0 && doExit) { System.exit(exitCode); } } private static synchronized AAFCon<?> aafcon(PropAccess access) throws APIException, CadiException, LocatorException { - if(aafcon==null) { + if (aafcon==null) { aafcon = new AAFConHttp(access,Config.CM_URL); } return aafcon; @@ -306,17 +306,17 @@ public class Agent { private static String getProperty(PropAccess pa, Env env, boolean secure, String tag, String prompt, Object ... def) { String value; - if((value=pa.getProperty(tag))==null) { - if(secure) { + if ((value=pa.getProperty(tag))==null) { + if (secure) { value = new String(AAFSSO.cons.readPassword(prompt, def)); } else { value = AAFSSO.cons.readLine(prompt,def).trim(); } - if(value!=null) { - if(value.length()>0) { + if (value!=null) { + if (value.length()>0) { pa.setProperty(tag,value); env.setProperty(tag,value); - } else if(def.length==1) { + } else if (def.length==1) { value=def[0].toString(); pa.setProperty(tag,value); env.setProperty(tag,value); @@ -327,7 +327,7 @@ public class Agent { } private static String fqi(Deque<String> cmds) { - if(cmds.size()<1) { + if (cmds.size()<1) { String alias = env.getProperty(Config.CADI_ALIAS); return alias!=null?alias:AAFSSO.cons.readLine("AppID: "); } @@ -335,7 +335,7 @@ public class Agent { } private static String machine(Deque<String> cmds) throws UnknownHostException { - if(cmds.size()>0) { + if (cmds.size()>0) { return cmds.removeFirst(); } else { String mach = env.getProperty(Config.HOSTNAME); @@ -345,7 +345,7 @@ public class Agent { private static String[] machines(Deque<String> cmds) { String machines; - if(cmds.size()>0) { + if (cmds.size()>0) { machines = cmds.removeFirst(); } else { machines = AAFSSO.cons.readLine("Machines (sep by ','): "); @@ -365,11 +365,11 @@ public class Agent { arti.setCa(AAFSSO.cons.readLine("CA: (%s): ","aaf")); String resp = AAFSSO.cons.readLine("Types [file,pkcs12,jks,script] (%s): ", PKCS12); - for(String s : Split.splitTrim(',', resp)) { + for (String s : Split.splitTrim(',', resp)) { arti.getType().add(s); } // Always do Script - if(!resp.contains(SCRIPT)) { + if (!resp.contains(SCRIPT)) { arti.getType().add(SCRIPT); } @@ -384,7 +384,7 @@ public class Agent { TimeTaken tt = trans.start("Create Artifact", Env.REMOTE); try { Future<Artifacts> future = aafcon.client(CM_VER).create("/cert/artifacts", artifactsDF, artifacts); - if(future.get(TIMEOUT)) { + if (future.get(TIMEOUT)) { trans.info().printf("Call to AAF Certman successful %s, %s",arti.getMechid(), arti.getMachine()); } else { trans.error().printf("Call to AAF Certman failed, %s", @@ -396,10 +396,10 @@ public class Agent { } private static String toNotification(String notification) { - if(notification==null) { + if (notification==null) { notification=""; - } else if(notification.length()>0) { - if(notification.indexOf(':')<0) { + } else if (notification.length()>0) { + if (notification.indexOf(':')<0) { notification = "mailto:" + notification; } } @@ -416,17 +416,17 @@ public class Agent { Future<Artifacts> future = aafcon.client(CM_VER) .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF,"Authorization","Bearer " + trans.getProperty("oauth_token")); - if(future.get(TIMEOUT)) { + if (future.get(TIMEOUT)) { boolean printed = false; - for(Artifact a : future.value.getArtifact()) { + for (Artifact a : future.value.getArtifact()) { AAFSSO.cons.printf("AppID: %s\n",a.getMechid()); AAFSSO.cons.printf(" Sponsor: %s\n",a.getSponsor()); AAFSSO.cons.printf("Machine: %s\n",a.getMachine()); AAFSSO.cons.printf("CA: %s\n",a.getCa()); StringBuilder sb = new StringBuilder(); boolean first = true; - for(String t : a.getType()) { - if(first) {first=false;} + for (String t : a.getType()) { + if (first) {first=false;} else{sb.append(',');} sb.append(t); } @@ -438,7 +438,7 @@ public class Agent { AAFSSO.cons.printf("Notification %s\n",a.getNotification()); printed = true; } - if(!printed) { + if (!printed) { AAFSSO.cons.printf("Artifact for %s %s does not exist\n", mechID, machine); } } else { @@ -453,7 +453,7 @@ public class Agent { String mechID = fqi(cmds); String machine = machine(cmds); String[] newmachs = machines(cmds); - if(machine==null || newmachs == null) { + if (machine==null || newmachs == null) { trans.error().log("No machines listed to copy to"); } else { TimeTaken tt = trans.start("Copy Artifact", Env.REMOTE); @@ -461,13 +461,13 @@ public class Agent { Future<Artifacts> future = aafcon.client(CM_VER) .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF); - if(future.get(TIMEOUT)) { + if (future.get(TIMEOUT)) { boolean printed = false; - for(Artifact a : future.value.getArtifact()) { - for(String m : newmachs) { + for (Artifact a : future.value.getArtifact()) { + for (String m : newmachs) { a.setMachine(m); Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, future.value); - if(fup.get(TIMEOUT)) { + if (fup.get(TIMEOUT)) { trans.info().printf("Copy of %s %s successful to %s",mechID,machine,m); } else { trans.error().printf("Call to AAF Certman failed, %s", @@ -477,7 +477,7 @@ public class Agent { printed = true; } } - if(!printed) { + if (!printed) { AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine); } } else { @@ -498,9 +498,9 @@ public class Agent { Future<Artifacts> fread = aafcon.client(CM_VER) .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF); - if(fread.get(TIMEOUT)) { + if (fread.get(TIMEOUT)) { Artifacts artifacts = new Artifacts(); - for(Artifact a : fread.value.getArtifact()) { + for (Artifact a : fread.value.getArtifact()) { Artifact arti = new Artifact(); artifacts.getArtifact().add(arti); @@ -510,18 +510,18 @@ public class Agent { arti.setCa(AAFSSO.cons.readLine("CA: (%s): ",a.getCa())); StringBuilder sb = new StringBuilder(); boolean first = true; - for(String t : a.getType()) { - if(first) {first=false;} + for (String t : a.getType()) { + if (first) {first=false;} else{sb.append(',');} sb.append(t); } String resp = AAFSSO.cons.readLine("Types [file,jks,pkcs12] (%s): ", sb); - for(String s : Split.splitTrim(',', resp)) { + for (String s : Split.splitTrim(',', resp)) { arti.getType().add(s); } // Always do Script - if(!resp.contains(SCRIPT)) { + if (!resp.contains(SCRIPT)) { arti.getType().add(SCRIPT); } @@ -533,11 +533,11 @@ public class Agent { arti.setNotification(toNotification(AAFSSO.cons.readLine("Notification (%s):", a.getNotification()))); } - if(artifacts.getArtifact().size()==0) { + if (artifacts.getArtifact().size()==0) { AAFSSO.cons.printf("Artifact for %s %s does not exist", mechID, machine); } else { Future<Artifacts> fup = aafcon.client(CM_VER).update("/cert/artifacts", artifactsDF, artifacts); - if(fup.get(TIMEOUT)) { + if (fup.get(TIMEOUT)) { trans.info().printf("Call to AAF Certman successful %s, %s",mechID,machine); } else { trans.error().printf("Call to AAF Certman failed, %s", @@ -562,7 +562,7 @@ public class Agent { Future<Void> future = aafcon.client(CM_VER) .delete("/cert/artifacts/"+mechid+"/"+machine,"application/json" ); - if(future.get(TIMEOUT)) { + if (future.get(TIMEOUT)) { trans.info().printf("Call to AAF Certman successful %s, %s",mechid,machine); } else { trans.error().printf("Call to AAF Certman failed, %s %s, %s", @@ -581,7 +581,7 @@ public class Agent { String machine = machine(cmds); String[] fqdns = Split.split(':', machine); String key; - if(fqdns.length>1) { + if (fqdns.length>1) { key = fqdns[0]; machine = fqdns[1]; } else { @@ -592,27 +592,27 @@ public class Agent { try { Future<Artifacts> acf = aafcon.client(CM_VER) .read("/cert/artifacts/"+mechID+'/'+key, artifactsDF); - if(acf.get(TIMEOUT)) { - if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) { + if (acf.get(TIMEOUT)) { + if (acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) { AAFSSO.cons.printf("===> There are no artifacts for %s on machine '%s'\n", mechID, key); } else { - for(Artifact a : acf.value.getArtifact()) { + for (Artifact a : acf.value.getArtifact()) { String osID = System.getProperty("user.name"); - if(a.getOsUser().equals(osID)) { + if (a.getOsUser().equals(osID)) { CertificateRequest cr = new CertificateRequest(); cr.setMechid(a.getMechid()); cr.setSponsor(a.getSponsor()); - for(int i=0;i<fqdns.length;++i) { + for (int i=0;i<fqdns.length;++i) { cr.getFqdns().add(fqdns[i]); } Future<String> f = aafcon.client(CM_VER) .updateRespondString("/cert/" + a.getCa()+"?withTrust",reqDF, cr); - if(f.get(TIMEOUT)) { + if (f.get(TIMEOUT)) { CertInfo capi = certDF.newData().in(TYPE.JSON).load(f.body()).asObject(); - for(String type : a.getType()) { + for (String type : a.getType()) { PlaceArtifact pa = placeArtifact.get(type); - if(pa!=null) { - if(rv = pa.place(trans, capi, a,machine)) { + if (pa!=null) { + if (rv = pa.place(trans, capi, a,machine)) { notifyPlaced(a,rv); } } @@ -646,28 +646,28 @@ public class Agent { try { Future<Artifacts> acf = aafcon.client(CM_VER) .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF); - if(acf.get(TIMEOUT)) { + if (acf.get(TIMEOUT)) { // Have to wait for JDK 1.7 source... //switch(artifact.getType()) { - if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) { + if (acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) { AAFSSO.cons.printf("No Artifacts found for %s on %s ", mechID, machine); } else { String id = aafcon.defID(); boolean allowed; - for(Artifact a : acf.value.getArtifact()) { + for (Artifact a : acf.value.getArtifact()) { allowed = id!=null && (id.equals(a.getSponsor()) || (id.equals(a.getMechid()) && aafcon.securityInfo().defSS.getClass().isAssignableFrom(HBasicAuthSS.class))); - if(!allowed) { + if (!allowed) { Future<String> pf = aafcon.client(CM_VER).read("/cert/may/" + a.getNs()+"|certman|"+a.getCa()+"|showpass","*/*"); - if(pf.get(TIMEOUT)) { + if (pf.get(TIMEOUT)) { allowed = true; } else { trans.error().log(errMsg.toMsg(pf)); } } - if(allowed) { + if (allowed) { File dir = new File(a.getDir()); Properties props = new Properties(); FileInputStream fis = new FileInputStream(new File(dir,a.getNs()+".cred.props")); @@ -681,12 +681,12 @@ public class Agent { } File f = new File(dir,a.getNs()+".keyfile"); - if(f.exists()) { + if (f.exists()) { Symm symm = Symm.obtain(f); - for(Iterator<Entry<Object,Object>> iter = props.entrySet().iterator(); iter.hasNext();) { + for (Iterator<Entry<Object,Object>> iter = props.entrySet().iterator(); iter.hasNext();) { Entry<Object,Object> en = iter.next(); - if(en.getValue().toString().startsWith("enc:")) { + if (en.getValue().toString().startsWith("enc:")) { System.out.printf("%s=%s\n", en.getKey(), symm.depass(en.getValue().toString())); } } @@ -712,9 +712,9 @@ public class Agent { File dir = new File(access.getProperty(Config.CADI_ETCDIR,".")); // default to current Directory File f = new File(dir,ns+".key"); - if(f.exists()) { + if (f.exists()) { String line = AAFSSO.cons.readLine("%s exists. Overwrite? (y/n): ", f.getCanonicalPath()); - if(!"Y".equalsIgnoreCase(line)) { + if (!"Y".equalsIgnoreCase(line)) { System.out.println("Canceling..."); return; } @@ -733,9 +733,9 @@ public class Agent { final String fqi = fqi(cmds); final String rootFile = FQI.reverseDomain(fqi); final File dir = new File(pa.getProperty(Config.CADI_ETCDIR, ".")); - if(dir.exists()) { + if (dir.exists()) { System.out.println("Writing to " + dir.getCanonicalFile()); - } else if(dir.mkdirs()) { + } else if (dir.mkdirs()) { System.out.println("Created directory " + dir.getCanonicalFile()); } else { System.err.println("Unable to create or write to " + dir.getCanonicalPath()); @@ -751,14 +751,14 @@ public class Agent { PrintStream psProps; File fLocProps = new File(dir,rootFile + ".location.props"); - if(!fLocProps.exists()) { + if (!fLocProps.exists()) { psProps = new PrintStream(new FileOutputStream(fLocProps)); try { psProps.println(HASHES); psProps.print("# Configuration File generated on "); psProps.println(new Date().toString()); psProps.println(HASHES); - for(String tag : LOC_TAGS) { + for (String tag : LOC_TAGS) { psProps.print(tag); psProps.print('='); psProps.println(getProperty(pa, trans, false, tag, "%s: ",tag)); @@ -789,7 +789,7 @@ public class Agent { psProps.println(fLocProps.getCanonicalPath()); File fkf = new File(dir,rootFile+".keyfile"); - if(!fkf.exists()) { + if (!fkf.exists()) { CmdLine.main(new String[] {"keygen",fkf.toString()}); } Symm filesymm = Symm.obtain(fkf); @@ -803,30 +803,30 @@ public class Agent { String cts = pa.getProperty(Config.CADI_TRUSTSTORE); - if(cts!=null) { + if (cts!=null) { File origTruststore = new File(cts); - if(!origTruststore.exists()) { + if (!origTruststore.exists()) { // Try same directory as cadi_prop_files String cpf = pa.getProperty(Config.CADI_PROP_FILES); - if(cpf!=null) { - for(String f : Split.split(File.pathSeparatorChar, cpf)) { + if (cpf!=null) { + for (String f : Split.split(File.pathSeparatorChar, cpf)) { File fcpf = new File(f); - if(fcpf.exists()) { + if (fcpf.exists()) { int lastSep = cts.lastIndexOf(File.pathSeparator); origTruststore = new File(fcpf.getParentFile(),lastSep>=0?cts.substring(lastSep):cts); - if(origTruststore.exists()) { + if (origTruststore.exists()) { break; } } } - if(!origTruststore.exists()) { + if (!origTruststore.exists()) { throw new CadiException(cts + " does not exist"); } } } File newTruststore = new File(dir,origTruststore.getName()); - if(!newTruststore.exists()) { + if (!newTruststore.exists()) { Files.copy(origTruststore.toPath(), newTruststore.toPath()); } @@ -834,31 +834,31 @@ public class Agent { directedPut(pa, filesymm, normal,creds, Config.CADI_TRUSTSTORE_PASSWORD,null); } - if(aafcon!=null) { // get Properties from Remote AAF + if (aafcon!=null) { // get Properties from Remote AAF final String locator = getProperty(pa,aafcon.env,false,Config.AAF_LOCATE_URL,"AAF Locator URL: "); Future<Configuration> acf = aafcon.client(new SingleEndpointLocator(locator)) .read("/configure/"+fqi+"/aaf", configDF); - if(acf.get(TIMEOUT)) { - for(Props props : acf.value.getProps()) { + if (acf.get(TIMEOUT)) { + for (Props props : acf.value.getProps()) { directedPut(pa, filesymm, normal,creds, props.getTag(),props.getValue()); } ok = true; - } else if(acf.code()==401){ + } else if (acf.code()==401){ trans.error().log("Bad Password sent to AAF"); } else { trans.error().log(errMsg.toMsg(acf)); } } else { String cpf = pa.getProperty(Config.CADI_PROP_FILES); - if(cpf!=null){ - for(String f : Split.split(File.pathSeparatorChar, cpf)) { + if (cpf!=null){ + for (String f : Split.split(File.pathSeparatorChar, cpf)) { System.out.format("Reading %s\n",f); FileInputStream fis = new FileInputStream(f); try { Properties props = new Properties(); props.load(fis); - for(Entry<Object, Object> prop : props.entrySet()) { + for (Entry<Object, Object> prop : props.entrySet()) { directedPut(pa, filesymm, normal,creds, prop.getKey().toString(),prop.getValue().toString()); } } finally { @@ -868,21 +868,21 @@ public class Agent { } ok = true; } - if(ok) { - for(Entry<String, String> es : normal.entrySet()) { + if (ok) { + for (Entry<String, String> es : normal.entrySet()) { psProps.print(es.getKey()); psProps.print('='); psProps.println(es.getValue()); } - for(Entry<String, String> es : creds.entrySet()) { + for (Entry<String, String> es : creds.entrySet()) { psCredProps.print(es.getKey()); psCredProps.print('='); psCredProps.println(es.getValue()); } File newFile = new File(dir,rootFile+".props"); - if(newFile.exists()) { + if (newFile.exists()) { File backup = new File(dir,rootFile+".props.backup"); newFile.renameTo(backup); System.out.println("Backed up to " + backup.getCanonicalPath()); @@ -891,7 +891,7 @@ public class Agent { System.out.println("Created " + newFile.getCanonicalPath()); fProps = newFile; - if(fSecureProps.exists()) { + if (fSecureProps.exists()) { File backup = new File(dir,fSecureProps.getName()+".backup"); fSecureProps.renameTo(backup); System.out.println("Backed up to " + backup.getCanonicalPath()); @@ -925,17 +925,17 @@ public class Agent { private static List<String> LOC_TAGS = Arrays.asList(new String[] {Config.CADI_LATITUDE, Config.CADI_LONGITUDE}); private static void directedPut(final PropAccess orig, final Symm symm, final Map<String,String> main, final Map<String,String> secured, final String tag, final String value) throws IOException { - if(!LOC_TAGS.contains(tag)) { // Location already covered + if (!LOC_TAGS.contains(tag)) { // Location already covered String val = value==null?orig.getProperty(tag):value; - if(tag.endsWith("_password")) { - if(val.length()>4) { - if(val.startsWith("enc:")) { + if (tag.endsWith("_password")) { + if (val.length()>4) { + if (val.startsWith("enc:")) { val = orig.decrypt(val, true); } val = "enc:" + symm.enpass(val); } } - if(CRED_TAGS.contains(tag)) { + if (CRED_TAGS.contains(tag)) { secured.put(tag, val); } else { main.put(tag, val); @@ -950,12 +950,12 @@ public class Agent { @Override public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException { Future<Perms> fc = client.read("/authz/perms/user/"+aafcon.defID(),permDF); - if(fc.get(aafcon.timeout)) { + if (fc.get(aafcon.timeout)) { System.out.print("Success connecting to "); System.out.println(client.getURI()); System.out.print(" Permissions for "); System.out.println(aafcon.defID()); - for(Perm p : fc.value.getPerm()) { + for (Perm p : fc.value.getPerm()) { System.out.print('\t'); System.out.print(p.getType()); System.out.print('|'); @@ -995,16 +995,16 @@ public class Agent { Future<Artifacts> acf = aafcon.client(CM_VER) .read("/cert/artifacts/"+mechID+'/'+machine, artifactsDF); - if(acf.get(TIMEOUT)) { + if (acf.get(TIMEOUT)) { // Have to wait for JDK 1.7 source... //switch(artifact.getType()) { - if(acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) { + if (acf.value.getArtifact()==null || acf.value.getArtifact().isEmpty()) { AAFSSO.cons.printf("No Artifacts found for %s on %s", mechID, machine); } else { String id = aafcon.defID(); GregorianCalendar now = new GregorianCalendar(); - for(Artifact a : acf.value.getArtifact()) { - if(id.equals(a.getMechid())) { + for (Artifact a : acf.value.getArtifact()) { + if (id.equals(a.getMechid())) { File dir = new File(a.getDir()); Properties props = new Properties(); FileInputStream fis = new FileInputStream(new File(dir,a.getNs()+".props")); @@ -1017,14 +1017,14 @@ public class Agent { String prop; File f; - if((prop=trans.getProperty(Config.CADI_KEYFILE))==null || + if ((prop=trans.getProperty(Config.CADI_KEYFILE))==null || !(f=new File(prop)).exists()) { trans.error().printf("Keyfile must exist to check Certificates for %s on %s", a.getMechid(), a.getMachine()); } else { String ksf = trans.getProperty(Config.CADI_KEYSTORE); String ksps = trans.getProperty(Config.CADI_KEYSTORE_PASSWORD); - if(ksf==null || ksps == null) { + if (ksf==null || ksps == null) { trans.error().printf("Properties %s and %s must exist to check Certificates for %s on %s", Config.CADI_KEYSTORE, Config.CADI_KEYSTORE_PASSWORD,a.getMechid(), a.getMachine()); } else { @@ -1040,7 +1040,7 @@ public class Agent { X509Certificate cert = (X509Certificate)ks.getCertificate(mechID); String msg = null; - if(cert==null) { + if (cert==null) { msg = String.format("X509Certificate does not exist for %s on %s in %s", a.getMechid(), a.getMachine(), ksf); trans.error().log(msg); @@ -1049,7 +1049,7 @@ public class Agent { GregorianCalendar renew = new GregorianCalendar(); renew.setTime(cert.getNotAfter()); renew.add(GregorianCalendar.DAY_OF_MONTH,-1*a.getRenewDays()); - if(renew.after(now)) { + if (renew.after(now)) { msg = String.format("X509Certificate for %s on %s has been checked on %s. It expires on %s; it will not be renewed until %s.\n", a.getMechid(), a.getMachine(),Chrono.dateOnlyStamp(now),cert.getNotAfter(),Chrono.dateOnlyStamp(renew)); trans.info().log(msg); @@ -1059,7 +1059,7 @@ public class Agent { a.getMechid(), a.getMachine(),cert.getNotAfter()); cmds.offerLast(mechID); cmds.offerLast(machine); - if(placeCerts(trans,aafcon,cmds)) { + if (placeCerts(trans,aafcon,cmds)) { msg = String.format("X509Certificate for %s on %s has been renewed. Ensure services using are refreshed.\n", a.getMechid(), a.getMachine()); exitCode = 10; // Refreshed @@ -1070,7 +1070,7 @@ public class Agent { } } } - if(msg!=null) { + if (msg!=null) { FileOutputStream fos = new FileOutputStream(a.getDir()+'/'+a.getNs()+".msg"); try { fos.write(msg.getBytes()); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/ArtifactDir.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/ArtifactDir.java index b5353828..7e91afae 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/ArtifactDir.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/ArtifactDir.java @@ -65,10 +65,10 @@ public abstract class ArtifactDir implements PlaceArtifact { try { // Obtain/setup directory as required dir = new File(arti.getDir()); - if(processed.get("dir")==null) { - if(!dir.exists()) { + if (processed.get("dir")==null) { + if (!dir.exists()) { Chmod.to755.chmod(dir); - if(!dir.mkdirs()) { + if (!dir.mkdirs()) { throw new CadiException("Could not create " + dir); } } @@ -80,8 +80,8 @@ public abstract class ArtifactDir implements PlaceArtifact { // Obtain Issuers boolean first = true; StringBuilder issuers = new StringBuilder(); - for(String dn : certInfo.getCaIssuerDNs()) { - if(first) { + for (String dn : certInfo.getCaIssuerDNs()) { + if (first) { first=false; } else { issuers.append(':'); @@ -91,10 +91,10 @@ public abstract class ArtifactDir implements PlaceArtifact { addProperty(Config.CADI_X509_ISSUERS,issuers.toString()); } symm = (Symm)processed.get("symm"); - if(symm==null) { + if (symm==null) { // CADI Key Gen File f = new File(dir,arti.getNs() + ".keyfile"); - if(!f.exists()) { + if (!f.exists()) { write(f,Chmod.to400,Symm.keygen()); } symm = Symm.obtain(f); @@ -148,7 +148,7 @@ public abstract class ArtifactDir implements PlaceArtifact { FileOutputStream fos = new FileOutputStream(f); PrintStream ps = new PrintStream(fos); try { - for(String s : data) { + for (String s : data) { ps.print(s); } } finally { @@ -186,31 +186,31 @@ public abstract class ArtifactDir implements PlaceArtifact { private void validate(Artifact a) throws CadiException { StringBuilder sb = new StringBuilder(); - if(a.getDir()==null) { + if (a.getDir()==null) { sb.append("File Artifacts require a path"); } - if(a.getNs()==null) { - if(sb.length()>0) { + if (a.getNs()==null) { + if (sb.length()>0) { sb.append('\n'); } sb.append("File Artifacts require an AAF Namespace"); } - if(sb.length()>0) { + if (sb.length()>0) { throw new CadiException(sb.toString()); } } private boolean placeProperties(Artifact arti) throws CadiException { - if(encodeds.size()==0) { + if (encodeds.size()==0) { return true; } boolean first=processed.get("dir")==null; try { File f = new File(dir,arti.getNs()+".cred.props"); - if(f.exists()) { - if(first) { + if (f.exists()) { + if (first) { File backup = File.createTempFile(f.getName()+'.', ".backup",dir); f.renameTo(backup); } else { @@ -222,8 +222,8 @@ public abstract class ArtifactDir implements PlaceArtifact { PrintWriter pw = new PrintWriter(new FileWriter(f,!first)); try { // Write a Header - if(first) { - for(int i=0;i<60;++i) { + if (first) { + for (int i=0;i<60;++i) { pw.print('#'); } pw.println(); @@ -233,12 +233,12 @@ public abstract class ArtifactDir implements PlaceArtifact { pw.print("# on "); pw.println(Chrono.dateStamp()); pw.println("# @copyright 2016, AT&T"); - for(int i=0;i<60;++i) { + for (int i=0;i<60;++i) { pw.print('#'); } pw.println(); - for(String prop : encodeds) { - if( prop.startsWith("cm_") + for (String prop : encodeds) { + if ( prop.startsWith("cm_") || prop.startsWith(Config.HOSTNAME) || prop.startsWith(Config.AAF_ENV)) { pw.println(prop); @@ -246,8 +246,8 @@ public abstract class ArtifactDir implements PlaceArtifact { } } - for(String prop : encodeds) { - if(prop.startsWith("cadi")) { + for (String prop : encodeds) { + if (prop.startsWith("cadi")) { pw.println(prop); } } @@ -256,16 +256,16 @@ public abstract class ArtifactDir implements PlaceArtifact { } Chmod.to644.chmod(f); - if(first) { + if (first) { // Challenge f = new File(dir,arti.getNs()+".chal"); - if(f.exists()) { + if (f.exists()) { f.delete(); } pw = new PrintWriter(new FileWriter(f)); try { - for(String prop : encodeds) { - if(prop.startsWith("Challenge")) { + for (String prop : encodeds) { + if (prop.startsWith("Challenge")) { pw.println(prop); } } @@ -274,7 +274,7 @@ public abstract class ArtifactDir implements PlaceArtifact { } Chmod.to400.chmod(f); } - } catch(Exception e) { + } catch (Exception e) { throw new CadiException(e); } return true; diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Factory.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Factory.java index 40f31706..642b2d29 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Factory.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/Factory.java @@ -119,7 +119,7 @@ public class Factory { public static KeyPair generateKeyPair(Trans trans) { TimeTaken tt; - if(trans!=null) { + if (trans!=null) { tt = trans.start("Generate KeyPair", Env.SUB); } else { tt = null; @@ -127,7 +127,7 @@ public class Factory { try { return keygen.generateKeyPair(); } finally { - if(tt!=null) { + if (tt!=null) { tt.done(); } } @@ -146,7 +146,7 @@ public class Factory { base64.encode(bais, baos); sb.append(new String(baos.toByteArray())); - if(sb.charAt(sb.length()-1)!='\n') { + if (sb.charAt(sb.length()-1)!='\n') { sb.append('\n'); } sb.append("-----END "); @@ -215,7 +215,7 @@ public class Factory { public static Collection<? extends Certificate> toX509Certificate(List<String> x509s) throws CertificateException { ByteArrayOutputStream baos = new ByteArrayOutputStream(); try { - for(String x509 : x509s) { + for (String x509 : x509s) { baos.write(x509.getBytes()); } } catch (IOException e) { @@ -246,16 +246,16 @@ public class Factory { } public static String toString(Trans trans, Certificate cert) throws IOException, CertException { - if(trans.debug().isLoggable()) { + if (trans.debug().isLoggable()) { StringBuilder sb = new StringBuilder("Certificate to String"); - if(cert instanceof X509Certificate) { + if (cert instanceof X509Certificate) { sb.append(" - "); sb.append(((X509Certificate)cert).getSubjectDN()); } trans.debug().log(sb); } try { - if(cert==null) { + if (cert==null) { throw new CertException("Certificate not built"); } return textBuilder("CERTIFICATE",cert.getEncoded()); @@ -283,18 +283,18 @@ public class Factory { ByteArrayOutputStream baos = new ByteArrayOutputStream(); String line; boolean notStarted = true; - while((line=br.readLine())!=null) { - if(notStarted) { - if(line.startsWith("-----")) { + while ((line=br.readLine())!=null) { + if (notStarted) { + if (line.startsWith("-----")) { notStarted = false; - if(hs!=null) { + if (hs!=null) { hs.set(line); } } else { continue; } } - if(line.length()>0 && + if (line.length()>0 && !line.startsWith("-----") && line.indexOf(':')<0) { // Header elements baos.write(line.getBytes()); @@ -310,7 +310,7 @@ public class Factory { private String line; public StripperInputStream(Reader rdr) { - if(rdr instanceof BufferedReader) { + if (rdr instanceof BufferedReader) { br = (BufferedReader)rdr; } else { br = new BufferedReader(rdr); @@ -330,16 +330,16 @@ public class Factory { @Override public int read() throws IOException { - if(line==null || idx>=line.length()) { - while((line=br.readLine())!=null) { - if(line.length()>0 && + if (line==null || idx>=line.length()) { + while ((line=br.readLine())!=null) { + if (line.length()>0 && !line.startsWith("-----") && line.indexOf(':')<0) { // Header elements break; } } - if(line==null) { + if (line==null) { return -1; } idx = 0; @@ -352,7 +352,7 @@ public class Factory { */ @Override public void close() throws IOException { - if(created!=null) { + if (created!=null) { created.close(); } } @@ -379,13 +379,13 @@ public class Factory { @Override public int read() throws IOException { - if(duo==null || idx>=duo.length) { + if (duo==null || idx>=duo.length) { int read = is.read(trio); - if(read==-1) { + if (read==-1) { return -1; } duo = Symm.base64.decode(trio); - if(duo==null || duo.length==0) { + if (duo==null || duo.length==0) { return -1; } idx=0; @@ -399,7 +399,7 @@ public class Factory { */ @Override public void close() throws IOException { - if(created!=null) { + if (created!=null) { created.close(); } } @@ -477,7 +477,7 @@ public class Factory { */ public static synchronized Provider getSecurityProvider(String providerType, String[][] params) throws CertException { Provider p = Security.getProvider(providerType); - if(p!=null) { + if (p!=null) { switch(providerType) { case "PKCS12": diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java index e85b903f..b91e8734 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactInKeystore.java @@ -53,7 +53,7 @@ public class PlaceArtifactInKeystore extends ArtifactDir { File fks = new File(dir,arti.getNs()+'.'+(kst==Agent.PKCS12?"p12":kst)); try { KeyStore jks = KeyStore.getInstance(kst); - if(fks.exists()) { + if (fks.exists()) { File backup = File.createTempFile(fks.getName()+'.', ".backup",dir); fks.renameTo(backup); } @@ -65,10 +65,10 @@ public class PlaceArtifactInKeystore extends ArtifactDir { X509Certificate x509; List<X509Certificate> chainList = new ArrayList<>(); Set<X509Certificate> caSet = new HashSet<>(); - for(Certificate c : certColl) { + for (Certificate c : certColl) { x509 = (X509Certificate)c; // Is a Root (self-signed, anyway) - if(x509.getSubjectDN().equals(x509.getIssuerDN())) { + if (x509.getSubjectDN().equals(x509.getIssuerDN())) { caSet.add(x509); } else { chainList.add(x509); @@ -98,7 +98,7 @@ public class PlaceArtifactInKeystore extends ArtifactDir { addEncProperty(Config.CADI_KEY_PASSWORD, keyPass); addProperty(Config.CADI_ALIAS, arti.getMechid()); // Set<Attribute> attribs = new HashSet<>(); -// if(kst.equals("pkcs12")) { +// if (kst.equals("pkcs12")) { // // Friendly Name // attribs.add(new PKCS12Attribute("1.2.840.113549.1.9.20", arti.getNs())); // } @@ -119,7 +119,7 @@ public class PlaceArtifactInKeystore extends ArtifactDir { // Change out to TrustStore // NOTE: PKCS12 does NOT support Trusted Entries. Put in JKS Always fks = new File(dir,arti.getNs()+".trust.jks"); - if(fks.exists()) { + if (fks.exists()) { File backup = File.createTempFile(fks.getName()+'.', ".backup",dir); fks.renameTo(backup); } @@ -136,7 +136,7 @@ public class PlaceArtifactInKeystore extends ArtifactDir { // Add Trusted Certificates, but PKCS12 doesn't support Certificate[] trustCAs = new Certificate[caSet.size()]; caSet.toArray(trustCAs); - for(int i=0; i<trustCAs.length;++i) { + for (int i=0; i<trustCAs.length;++i) { jks.setCertificateEntry("ca_" + arti.getCa() + '_' + i, trustCAs[i]); } // Write out diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactOnStream.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactOnStream.java index b5dcfbc5..fcc1f623 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactOnStream.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactOnStream.java @@ -39,13 +39,13 @@ public class PlaceArtifactOnStream implements PlaceArtifact { public boolean place(Trans trans, CertInfo capi, Artifact a, String machine) { String lineSeparator = System.lineSeparator(); - if(capi.getNotes()!=null && capi.getNotes().length()>0) { + if (capi.getNotes()!=null && capi.getNotes().length()>0) { trans.info().printf("Warning: %s" + lineSeparator, capi.getNotes()); } out.printf("Challenge: %s" + lineSeparator, capi.getChallenge()); out.printf("PrivateKey:" + lineSeparator + "%s" + lineSeparator, capi.getPrivatekey()); out.println("Certificate Chain:"); - for(String c : capi.getCerts()) { + for (String c : capi.getCerts()) { out.println(c); } return true; diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactScripts.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactScripts.java index 2393c4c8..5ee1abe2 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactScripts.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/configure/PlaceArtifactScripts.java @@ -40,7 +40,7 @@ public class PlaceArtifactScripts extends ArtifactDir { String filename = arti.getNs()+".check.sh"; File f1 = new File(dir,filename); String email = arti.getNotification() + '\n'; - if(email.startsWith("mailto:")) { + if (email.startsWith("mailto:")) { email=email.substring(7); } else { email=arti.getOsUser() + '\n'; @@ -48,8 +48,8 @@ public class PlaceArtifactScripts extends ArtifactDir { StringBuilder classpath = new StringBuilder(); boolean first = true; - for(String pth : Split.split(File.pathSeparatorChar, System.getProperty("java.class.path"))) { - if(first) { + for (String pth : Split.split(File.pathSeparatorChar, System.getProperty("java.class.path"))) { + if (first) { first=false; } else { classpath.append(File.pathSeparatorChar); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AAFToken.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AAFToken.java index 38890681..f3ff3898 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AAFToken.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AAFToken.java @@ -35,10 +35,10 @@ public class AAFToken { long lsb = uuid.getLeastSignificantBits(); long msb = uuid.getMostSignificantBits(); int sum=35; // AAF - for(int i=0;i<Long.SIZE;i+=8) { + for (int i=0;i<Long.SIZE;i+=8) { sum+=((lsb>>i) & 0xFF); } - for(int i=0;i<Long.SIZE;i+=8) { + for (int i=0;i<Long.SIZE;i+=8) { sum+=((((msb>>i) & 0xFF))<<0xB); } sum+=(sr.nextInt()&0xEFC00000); // this is just to not leave zeros laying around @@ -54,11 +54,11 @@ public class AAFToken { public static final UUID fromToken(String token) { byte[] bytes = Hash.fromHexNo0x(token); - if(bytes==null) { + if (bytes==null) { return null; } ByteBuffer bb = ByteBuffer.wrap(bytes); - if(bb.capacity()!=CAPACITY ) { + if (bb.capacity()!=CAPACITY ) { return null; // not a CADI Token } byte b1 = bb.get(); @@ -68,14 +68,14 @@ public class AAFToken { byte b3 = (byte)(0x3F&bb.get()); int sum=35; - for(int i=0;i<Long.SIZE;i+=8) { + for (int i=0;i<Long.SIZE;i+=8) { sum+=((lsb>>i) & 0xFF); } - for(int i=0;i<Long.SIZE;i+=8) { + for (int i=0;i<Long.SIZE;i+=8) { sum+=((((msb>>i) & 0xFF))<<0xB); } - if(b1!=((byte)sum) || + if (b1!=((byte)sum) || b2!=((byte)(sum>>8)) || b3!=((byte)((sum>>16)))) { return null; // not a CADI Token diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java index 26a8a69d..29d0933c 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/AbsOTafLur.java @@ -45,15 +45,15 @@ public abstract class AbsOTafLur { protected AbsOTafLur(final PropAccess access, final String token_url, final String introspect_url) throws CadiException { this.access = access; String ci; - if((ci = access.getProperty(Config.AAF_APPID,null))==null) { - if((ci = access.getProperty(Config.CADI_ALIAS,null))==null) { + if ((ci = access.getProperty(Config.AAF_APPID,null))==null) { + if ((ci = access.getProperty(Config.CADI_ALIAS,null))==null) { throw new CadiException(Config.AAF_APPID + REQUIRED_FOR_OAUTH2); } } client_id = ci; synchronized(access) { - if(tokenClientPool==null) { + if (tokenClientPool==null) { tokenClientPool = new Pool<TokenClient>(new TCCreator(access)); } try { @@ -76,7 +76,7 @@ public abstract class AbsOTafLur { throw new CadiException(e1); } - if((url = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null))==null) { + if ((url = access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null))==null) { throw new CadiException(Config.AAF_OAUTH2_TOKEN_URL + REQUIRED_FOR_OAUTH2); } @@ -85,7 +85,7 @@ public abstract class AbsOTafLur { } catch (NumberFormatException e) { throw new CadiException("Bad format for " + Config.AAF_CONN_TIMEOUT, e); } - if((enc_secret= access.getProperty(Config.AAF_APPPASS,null))==null) { + if ((enc_secret= access.getProperty(Config.AAF_APPPASS,null))==null) { throw new CadiException(Config.AAF_APPPASS + REQUIRED_FOR_OAUTH2); } } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/HRenewingTokenSS.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/HRenewingTokenSS.java index 100b58ec..0e57dee8 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/HRenewingTokenSS.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/HRenewingTokenSS.java @@ -54,14 +54,14 @@ public class HRenewingTokenSS extends HAuthorizationHeader { tc.client_creds(access); setUser(tc.client_id()); String defaultNS = FQI.reverseDomain(tc.client_id()); - if(nss.length>0) { + if (nss.length>0) { boolean hasDefault = false; - for(String ns : nss) { - if(ns.equals(defaultNS)) { + for (String ns : nss) { + if (ns.equals(defaultNS)) { hasDefault = true; } } - if(hasDefault) { + if (hasDefault) { scopes=nss; } else { String[] nssPlus = new String[nss.length+1]; @@ -86,7 +86,7 @@ public class HRenewingTokenSS extends HAuthorizationHeader { Result<TimedToken> token; try { token = tc.getToken(Kind.OAUTH,scopes); - if(token.isOK()) { + if (token.isOK()) { return "Bearer " + token.value.getAccessToken(); } else { throw new IOException("Token cannot be obtained: " + token.code + '-' + token.error); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTaf.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTaf.java index b4b4b1e3..27e92142 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTaf.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2HttpTaf.java @@ -52,14 +52,14 @@ public class OAuth2HttpTaf implements HttpTaf { @Override public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) { String authz = req.getHeader("Authorization"); - if(authz != null && authz.length()>7 && authz.startsWith("Bearer ")) { - if(!req.isSecure()) { + if (authz != null && authz.length()>7 && authz.startsWith("Bearer ")) { + if (!req.isSecure()) { access.log(Level.WARN,"WARNING! OAuth has been used over an insecure channel"); } try { String tkn = authz.substring(7); Result<OAuth2Principal> rp = tmgr.toPrincipal(tkn,Hash.hashSHA256(tkn.getBytes())); - if(rp.isOK()) { + if (rp.isOK()) { return new OAuth2HttpTafResp(access,rp.value,rp.value.getName()+" authenticated by Bearer Token",RESP.IS_AUTHENTICATED,resp,false); } else { return new OAuth2HttpTafResp(access,null,rp.error,RESP.FAIL,resp,true); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Lur.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Lur.java index 5f4009d5..1a1adcc5 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Lur.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/OAuth2Lur.java @@ -55,16 +55,16 @@ public class OAuth2Lur implements Lur { public boolean fish(Principal bait, Permission ... pond) { boolean rv = false; - if(bait instanceof OAuth2Principal) { + if (bait instanceof OAuth2Principal) { OAuth2Principal oap = (OAuth2Principal)bait; for (Permission p : pond ) { AAFPermission apond = (AAFPermission)p; TokenPerm tp = oap.tokenPerm(); - if(tp==null) { + if (tp==null) { } else { - for(Permission perm : tp.perms()) { - if(perm.match(apond)) { + for (Permission perm : tp.perms()) { + if (perm.match(apond)) { return true; } } @@ -78,8 +78,8 @@ public class OAuth2Lur implements Lur { public void fishAll(Principal bait, List<Permission> permissions) { OAuth2Principal oap = (OAuth2Principal)bait; TokenPerm tp = oap.tokenPerm(); - if(tp!=null) { - for(AAFPermission p : tp.perms()) { + if (tp!=null) { + for (AAFPermission p : tp.perms()) { permissions.add(p); } } @@ -96,7 +96,7 @@ public class OAuth2Lur implements Lur { @Override public boolean handles(Principal p) { - if(p!=null && p instanceof BearerPrincipal) { + if (p!=null && p instanceof BearerPrincipal) { return ((BearerPrincipal)p).getBearer()!=null; } return false; diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java index 3b4e074a..58ecaa84 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClient.java @@ -80,7 +80,7 @@ public class TokenClient { ss = null; authn_method = am; synchronized(tcf) { - if(introspectDF==null) { + if (introspectDF==null) { tokenDF = tkCon.env().newDataFactory(Token.class); introspectDF = tkCon.env().newDataFactory(Introspect.class); } @@ -106,9 +106,9 @@ public class TokenClient { } public void client_creds(Access access) throws CadiException { - if(okind=='A') { + if (okind=='A') { String alias = access.getProperty(Config.CADI_ALIAS, null); - if(alias == null) { + if (alias == null) { client_creds(access.getProperty(Config.AAF_APPID, null),access.getProperty(Config.AAF_APPPASS, null)); } else { client_creds(alias,null); @@ -129,15 +129,15 @@ public class TokenClient { * @throws IOException */ public void client_creds(final String client_id, final String client_secret) throws CadiException { - if(client_id==null) { + if (client_id==null) { throw new CadiException("client_creds:client_id is null"); } this.client_id = client_id; default_scope = FQI.reverseDomain(client_id); - if(client_secret!=null) { + if (client_secret!=null) { try { - if(client_secret.startsWith("enc:")) { + if (client_secret.startsWith("enc:")) { final String temp = factory.access.decrypt(client_secret, false); // this is a more powerful, but non-thread-safe encryption hash = Hash.hashSHA256(temp.getBytes()); this.enc_client_secret = factory.symm.encode(temp.getBytes()); @@ -159,7 +159,7 @@ public class TokenClient { }; } authn_method = AUTHN_METHOD.client_credentials; - } catch(IOException | NoSuchAlgorithmException e) { + } catch (IOException | NoSuchAlgorithmException e) { throw new CadiException(e); } } else { @@ -193,9 +193,9 @@ public class TokenClient { */ public void password(final String user, final String password) throws CadiException { this.username = user; - if(password!=null) { + if (password!=null) { try { - if(password.startsWith("enc:")) { + if (password.startsWith("enc:")) { final String temp = factory.access.decrypt(password, false); // this is a more powerful, but non-thread-safe encryption hash = Hash.hashSHA256(temp.getBytes()); this.enc_password = factory.symm.encode(temp.getBytes()); @@ -226,7 +226,7 @@ public class TokenClient { public void clearEndUser() { username = null; enc_password = null; - if(client_id!=null && enc_client_secret!=null) { + if (client_id!=null && enc_client_secret!=null) { authn_method = AUTHN_METHOD.client_credentials; } else { authn_method = AUTHN_METHOD.password; @@ -244,7 +244,7 @@ public class TokenClient { public void clearToken(final char kind, final String ... scopes) throws CadiException { final String scope = addScope(scopes); char c; - if(kind==Kind.OAUTH) { + if (kind==Kind.OAUTH) { c = okind; } else { c = kind; @@ -261,13 +261,13 @@ public class TokenClient { public Result<TimedToken> getToken(final char kind, final String ... scopes) throws LocatorException, CadiException, APIException { final String scope = addScope(scopes); char c; - if(kind==Kind.OAUTH) { + if (kind==Kind.OAUTH) { c = okind; } else { c = kind; } final String key = TokenClientFactory.getKey(c,client_id,username,hash,scope); - if(ss==null) { + if (ss==null) { throw new APIException("client_creds(...) must be set before obtaining Access Tokens"); } @@ -285,7 +285,7 @@ public class TokenClient { public Result<Token> code(Rcli<?> client) throws CadiException, ConnectException, APIException { // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test Future<Token> f = client.postForm(null,tokenDF,paramsa); - if(f.get(timeout)) { + if (f.get(timeout)) { return Result.ok(f.code(),f.value); } else { return Result.err(f.code(), f.body()); @@ -293,7 +293,7 @@ public class TokenClient { } }); - if(rt.isOK()) { + if (rt.isOK()) { try { return Result.ok(rt.code,factory.putTimedToken(key,rt.value, hash)); } catch (IOException e) { @@ -306,11 +306,11 @@ public class TokenClient { } } }); - if(rtt.isOK()) { // not validated for Expired + if (rtt.isOK()) { // not validated for Expired TimedToken tt = rtt.value; - if(tt.expired()) { + if (tt.expired()) { rtt = refreshToken(tt); - if(rtt.isOK()) { + if (rtt.isOK()) { tkCon.access.printf(Level.INFO, "Refreshed token %s to %s",tt.getAccessToken(),rtt.value.getAccessToken()); return Result.ok(200,rtt.value); } else { @@ -328,7 +328,7 @@ public class TokenClient { } public Result<TimedToken> refreshToken(Token token) throws APIException, LocatorException, CadiException { - if(ss==null) { + if (ss==null) { throw new APIException("client_creds(...) must be set before obtaining Access Tokens"); } final List<String> params = new ArrayList<>(); @@ -344,7 +344,7 @@ public class TokenClient { public Result<Token> code(Rcli<?> client) throws CadiException, ConnectException, APIException { // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test Future<Token> f = client.postForm(null,tokenDF,paramsa); - if(f.get(timeout)) { + if (f.get(timeout)) { return Result.ok(f.code(),f.value); } else { return Result.err(f.code(), f.body()); @@ -352,21 +352,21 @@ public class TokenClient { } }); String key = TokenClientFactory.getKey(okind,client_id, username, hash, scope); - if(rt.isOK()) { + if (rt.isOK()) { try { return Result.ok(200,factory.putTimedToken(key, rt.value, hash)); } catch (IOException e) { //TODO what to do here? return Result.err(999, e.getMessage()); } - } else if(rt.code==404) { + } else if (rt.code==404) { factory.deleteFromDisk(key); } return Result.err(rt); } public Result<Introspect> introspect(final String token) throws APIException, LocatorException, CadiException { - if(ss==null) { + if (ss==null) { throw new APIException("client_creds(...) must be set before introspecting Access Tokens"); } @@ -380,7 +380,7 @@ public class TokenClient { params.toArray(paramsa); // /token?grant_type=client_credential&scope=com.att.aaf+com.att.test Future<Introspect> f = client.postForm(null,introspectDF,paramsa); - if(f.get(timeout)) { + if (f.get(timeout)) { return Result.ok(f.code(),f.value); } else { return Result.err(f.code(), f.body()); @@ -394,8 +394,8 @@ public class TokenClient { String rv = null; StringBuilder scope=null; boolean first = true; - for(String s : scopes) { - if(first) { + for (String s : scopes) { + if (first) { scope = new StringBuilder(); scope.append("scope="); first=false; @@ -404,7 +404,7 @@ public class TokenClient { } scope.append(s); } - if(scope!=null) { + if (scope!=null) { rv=scope.toString(); } return rv; @@ -432,11 +432,11 @@ public class TokenClient { // Set Credentials appropriate switch(authn_method) { case client_credentials: - if(client_id!=null) { + if (client_id!=null) { params.add("client_id="+client_id); } - if(enc_client_secret!=null) { + if (enc_client_secret!=null) { try { params.add("client_secret="+URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8)); } catch (IOException e) { @@ -444,17 +444,17 @@ public class TokenClient { } } - if(username!=null) { + if (username!=null) { params.add("username="+username); } break; case refresh_token: - if(client_id!=null) { + if (client_id!=null) { params.add("client_id="+client_id); } - if(enc_client_secret!=null) { + if (enc_client_secret!=null) { try { params.add("client_secret="+URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8)); } catch (IOException e) { @@ -464,22 +464,22 @@ public class TokenClient { break; case password: - if(client_id!=null) { + if (client_id!=null) { params.add("client_id="+client_id); } - if(enc_client_secret!=null) { + if (enc_client_secret!=null) { try { params.add("client_secret="+ URLEncoder.encode(new String(factory.symm.decode(enc_client_secret)),UTF_8)); } catch (IOException e) { throw new APIException("Error Decrypting Password",e); } } - if(username!=null) { + if (username!=null) { params.add("username="+username); } - if(enc_password!=null) { + if (enc_password!=null) { try { params.add("password="+ URLEncoder.encode(new String(factory.symm.decode(enc_password)),UTF_8)); } catch (IOException e) { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java index 8a7118c7..21b65f1a 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenClientFactory.java @@ -63,10 +63,10 @@ public class TokenClientFactory extends Persist<Token,TimedToken> { private TokenClientFactory(Access pa) throws APIException, GeneralSecurityException, IOException, CadiException { super(pa, new RosettaEnv(pa.getProperties()),Token.class,"outgoing"); - if(access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null)==null) { + if (access.getProperty(Config.AAF_OAUTH2_TOKEN_URL,null)==null) { access.getProperties().put(Config.AAF_OAUTH2_TOKEN_URL, Defaults.OAUTH2_TOKEN_URL); // Default to AAF } - if(access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,null)==null) { + if (access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL,null)==null) { access.getProperties().put(Config.AAF_OAUTH2_INTROSPECT_URL, Defaults.OAUTH2_INTROSPECT_URL); // Default to AAF); } @@ -75,7 +75,7 @@ public class TokenClientFactory extends Persist<Token,TimedToken> { } public synchronized static final TokenClientFactory instance(Access access) throws APIException, GeneralSecurityException, IOException, CadiException { - if(instance==null) { + if (instance==null) { instance = new TokenClientFactory(access); } return instance; @@ -96,16 +96,16 @@ public class TokenClientFactory extends Persist<Token,TimedToken> { public<INTR> TokenClient newClient(final String tagOrURL, final int timeout) throws CadiException, LocatorException, APIException { AAFConHttp ach; - if(tagOrURL==null) { + if (tagOrURL==null) { throw new CadiException("parameter tagOrURL cannot be null."); } else { ach = aafcons.get(tagOrURL); - if(ach==null) { + if (ach==null) { aafcons.put(tagOrURL, ach=new AAFConHttp(access,tagOrURL)); } } char okind; - if( Config.AAF_OAUTH2_TOKEN_URL.equals(tagOrURL) || + if ( Config.AAF_OAUTH2_TOKEN_URL.equals(tagOrURL) || Config.AAF_OAUTH2_INTROSPECT_URL.equals(tagOrURL) || tagOrURL.equals(access.getProperty(Config.AAF_OAUTH2_TOKEN_URL, null)) || tagOrURL.equals(access.getProperty(Config.AAF_OAUTH2_INTROSPECT_URL, null)) @@ -136,19 +136,19 @@ public class TokenClientFactory extends Persist<Token,TimedToken> { try { StringBuilder sb = new StringBuilder(client_id); sb.append('_'); - if(username!=null) { + if (username!=null) { sb.append(username); } sb.append('_'); sb.append(tokenSource); byte[] tohash=scope.getBytes(); - if(hash!=null && hash.length>0) { + if (hash!=null && hash.length>0) { byte temp[] = new byte[hash.length+tohash.length]; System.arraycopy(tohash, 0, temp, 0, tohash.length); System.arraycopy(hash, 0, temp, tohash.length, hash.length); tohash = temp; } - if(scope!=null && scope.length()>0) { + if (scope!=null && scope.length()>0) { sb.append(Hash.toHexNo0x(Hash.hashSHA256(tohash))); } return sb.toString(); @@ -170,12 +170,12 @@ public class TokenClientFactory extends Persist<Token,TimedToken> { private static final Pattern locatePattern = Pattern.compile("https://.*/locate/.*"); public Locator<URI> bestLocator(final String locatorURL ) throws LocatorException, URISyntaxException { - if(locatorURL==null) { + if (locatorURL==null) { throw new LocatorException("Cannot have a null locatorURL in bestLocator"); } - if(locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) { + if (locatorURL.startsWith("https://AAF_LOCATE_URL/") || locatePattern.matcher(locatorURL).matches()) { return new AAFLocator(hsi,new URI(locatorURL)); - } else if(locatorURL.indexOf(',')>0) { // multiple URLs is a Property Locator + } else if (locatorURL.indexOf(',')>0) { // multiple URLs is a Property Locator return new PropertyLocator(locatorURL); } else { return new SingleEndpointLocator(locatorURL); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenMgr.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenMgr.java index 147621fc..5a4e7f0c 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenMgr.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenMgr.java @@ -55,12 +55,12 @@ public class TokenMgr extends Persist<Introspect, TokenPerm> { private TokenMgr(PropAccess access, String tokenURL, String introspectURL) throws APIException, CadiException { super(access,new RosettaEnv(access.getProperties()),Introspect.class,"introspect"); synchronized(access) { - if(permsDF==null) { + if (permsDF==null) { permsDF = env.newDataFactory(Perms.class); introspectDF = env.newDataFactory(Introspect.class); } } - if("dbToken".equals(tokenURL) && "dbIntrospect".equals(introspectURL)) { + if ("dbToken".equals(tokenURL) && "dbIntrospect".equals(introspectURL)) { tpLoader = new TokenPermLoader() { // null Loader @Override public Result<TokenPerm> load(String accessToken, byte[] cred) @@ -72,7 +72,7 @@ public class TokenMgr extends Persist<Introspect, TokenPerm> { RemoteTokenPermLoader rtpl = new RemoteTokenPermLoader(tokenURL, introspectURL); // default is remote String i = access.getProperty(Config.AAF_APPID,null); String p = access.getProperty(Config.AAF_APPPASS, null); - if(i==null || p==null) { + if (i==null || p==null) { throw new CadiException(Config.AAF_APPID + " and " + Config.AAF_APPPASS + " must be set to initialize TokenMgr"); } rtpl.introCL.client_creds(i,p); @@ -83,7 +83,7 @@ public class TokenMgr extends Persist<Introspect, TokenPerm> { private TokenMgr(PropAccess access, TokenPermLoader tpl) throws APIException, CadiException { super(access,new RosettaEnv(access.getProperties()),Introspect.class,"incoming"); synchronized(access) { - if(permsDF==null) { + if (permsDF==null) { permsDF = env.newDataFactory(Perms.class); introspectDF = env.newDataFactory(Introspect.class); } @@ -94,7 +94,7 @@ public class TokenMgr extends Persist<Introspect, TokenPerm> { public static synchronized TokenMgr getInstance(final PropAccess access, final String tokenURL, final String introspectURL) throws APIException, CadiException { String key; TokenMgr tm = tmmap.get(key=tokenURL+'/'+introspectURL); - if(tm==null) { + if (tm==null) { tmmap.put(key, tm=new TokenMgr(access,tokenURL,introspectURL)); } return tm; @@ -111,7 +111,7 @@ public class TokenMgr extends Persist<Introspect, TokenPerm> { } } }); - if(tp.isOK()) { + if (tp.isOK()) { return Result.ok(200, new OAuth2Principal(tp.value,hash)); } else { return Result.err(tp); @@ -143,7 +143,7 @@ public class TokenMgr extends Persist<Introspect, TokenPerm> { int timeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF)); tokenCL = tcf.newClient(tokenURL, timeout); - if(introspectURL.equals(tokenURL)) { + if (introspectURL.equals(tokenURL)) { introCL = tokenCL; } else { introCL = tcf.newClient(introspectURL, @@ -159,7 +159,7 @@ public class TokenMgr extends Persist<Introspect, TokenPerm> { long start = System.currentTimeMillis(); try { Result<Introspect> ri = introCL.introspect(accessToken); - if(ri.isOK()) { + if (ri.isOK()) { return Result.ok(ri.code, new TokenPerm(TokenMgr.this,permsDF,ri.value,cred,getPath(accessToken))); } else { return Result.err(ri); @@ -172,7 +172,7 @@ public class TokenMgr extends Persist<Introspect, TokenPerm> { public void clear(Principal p, StringBuilder report) { TokenPerm tp = tpmap.remove(p.getName()); - if(tp==null) { + if (tp==null) { report.append("Nothing to clear"); } else { report.append("Cleared "); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenPerm.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenPerm.java index daac8f43..6efd9ce3 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenPerm.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TokenPerm.java @@ -49,7 +49,7 @@ public class TokenPerm extends Persisting<Introspect>{ public TokenPerm(Persist<Introspect,?> p, RosettaDF<Perms> permsDF, Introspect ti, byte[] hash, Path path) throws APIException { super(p,ti,ti.getExp(),hash,path); // ti.getExp() is seconds after Jan 1, 1970 ) this.introspect = ti; - if(ti.getContent()==null || ti.getContent().length()==0) { + if (ti.getContent()==null || ti.getContent().length()==0) { perms = NULL_PERMS; } else { LoadPermissions lp; @@ -96,7 +96,7 @@ public class TokenPerm extends Persisting<Introspect>{ InJson ij = new InJson(); Parsed<State> pd = ij.newParsed(); boolean inPerms = false, inPerm = false; - while((pd = ij.parse(r,pd.reuse())).valid()) { + while ((pd = ij.parse(r,pd.reuse())).valid()) { switch(pd.event) { case Parse.START_DOC: perms = new ArrayList<>(); @@ -105,22 +105,22 @@ public class TokenPerm extends Persisting<Introspect>{ inPerms = "perm".equals(pd.name); break; case '{': - if(inPerms) { + if (inPerms) { inPerm=true; pi.clear(); } break; case ',': - if(inPerm) { + if (inPerm) { pi.eval(pd); } break; case '}': - if(inPerms) { - if(inPerm) { + if (inPerms) { + if (inPerm) { pi.eval(pd); AAFPermission perm = pi.create(); - if(perm!=null) { + if (perm!=null) { perms.add(perm); } } @@ -128,7 +128,7 @@ public class TokenPerm extends Persisting<Introspect>{ } break; case Parse.END_ARRAY: - if(inPerms) { + if (inPerms) { inPerms=false; } break; @@ -146,7 +146,7 @@ public class TokenPerm extends Persisting<Introspect>{ ns=type=instance=action=null; } public void eval(Parsed<State> pd) { - if(pd.hasName()) { + if (pd.hasName()) { switch(pd.name) { case "ns": ns=pd.sb.toString(); @@ -164,7 +164,7 @@ public class TokenPerm extends Persisting<Introspect>{ } } public AAFPermission create() { - if(type!=null && instance!=null && action !=null) { + if (type!=null && instance!=null && action !=null) { return new AAFPermission(ns,type, instance, action); } else { return null; diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzHClient.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzHClient.java index 77348390..c07332d1 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzHClient.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/oauth/TzHClient.java @@ -69,10 +69,10 @@ public class TzHClient extends TzClient { } public <RET> RET best (Retryable<RET> retryable) throws CadiException, LocatorException, APIException { - if(token == null || tokenSS==null) { + if (token == null || tokenSS==null) { throw new CadiException("OAuth2 Token has not been set"); } - if(token.expired()) { + if (token.expired()) { //TODO Refresh? throw new CadiException("Expired Token"); } else { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/obasic/OBasicHttpTaf.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/obasic/OBasicHttpTaf.java index 688f30b1..8c2cc82d 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/obasic/OBasicHttpTaf.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/obasic/OBasicHttpTaf.java @@ -87,20 +87,20 @@ public class OBasicHttpTaf extends AbsOTafLur implements HttpTaf { final String user; String password=null; byte[] cred=null; - if(req instanceof BasicCred) { + if (req instanceof BasicCred) { BasicCred bc = (BasicCred)req; user = bc.getUser(); cred = bc.getCred(); } else { String authz = req.getHeader("Authorization"); - if(authz != null && authz.startsWith("Basic ")) { - if(!req.isSecure()) { + if (authz != null && authz.startsWith("Basic ")) { + if (!req.isSecure()) { access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel"); } try { String temp = Symm.base64noSplit.decode(authz.substring(6)); int colon = temp.lastIndexOf(':'); - if(colon>0) { + if (colon>0) { user = temp.substring(0,colon); password = temp.substring(colon+1); } else { @@ -108,7 +108,7 @@ public class OBasicHttpTaf extends AbsOTafLur implements HttpTaf { access.encrypt(temp)); return new BasicHttpTafResp(access,null,"Malformed BasicAuth entry",RESP.FAIL,resp,realm,false); } - if(!rbac.validate(user,Type.PASSWORD,password.getBytes(),req)) { + if (!rbac.validate(user,Type.PASSWORD,password.getBytes(),req)) { return new BasicHttpTafResp(access,null,buildMsg(null,req,"user/pass combo invalid for ",user,"from",req.getRemoteAddr()), RESP.TRY_AUTHENTICATING,resp,realm,true); } @@ -122,10 +122,10 @@ public class OBasicHttpTaf extends AbsOTafLur implements HttpTaf { } try { - if(password==null && cred!=null) { + if (password==null && cred!=null) { password = new String(cred); cred = Hash.hashSHA256(cred); - } else if(password!=null && cred==null) { + } else if (password!=null && cred==null) { cred = Hash.hashSHA256(password.getBytes()); } Pooled<TokenClient> pclient = tokenClientPool.get(); @@ -133,13 +133,13 @@ public class OBasicHttpTaf extends AbsOTafLur implements HttpTaf { pclient.content.password(user, password); String scope=FQI.reverseDomain(client_id); Result<TimedToken> rtt = pclient.content.getToken('B',scope); - if(rtt.isOK()) { - if(rtt.value.expired()) { + if (rtt.isOK()) { + if (rtt.value.expired()) { return new BasicHttpTafResp(access,null,"BasicAuth/OAuth Token: Token Expired",RESP.FAIL,resp,realm,true); } else { TimedToken tt = rtt.value; Result<OAuth2Principal> prin = tkMgr.toPrincipal(tt.getAccessToken(), cred); - if(prin.isOK()) { + if (prin.isOK()) { return new BasicHttpTafResp(access,prin.value,"BasicAuth/OAuth Token Authentication",RESP.IS_AUTHENTICATED,resp,realm,true); } else { return new BasicHttpTafResp(access,null,"BasicAuth/OAuth Token: " + prin.code + ' ' + prin.error,RESP.FAIL,resp,realm,true); @@ -159,7 +159,7 @@ public class OBasicHttpTaf extends AbsOTafLur implements HttpTaf { protected String buildMsg(Principal pr, HttpServletRequest req, Object ... msg) { StringBuilder sb = new StringBuilder(); - if(pr!=null) { + if (pr!=null) { sb.append("user="); sb.append(pr.getName()); sb.append(','); @@ -168,9 +168,9 @@ public class OBasicHttpTaf extends AbsOTafLur implements HttpTaf { sb.append(req.getRemoteAddr()); sb.append(",port="); sb.append(req.getRemotePort()); - if(msg.length>0) { + if (msg.length>0) { sb.append(",msg=\""); - for(Object s : msg) { + for (Object s : msg) { sb.append(s.toString()); } sb.append('"'); @@ -180,9 +180,9 @@ public class OBasicHttpTaf extends AbsOTafLur implements HttpTaf { @Override public Resp revalidate(CachedPrincipal prin, Object state) { -// if(prin instanceof BasicPrincipal) { +// if (prin instanceof BasicPrincipal) { // BasicPrincipal ba = (BasicPrincipal)prin; -// if(DenialOfServiceTaf.isDeniedID(ba.getName())!=null) { +// if (DenialOfServiceTaf.isDeniedID(ba.getName())!=null) { // return Resp.UNVALIDATED; // } // return rbac.validate(ba.getName(), Type.PASSWORD, ba.getCred(), state)?Resp.REVALIDATED:Resp.UNVALIDATED; diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/olur/OLur.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/olur/OLur.java index c67f986e..b85e311d 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/olur/OLur.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/olur/OLur.java @@ -56,13 +56,13 @@ public class OLur extends AbsOTafLur implements Lur { @Override public boolean fish(Principal bait, Permission ... pond) { TokenPerm tp; - if(bait instanceof OAuth2Principal) { + if (bait instanceof OAuth2Principal) { OAuth2Principal oa2p = (OAuth2Principal)bait; tp = oa2p.tokenPerm(); } else { tp=null; } - if(tp==null) { + if (tp==null) { // if no Token Perm preset, get try { Pooled<TokenClient> tcp = tokenClientPool.get(); @@ -73,7 +73,7 @@ public class OLur extends AbsOTafLur implements Lur { scopeSet.add(tc.defaultScope()); AAFPermission ap; for (Permission p : pond) { - if(p instanceof AAFPermission) { + if (p instanceof AAFPermission) { ap = (AAFPermission)p; scopeSet.add(ap.getNS()); } @@ -82,9 +82,9 @@ public class OLur extends AbsOTafLur implements Lur { scopeSet.toArray(scopes); Result<TimedToken> rtt = tc.getToken(Kind.getKind(bait),scopes); - if(rtt.isOK()) { + if (rtt.isOK()) { Result<TokenPerm> rtp = tkMgr.get(rtt.value.getAccessToken(), bait.getName().getBytes()); - if(rtp.isOK()) { + if (rtp.isOK()) { tp = rtp.value; } } @@ -97,8 +97,8 @@ public class OLur extends AbsOTafLur implements Lur { } boolean rv = false; - if(tp!=null) { - if(tkMgr.access.willLog(Level.DEBUG)) { + if (tp!=null) { + if (tkMgr.access.willLog(Level.DEBUG)) { StringBuilder sb = new StringBuilder("AAF Permissions for user "); sb.append(bait.getName()); sb.append(", from token "); @@ -117,7 +117,7 @@ public class OLur extends AbsOTafLur implements Lur { access.log(Level.DEBUG, sb); } for (Permission p : pond) { - if(rv) { + if (rv) { break; } for (AAFPermission perm : tp.perms()) { @@ -135,7 +135,7 @@ public class OLur extends AbsOTafLur implements Lur { */ @Override public void fishAll(Principal bait, List<Permission> permissions) { - if(bait instanceof OAuth2Principal) { + if (bait instanceof OAuth2Principal) { for (AAFPermission p : ((OAuth2Principal)bait).tokenPerm().perms()) { permissions.add(p); } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persist.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persist.java index d87ee780..472bb529 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persist.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persist.java @@ -67,7 +67,7 @@ public abstract class Persist<T,CT extends Persistable<T>> extends PersistFile { df = env.newDataFactory(cls); tmap = new ConcurrentHashMap<>(); synchronized(Persist.class) { - if(clean==null) { + if (clean==null) { clean = new Timer(true); clean.schedule(new Clean(access), 20000, CLEAN_CHECK); } @@ -85,14 +85,14 @@ public abstract class Persist<T,CT extends Persistable<T>> extends PersistFile { return df; } public Result<CT> get(final String key, final byte[] hash, Loader<CT> rl) throws CadiException, APIException, LocatorException { - if(key==null) { + if (key==null) { return null; } Holder<Path> hp = new Holder<Path>(null); CT ct = tmap.get(key); // Make sure cached Item is synced with Disk, but only even Minute to save Disk hits - if(ct!=null && ct.checkSyncTime()) { // check File Time only every SYNC Period (2 min) - if(ct.hasBeenTouched()) { + if (ct!=null && ct.checkSyncTime()) { // check File Time only every SYNC Period (2 min) + if (ct.hasBeenTouched()) { tmap.remove(key); ct = null; access.log(Level.DEBUG,"File for",key,"has been touched, removing memory entry"); @@ -100,12 +100,12 @@ public abstract class Persist<T,CT extends Persistable<T>> extends PersistFile { } // If not currently in memory, check with Disk (which might have been updated by other processes) - if(ct==null) { + if (ct==null) { Holder<Long> hl = new Holder<Long>(0L); T t; - if((t = readDisk(df, hash, key, hp, hl))!=null) { + if ((t = readDisk(df, hash, key, hp, hl))!=null) { try { - if((ct = newCacheable(t,hl.get(),hash,hp.get()))!=null) { + if ((ct = newCacheable(t,hl.get(),hash,hp.get()))!=null) { tmap.put(key, ct); } access.log(Level.DEBUG,"Read Token from",key); @@ -115,16 +115,16 @@ public abstract class Persist<T,CT extends Persistable<T>> extends PersistFile { } // if not read, then ct still==null // If not in memory, or on disk, get from Remote... IF reloadable (meaning, isn't hitting too often, etc). - if(ct==null || ct.checkReloadable()) { + if (ct==null || ct.checkReloadable()) { // Load from external (if makes sense) Result<CT> rtp = rl.load(key); - if(rtp.isOK()) { + if (rtp.isOK()) { ct = rtp.value; try { Path p = getPath(key); writeDisk(df, ct.get(),ct.getHash(),p,ct.expires()); access.log(Level.DEBUG, "Writing token",key); - } catch(CadiException e) { + } catch (CadiException e) { throw e; } catch (Exception e) { throw new CadiException(e); @@ -134,7 +134,7 @@ public abstract class Persist<T,CT extends Persistable<T>> extends PersistFile { } } - if(ct!=null) { + if (ct!=null) { tmap.put(key, ct); } } else { @@ -186,23 +186,23 @@ public abstract class Persist<T,CT extends Persistable<T>> extends PersistFile { final long now = System.currentTimeMillis(); final long dayFromNow = now + ONE_DAY; final Metrics metrics = new Metrics(); - for(final Persist<?,?> persist : allPersists) { + for (final Persist<?,?> persist : allPersists) { // Clear memory - if(access.willLog(Level.DEBUG)) { + if (access.willLog(Level.DEBUG)) { access.log(Level.DEBUG, "Persist: Cleaning memory cache for",persist.tokenPath.toAbsolutePath()); } - for(Entry<String, ?> es : persist.tmap.entrySet()) { + for (Entry<String, ?> es : persist.tmap.entrySet()) { ++metrics.mexists; Persistable<?> p = (Persistable<?>)es.getValue(); - if(p.checkSyncTime()) { - if(p.count()==0) { + if (p.checkSyncTime()) { + if (p.count()==0) { ++metrics.mremoved; persist.tmap.remove(es.getKey()); access.printf(Level.DEBUG, "Persist: removed cached item %s from memory\n", es.getKey()); } else { p.clearCount(); } - } else if(Files.exists(p.path())) { + } else if (Files.exists(p.path())) { } } @@ -220,19 +220,19 @@ public abstract class Persist<T,CT extends Persistable<T>> extends PersistFile { @Override public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException { - if(attrs.isRegularFile()) { + if (attrs.isRegularFile()) { ++metrics.dexists; try { long exp = persist.readExpiration(file)*1000; // readExpiration is seconds from 1970 - if(now > exp) { // cover for bad token + if (now > exp) { // cover for bad token sb.append("\n\tFile "); sb.append(file.getFileName()); sb.append(" expired "); sb.append(Chrono.dateTime(new Date(exp))); persist.deleteFromDisk(file); ++metrics.dremoved; - } else if(exp > dayFromNow) { + } else if (exp > dayFromNow) { sb.append("\n\tFile "); sb.append(file.toString()); sb.append(" data corrupted."); @@ -273,14 +273,14 @@ public abstract class Persist<T,CT extends Persistable<T>> extends PersistFile { // We want to print some activity of Persistence Check at least hourly, even if no activity has occurred, but not litter the log if nothing is happening boolean go=false; Level level=Level.WARN; - if(access.willLog(Level.INFO)) { + if (access.willLog(Level.INFO)) { go = true; level=Level.INFO; - } else if(access.willLog(Level.WARN)) { + } else if (access.willLog(Level.WARN)) { go = metrics.mremoved>0 || metrics.dremoved>0 || --hourly <= 0; } - if(go) { + if (go) { access.printf(level, "Persist Cache: removed %d of %d items from memory and %d of %d from disk", metrics.mremoved, metrics.mexists, metrics.dremoved, metrics.dexists); hourly = 3600000/CLEAN_CHECK; diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/PersistFile.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/PersistFile.java index 7aab519d..c7d71488 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/PersistFile.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/PersistFile.java @@ -63,8 +63,8 @@ public class PersistFile { this.access = access; tokenPath = Paths.get(access.getProperty(Config.CADI_TOKEN_DIR,"tokens"), sub_dir); try { - if(!Files.exists(tokenPath)) { - if(isWindows) { + if (!Files.exists(tokenPath)) { + if (isWindows) { // Sorry Windows users, you need to secure your own paths Files.createDirectories(tokenPath); } else { @@ -77,7 +77,7 @@ public class PersistFile { throw new CadiException(e); } synchronized(LOCK) { - if(symm==null) { + if (symm==null) { symm = Symm.obtain(access); } } @@ -94,7 +94,7 @@ public class PersistFile { final OutputStream dos = Files.newOutputStream(tpath, StandardOpenOption.CREATE,StandardOpenOption.WRITE); try { // Write Expires so that we can read unencrypted. - for(int i=0;i<Long.SIZE;i+=8) { + for (int i=0;i<Long.SIZE;i+=8) { dos.write((byte)((expires>>i)&0xFF)); } @@ -104,10 +104,10 @@ public class PersistFile { CipherOutputStream os = enc.outputStream(dos, true); try { int size = cred==null?0:cred.length; - for(int i=0;i<Integer.SIZE;i+=8) { + for (int i=0;i<Integer.SIZE;i+=8) { os.write((byte)((size>>i)&0xFF)); } - if(cred!=null) { + if (cred!=null) { os.write(cred); } df.newData().load(t).to(os); @@ -128,7 +128,7 @@ public class PersistFile { return null; } }); - } catch(Exception e) { + } catch (Exception e) { throw new CadiException(e); } finally { dos.close(); @@ -141,7 +141,7 @@ public class PersistFile { } public <T> T readDisk(final RosettaDF<T> df, final byte[] cred, final String filename,final Holder<Path> hp, final Holder<Long> hl) throws CadiException { - if(hp.get()==null) { + if (hp.get()==null) { hp.set(Paths.get(tokenDir,filename)); } return readDisk(df,cred,hp.get(),hl); @@ -150,13 +150,13 @@ public class PersistFile { public <T> T readDisk(final RosettaDF<T> df, final byte[] cred, final Path target, final Holder<Long> hexpired) throws CadiException { // Try from Disk T t = null; - if(Files.exists(target)) { + if (Files.exists(target)) { try { final InputStream is = Files.newInputStream(target,StandardOpenOption.READ); try { // Read Expired unencrypted long exp=0; - for(int i=0;i<Long.SIZE;i+=8) { + for (int i=0;i<Long.SIZE;i+=8) { exp |= ((long)is.read()<<i); } hexpired.set(exp); @@ -167,19 +167,19 @@ public class PersistFile { CipherInputStream dis = enc.inputStream(is,false); try { int size=0; - for(int i=0;i<Integer.SIZE;i+=8) { + for (int i=0;i<Integer.SIZE;i+=8) { size |= ((int)dis.read()<<i); } - if(size>256) { + if (size>256) { throw new CadiException("Invalid size in Token Persistence"); - } else if(cred!=null && size!=cred.length) { + } else if (cred!=null && size!=cred.length) { throw new CadiException(HASH_NO_MATCH); } - if(cred!=null) { + if (cred!=null) { byte[] array = new byte[size]; - if(dis.read(array)>0) { - for(int i=0;i<size;++i) { - if(cred[i]!=array[i]) { + if (dis.read(array)>0) { + for (int i=0;i<size;++i) { + if (cred[i]!=array[i]) { throw new CadiException(HASH_NO_MATCH); } } @@ -205,11 +205,11 @@ public class PersistFile { public long readExpiration(final Path target) throws CadiException { long exp=0L; - if(Files.exists(target)) { + if (Files.exists(target)) { try { final InputStream is = Files.newInputStream(target,StandardOpenOption.READ); try { - for(int i=0;i<Long.SIZE;i+=8) { + for (int i=0;i<Long.SIZE;i+=8) { exp |= ((long)is.read()<<i); } } finally { @@ -246,7 +246,7 @@ public class PersistFile { public FileTime getFileTime(String filename, Holder<Path> hp) throws IOException { Path p = hp.get(); - if(p==null) { + if (p==null) { hp.set(p=Paths.get(tokenDir,filename)); } return Files.getLastModifiedTime(p); diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persisting.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persisting.java index dd136a2a..bde60777 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persisting.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/persist/Persisting.java @@ -54,7 +54,7 @@ public class Persisting<T> implements Persistable<T> { } count=0; nextCheck=0; - if(hash==null) { + if (hash==null) { this.hash = EMPTY; } else { this.hash = hash; @@ -80,7 +80,7 @@ public class Persisting<T> implements Persistable<T> { public boolean hasBeenTouched() { try { FileTime modT = Files.getLastModifiedTime(path); - if(lastTouched==null) { + if (lastTouched==null) { lastTouched = modT; return true; } else { @@ -98,7 +98,7 @@ public class Persisting<T> implements Persistable<T> { @Override public synchronized boolean checkSyncTime() { long temp=System.currentTimeMillis(); - if(nextCheck==0 || nextCheck<temp) { + if (nextCheck==0 || nextCheck<temp) { nextCheck = temp+SYNC_TIME; return true; } @@ -123,11 +123,11 @@ public class Persisting<T> implements Persistable<T> { @Override public boolean match(byte[] hashIn) { - if(hash==null || hashIn==null || hash.length!=hashIn.length) { + if (hash==null || hashIn==null || hash.length!=hashIn.length) { return false; } - for(int i=0;i<hashIn.length;++i) { - if(hash[i]!=hashIn[i]) { + for (int i=0;i<hashIn.length;++i) { + if (hash[i]!=hashIn[i]) { return false; } } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrar.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrar.java index 32ff8109..4ae1b97f 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrar.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/Registrar.java @@ -45,7 +45,7 @@ public class Registrar<ENV extends BasicEnv> { timer = new Timer(REGISTRAR,true); timer.schedule(new RegistrationTimerTask(env), START, INTERVAL); - if(shutdownHook) { + if (shutdownHook) { Runtime.getRuntime().addShutdownHook(new Thread() { public void run() { close(env); @@ -61,18 +61,18 @@ public class Registrar<ENV extends BasicEnv> { } @Override public void run() { - for(Iterator<Registrant<ENV>> iter = registrants.iterator(); iter.hasNext();) { + for (Iterator<Registrant<ENV>> iter = registrants.iterator(); iter.hasNext();) { Registrant<ENV> reg = iter.next(); Result<Void> rv = reg.update(env); synchronized(LOCK) { - if(rv.isOK()) { - if(erroringTimer!=null) { + if (rv.isOK()) { + if (erroringTimer!=null) { erroringTimer.cancel(); erroringTimer = null; } } else { // Account for different Registrations not being to same place - if(erroringTimer==null) { + if (erroringTimer==null) { erroringTimer = new Timer(REGISTRAR + " error re-check ",true); erroringTimer.schedule(new RegistrationTimerTask(env),20000,20000); } @@ -94,7 +94,7 @@ public class Registrar<ENV extends BasicEnv> { timer.cancel(); Registrant<ENV> r; - while(registrants.peek()!=null) { + while (registrants.peek()!=null) { r = registrants.pop(); r.cancel(env); } diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java index ae7ded3a..49d40ab4 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RemoteRegistrant.java @@ -67,12 +67,12 @@ public class RemoteRegistrant<ENV extends BasicEnv> implements Registrant<ENV> { } timeout = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF)); String aaf_locate = access.getProperty(Config.AAF_LOCATE_URL,null); - if(aaf_locate==null) { + if (aaf_locate==null) { throw new CadiException(Config.AAF_LOCATE_URL + " is required."); } else { // Note: want Property Locator or Single, not AAFLocator, because we want the core service, not what it can find try { - if(aaf_locate.indexOf(',')>=0) { + if (aaf_locate.indexOf(',')>=0) { locator = new PropertyLocator(aaf_locate); } else { locator = new SingleEndpointLocator(aaf_locate); @@ -88,23 +88,23 @@ public class RemoteRegistrant<ENV extends BasicEnv> implements Registrant<ENV> { try { String hostnameToRegister = access.getProperty(Config.AAF_REGISTER_AS, null); - if(hostnameToRegister==null) { + if (hostnameToRegister==null) { hostnameToRegister = access.getProperty(Config.HOSTNAME, null); } - if(hostnameToRegister==null) { + if (hostnameToRegister==null) { hostnameToRegister = Inet4Address.getLocalHost().getHostName(); } mep.setHostname(hostnameToRegister); String latitude = access.getProperty(Config.CADI_LATITUDE, null); - if(latitude==null) { + if (latitude==null) { latitude = access.getProperty("AFT_LATITUDE", null); } String longitude = access.getProperty(Config.CADI_LONGITUDE, null); - if(longitude==null) { + if (longitude==null) { longitude = access.getProperty("AFT_LONGITUDE", null); } - if(latitude==null || longitude==null) { + if (latitude==null || longitude==null) { throw new CadiException(Config.CADI_LATITUDE + " and " + Config.CADI_LONGITUDE + " is required"); } else { mep.setLatitude(Float.parseFloat(latitude)); @@ -117,11 +117,11 @@ public class RemoteRegistrant<ENV extends BasicEnv> implements Registrant<ENV> { mep.setMajor(split.length>0?Integer.parseInt(split[0]):0); String subprotocols = access.getProperty(Config.CADI_PROTOCOLS, null); - if(subprotocols==null) { + if (subprotocols==null) { mep.setProtocol("http"); } else { mep.setProtocol("https"); - for(String s : Split.split(',', subprotocols)) { + for (String s : Split.split(',', subprotocols)) { mep.getSubprotocol().add(s); } } @@ -130,7 +130,7 @@ public class RemoteRegistrant<ENV extends BasicEnv> implements Registrant<ENV> { } meps = new MgmtEndpoints(); meps.getMgmtEndpoint().add(mep); - for(RemoteRegistrant<ENV> rr : others) { + for (RemoteRegistrant<ENV> rr : others) { meps.getMgmtEndpoint().add(rr.mep); } } @@ -141,7 +141,7 @@ public class RemoteRegistrant<ENV extends BasicEnv> implements Registrant<ENV> { Rcli<?> client = aafcon.client(locator); try { Future<MgmtEndpoints> fup = client.update("/registration",mgmtEndpointsDF,meps); - if(fup.get(timeout)) { + if (fup.get(timeout)) { access.log(Level.INFO, "Registration complete to",client.getURI()); return Result.ok(fup.code(),null); } else { @@ -164,7 +164,7 @@ public class RemoteRegistrant<ENV extends BasicEnv> implements Registrant<ENV> { Rcli<?> client = aafcon.client(locator); try { Future<MgmtEndpoints> fup = client.delete("/registration",mgmtEndpointsDF,meps); - if(fup.get(timeout)) { + if (fup.get(timeout)) { access.log(Level.INFO, "Deregistration complete on",client.getURI()); return Result.ok(fup.code(),null); } else { diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java index 77be3449..38d4852f 100644 --- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java +++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/sso/AAFSSO.java @@ -95,7 +95,7 @@ public class AAFSSO { System.setErr(os); sso = new File(dot_aaf, "sso.props"); - if(sso.exists()) { + if (sso.exists()) { InputStream propStream = new FileInputStream(sso); try { diskprops.load(propStream); @@ -114,8 +114,8 @@ public class AAFSSO { if (sso.exists()) { Properties temp = new Properties(); // Keep only these - for(Entry<Object, Object> es : diskprops.entrySet()) { - if(Config.CADI_LATITUDE.equals(es.getKey()) || + for (Entry<Object, Object> es : diskprops.entrySet()) { + if (Config.CADI_LATITUDE.equals(es.getKey()) || Config.CADI_LONGITUDE.equals(es.getKey()) || Config.AAF_DEFAULT_REALM.equals(es.getKey())) { temp.setProperty(es.getKey().toString(), es.getValue().toString()); @@ -143,15 +143,15 @@ public class AAFSSO { } } - for(Entry<Object, Object> es : diskprops.entrySet()) { + for (Entry<Object, Object> es : diskprops.entrySet()) { nargs.add(es.getKey().toString() + '=' + es.getValue().toString()); } String[] naargs = new String[nargs.size()]; nargs.toArray(naargs); access = new PropAccess(os, naargs); - if(loginOnly) { - for(String tag : new String[] {Config.AAF_APPID, Config.AAF_APPPASS, + if (loginOnly) { + for (String tag : new String[] {Config.AAF_APPID, Config.AAF_APPPASS, Config.CADI_ALIAS, Config.CADI_KEYSTORE,Config.CADI_KEYSTORE_PASSWORD,Config.CADI_KEY_PASSWORD}) { access.getProperties().remove(tag); diskprops.remove(tag); @@ -159,7 +159,7 @@ public class AAFSSO { touchDiskprops=true; // TODO Do we want to require reset of Passwords at least every Eight Hours. // } else if (sso.lastModified() > (System.currentTimeMillis() - EIGHT_HOURS)) { -// for(String tag : new String[] {Config.AAF_APPPASS,Config.CADI_KEYSTORE_PASSWORD,Config.CADI_KEY_PASSWORD}) { +// for (String tag : new String[] {Config.AAF_APPPASS,Config.CADI_KEYSTORE_PASSWORD,Config.CADI_KEY_PASSWORD}) { // access.getProperties().remove(tag); // diskprops.remove(tag); // } @@ -175,7 +175,7 @@ public class AAFSSO { String alias, appID; alias = access.getProperty(Config.CADI_ALIAS); - if(alias==null) { + if (alias==null) { appID = access.getProperty(Config.AAF_APPID); user=appID; } else { @@ -183,7 +183,7 @@ public class AAFSSO { appID=null; } - if(appID!=null && access.getProperty(Config.AAF_APPPASS)==null) { + if (appID!=null && access.getProperty(Config.AAF_APPPASS)==null) { char[] password = cons.readPassword("Password for %s: ", appID); String app_pass = access.encrypt(new String(password)); access.setProperty(Config.AAF_APPPASS,app_pass); @@ -193,7 +193,7 @@ public class AAFSSO { String keystore=access.getProperty(Config.CADI_KEYSTORE); String keystore_pass=access.getProperty(Config.CADI_KEYSTORE_PASSWORD); - if(user==null || (alias!=null && (keystore==null || keystore_pass==null))) { + if (user==null || (alias!=null && (keystore==null || keystore_pass==null))) { String select = null; String name; for (File tsf : dot_aaf.listFiles()) { @@ -201,7 +201,7 @@ public class AAFSSO { if (!name.contains("trust") && (name.endsWith(".jks") || name.endsWith(".p12"))) { setLogDefault(); select = cons.readLine("Use %s for Identity? (y/n): ",tsf.getName()); - if("y".equalsIgnoreCase(select)) { + if ("y".equalsIgnoreCase(select)) { keystore = tsf.getCanonicalPath(); access.setProperty(Config.CADI_KEYSTORE, keystore); addProp(Config.CADI_KEYSTORE, keystore); @@ -218,7 +218,7 @@ public class AAFSSO { } } } - if(alias==null) { + if (alias==null) { user = appID = cons.readLine(Config.AAF_APPID + ": "); access.setProperty(Config.AAF_APPID, appID); addProp(Config.AAF_APPID, appID); @@ -229,7 +229,7 @@ public class AAFSSO { } } else { encrypted_pass = access.getProperty(Config.CADI_KEYSTORE_PASSWORD); - if(encrypted_pass == null) { + if (encrypted_pass == null) { keystore_pass = null; encrypted_pass = access.getProperty(Config.AAF_APPPASS); } else { @@ -298,9 +298,9 @@ public class AAFSSO { } String locateUrl = access.getProperty(Config.AAF_LOCATE_URL); - if(locateUrl==null) { + if (locateUrl==null) { locateUrl=AAFSSO.cons.readLine("AAF Locator URL=https://"); - if(locateUrl==null || locateUrl.length()==0) { + if (locateUrl==null || locateUrl.length()==0) { err = new StringBuilder(Config.AAF_LOCATE_URL); err.append(" is required."); ok = false; @@ -315,10 +315,10 @@ public class AAFSSO { access.setProperty(Config.AAF_URL, Defaults.AAF_URL); access.setProperty(Config.CM_URL, Defaults.CM_URL); String cadiLatitude = access.getProperty(Config.CADI_LATITUDE); - if(cadiLatitude==null) { + if (cadiLatitude==null) { System.out.println("# If you do not know your Global Coordinates, we suggest bing.com/maps"); cadiLatitude=AAFSSO.cons.readLine("cadi_latitude[0.000]="); - if(cadiLatitude==null || cadiLatitude.isEmpty()) { + if (cadiLatitude==null || cadiLatitude.isEmpty()) { cadiLatitude="0.000"; } access.setProperty(Config.CADI_LATITUDE, cadiLatitude); @@ -326,9 +326,9 @@ public class AAFSSO { } String cadiLongitude = access.getProperty(Config.CADI_LONGITUDE); - if(cadiLongitude==null) { + if (cadiLongitude==null) { cadiLongitude=AAFSSO.cons.readLine("cadi_longitude[0.000]="); - if(cadiLongitude==null || cadiLongitude.isEmpty()) { + if (cadiLongitude==null || cadiLongitude.isEmpty()) { cadiLongitude="0.000"; } access.setProperty(Config.CADI_LONGITUDE, cadiLongitude); @@ -336,7 +336,7 @@ public class AAFSSO { } String cadi_truststore = access.getProperty(Config.CADI_TRUSTSTORE); - if(cadi_truststore==null) { + if (cadi_truststore==null) { String name; String select; for (File tsf : dot_aaf.listFiles()) { @@ -344,7 +344,7 @@ public class AAFSSO { if (name.contains("trust") && (name.endsWith(".jks") || name.endsWith(".p12"))) { select = cons.readLine("Use %s for TrustStore? (y/n):",tsf.getName()); - if("y".equalsIgnoreCase(select)) { + if ("y".equalsIgnoreCase(select)) { cadi_truststore=tsf.getCanonicalPath(); access.setProperty(Config.CADI_TRUSTSTORE, cadi_truststore); addProp(Config.CADI_TRUSTSTORE, cadi_truststore); @@ -353,12 +353,12 @@ public class AAFSSO { } } } - if(cadi_truststore!=null) { - if(cadi_truststore.indexOf(File.separatorChar)<0) { + if (cadi_truststore!=null) { + if (cadi_truststore.indexOf(File.separatorChar)<0) { cadi_truststore=dot_aaf.getPath()+File.separator+cadi_truststore; } String cadi_truststore_password = access.getProperty(Config.CADI_TRUSTSTORE_PASSWORD); - if(cadi_truststore_password==null) { + if (cadi_truststore_password==null) { cadi_truststore_password=AAFSSO.cons.readLine("cadi_truststore_password[%s]=","changeit"); cadi_truststore_password = access.encrypt(cadi_truststore_password); access.setProperty(Config.CADI_TRUSTSTORE_PASSWORD, cadi_truststore_password); @@ -381,7 +381,7 @@ public class AAFSSO { } public void setLogDefault(Level level) { - if(access!=null) { + if (access!=null) { access.setLogLevel(level); } System.setOut(stdOutOrig); @@ -392,7 +392,7 @@ public class AAFSSO { } public void addProp(String key, String value) { - if(key==null || value==null) { + if (key==null || value==null) { return; } touchDiskprops=true; @@ -400,7 +400,7 @@ public class AAFSSO { } public void writeFiles() throws IOException { - if(touchDiskprops) { + if (touchDiskprops) { // Store Creds, if they work if (diskprops != null) { if (!dot_aaf.exists()) { diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/TestHClient.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/TestHClient.java index 8cb4e906..5e642c67 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/TestHClient.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/aaf/test/TestHClient.java @@ -44,14 +44,14 @@ public class TestHClient { try { PropAccess access = new PropAccess(args); String aaf_url = access.getProperty(Config.AAF_URL); - if(aaf_url == null) { + if (aaf_url == null) { access.log(Level.ERROR, Config.AAF_URL," is required"); } else { HMangr hman = null; try { SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(access, HttpURLConnection.class); AbsAAFLocator<BasicTrans> loc = new AAFLocator(si,new URI(aaf_url)); - for(Item item = loc.first(); item!=null; item=loc.next(item)) { + for (Item item = loc.first(); item!=null; item=loc.next(item)) { System.out.println(loc.get(item)); } @@ -62,7 +62,7 @@ public class TestHClient { @Override public Void code(Rcli<?> cli) throws APIException, CadiException { Future<String> ft = cli.read(path,"application/json"); - if(ft.get(10000)) { + if (ft.get(10000)) { System.out.println("Hurray,\n"+ft.body()); } else { System.out.println("not quite: " + ft.code()); @@ -70,7 +70,7 @@ public class TestHClient { return null; }}); } finally { - if(hman!=null) { + if (hman!=null) { hman.close(); } } diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_ArtifactDir.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_ArtifactDir.java index 70550451..60e5b44a 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_ArtifactDir.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_ArtifactDir.java @@ -110,14 +110,14 @@ public class JU_ArtifactDir { try { ArtifactDir.write(writableFile, Chmod.to755, (String[])null); fail("Should've thrown an exception"); - } catch(NullPointerException e) { + } catch (NullPointerException e) { } KeyStore ks = KeyStore.getInstance(Agent.PKCS12); try { ArtifactDir.write(writableFile, Chmod.to755, ks, luggagePassword.toCharArray()); fail("Should've thrown an exception"); - } catch(CadiException e) { + } catch (CadiException e) { } ks.load(null, null); diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java index 76c31b8d..69709d9f 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_Factory.java @@ -331,8 +331,8 @@ public class JU_Factory { private String join(String delim, List<String> rawLines) { StringBuilder sb = new StringBuilder(); boolean first = true; - for(String s : rawLines) { - if(first) { + for (String s : rawLines) { + if (first) { first = false; } else { sb.append(delim); diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInKeystore.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInKeystore.java index 1a653ab2..777ca16d 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInKeystore.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/cm/test/JU_PlaceArtifactInKeystore.java @@ -141,8 +141,8 @@ public class JU_PlaceArtifactInKeystore { baos.write(br.readLine().getBytes()); // Here comes the hacky part baos.write("\n".getBytes()); - while((line=br.readLine())!=null) { - if(line.length()>0) { + while ((line=br.readLine())!=null) { + if (line.length()>0) { baos.write(line.getBytes()); baos.write("\n".getBytes()); } diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_AAFToken.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_AAFToken.java index 537e218f..24e30a46 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_AAFToken.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_AAFToken.java @@ -49,7 +49,7 @@ public class JU_AAFToken { @Test public void testRandom() throws CadiException { - for(int i=0;i<100;++i) { + for (int i=0;i<100;++i) { UUID uuid = UUID.randomUUID(); String token = AAFToken.toToken(uuid); UUID uuid2 = AAFToken.fromToken(token); diff --git a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuthTest.java b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuthTest.java index ef22b792..03c99d2a 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuthTest.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/cadi/oauth/test/JU_OAuthTest.java @@ -109,21 +109,21 @@ public class JU_OAuthTest { TokenClient tc; Result<TimedToken> rtt; - if(true) { + if (true) { tc = tcf.newClient(tokenServiceURL, 3000); tc.client_creds(client_id,client_secret); tc.password(access.getProperty("cadi_username"),access.getProperty("cadi_password")); rtt = tc.getToken(Kind.BASIC_AUTH,"org.osaaf.aaf","org.osaaf.test"); - if(rtt.isOK()) { + if (rtt.isOK()) { print(rtt.value); rtt = tc.refreshToken(rtt.value); - if(rtt.isOK()) { + if (rtt.isOK()) { print(rtt.value); TokenClient ic = tcf.newClient(tokenIntrospectURL,3000); ic.client_creds(client_id,client_secret); Result<Introspect> ri = ic.introspect(rtt.value.getAccessToken()); - if(ri.isOK()) { + if (ri.isOK()) { print(ri.value); } else { System.out.println(ri.code + ' ' + ri.error); @@ -145,28 +145,28 @@ public class JU_OAuthTest { } // ISAM Test - if(true) { + if (true) { System.out.println("**** ISAM TEST ****"); tokenServiceURL=access.getProperty(Config.AAF_ALT_OAUTH2_TOKEN_URL); client_id=access.getProperty(Config.AAF_ALT_CLIENT_ID); client_secret=access.getProperty(Config.AAF_ALT_CLIENT_SECRET); - if(tokenServiceURL!=null) { + if (tokenServiceURL!=null) { tc = tcf.newClient(tokenServiceURL, 3000); tc.client_creds(client_id, client_secret); int at = username.indexOf('@'); tc.password(at>=0?username.substring(0, at):username,access.getProperty("cadi_password")); rtt = tc.getToken("org.osaaf.aaf","org.osaaf.test"); - if(rtt.isOK()) { + if (rtt.isOK()) { print(rtt.value); rtt = tc.refreshToken(rtt.value); - if(rtt.isOK()) { + if (rtt.isOK()) { print(rtt.value); tc = tcf.newClient(tokenAltIntrospectURL, 3000); tc.client_creds(client_id, client_secret); Result<Introspect> rti = tc.introspect(rtt.value.getAccessToken()); - if(rti.isOK()) { + if (rti.isOK()) { System.out.print("Normal ISAM "); print(rti.value); } else { @@ -177,12 +177,12 @@ public class JU_OAuthTest { tc = tcf.newClient(tokenIntrospectURL, 3000); tc.client_creds(client_id, client_secret); rti = tc.introspect(rtt.value.getAccessToken()); - if(rti.isOK()) { + if (rti.isOK()) { System.out.print("AAF with ISAM Token "); print(rti.value); } else { System.out.println(rti.code + ' ' + rti.error); - if(rti.code!=404) { + if (rti.code!=404) { Assert.fail(rti.code + ' ' + rti.error); } } @@ -214,14 +214,14 @@ public class JU_OAuthTest { // private TokenClient testROPCFlow(final String url, final String client_id, final String client_secret, String user, String password, final String ... scope) throws Exception { // TokenClient tclient = tcf.newClient(url,3000); // tclient.client_creds(client_id, client_secret); -// if(user!=null && password!=null) { +// if (user!=null && password!=null) { // tclient.password(user,password); // } // Result<TimedToken> rt = tclient.getToken(scope); -// if(rt.isOK()) { +// if (rt.isOK()) { // print(rt.value); // Result<Introspect> rti = tclient.introspect(rt.value.getAccessToken()); -// if(rti.isOK()) { +// if (rti.isOK()) { // print(rti.value); // } else { // printAndFail(rti); @@ -237,7 +237,7 @@ public class JU_OAuthTest { @Override public String code(Rcli<?> client) throws CadiException, ConnectException, APIException { Future<String> future = client.read(null,"text/plain"); - if(future.get(3000)) { + if (future.get(3000)) { return future.value; } else { throw new APIException(future.code() + future.body()); @@ -263,7 +263,7 @@ public class JU_OAuthTest { } private void print(Introspect ti) { - if(ti==null || ti.getClientId()==null) { + if (ti==null || ti.getClientId()==null) { System.out.println("Empty Introspect"); return; } diff --git a/cadi/aaf/src/test/java/org/onap/aaf/client/sample/Sample.java b/cadi/aaf/src/test/java/org/onap/aaf/client/sample/Sample.java index 8881e76e..4e51579d 100644 --- a/cadi/aaf/src/test/java/org/onap/aaf/client/sample/Sample.java +++ b/cadi/aaf/src/test/java/org/onap/aaf/client/sample/Sample.java @@ -70,7 +70,7 @@ public class Sample { */ public Principal checkUserPass(String fqi, String pass) throws IOException, CadiException { String ok = aafAuthn.validate(fqi, pass); - if(ok==null) { + if (ok==null) { System.out.println("Success!"); /* UnAuthPrincipal means that it is not coming from the official Authorization chain. @@ -127,14 +127,14 @@ public class Sample { String user = myAccess.getProperty("user_fqi"); String pass= myAccess.getProperty("user_pass"); - if(user==null || pass==null) { + if (user==null || pass==null) { System.err.println("This Sample class requires properties user_fqi and user_pass"); } else { pass = myAccess.decrypt(pass, false); // Note, with "false", decryption will only happen if starts with "enc:" // See the CODE for Java Methods used Principal fqi = Sample.singleton().checkUserPass(user,pass); - if(fqi==null) { + if (fqi==null) { System.out.println("OK, normally, you would cease processing for an " + "unauthenticated user, but for the purpose of Sample, we'll keep going.\n"); fqi=new UnAuthPrincipal(user); @@ -146,10 +146,10 @@ public class Sample { // note, default String for perm String permS = myAccess.getProperty("perm","org.osaaf.aaf.access|*|read"); String[] permA = Split.splitTrim('|', permS); - if(permA.length>2) { + if (permA.length>2) { final Permission perm = new AAFPermission(null, permA[0],permA[1],permA[2]); // See the CODE for Java Methods used - if(singleton().oneAuthorization(fqi, perm)) { + if (singleton().oneAuthorization(fqi, perm)) { System.out.printf("Success: %s has %s\n",fqi.getName(),permS); } else { System.out.printf("%s does NOT have %s\n",fqi.getName(),permS); @@ -160,11 +160,11 @@ public class Sample { // Another form, you can get ALL permissions in a list // See the CODE for Java Methods used List<Permission> permL = singleton().allAuthorization(fqi); - if(permL.size()==0) { + if (permL.size()==0) { System.out.printf("User %s has no Permissions THAT THE CALLER CAN SEE\n",fqi.getName()); } else { System.out.print("Success:\n"); - for(Permission p : permL) { + for (Permission p : permL) { System.out.printf("\t%s has %s\n",fqi.getName(),p.getKey()); } } diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsAuthentication.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsAuthentication.java index cce7b5f3..da85702d 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsAuthentication.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsAuthentication.java @@ -76,7 +76,7 @@ public abstract class AbsAuthentication<CLIENT> implements SecuritySetter<CLIENT } protected String headValue() throws IOException { - if(headValue==null) { + if (headValue==null) { return ""; } else { return new String(symm.decode(headValue)); @@ -93,7 +93,7 @@ public abstract class AbsAuthentication<CLIENT> implements SecuritySetter<CLIENT } public boolean isDenied() { - if(lastMiss>0 && lastMiss>System.currentTimeMillis()) { + if (lastMiss>0 && lastMiss>System.currentTimeMillis()) { return true; } else { lastMiss=0L; @@ -102,17 +102,17 @@ public abstract class AbsAuthentication<CLIENT> implements SecuritySetter<CLIENT } public synchronized int setLastResponse(int httpcode) { - if(httpcode == 401) { + if (httpcode == 401) { ++count; - if(lastMiss==0L && count>MAX_TEMP_COUNT) { + if (lastMiss==0L && count>MAX_TEMP_COUNT) { lastMiss=System.currentTimeMillis()+WAIT_TIME; } - // if(count>MAX_SPAM_COUNT) { + // if (count>MAX_SPAM_COUNT) { // System.err.printf("Your service has %d consecutive bad service logins to AAF. \nIt will now exit\n", // count); // System.exit(401); // } - if(count%1000==0) { + if (count%1000==0) { System.err.printf("Your service has %d consecutive bad service logins to AAF. AAF Access will be disabled after %d\n", count,MAX_SPAM_COUNT); } diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java index 0c38bd90..baac6daa 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/AbsTransferSS.java @@ -56,7 +56,7 @@ public abstract class AbsTransferSS<CLIENT> implements SecuritySetter<CLIENT> { private void init(TaggedPrincipal principal, String app) { this.principal=principal; - if(principal==null) { + if (principal==null) { return; } else { value = principal.getName() + ':' + diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java index b414487b..6b486b8e 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Rcli.java @@ -268,20 +268,20 @@ public abstract class Rcli<CT> { @Override public void transfer(OutputStream os) throws IOException, APIException { PrintStream ps; - if(os instanceof PrintStream) { + if (os instanceof PrintStream) { ps = (PrintStream)os; } else { ps = new PrintStream(os); } boolean first = true; - for(String fp : formParam) { - if(fp!=null) { - if(first) { + for (String fp : formParam) { + if (fp!=null) { + if (first) { first = false; } else { ps.print('&'); } - if(fp.endsWith("=")) { + if (fp.endsWith("=")) { first = true; } ps.print(fp); @@ -376,7 +376,7 @@ public abstract class Rcli<CT> { client.setMethod(GET); client.addHeader(ACCEPT, accept); - for(int i=1;i<headers.length;i=i+2) { + for (int i=1;i<headers.length;i=i+2) { client.addHeader(headers[i-1],headers[i]); } client.setPathInfo(pp.path()); @@ -393,7 +393,7 @@ public abstract class Rcli<CT> { EClient<CT> client = client(); client.setMethod(GET); client.addHeader(ACCEPT, accept); - for(int i=1;i<headers.length;i=i+2) { + for (int i=1;i<headers.length;i=i+2) { client.addHeader(headers[i-1],headers[i]); } client.setPathInfo(pp.path()); @@ -410,7 +410,7 @@ public abstract class Rcli<CT> { EClient<CT> client = client(); client.setMethod(GET); client.addHeader(ACCEPT, typeString(df.getTypeClass())); - for(int i=1;i<headers.length;i=i+2) { + for (int i=1;i<headers.length;i=i+2) { client.addHeader(headers[i-1],headers[i]); } client.setPathInfo(pp.path()); @@ -664,7 +664,7 @@ public abstract class Rcli<CT> { throw new CadiException("Invalid incoming URI",e); } String name; - for(Enumeration<String> en = req.getHeaderNames();en.hasMoreElements();) { + for (Enumeration<String> en = req.getHeaderNames();en.hasMoreElements();) { name = en.nextElement(); client.addHeader(name,req.getHeader(name)); } @@ -673,7 +673,7 @@ public abstract class Rcli<CT> { client.setPathInfo(pathParam); String meth = req.getMethod(); client.setMethod(meth); - if(!"GET".equals(meth)) { + if (!"GET".equals(meth)) { client.setPayload(new EClient.Transfer() { @Override public void transfer(OutputStream os) throws IOException, APIException { @@ -682,7 +682,7 @@ public abstract class Rcli<CT> { // reuse Buffers Pooled<byte[]> pbuff = buffPool.get(); try { - while((read=is.read(pbuff.content))>=0) { + while ((read=is.read(pbuff.content))>=0) { os.write(pbuff.content,0,read); } } finally { @@ -704,21 +704,21 @@ public abstract class Rcli<CT> { public ParsePath(final String origPath) { path = origPath; - if(origPath==null) { + if (origPath==null) { query=queryEnd=pound=-1; queryParams=null; } else { query = origPath.indexOf('?'); pound = origPath.indexOf('#'); queryEnd = pound>=0?pound:path.length(); - if(oneCallQueryParams==null) { - if(query>=0) { + if (oneCallQueryParams==null) { + if (query>=0) { queryParams = path.substring(query+1,queryEnd); } else { queryParams=null; } } else { - if(query>=0) { + if (query>=0) { queryParams = oneCallQueryParams + '&' + path.substring(query+1,queryEnd); } else { queryParams = oneCallQueryParams; @@ -729,12 +729,12 @@ public abstract class Rcli<CT> { } public String path() { - if(query>=0) { - if(pound>=0) { + if (query>=0) { + if (pound>=0) { return path.substring(pound+1); } return path.substring(0,query); - } else if(pound>=0) { + } else if (pound>=0) { return path.substring(0,pound); } else { return path; @@ -746,7 +746,7 @@ public abstract class Rcli<CT> { } public String frag() { - if(pound>=0) { + if (pound>=0) { return path.substring(pound+1); } else { return null; diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Result.java b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Result.java index e9de27e7..0e2a4b16 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/client/Result.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/client/Result.java @@ -51,7 +51,7 @@ public class Result<T> { public String toString() { StringBuilder sb = new StringBuilder("Code: "); sb.append(code); - if(error!=null) { + if (error!=null) { sb.append(" = "); sb.append(error); } diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HAuthorizationHeader.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HAuthorizationHeader.java index 3c38ff8d..c2f56458 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HAuthorizationHeader.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HAuthorizationHeader.java @@ -38,7 +38,7 @@ public class HAuthorizationHeader extends AbsAuthentication<HttpURLConnection> { @Override public void setSecurity(HttpURLConnection huc) throws CadiException { - if(isDenied()) { + if (isDenied()) { throw new CadiException(REPEAT_OFFENDER); } try { @@ -46,7 +46,7 @@ public class HAuthorizationHeader extends AbsAuthentication<HttpURLConnection> { } catch (IOException e) { throw new CadiException(e); } - if(securityInfo!=null && huc instanceof HttpsURLConnection) { + if (securityInfo!=null && huc instanceof HttpsURLConnection) { securityInfo.setSocketFactoryOn((HttpsURLConnection)huc); } } diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java index e4ab6d72..7e5cbd3b 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HBasicAuthSS.java @@ -48,7 +48,7 @@ public class HBasicAuthSS extends HAuthorizationHeader implements BasicAuth { public HBasicAuthSS(SecurityInfoC<HttpURLConnection> si, String user, String pass, boolean asDefault) throws IOException { this(si, user,pass); - if(asDefault) { + if (asDefault) { si.set(this); } } @@ -59,7 +59,7 @@ public class HBasicAuthSS extends HAuthorizationHeader implements BasicAuth { public HBasicAuthSS(BasicPrincipal bp, SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws IOException { this(si, bp.getName(),new String(bp.getCred())); - if(asDefault) { + if (asDefault) { si.set(this); } } diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java index 1d3d9547..d8852834 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HClient.java @@ -111,13 +111,13 @@ public class HClient implements EClient<HttpURLConnection> { public void send() throws APIException { try { // Build URL from given URI plus current Settings - if(uri.getPath()==null) { + if (uri.getPath()==null) { throw new APIException("Invalid URL entered for HClient"); } StringBuilder pi=null; - if(pathinfo!=null) { // additional pathinfo + if (pathinfo!=null) { // additional pathinfo pi = new StringBuilder(uri.getPath()); - if(!pathinfo.startsWith("/")) { + if (!pathinfo.startsWith("/")) { pi.append('/'); } pi.append(pathinfo); @@ -133,7 +133,7 @@ public class HClient implements EClient<HttpURLConnection> { ); huc = getConnection(sendURI, pi); huc.setRequestMethod(meth); - if(ss!=null) { + if (ss!=null) { ss.setSecurity(huc); } if (headers != null) @@ -153,7 +153,7 @@ public class HClient implements EClient<HttpURLConnection> { throw new APIException(e); } finally { // ensure all these are reset after sends meth=pathinfo=null; - if(headers!=null) { + if (headers!=null) { headers.clear(); } pathinfo = query = fragment = ""; @@ -200,7 +200,7 @@ public class HClient implements EClient<HttpURLConnection> { huc.setReadTimeout(timeout); respCode = huc.getResponseCode(); ss.setLastResponse(respCode); - if(evalInfo(huc)) { + if (evalInfo(huc)) { return true; } else { extractError(); @@ -216,13 +216,13 @@ public class HClient implements EClient<HttpURLConnection> { private void extractError() { InputStream is = huc.getErrorStream(); try { - if(is==null) { + if (is==null) { is = huc.getInputStream(); } - if(is!=null) { + if (is!=null) { errContent = new StringBuilder(); int c; - while((c=is.read())>=0) { + while ((c=is.read())>=0) { errContent.append((char)c); } } @@ -274,7 +274,7 @@ public class HClient implements EClient<HttpURLConnection> { } public void close() { - if(huc!=null) { + if (huc!=null) { huc.disconnect(); } } @@ -382,12 +382,12 @@ public class HClient implements EClient<HttpURLConnection> { int read; InputStream is; OutputStream os = resp.getOutputStream(); - if(respCode==expected) { + if (respCode==expected) { is = huc.getInputStream(); // reuse Buffers Pooled<byte[]> pbuff = Rcli.buffPool.get(); try { - while((read=is.read(pbuff.content))>=0) { + while ((read=is.read(pbuff.content))>=0) { os.write(pbuff.content,0,read); } } finally { @@ -396,14 +396,14 @@ public class HClient implements EClient<HttpURLConnection> { return true; } else { is = huc.getErrorStream(); - if(is==null) { + if (is==null) { is = huc.getInputStream(); } - if(is!=null) { + if (is!=null) { errContent = new StringBuilder(); Pooled<byte[]> pbuff = Rcli.buffPool.get(); try { - while((read=is.read(pbuff.content))>=0) { + while ((read=is.read(pbuff.content))>=0) { os.write(pbuff.content,0,read); } } finally { diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java index da349efc..8e3138af 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HMangr.java @@ -49,7 +49,7 @@ public class HMangr { public HMangr(Access access, Locator<URI> loc) throws LocatorException { readTimeout = 10000; connectionTimeout=3000; - if(loc == null) { + if (loc == null) { throw new LocatorException("Null Locator passed"); } this.loc = loc; @@ -79,20 +79,20 @@ public class HMangr { do { Item item; // if no previous state, get the best - if(retryable.item()==null) { + if (retryable.item()==null) { item = loc.best(); - if(item==null) { + if (item==null) { throw new LocatorException("No Services Found for " + loc); } retryable.item(item); retryable.lastClient = null; } - if(client==null) { + if (client==null) { item = retryable.item(); URI uri=loc.get(item); - if(uri==null) { + if (uri==null) { loc.invalidate(retryable.item()); - if(loc.hasItems()) { + if (loc.hasItems()) { retryable.item(loc.next(retryable.item())); continue; } else { @@ -116,22 +116,22 @@ public class HMangr { retryable.item(loc.next(item)); try { Throwable ec = e.getCause(); - if(ec instanceof java.net.ConnectException) { - if(client!=null && loc.hasItems()) { + if (ec instanceof java.net.ConnectException) { + if (client!=null && loc.hasItems()) { access.log(Level.WARN,"Connection refused, trying next available service"); retry = true; } else { throw new CadiException("Connection refused, no more services to try"); } - } else if(ec instanceof java.net.SocketException) { - if(client!=null && loc.hasItems()) { + } else if (ec instanceof java.net.SocketException) { + if (client!=null && loc.hasItems()) { access.log(Level.WARN,"Socket prematurely closed, trying next available service"); retry = true; } else { throw new CadiException("Socket prematurely closed, no more services to try"); } - } else if(ec instanceof SocketException) { - if("java.net.SocketException: Connection reset".equals(ec.getMessage())) { + } else if (ec instanceof SocketException) { + if ("java.net.SocketException: Connection reset".equals(ec.getMessage())) { access.log(Level.ERROR, ec.getMessage(), " can mean Certificate Expiration or TLS Protocol issues"); } retryable.item(null); @@ -148,7 +148,7 @@ public class HMangr { loc.invalidate(item); retryable.item(loc.next(item)); } - } while(retry); + } while (retry); } finally { retryable.lastClient = client; } @@ -172,9 +172,9 @@ public class HMangr { RET ret = null; // make sure we have all current references: loc.refresh(); - for(Item li=loc.first();li!=null;li=loc.next(li)) { + for (Item li=loc.first();li!=null;li=loc.next(li)) { URI uri=loc.get(li); - if(host!=null && !host.equals(uri.getHost())) { + if (host!=null && !host.equals(uri.getHost())) { break; } try { @@ -182,14 +182,14 @@ public class HMangr { access.log(Level.DEBUG,"Success calling",uri,"during call to all services"); } catch (APIException | CadiException e) { Throwable t = e.getCause(); - if(t!=null && t instanceof ConnectException) { + if (t!=null && t instanceof ConnectException) { loc.invalidate(li); access.log(Level.ERROR,"Connection to",uri,"refused during call to all services"); - } else if(t instanceof SSLHandshakeException) { + } else if (t instanceof SSLHandshakeException) { access.log(Level.ERROR,t.getMessage()); loc.invalidate(li); - } else if(t instanceof SocketException) { - if("java.net.SocketException: Connection reset".equals(t.getMessage())) { + } else if (t instanceof SocketException) { + if ("java.net.SocketException: Connection reset".equals(t.getMessage())) { access.log(Level.ERROR, t.getMessage(), " can mean Certificate Expiration or TLS Protocol issues"); } retryable.item(null); @@ -203,7 +203,7 @@ public class HMangr { } } - if(ret == null && notify) + if (ret == null && notify) throw new LocatorException("No available clients to call"); return ret; } diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HNoAuthSS.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HNoAuthSS.java index 0f1c8b41..1fecce2b 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HNoAuthSS.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HNoAuthSS.java @@ -37,7 +37,7 @@ public class HNoAuthSS extends AbsAuthentication<HttpURLConnection> { @Override public void setSecurity(HttpURLConnection client) throws CadiException { - if(securityInfo!=null && client instanceof HttpsURLConnection) { + if (securityInfo!=null && client instanceof HttpsURLConnection) { securityInfo.setSocketFactoryOn((HttpsURLConnection)client); } } diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java index 674936d7..cbd7b33e 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HRcli.java @@ -81,9 +81,9 @@ public class HRcli extends Rcli<HttpURLConnection> { */ protected EClient<HttpURLConnection> client() throws CadiException { try { - if(uri==null) { + if (uri==null) { Item item = hman.loc.best(); - if(item==null) { + if (item==null) { throw new CadiException("No service available for " + hman.loc.toString()); } uri = hman.loc.get(item); diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HSecurityInfoInit.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HSecurityInfoInit.java index d792be49..3f3517f2 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HSecurityInfoInit.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HSecurityInfoInit.java @@ -41,9 +41,9 @@ public class HSecurityInfoInit implements SecurityInfoInit<HttpURLConnection> { @Override public SecuritySetter<HttpURLConnection> bestDefault(SecurityInfoC<HttpURLConnection> si) throws CadiException { try { - if(si.defaultAlias!=null) { + if (si.defaultAlias!=null) { si.set(new HX509SS(si)); - } else if(si.access.getProperty(Config.AAF_APPID, null)!=null && + } else if (si.access.getProperty(Config.AAF_APPID, null)!=null && si.access.getProperty(Config.AAF_APPPASS, null)!=null) { si.set(new HBasicAuthSS(si)); } diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java index c527ed02..f68c1f61 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HTransferSS.java @@ -44,14 +44,14 @@ public class HTransferSS extends AbsTransferSS<HttpURLConnection> { @Override public void setSecurity(HttpURLConnection huc) throws CadiException { - if(defSS==null) { + if (defSS==null) { throw new CadiException("Need App Credentials to send message"); } defSS.setSecurity(huc); - if(value!=null) { + if (value!=null) { huc.addRequestProperty(Config.CADI_USER_CHAIN, value); } - if(securityInfo!=null) { + if (securityInfo!=null) { securityInfo.setSocketFactoryOn((HttpsURLConnection)huc); } } diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java index cb8e6ce0..f441186e 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/http/HX509SS.java @@ -68,8 +68,8 @@ public class HX509SS implements SecuritySetter<HttpURLConnection> { public HX509SS(final String sendAlias, SecurityInfoC<HttpURLConnection> si, boolean asDefault) throws APIException, CadiException { securityInfo = si; - if((alias=sendAlias) == null) { - if(si.defaultAlias == null) { + if ((alias=sendAlias) == null) { + if (si.defaultAlias == null) { throw new APIException("JKS Alias is required to use X509SS Security. Use " + Config.CADI_ALIAS +" to set default alias"); } else { alias = si.defaultAlias; @@ -78,16 +78,16 @@ public class HX509SS implements SecuritySetter<HttpURLConnection> { priv=null; X509KeyManager[] xkms = si.getKeyManagers(); - if(xkms==null || xkms.length==0) { + if (xkms==null || xkms.length==0) { throw new APIException("There are no valid keys available in given Keystores. Wrong Keypass? Expired?"); } - for(int i=0;priv==null&&i<xkms.length;++i) { + for (int i=0;priv==null&&i<xkms.length;++i) { priv = xkms[i].getPrivateKey(alias); } try { - for(int i=0;cert==null&&i<xkms.length;++i) { + for (int i=0;cert==null&&i<xkms.length;++i) { X509Certificate[] chain = xkms[i].getCertificateChain(alias); - if(chain!=null&&chain.length>0) { + if (chain!=null&&chain.length>0) { algo = chain[0].getSigAlgName(); pub = chain[0].getEncoded(); ByteArrayOutputStream baos = new ByteArrayOutputStream(pub.length*2); @@ -99,17 +99,17 @@ public class HX509SS implements SecuritySetter<HttpURLConnection> { } catch (CertificateEncodingException | IOException e) { throw new CadiException(e); } - if(algo==null) { + if (algo==null) { throw new APIException("X509 Security Setter not configured"); } } @Override public void setSecurity(HttpURLConnection huc) throws CadiException { - if(huc instanceof HttpsURLConnection) { + if (huc instanceof HttpsURLConnection) { securityInfo.setSocketFactoryOn((HttpsURLConnection)huc); } - if(alias==null) { // must be a one-way + if (alias==null) { // must be a one-way huc.setRequestProperty(AbsAuthentication.AUTHORIZATION, cert); // Test Signed content diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java index 1fc4b83e..8357129f 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/DNSLocator.java @@ -46,7 +46,7 @@ public class DNSLocator implements Locator<URI> { this.protocol = protocol; this.access = access; int dash = range.indexOf('-'); - if(dash<0) { + if (dash<0) { startPort = endPort = Integer.parseInt(range); } else { startPort = Integer.parseInt(range.substring(0,dash)); @@ -57,15 +57,15 @@ public class DNSLocator implements Locator<URI> { public DNSLocator(Access access, String aaf_locate) throws LocatorException { this.access = access; - if(aaf_locate==null) { + if (aaf_locate==null) { throw new LocatorException("Null passed into DNSLocator constructor"); } int start, port; - if(aaf_locate.startsWith("https:")) { + if (aaf_locate.startsWith("https:")) { protocol = "https:"; start = 9; // https:// port = 443; - } else if(aaf_locate.startsWith("http:")) { + } else if (aaf_locate.startsWith("http:")) { protocol = "http:"; start = 8; // http:// port = 80; @@ -83,8 +83,8 @@ public class DNSLocator implements Locator<URI> { @Override public boolean hasItems() { - for(Host h : hosts) { - if(h.status==Status.OK) { + for (Host h : hosts) { + if (h.status==Status.OK) { return true; } } @@ -100,7 +100,7 @@ public class DNSLocator implements Locator<URI> { @Override public Item best() throws LocatorException { // not a good "best" - for(int i=0;i<hosts.length;++i) { + for (int i=0;i<hosts.length;++i) { switch(hosts[i].status) { case OK: return new DLItem(i); @@ -110,7 +110,7 @@ public class DNSLocator implements Locator<URI> { break; case UNTRIED: try { - if(hosts[i].ia.isReachable(CHECK_TIME)) { + if (hosts[i].ia.isReachable(CHECK_TIME)) { hosts[i].status = Status.OK; return new DLItem(i); } @@ -133,7 +133,7 @@ public class DNSLocator implements Locator<URI> { @Override public Item next(Item item) throws LocatorException { DLItem di = (DLItem)item; - if(++di.cnt<hosts.length) { + if (++di.cnt<hosts.length) { return di; } else { return null; @@ -146,8 +146,8 @@ public class DNSLocator implements Locator<URI> { InetAddress[] ias = InetAddress.getAllByName(host); Host[] temp = new Host[ias.length * (1 + endPort - startPort)]; int cnt = -1; - for(int j=startPort; j<=endPort; ++j) { - for(int i=0;i<ias.length;++i) { + for (int j=startPort; j<=endPort; ++j) { + for (int i=0;i<ias.length;++i) { temp[++cnt] = new Host(ias[i], j, suffix); } } @@ -162,10 +162,10 @@ public class DNSLocator implements Locator<URI> { private void parsePorts(String aaf_locate, int defaultPort) throws LocatorException { int slash, start; int colon = aaf_locate.indexOf(':'); - if(colon > 0) { + if (colon > 0) { start = colon + 1; int left = aaf_locate.indexOf('[', start); - if(left > 0) { + if (left > 0) { int right = aaf_locate.indexOf(']', left + 1); if (right < 0) { throw new LocatorException("Missing closing bracket in DNSLocator constructor. (requested URL " + aaf_locate + ')'); @@ -176,7 +176,7 @@ public class DNSLocator implements Locator<URI> { if (dash == (right - 1) || dash == (left + 1)) { throw new LocatorException("Missing ports in brackets in DNSLocator constructor. (requested URL " + aaf_locate + ')'); } - if(dash < 0) { + if (dash < 0) { startPort = endPort = Integer.parseInt(aaf_locate.substring(left + 1, right)); } else { startPort = Integer.parseInt(aaf_locate.substring(left + 1, dash)); @@ -188,7 +188,7 @@ public class DNSLocator implements Locator<URI> { if (slash == start) { throw new LocatorException("Missing port before '/' in DNSLocator constructor. (requested URL " + aaf_locate + ')'); } - if(slash < 0) { + if (slash < 0) { startPort = endPort = Integer.parseInt(aaf_locate.substring(start)); } else { startPort = endPort = Integer.parseInt(aaf_locate.substring(start, slash)); diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HotPeerLocator.java b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HotPeerLocator.java index 26b8817b..93cefc58 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HotPeerLocator.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/HotPeerLocator.java @@ -74,15 +74,15 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { this.invalidateTime = invalidateTime; double distance = Double.MAX_VALUE; - for(int i=0;i<urlstrs.length;++i) { + for (int i=0;i<urlstrs.length;++i) { String[] info = Split.split('/', urlstrs[i]); - if(info.length<3) { + if (info.length<3) { throw new LocatorException("Configuration needs LAT and LONG, i.e. ip:port/lat/long"); } try { clients[i] = _newClient(urlstrs[i]); failures[i] = 0L; - } catch(LocatorException le) { + } catch (LocatorException le) { failures[i] = System.currentTimeMillis()+invalidateTime; } @@ -90,15 +90,15 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { distances[i]=d; // find preferred server - if(d<distance) { + if (d<distance) { preferred = i; distance=d; } } access.printf(Level.INIT,"Preferred Client is %s",urlstrs[preferred]); - for(int i=0;i<urlstrs.length;++i) { - if(i!=preferred) { + for (int i=0;i<urlstrs.length;++i) { + if (i!=preferred) { access.printf(Level.INIT,"Alternate Client is %s",urlstrs[i]); } } @@ -117,7 +117,7 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { @Override public Item best() throws LocatorException { - if(failures[preferred]==0L) { + if (failures[preferred]==0L) { return new HPItem(preferred); } else { long now = System.currentTimeMillis(); @@ -125,9 +125,9 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { int best = -1; boolean tickle = false; // try for best existing client - for(int i=0;i<urlstrs.length;++i) { - if(failures[i]<now && distances[i]<d) { - if(clients[i]!=null) { + for (int i=0;i<urlstrs.length;++i) { + if (failures[i]<now && distances[i]<d) { + if (clients[i]!=null) { best = i; break; } else { @@ -135,13 +135,13 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { } } } - if(best<0 && tickle) { + if (best<0 && tickle) { tickle=false; - if(refresh()) { + if (refresh()) { // try again - for(int i=0;i<urlstrs.length;++i) { - if(failures[i]==0L && distances[i]<d) { - if(clients[i]!=null) { + for (int i=0;i<urlstrs.length;++i) { + if (failures[i]==0L && distances[i]<d) { + if (clients[i]!=null) { best = i; break; } @@ -154,9 +154,9 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { * If a valid client is available, but there are some that can refresh, return the client immediately * but start a Thread to do the background Client setup. */ - if(tickle) { + if (tickle) { synchronized(clients) { - if(refreshThread==null) { + if (refreshThread==null) { refreshThread = new Thread(new Runnable(){ @Override public void run() { @@ -170,7 +170,7 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { } } - if(best<0) { + if (best<0) { throw new LocatorException("No Clients available"); } @@ -183,8 +183,8 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { public CLIENT get(Item item) throws LocatorException { HPItem hpi = (HPItem)item; CLIENT c = clients[hpi.idx]; - if(c==null) { - if(failures[hpi.idx]>System.currentTimeMillis()) { + if (c==null) { + if (failures[hpi.idx]>System.currentTimeMillis()) { throw new LocatorException("Client requested is invalid"); } else { synchronized(clients) { @@ -192,7 +192,7 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { failures[hpi.idx]=0L; } } - } else if(failures[hpi.idx]>0){ + } else if (failures[hpi.idx]>0){ throw new LocatorException("Client requested is invalid"); } return c; @@ -200,7 +200,7 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { public String info(Item item) { HPItem hpi = (HPItem)item; - if(hpi!=null && hpi.idx<urlstrs.length) { + if (hpi!=null && hpi.idx<urlstrs.length) { return urlstrs[hpi.idx]; } else { return "Invalid Item"; @@ -209,8 +209,8 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { @Override public boolean hasItems() { - for(int i=0;i<clients.length;++i) { - if(clients[i]!=null && failures[i]==0L) { + for (int i=0;i<clients.length;++i) { + if (clients[i]!=null && failures[i]==0L) { return true; } } @@ -233,7 +233,7 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { @Override public Item next(Item item) throws LocatorException { HPItem hpi = (HPItem)item; - if(++hpi.idx>=clients.length) { + if (++hpi.idx>=clients.length) { return null; } return hpi; @@ -244,11 +244,11 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { boolean force = !hasItems(); // If no Items at all, reset boolean rv = true; long now = System.currentTimeMillis(); - for(int i=0;i<clients.length;++i) { - if(failures[i]>0L && (failures[i]<now || force)) { // retry + for (int i=0;i<clients.length;++i) { + if (failures[i]>0L && (failures[i]<now || force)) { // retry try { synchronized(clients) { - if(clients[i]==null) { + if (clients[i]==null) { clients[i]=_newClient(urlstrs[i]); } failures[i]=0L; @@ -264,8 +264,8 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { @Override public void destroy() { - for(int i=0;i<clients.length;++i) { - if(clients[i]!=null) { + for (int i=0;i<clients.length;++i) { + if (clients[i]!=null) { _destroy(clients[i]); clients[i] = null; } @@ -289,8 +289,8 @@ public abstract class HotPeerLocator<CLIENT> implements Locator<CLIENT> { } public boolean invalidate(CLIENT client) throws LocatorException { - for(int i=0;i<clients.length;++i) { - if(clients[i]==client) { // yes, "==" is appropriate here.. Comparing Java Object Reference + for (int i=0;i<clients.length;++i) { + if (clients[i]==client) { // yes, "==" is appropriate here.. Comparing Java Object Reference invalidate(new HPItem(i)); return true; } diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/PropertyLocator.java b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/PropertyLocator.java index c1073315..eb0ecf11 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/PropertyLocator.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/PropertyLocator.java @@ -61,7 +61,7 @@ public class PropertyLocator implements Locator<URI> { minRefresh = minRefreshMillis; backgroundRefresh = backgroundRefreshMillis; lastRefreshed=0L; - if(locList==null) { + if (locList==null) { throw new LocatorException("No Location List given for PropertyLocator"); } String[] locarray = Split.split(',',locList); @@ -69,10 +69,10 @@ public class PropertyLocator implements Locator<URI> { random = new SecureRandom(); - for(int i=0;i<locarray.length;++i) { + for (int i=0;i<locarray.length;++i) { try { int range = locarray[i].indexOf(":["); - if(range<0) { + if (range<0) { uriList.add(new URI(locarray[i])); } else { String mach_colon = locarray[i].substring(0, range+1); @@ -81,7 +81,7 @@ public class PropertyLocator implements Locator<URI> { int slash = locarray[i].indexOf('/',brac); int start = Integer.parseInt(locarray[i].substring(range+2, dash)); int end = Integer.parseInt(locarray[i].substring(dash+1, brac)); - for(int port=start;port<=end;++port) { + for (int port=start;port<=end;++port) { uriList.add(new URI(mach_colon+port + (slash>=0?locarray[i].substring(slash):""))); } } @@ -106,7 +106,7 @@ public class PropertyLocator implements Locator<URI> { @Override public URI get(Item item) throws LocatorException { synchronized(orig) { - if(item==null) { + if (item==null) { return null; } else { return resolved[((PLItem)item).idx]; @@ -126,31 +126,31 @@ public class PropertyLocator implements Locator<URI> { @Override public Item next(Item item) throws LocatorException { - if(item==null) { + if (item==null) { return null; } else { int spot; - if((spot=(((PLItem)item).order+1))>=end)return null; + if ((spot=(((PLItem)item).order+1))>=end)return null; return current[spot]; } } @Override public synchronized void invalidate(Item item) throws LocatorException { - if(--end<0) { + if (--end<0) { refresh(); return; } - if(item==null) { + if (item==null) { return; } PLItem pli = (PLItem)item; int i,order; - for(i=0;i<end;++i) { - if(pli==current[i])break; + for (i=0;i<end;++i) { + if (pli==current[i])break; } order = current[i].order; - for(;i<end;++i) { + for (;i<end;++i) { current[i]=current[i+1]; current[i].order=order++; } @@ -159,7 +159,7 @@ public class PropertyLocator implements Locator<URI> { @Override public Item best() throws LocatorException { - if(current.length==0) { + if (current.length==0) { refresh(); } switch(current.length) { @@ -175,27 +175,27 @@ public class PropertyLocator implements Locator<URI> { @Override public synchronized boolean refresh() { - if(System.currentTimeMillis()>lastRefreshed) { + if (System.currentTimeMillis()>lastRefreshed) { // Build up list List<URI> resolve = new ArrayList<>(); String realname; - for(int i = 0; i < orig.length ; ++i) { + for (int i = 0; i < orig.length ; ++i) { try { InetAddress ia[] = InetAddress.getAllByName(orig[i].getHost()); URI o,n; - for(int j=0;j<ia.length;++j) { + for (int j=0;j<ia.length;++j) { o = orig[i]; Socket socket = createSocket(); try { realname=ia[j].getHostAddress().equals(ia[j].getHostName())?ia[j].getCanonicalHostName():ia[j].getHostName(); int port = o.getPort(); - if(port<0) { // default + if (port<0) { // default port = "https".equalsIgnoreCase(o.getScheme())?443:80; } socket.connect(new InetSocketAddress(realname,port),3000); try { - if(socket.isConnected()) { + if (socket.isConnected()) { n = new URI( o.getScheme(), o.getUserInfo(), @@ -212,7 +212,7 @@ public class PropertyLocator implements Locator<URI> { } } catch (IOException e) { } finally { - if(!socket.isClosed()) { + if (!socket.isClosed()) { try { socket.close(); } catch (IOException e) { @@ -227,14 +227,14 @@ public class PropertyLocator implements Locator<URI> { } end=resolve.size(); PLItem[] newCurrent; - if(current==null || current.length!=end) { + if (current==null || current.length!=end) { newCurrent = new PLItem[end]; } else { newCurrent = current; } - for(int i=0; i< end; ++i) { - if(newCurrent[i]==null){ + for (int i=0; i< end; ++i) { + if (newCurrent[i]==null){ newCurrent[i]=new PLItem(i); } else { newCurrent[i].idx=newCurrent[i].order=i; @@ -271,18 +271,18 @@ public class PropertyLocator implements Locator<URI> { public String toString() { StringBuilder sb = new StringBuilder(); boolean first = true; - for(URI uri : orig) { + for (URI uri : orig) { boolean isResolved=false; - if(uri!=null) { - if(first) { + if (uri!=null) { + if (first) { first = false; } else { sb.append(", "); } sb.append(uri.toString()); sb.append(" ["); - for(URI u2 : resolved) { - if(uri.equals(u2)) { + for (URI u2 : resolved) { + if (uri.equals(u2)) { isResolved = true; break; } diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java index 816dec82..3b79dba5 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/locator/SingleEndpointLocator.java @@ -47,8 +47,8 @@ public class SingleEndpointLocator implements Locator<URI> { @Override public boolean hasItems() { - if(noRetryUntil!=null) { - if(new Date().after(noRetryUntil)) { + if (noRetryUntil!=null) { + if (new Date().after(noRetryUntil)) { noRetryUntil = null; } else { return false; diff --git a/cadi/client/src/main/java/org/onap/aaf/cadi/routing/GreatCircle.java b/cadi/client/src/main/java/org/onap/aaf/cadi/routing/GreatCircle.java index 3bce5245..27eb507f 100644 --- a/cadi/client/src/main/java/org/onap/aaf/cadi/routing/GreatCircle.java +++ b/cadi/client/src/main/java/org/onap/aaf/cadi/routing/GreatCircle.java @@ -87,7 +87,7 @@ public class GreatCircle { switch(coords.length) { case 1: array = Split.split(',',coords[0]); - if(array.length!=4)return -1; + if (array.length!=4)return -1; return calc( Double.parseDouble(array[0]), Double.parseDouble(array[1]), @@ -97,7 +97,7 @@ public class GreatCircle { case 2: array = Split.split(',',coords[0]); String [] array2 = Split.split(',',coords[1]); - if(array.length!=2 || array2.length!=2)return -1; + if (array.length!=2 || array2.length!=2)return -1; return calc( Double.parseDouble(array[0]), Double.parseDouble(array[1]), diff --git a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_PropertyLocator.java b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_PropertyLocator.java index 7b61e398..0eae1198 100644 --- a/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_PropertyLocator.java +++ b/cadi/client/src/test/java/org/onap/aaf/cadi/locator/test/JU_PropertyLocator.java @@ -107,7 +107,7 @@ public class JU_PropertyLocator { private int countItems(PropertyLocator pl) throws LocatorException { int count = 0; - for(Item i = pl.first(); i != null; i = pl.next(i)) { + for (Item i = pl.first(); i != null; i = pl.next(i)) { ++count; } return count; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java index 142dde26..c4f3d504 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AES.java @@ -100,7 +100,7 @@ public class AES implements Encryption { public CipherOutputStream outputStream(OutputStream os, boolean encrypt) { try { Cipher c = Cipher.getInstance(AES); - if(encrypt) { + if (encrypt) { c.init(Cipher.ENCRYPT_MODE,aeskeySpec); } else { c.init(Cipher.DECRYPT_MODE,aeskeySpec); @@ -116,7 +116,7 @@ public class AES implements Encryption { public CipherInputStream inputStream(InputStream is, boolean encrypt) { try { Cipher c = Cipher.getInstance(AES); - if(encrypt) { + if (encrypt) { c.init(Cipher.ENCRYPT_MODE,aeskeySpec); } else { c.init(Cipher.DECRYPT_MODE,aeskeySpec); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java index d9d4474d..e6d24dab 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/AbsUserCache.java @@ -76,10 +76,10 @@ public abstract class AbsUserCache<PERM extends Permission> { userMap = new ConcurrentHashMap<>(); - if(cleanInterval>0) { + if (cleanInterval>0) { cleanInterval = Math.max(MIN_INTERVAL, cleanInterval); synchronized(AbsUserCache.class) { // Lazy instantiate.. in case there is no cleanup needed - if(timer==null) { + if (timer==null) { timer = new Timer("CADI Cleanup Timer",true); } @@ -96,14 +96,14 @@ public abstract class AbsUserCache<PERM extends Permission> { missEncrypt = cache.missEncrypt; synchronized(AbsUserCache.class) { - if(cache.clean!=null && cache.clean.lur==null && this instanceof CachingLur) { + if (cache.clean!=null && cache.clean.lur==null && this instanceof CachingLur) { cache.clean.lur=(CachingLur<PERM>)this; } } } protected void setLur(CachingLur<PERM> lur) { - if(clean!=null)clean.lur = lur; + if (clean!=null)clean.lur = lur; } @@ -111,11 +111,11 @@ public abstract class AbsUserCache<PERM extends Permission> { Principal p = user.principal; String key; try { - if(p instanceof GetCred) { + if (p instanceof GetCred) { key = missKey(p.getName(), ((GetCred)p).getCred()); } else { byte[] cred; - if((cred=user.getCred())==null) { + if ((cred=user.getCred())==null) { key = user.name + NO_CRED; } else { key = missKey(user.name,cred); @@ -152,7 +152,7 @@ public abstract class AbsUserCache<PERM extends Permission> { return false; } Miss miss = missMap.get(mkey); - if(miss==null) { + if (miss==null) { missMap.put(mkey, new Miss(bs,clean==null?MIN_INTERVAL:clean.timeInterval,key)); return true; } @@ -165,7 +165,7 @@ public abstract class AbsUserCache<PERM extends Permission> { protected User<PERM> getUser(Principal principal) { String key; - if(principal instanceof GetCred) { + if (principal instanceof GetCred) { GetCred gc = (GetCred)principal; try { key = missKey(principal.getName(), gc.getCred()); @@ -177,7 +177,7 @@ public abstract class AbsUserCache<PERM extends Permission> { key = principal.getName()+NO_CRED; } User<PERM> u = userMap.get(key); - if(u!=null) { + if (u!=null) { u.incCount(); } return u; @@ -197,8 +197,8 @@ public abstract class AbsUserCache<PERM extends Permission> { return null; } u = userMap.get(key); - if(u!=null) { - if(u.permExpired()) { + if (u!=null) { + if (u.permExpired()) { userMap.remove(key); u=null; } else { @@ -223,7 +223,7 @@ public abstract class AbsUserCache<PERM extends Permission> { */ public void remove(String user) { Object o = userMap.remove(user); - if(o!=null) { + if (o!=null) { access.log(Level.INFO, user,"removed from Client Cache by Request"); } } @@ -237,7 +237,7 @@ public abstract class AbsUserCache<PERM extends Permission> { public final List<DumpInfo> dumpInfo() { List<DumpInfo> rv = new ArrayList<>(); - for(User<PERM> user : userMap.values()) { + for (User<PERM> user : userMap.values()) { rv.add(new DumpInfo(user)); } return rv; @@ -256,7 +256,7 @@ public abstract class AbsUserCache<PERM extends Permission> { * If overloading in Derived class, be sure to call "super.destroy()" */ public void destroy() { - if(timer!=null) { + if (timer!=null) { timer.purge(); timer.cancel(); } @@ -318,13 +318,13 @@ public abstract class AbsUserCache<PERM extends Permission> { ArrayList<User<PERM>> al = new ArrayList<>(userMap.values().size()); al.addAll(0, userMap.values()); long now = System.currentTimeMillis() + advance; - for(User<PERM> user : al) { + for (User<PERM> user : al) { ++total; - if(user.count>usageTriggerCount) { + if (user.count>usageTriggerCount) { boolean touched = false, removed=false; - if(user.principal instanceof CachedPrincipal) { + if (user.principal instanceof CachedPrincipal) { CachedPrincipal cp = (CachedPrincipal)user.principal; - if(cp.expires() < now) { + if (cp.expires() < now) { switch(cp.revalidate(null)) { case INACCESSIBLE: access.log(Level.AUDIT, "AAF Inaccessible. Keeping credentials"); @@ -343,20 +343,20 @@ public abstract class AbsUserCache<PERM extends Permission> { } } - if(!removed && lur!=null && user.permExpires<= now ) { - if(lur.reload(user).equals(Resp.REVALIDATED)) { + if (!removed && lur!=null && user.permExpires<= now ) { + if (lur.reload(user).equals(Resp.REVALIDATED)) { user.renewPerm(); access.log(Level.DEBUG, "Reloaded Perms for",user); touched = true; } } user.resetCount(); - if(touched) { + if (touched) { ++renewed; } } else { - if(user.permExpired()) { + if (user.permExpired()) { remove(user); ++count; } @@ -366,14 +366,14 @@ public abstract class AbsUserCache<PERM extends Permission> { // Clean out Misses int missTotal = missMap.keySet().size(); int miss = 0; - if(missTotal>0) { + if (missTotal>0) { ArrayList<String> keys = new ArrayList<>(missTotal); keys.addAll(missMap.keySet()); - for(String key : keys) { + for (String key : keys) { Miss m = missMap.get(key); - if(m!=null) { + if (m!=null) { long timeLeft = m.timestamp - System.currentTimeMillis(); - if(timeLeft<0) { + if (timeLeft<0) { synchronized(missMap) { missMap.remove(key); } @@ -386,14 +386,14 @@ public abstract class AbsUserCache<PERM extends Permission> { } } - if(count+renewed+miss>0) { + if (count+renewed+miss>0) { access.log(Level.INFO, (lur==null?"Cache":lur.getClass().getSimpleName()), "removed",count, "and renewed",renewed,"expired Permissions out of", total,"and removed", miss, "password misses out of",missTotal); } // If High (total) is reached during this period, increase the number of expired services removed for next time. // There's no point doing it again here, as there should have been cleaned items. - if(total>high) { + if (total>high) { // advance cleanup by 10%, without getting greater than timeInterval. advance = Math.min(timeInterval, advance+(timeInterval/10)); } else { @@ -432,10 +432,10 @@ public abstract class AbsUserCache<PERM extends Permission> { public synchronized boolean mayContinue() { long ts = System.currentTimeMillis(); - if(ts>timestamp) { + if (ts>timestamp) { tries = 0; timestamp = ts + timetolive; - } else if(MAX_TRIES <= ++tries) { + } else if (MAX_TRIES <= ++tries) { return false; } return true; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java index 76d9bb2a..a673ab4f 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Access.java @@ -57,7 +57,7 @@ public interface Access { } public int toggle(int mask) { - if(inMask(mask)) { + if (inMask(mask)) { return delFromMask(mask); } else { return addToMask(mask); @@ -67,8 +67,8 @@ public interface Access { public int maskOf() { int mask=0; - for(Level l : values()) { - if(ordinal()<=l.ordinal() && l!=NONE) { + for (Level l : values()) { + if (ordinal()<=l.ordinal() && l!=NONE) { mask|=l.bit; } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java b/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java index 3f47351b..8202183d 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/BufferedServletInputStream.java @@ -63,19 +63,19 @@ public class BufferedServletInputStream extends ServletInputStream { public int read() throws IOException { int value=-1; - if(capacitor==null) { + if (capacitor==null) { value=is.read(); } else { switch(state) { case STORE: value = is.read(); - if(value>=0) { + if (value>=0) { capacitor.put((byte)value); } break; case READ: value = capacitor.read(); - if(value<0) { + if (value<0) { capacitor.done(); capacitor=null; // all done with buffer value = is.read(); @@ -92,27 +92,27 @@ public class BufferedServletInputStream extends ServletInputStream { public int read(byte[] b, int off, int len) throws IOException { int count = -1; - if(capacitor==null) { + if (capacitor==null) { count = is.read(b,off,len); } else { switch(state) { case STORE: count = is.read(b, off, len); - if(count>0) { + if (count>0) { capacitor.put(b, off, count); } break; case READ: count = capacitor.read(b, off, len); - if(count<=0) { + if (count<=0) { capacitor.done(); capacitor=null; // all done with buffer } - if(count<len) { + if (count<len) { int temp = is.read(b, count, len-count); - if(temp>0) { // watch for -1 + if (temp>0) { // watch for -1 count+=temp; - } else if(count<=0) { + } else if (count<=0) { count = temp; // must account for Stream coming back -1 } } @@ -124,7 +124,7 @@ public class BufferedServletInputStream extends ServletInputStream { public long skip(long n) throws IOException { long skipped = capacitor.skip(n); - if(skipped<n) { + if (skipped<n) { skipped += is.skip(n-skipped); } return skipped; @@ -133,7 +133,7 @@ public class BufferedServletInputStream extends ServletInputStream { public int available() throws IOException { int count = is.available(); - if(capacitor!=null)count+=capacitor.available(); + if (capacitor!=null)count+=capacitor.available(); return count; } @@ -147,7 +147,7 @@ public class BufferedServletInputStream extends ServletInputStream { public void close() throws IOException { - if(capacitor!=null) { + if (capacitor!=null) { capacitor.done(); capacitor=null; } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java index 647cd8a6..34d11623 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CadiWrap.java @@ -118,13 +118,13 @@ public class CadiWrap extends HttpServletRequestWrapper implements HttpServletRe } public static boolean checkPerm(Access access, String caller, Principal principal, PermConverter pconv, Lur lur, String perm) { - if(principal== null) { + if (principal== null) { access.log(Level.AUDIT,caller, "No Principal in Transaction"); return false; } else { final long start = System.nanoTime(); perm = pconv.convert(perm); - if(lur.fish(principal,lur.createPerm(perm))) { + if (lur.fish(principal,lur.createPerm(perm))) { access.printf(Level.DEBUG,"%s: %s has %s, %f ms", caller, principal.getName(), perm, Timing.millis(start)); return true; } else { @@ -158,7 +158,7 @@ public class CadiWrap extends HttpServletRequestWrapper implements HttpServletRe } public String getUser() { - if(user==null && principal!=null) { + if (user==null && principal!=null) { user = principal.getName(); } return user; @@ -183,9 +183,9 @@ public class CadiWrap extends HttpServletRequestWrapper implements HttpServletRe // Add a feature public void invalidate(String id) { - if(lur instanceof EpiLur) { + if (lur instanceof EpiLur) { ((EpiLur)lur).remove(id); - } else if(lur instanceof CachingLur) { + } else if (lur instanceof CachingLur) { ((CachingLur<?>)lur).remove(id); } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java index 5ca1ce30..f3a2a7fa 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Capacitor.java @@ -46,7 +46,7 @@ public class Capacitor { public void put(byte b) { - if(curr == null || curr.remaining()==0) { // ensure we have a "curr" buffer ready for data + if (curr == null || curr.remaining()==0) { // ensure we have a "curr" buffer ready for data curr = ringGet(); bbs.add(curr); } @@ -54,10 +54,10 @@ public class Capacitor { } public int read() { - if(curr!=null) { - if(curr.remaining()>0) { // have a buffer, use it! + if (curr!=null) { + if (curr.remaining()>0) { // have a buffer, use it! return curr.get(); - } else if(idx<bbs.size()){ // Buffer not enough, get next one from array + } else if (idx<bbs.size()){ // Buffer not enough, get next one from array curr=bbs.get(idx++); return curr.get(); } @@ -74,11 +74,11 @@ public class Capacitor { * @return */ public int read(byte[] array, int offset, int length) { - if(curr==null)return -1; + if (curr==null)return -1; int len; int count=0; - while(length>0) { // loop through while there's data needed - if((len=curr.remaining())>length) { // if enough data in curr buffer, use this code + while (length>0) { // loop through while there's data needed + if ((len=curr.remaining())>length) { // if enough data in curr buffer, use this code curr.get(array,offset,length); count+=length; length=0; @@ -87,7 +87,7 @@ public class Capacitor { count+=len; offset+=len; length-=len; - if(idx<bbs.size()) { + if (idx<bbs.size()) { curr=bbs.get(idx++); } else { length=0; // stop, and return the count of how many we were able to load @@ -105,14 +105,14 @@ public class Capacitor { * @param length */ public void put(byte[] array, int offset, int length) { - if(curr == null || curr.remaining()==0) { + if (curr == null || curr.remaining()==0) { curr = ringGet(); bbs.add(curr); } int len; - while(length>0) { - if((len=curr.remaining())>length) { + while (length>0) { + if ((len=curr.remaining())>length) { curr.put(array,offset,length); length=0; } else { @@ -130,10 +130,10 @@ public class Capacitor { * Move state from Storage mode into Read mode, changing all internal buffers to read mode, etc */ public void setForRead() { - for(ByteBuffer bb : bbs) { + for (ByteBuffer bb : bbs) { bb.flip(); } - if(bbs.isEmpty()) { + if (bbs.isEmpty()) { curr = null; idx = 0; } else { @@ -146,7 +146,7 @@ public class Capacitor { * reuse all the buffers */ public void done() { - for(ByteBuffer bb : bbs) { + for (ByteBuffer bb : bbs) { ringPut(bb); } bbs.clear(); @@ -160,7 +160,7 @@ public class Capacitor { */ public int available() { int count = 0; - for(ByteBuffer bb : bbs) { + for (ByteBuffer bb : bbs) { count+=bb.remaining(); } return count; @@ -174,11 +174,11 @@ public class Capacitor { public long skip(long n) { long skipped=0L; int skip; - if(curr==null) { + if (curr==null) { return 0; } - while(n>0) { - if(n<(skip=curr.remaining())) { + while (n>0) { + if (n<(skip=curr.remaining())) { curr.position(curr.position()+(int)n); skipped+=skip; n=0; @@ -186,7 +186,7 @@ public class Capacitor { curr.position(curr.limit()); skipped-=skip; - if(idx<bbs.size()) { + if (idx<bbs.size()) { curr=bbs.get(idx++); n-=skip; } else { @@ -201,10 +201,10 @@ public class Capacitor { * in a standalone mode. */ public void reset() { - for(ByteBuffer bb : bbs) { + for (ByteBuffer bb : bbs) { bb.position(0); } - if(bbs.isEmpty()) { + if (bbs.isEmpty()) { curr = null; idx = 0; } else { @@ -221,9 +221,9 @@ public class Capacitor { synchronized(ring) { bb=ring[start]; ring[start]=null; - if(bb!=null && ++start>15)start=0; + if (bb!=null && ++start>15)start=0; } - if(bb==null) { + if (bb==null) { bb=ByteBuffer.allocate(DEFAULT_CHUNK); } else { bb.clear();// refresh reused buffer @@ -234,7 +234,7 @@ public class Capacitor { private void ringPut(ByteBuffer bb) { synchronized(ring) { ring[end]=bb; // if null or not, BB will just be Garbage collected - if(++end>15)end=0; + if (++end>15)end=0; } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java b/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java index 7ca9fac2..68a8db05 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/CmdLine.java @@ -48,18 +48,18 @@ public class CmdLine { * @param args */ public static void main(String[] args) { - if(args.length>0) { - if("digest".equalsIgnoreCase(args[0]) && (args.length>2 || (args.length>1 && System.console()!=null))) { + if (args.length>0) { + if ("digest".equalsIgnoreCase(args[0]) && (args.length>2 || (args.length>1 && System.console()!=null))) { String keyfile; String password; - if(args.length>2) { + if (args.length>2) { password = args[1]; keyfile = args[2]; - if("-i".equals(password)) { + if ("-i".equals(password)) { int c; StringBuilder sb = new StringBuilder(); try { - while((c=System.in.read())>=0) { + while ((c=System.in.read())>=0) { sb.append((char)c); } } catch (IOException e) { @@ -86,7 +86,7 @@ public class CmdLine { return; /* testing code... don't want it exposed System.out.println(" ******** Testing *********"); - for(int i=0;i<100000;++i) { + for (int i=0;i<100000;++i) { System.out.println(args[1]); ByteArrayOutputStream baos = new ByteArrayOutputStream(); b64.enpass(args[1], baos); @@ -96,7 +96,7 @@ public class CmdLine { b64.depass(pass, reconstituted); String r = reconstituted.toString(); System.out.println(r); - if(!r.equals(args[1])) { + if (!r.equals(args[1])) { System.err.println("!!!!! STOP - ERROR !!!!!"); return; } @@ -113,7 +113,7 @@ public class CmdLine { // Jonathan. Oh, well, Deployment services need this behavior. I will put this code in, but leave it undocumented. // One still needs access to the keyfile to read. // July 2016 - thought of a tool "CMPass" to regurgitate from properties, but only if allowed. - } else if("regurgitate".equalsIgnoreCase(args[0]) && args.length>2) { + } else if ("regurgitate".equalsIgnoreCase(args[0]) && args.length>2) { try { Symm symm; FileInputStream fis = new FileInputStream(args[2]); @@ -123,10 +123,10 @@ public class CmdLine { fis.close(); } boolean isFile = false; - if("-i".equals(args[1]) || (isFile="-f".equals(args[1]))) { + if ("-i".equals(args[1]) || (isFile="-f".equals(args[1]))) { BufferedReader br; - if(isFile) { - if(args.length<4) { + if (isFile) { + if (args.length<4) { System.err.println("Filename in 4th position"); return; } @@ -139,10 +139,10 @@ public class CmdLine { boolean cont = false; StringBuffer sb = new StringBuffer(); JsonOutputStream jw = new JsonOutputStream(System.out); - while((line=br.readLine())!=null) { - if(cont) { + while ((line=br.readLine())!=null) { + if (cont) { int end; - if((end=line.indexOf('"'))>=0) { + if ((end=line.indexOf('"'))>=0) { sb.append(line,0,end); cont=false; } else { @@ -150,34 +150,34 @@ public class CmdLine { } } else { int idx; - if((idx = line.indexOf(' '))>=0 + if ((idx = line.indexOf(' '))>=0 && (idx = line.indexOf(' ',++idx))>0 && (idx = line.indexOf('=',++idx))>0 ) { System.out.println(line.substring(0, idx-5)); int start = idx+2; int end; - if((end=line.indexOf('"',start))<0) { + if ((end=line.indexOf('"',start))<0) { end = line.length(); cont = true; } sb.append(line,start,end); } } - if(sb.length()>0) { + if (sb.length()>0) { symm.depass(sb.toString(),jw); - if(!cont) { + if (!cont) { System.out.println(); } } System.out.flush(); sb.setLength(0); - if(!cont) { + if (!cont) { jw.resetIndent(); } } } finally { - if(isFile) { + if (isFile) { br.close(); } } @@ -191,7 +191,7 @@ public class CmdLine { System.err.println("Cannot regurgitate password"); System.err.println(" \""+ e.getMessage() + '"'); } - } else if("encode64".equalsIgnoreCase(args[0]) && args.length>1) { + } else if ("encode64".equalsIgnoreCase(args[0]) && args.length>1) { try { Symm.base64.encode(args[1], System.out); System.out.println(); @@ -201,7 +201,7 @@ public class CmdLine { System.err.println("Cannot encode Base64 with " + args[1]); System.err.println(" \""+ e.getMessage() + '"'); } - } else if("decode64".equalsIgnoreCase(args[0]) && args.length>1) { + } else if ("decode64".equalsIgnoreCase(args[0]) && args.length>1) { try { Symm.base64.decode(args[1], System.out); System.out.println(); @@ -211,7 +211,7 @@ public class CmdLine { System.err.println("Cannot decode Base64 text from " + args[1]); System.err.println(" \""+ e.getMessage() + '"'); } - } else if("encode64url".equalsIgnoreCase(args[0]) && args.length>1) { + } else if ("encode64url".equalsIgnoreCase(args[0]) && args.length>1) { try { Symm.base64url.encode(args[1], System.out); System.out.println(); @@ -221,7 +221,7 @@ public class CmdLine { System.err.println("Cannot encode Base64url with " + args[1]); System.err.println(" \""+ e.getMessage() + '"'); } - } else if("decode64url".equalsIgnoreCase(args[0]) && args.length>1) { + } else if ("decode64url".equalsIgnoreCase(args[0]) && args.length>1) { try { Symm.base64url.decode(args[1], System.out); System.out.println(); @@ -231,7 +231,7 @@ public class CmdLine { System.err.println("Cannot decode Base64url text from " + args[1]); System.err.println(" \""+ e.getMessage() + '"'); } - } else if("md5".equalsIgnoreCase(args[0]) && args.length>1) { + } else if ("md5".equalsIgnoreCase(args[0]) && args.length>1) { try { System.out.println(Hash.hashMD5asStringHex(args[1])); System.out.flush(); @@ -240,11 +240,11 @@ public class CmdLine { System.err.println(" \""+ e.getMessage() + '"'); } return; - } else if("sha256".equalsIgnoreCase(args[0]) && args.length>1) { + } else if ("sha256".equalsIgnoreCase(args[0]) && args.length>1) { try { - if(args.length>2) { + if (args.length>2) { int max = args.length>7?7:args.length; - for(int i=2;i<max;++i) { + for (int i=2;i<max;++i) { int salt = Integer.parseInt(args[i]); System.out.println(Hash.hashSHA256asStringHex(args[1],salt)); } @@ -257,9 +257,9 @@ public class CmdLine { } System.out.flush(); return; - } else if("keygen".equalsIgnoreCase(args[0])) { + } else if ("keygen".equalsIgnoreCase(args[0])) { try { - if(args.length>1) { + if (args.length>1) { File f = new File(args[1]); FileOutputStream fos = new FileOutputStream(f); try { @@ -280,13 +280,13 @@ public class CmdLine { System.err.println(" \""+ e.getMessage() + '"'); } - } else if("passgen".equalsIgnoreCase(args[0])) { + } else if ("passgen".equalsIgnoreCase(args[0])) { int numDigits; - if(args.length <= 1) { + if (args.length <= 1) { numDigits = 24; } else { numDigits = Integer.parseInt(args[1]); - if(numDigits<8)numDigits = 8; + if (numDigits<8)numDigits = 8; } String pass; boolean noLower,noUpper,noDigits,noSpecial,repeatingChars,missingChars; @@ -295,33 +295,33 @@ public class CmdLine { missingChars=noLower=noUpper=noDigits=noSpecial=true; repeatingChars=false; int c=-1,last; - for(int i=0;i<numDigits;++i) { + for (int i=0;i<numDigits;++i) { last = c; c = pass.charAt(i); - if(c==last) { + if (c==last) { repeatingChars=true; break; } - if(noLower) { + if (noLower) { noLower=!(c>=0x61 && c<=0x7A); } - if(noUpper) { + if (noUpper) { noUpper=!(c>=0x41 && c<=0x5A); } - if(noDigits) { + if (noDigits) { noDigits=!(c>=0x30 && c<=0x39); } - if(noSpecial) { + if (noSpecial) { noSpecial = "+!@#$%^&*(){}[]?:;,.".indexOf(c)<0; } missingChars = (noLower || noUpper || noDigits || noSpecial); } - } while(missingChars || repeatingChars); + } while (missingChars || repeatingChars); System.out.println(pass.substring(0,numDigits)); - } else if("urlgen".equalsIgnoreCase(args[0])) { + } else if ("urlgen".equalsIgnoreCase(args[0])) { int numDigits; - if(args.length <= 1) { + if (args.length <= 1) { numDigits = 24; } else { numDigits = Integer.parseInt(args[1]); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java index acd45019..3027fd74 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Hash.java @@ -132,9 +132,9 @@ public class Hash { * @return */ public static boolean isEqual(byte ba1[], byte ba2[]) { - if(ba1.length!=ba2.length)return false; - for(int i = 0;i<ba1.length; ++i) { - if(ba1[i]!=ba2[i])return false; + if (ba1.length!=ba2.length)return false; + for (int i = 0;i<ba1.length; ++i) { + if (ba1[i]!=ba2[i])return false; } return true; } @@ -142,10 +142,10 @@ public class Hash { public static int compareTo(byte[] a, byte[] b) { int end = Math.min(a.length, b.length); int compare = 0; - for(int i=0;compare == 0 && i<end;++i) { + for (int i=0;compare == 0 && i<end;++i) { compare = a[i]-b[i]; } - if(compare==0)compare=a.length-b.length; + if (compare==0)compare=a.length-b.length; return compare; } @@ -178,7 +178,7 @@ public class Hash { public static byte[] fromHex(String s) throws CadiException{ - if(!s.startsWith("0x")) { + if (!s.startsWith("0x")) { throw new CadiException("HexString must start with \"0x\""); } boolean high = true; @@ -186,19 +186,19 @@ public class Hash { byte b; byte[] ba = new byte[(s.length()-2)/2]; int idx; - for(int i=2;i<s.length();++i) { + for (int i=2;i<s.length();++i) { c = s.charAt(i); - if(c>=0x30 && c<=0x39) { + if (c>=0x30 && c<=0x39) { b=(byte)(c-0x30); - } else if(c>=0x61 && c<=0x66) { + } else if (c>=0x61 && c<=0x66) { b=(byte)(c-0x57); // account for "A" - } else if(c>=0x41 && c<=0x46) { + } else if (c>=0x41 && c<=0x46) { b=(byte)(c-0x37); } else { throw new CadiException("Invalid char '" + c + "' in HexString"); } idx = (i-2)/2; - if(high) { + if (high) { ba[idx]=(byte)(b<<4); high = false; } else { @@ -222,7 +222,7 @@ public class Hash { byte[] ba; boolean high; int start; - if(s.length()%2==0) { + if (s.length()%2==0) { ba = new byte[s.length()/2]; high=true; start=0; @@ -232,19 +232,19 @@ public class Hash { start=1; } int idx; - for(int i=start;i<s.length();++i) { + for (int i=start;i<s.length();++i) { c = s.charAt((i-start)); - if(c>=0x30 && c<=0x39) { + if (c>=0x30 && c<=0x39) { b=(byte)(c-0x30); - } else if(c>=0x61 && c<=0x66) { + } else if (c>=0x61 && c<=0x66) { b=(byte)(c-0x57); // account for "A" - } else if(c>=0x41 && c<=0x46) { + } else if (c>=0x41 && c<=0x46) { b=(byte)(c-0x37); } else { return null; } idx = i/2; - if(high) { + if (high) { ba[idx]=(byte)(b<<4); high = false; } else { diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java b/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java index a35777f8..8467c7c6 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/PropAccess.java @@ -89,8 +89,8 @@ public class PropAccess implements Access { this.logIt = logIt; Properties nprops=new Properties(); int eq; - for(String arg : args) { - if((eq=arg.indexOf('='))>0) { + for (String arg : args) { + if ((eq=arg.indexOf('='))>0) { nprops.setProperty(arg.substring(0, eq),arg.substring(eq+1)); } } @@ -104,16 +104,16 @@ public class PropAccess implements Access { props = new Properties(); // First, load related System Properties - for(Entry<Object,Object> es : System.getProperties().entrySet()) { + for (Entry<Object,Object> es : System.getProperties().entrySet()) { String key = es.getKey().toString(); - for(String start : new String[] {"cadi_","aaf_","cm_"}) { - if(key.startsWith(start)) { + for (String start : new String[] {"cadi_","aaf_","cm_"}) { + if (key.startsWith(start)) { props.put(key, es.getValue()); } } } // Second, overlay or fill in with Passed in Props - if(p!=null) { + if (p!=null) { props.putAll(p); } @@ -121,11 +121,11 @@ public class PropAccess implements Access { load(props.getProperty(Config.CADI_PROP_FILES)); String sLevel = props.getProperty(Config.CADI_LOGLEVEL); - if(sLevel!=null) { + if (sLevel!=null) { level=Level.valueOf(sLevel).maskOf(); } // Setup local Symmetrical key encryption - if(symm==null) { + if (symm==null) { try { symm = Symm.obtain(this); } catch (CadiException e) { @@ -142,18 +142,18 @@ public class PropAccess implements Access { private void specialConversions() { // Critical - if no Security Protocols set, then set it. We'll just get messed up if not - if(props.get(Config.CADI_PROTOCOLS)==null) { + if (props.get(Config.CADI_PROTOCOLS)==null) { props.setProperty(Config.CADI_PROTOCOLS, SecurityInfo.HTTPS_PROTOCOLS_DEFAULT); } Object temp; temp=props.get(Config.CADI_PROTOCOLS); - if(props.get(Config.HTTPS_PROTOCOLS)==null && temp!=null) { + if (props.get(Config.HTTPS_PROTOCOLS)==null && temp!=null) { props.put(Config.HTTPS_PROTOCOLS, temp); } - if(temp!=null) { - if("1.7".equals(System.getProperty("java.specification.version")) + if (temp!=null) { + if ("1.7".equals(System.getProperty("java.specification.version")) && (temp==null || (temp instanceof String && ((String)temp).contains("TLSv1.2")))) { System.setProperty(Config.HTTPS_CIPHER_SUITES, Config.HTTPS_CIPHER_SUITES_DEFAULT); } @@ -161,20 +161,20 @@ public class PropAccess implements Access { } private void load(String cadi_prop_files) { - if(cadi_prop_files==null) { + if (cadi_prop_files==null) { return; } String prevKeyFile = props.getProperty(Config.CADI_KEYFILE); int prev = 0, end = cadi_prop_files.length(); int idx; String filename; - while(prev<end) { + while (prev<end) { idx = cadi_prop_files.indexOf(File.pathSeparatorChar,prev); - if(idx<0) { + if (idx<0) { idx = end; } File file = new File(filename=cadi_prop_files.substring(prev,idx)); - if(file.exists()) { + if (file.exists()) { printf(Level.INIT,"Loading CADI Properties from %s",file.getAbsolutePath()); try { FileInputStream fis = new FileInputStream(file); @@ -182,12 +182,12 @@ public class PropAccess implements Access { props.load(fis); // Recursively Load String chainProp = props.getProperty(Config.CADI_PROP_FILES); - if(chainProp!=null) { - if(recursionProtection==null) { + if (chainProp!=null) { + if (recursionProtection==null) { recursionProtection = new ArrayList<>(); recursionProtection.add(cadi_prop_files); } - if(!recursionProtection.contains(chainProp)) { + if (!recursionProtection.contains(chainProp)) { recursionProtection.add(chainProp); load(chainProp); // recurse } @@ -205,23 +205,23 @@ public class PropAccess implements Access { } // Trim - for(Entry<Object, Object> es : props.entrySet()) { + for (Entry<Object, Object> es : props.entrySet()) { Object value = es.getValue(); - if(value instanceof String) { + if (value instanceof String) { String trim = ((String)value).trim(); // Remove Beginning/End Quotes, which might be there if mixed with Bash Props int s = 0, e=trim.length()-1; - if(s<e && trim.charAt(s)=='"' && trim.charAt(e)=='"') { + if (s<e && trim.charAt(s)=='"' && trim.charAt(e)=='"') { trim=trim.substring(s+1,e); } - if(trim!=value) { // Yes, I want OBJECT equals + if (trim!=value) { // Yes, I want OBJECT equals props.setProperty((String)es.getKey(), trim); } } } // Reset Symm if Keyfile Changes: String newKeyFile = props.getProperty(Config.CADI_KEYFILE); - if((prevKeyFile!=null && newKeyFile!=null) || (newKeyFile!=null && !newKeyFile.equals(prevKeyFile))) { + if ((prevKeyFile!=null && newKeyFile!=null) || (newKeyFile!=null && !newKeyFile.equals(prevKeyFile))) { try { symm = Symm.obtain(this); } catch (CadiException e) { @@ -234,7 +234,7 @@ public class PropAccess implements Access { } String loglevel = props.getProperty(Config.CADI_LOGLEVEL); - if(loglevel!=null) { + if (loglevel!=null) { try { level=Level.valueOf(loglevel).maskOf(); } catch (IllegalArgumentException e) { @@ -253,7 +253,7 @@ public class PropAccess implements Access { @Override public void log(Level level, Object ... elements) { - if(willLog(level)) { + if (willLog(level)) { logIt.push(level,elements); } } @@ -270,11 +270,11 @@ public class PropAccess implements Access { sb.append(name); int end = elements.length; - if(end<=0) { + if (end<=0) { sb.append("] "); } else { int idx = 0; - if(elements[idx] instanceof Integer) { + if (elements[idx] instanceof Integer) { sb.append('-'); sb.append(elements[idx]); ++idx; @@ -282,14 +282,14 @@ public class PropAccess implements Access { sb.append("] "); String s; boolean first = true; - for(Object o : elements) { - if(o!=null) { + for (Object o : elements) { + if (o!=null) { s=o.toString(); - if(first) { + if (first) { first = false; } else { int l = s.length(); - if(l>0) { + if (l>0) { switch(s.charAt(l-1)) { case ' ': break; @@ -313,7 +313,7 @@ public class PropAccess implements Access { @Override public void printf(Level level, String fmt, Object... elements) { - if(willLog(level)) { + if (willLog(level)) { log(level,String.format(fmt, elements)); } } @@ -362,9 +362,9 @@ public class PropAccess implements Access { } public void setProperty(String tag, String value) { - if(value!=null) { + if (value!=null) { props.put(tag, value); - if(Config.CADI_KEYFILE.equals(tag)) { + if (Config.CADI_KEYFILE.equals(tag)) { // reset decryption too try { symm = Symm.obtain(this); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java b/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java index 518ea6dd..998b87c9 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/ServletContextAccess.java @@ -34,7 +34,7 @@ public class ServletContextAccess extends PropAccess { super(filterConfig); // protected constructor... does not have "init" called. context = filterConfig.getServletContext(); - for(Enumeration<?> en = filterConfig.getInitParameterNames();en.hasMoreElements();) { + for (Enumeration<?> en = filterConfig.getInitParameterNames();en.hasMoreElements();) { String name = (String)en.nextElement(); setProperty(name, filterConfig.getInitParameter(name)); } @@ -46,7 +46,7 @@ public class ServletContextAccess extends PropAccess { */ @Override public void log(Level level, Object... elements) { - if(willLog(level)) { + if (willLog(level)) { StringBuilder sb = buildMsg(level, elements); context.log(sb.toString()); } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java index fd60b0c1..28af03cd 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/Symm.java @@ -139,12 +139,12 @@ public class Symm { // data (i.e. abcde...). Therefore, we'll quickly analyze the keyset. If it proves to have // too much entropy, the "Unordered" algorithm, which is faster in such cases is used. ArrayList<int[]> la = new ArrayList<>(); - for(int i=0;i<codeset.length;++i) { + for (int i=0;i<codeset.length;++i) { curr = codeset[i]; - if(prev+1==curr) { // is next character in set + if (prev+1==curr) { // is next character in set prev = curr; } else { - if(offset!=Integer.SIZE) { // add previous range + if (offset!=Integer.SIZE) { // add previous range la.add(new int[]{first,prev,offset}); } first = prev = curr; @@ -152,7 +152,7 @@ public class Symm { } } la.add(new int[]{first,curr,offset}); - if(la.size()>codeset.length/3) { + if (la.size()>codeset.length/3) { convert = new Unordered(codeset); } else { // too random to get speed enhancement from range algorithm int[][] range = new int[la.size()][]; @@ -210,10 +210,10 @@ public class Symm { public <T> T exec(SyncExec<T> exec) throws Exception { synchronized(LOCK) { - if(keyBytes == null) { + if (keyBytes == null) { keyBytes = new byte[AES.AES_KEY_SIZE/8]; int offset = (Math.abs(codeset[0])+47)%(codeset.length-keyBytes.length); - for(int i=0;i<keyBytes.length;++i) { + for (int i=0;i<keyBytes.length;++i) { keyBytes[i] = (byte)codeset[i+offset]; } } @@ -231,7 +231,7 @@ public class Symm { } public byte[] encode(byte[] toEncrypt) throws IOException { - if(toEncrypt==null) { + if (toEncrypt==null) { return EMPTY; } else { ByteArrayOutputStream baos = new ByteArrayOutputStream((int)(toEncrypt.length*1.25)); @@ -344,8 +344,8 @@ public class Symm { boolean go; do { read = is.read(); - if(go = read>=0) { - if(line>=splitLinesAt) { + if (go = read>=0) { + if (line>=splitLinesAt) { os.write('\n'); line = 0; } @@ -362,7 +362,7 @@ public class Symm { // Char 1 is last 4 bits of prev plus the first 2 bits of read // Char 2 is the last 6 bits of read os.write(codeset[(((prev & 0xF)<<2) | (read>>6))]); - if(line==splitLinesAt) { // deal with line splitting for two characters + if (line==splitLinesAt) { // deal with line splitting for two characters os.write('\n'); line=0; } @@ -376,21 +376,21 @@ public class Symm { switch(idx) { case 1: // just the last 2 bits of prev os.write(codeset[(prev & 0x03)<<4]); - if(endEquals)os.write(DOUBLE_EQ); + if (endEquals)os.write(DOUBLE_EQ); break; case 2: // just the last 4 bits of prev os.write(codeset[(prev & 0xF)<<2]); - if(endEquals)os.write('='); + if (endEquals)os.write('='); break; } idx = 0; } - } while(go); + } while (go); } public void decode(InputStream is, OutputStream os, int skip) throws IOException { - if(is.skip(skip)!=skip) { + if (is.skip(skip)!=skip) { throw new IOException("Error skipping on IOStream in Symm"); } decode(is,os); @@ -405,9 +405,9 @@ public class Symm { public void decode(InputStream is, OutputStream os) throws IOException { int read, idx=0; int prev=0, index; - while((read = is.read())>=0) { + while ((read = is.read())>=0) { index = convert.convert(read); - if(index>=0) { + if (index>=0) { switch(++idx) { // 1 based cases, slightly faster ++ case 1: // index goes into first 6 bits of prev prev = index<<2; @@ -459,8 +459,8 @@ public class Symm { case '\r': return -1; } - for(int i=0;i<range.length;++i) { - if(read >= range[i][0] && read<=range[i][1]) { + for (int i=0;i<range.length;++i) { + if (read >= range[i][0] && read<=range[i][1]) { return read-range[i][2]; } } @@ -487,8 +487,8 @@ public class Symm { case '\r': return -1; } - for(int i=0;i<codec.length;++i) { - if(codec[i]==read)return i; + for (int i=0;i<codec.length;++i) { + if (codec[i]==read)return i; } // don't give clue in Encryption mode throw new IOException("Unacceptable Character in Stream"); @@ -519,7 +519,7 @@ public class Symm { private Obtain(Symm b64, byte[] key) { skip = Math.abs(key[key.length-13]%key.length); - if((key.length&0x1) == (skip&0x1)) { // if both are odd or both are even + if ((key.length&0x1) == (skip&0x1)) { // if both are odd or both are even ++skip; } length = b64.codeset.length; @@ -542,7 +542,7 @@ public class Symm { */ public static Symm obtain(Access access) throws CadiException { String keyfile = access.getProperty(Config.CADI_KEYFILE,null); - if(keyfile!=null) { + if (keyfile!=null) { Symm symm = Symm.baseCrypt(); File file = new File(keyfile); @@ -551,7 +551,7 @@ public class Symm { } catch (IOException e1) { access.log(Level.INIT, Config.CADI_KEYFILE,"points to",file.getAbsolutePath()); } - if(file.exists()) { + if (file.exists()) { try { FileInputStream fis = new FileInputStream(file); try { @@ -619,7 +619,7 @@ public class Symm { throw new IOException("Invalid Key"); } byte[] bkey = baos.toByteArray(); - if(bkey.length<0x88) { // 2048 bit key + if (bkey.length<0x88) { // 2048 bit key throw new IOException("Invalid key"); } return baseCrypt().obtain(bkey); @@ -663,37 +663,37 @@ public class Symm { * @throws IOException */ public void enpass(final String password, final OutputStream os) throws IOException { - if(password==null) { + if (password==null) { throw new IOException("Invalid password passed"); } final ByteArrayOutputStream baos = new ByteArrayOutputStream(); DataOutputStream dos = new DataOutputStream(baos); byte[] bytes = password.getBytes(); - if(this.getClass().getSimpleName().startsWith("base64")) { // don't expose randomization + if (this.getClass().getSimpleName().startsWith("base64")) { // don't expose randomization dos.write(bytes); } else { Random r = new SecureRandom(); int start = 0; byte b; - for(int i=0;i<3;++i) { + for (int i=0;i<3;++i) { dos.writeByte(b=(byte)r.nextInt()); start+=Math.abs(b); } start%=0x7; - for(int i=0;i<start;++i) { + for (int i=0;i<start;++i) { dos.writeByte(r.nextInt()); } dos.writeInt((int)System.currentTimeMillis()); int minlength = Math.min(0x9,bytes.length); dos.writeByte(minlength); // expect truncation - if(bytes.length<0x9) { - for(int i=0;i<bytes.length;++i) { + if (bytes.length<0x9) { + for (int i=0;i<bytes.length;++i) { dos.writeByte(r.nextInt()); dos.writeByte(bytes[i]); } // make sure it's long enough - for(int i=bytes.length;i<0x9;++i) { + for (int i=bytes.length;i<0x9;++i) { dos.writeByte(r.nextInt()); } } else { @@ -733,7 +733,7 @@ public class Symm { * @throws IOException */ public String depass(String password) throws IOException { - if(password==null)return null; + if (password==null)return null; ByteArrayOutputStream baos = new ByteArrayOutputStream(); depass(password,baos); return new String(baos.toByteArray()); @@ -772,23 +772,23 @@ public class Symm { byte[] bytes = baos.toByteArray(); DataInputStream dis = new DataInputStream(new ByteArrayInputStream(bytes)); long time; - if(this.getClass().getSimpleName().startsWith("base64")) { // don't expose randomization + if (this.getClass().getSimpleName().startsWith("base64")) { // don't expose randomization os.write(bytes); time = 0L; } else { int start=0; - for(int i=0;i<3;++i) { + for (int i=0;i<3;++i) { start+=Math.abs(dis.readByte()); } start%=0x7; - for(int i=0;i<start;++i) { + for (int i=0;i<start;++i) { dis.readByte(); } time = (dis.readInt() & 0xFFFF)|(System.currentTimeMillis()&0xFFFF0000); int minlength = dis.readByte(); - if(minlength<0x9){ + if (minlength<0x9){ DataOutputStream dos = new DataOutputStream(os); - for(int i=0;i<minlength;++i) { + for (int i=0;i<minlength;++i) { dis.readByte(); dos.writeByte(dis.readByte()); } @@ -807,7 +807,7 @@ public class Symm { public static String randomGen(char[] chars ,int numBytes) { int rint; StringBuilder sb = new StringBuilder(numBytes); - for(int i=0;i<numBytes;++i) { + for (int i=0;i<numBytes;++i) { rint = random.nextInt(chars.length); sb.append(chars[rint]); } @@ -829,14 +829,14 @@ public class Symm { int index; Obtain o = new Obtain(this,key); - while(filled>=0) { + while (filled>=0) { index = o.next(); - if(index<0 || index>=codeset.length) { + if (index<0 || index>=codeset.length) { System.out.println("uh, oh"); } - if(right) { // alternate going left or right to find the next open slot (keeps it from taking too long to hit something) - for(int j=index;j<end;++j) { - if(seq[j]==0) { + if (right) { // alternate going left or right to find the next open slot (keeps it from taking too long to hit something) + for (int j=index;j<end;++j) { + if (seq[j]==0) { seq[j]=codeset[filled]; --filled; break; @@ -844,8 +844,8 @@ public class Symm { } right = false; } else { - for(int j=index;j>=0;--j) { - if(seq[j]==0) { + for (int j=index;j>=0;--j) { + if (seq[j]==0) { seq[j]=codeset[filled]; --filled; break; @@ -859,7 +859,7 @@ public class Symm { try { newSymm.keyBytes = new byte[AES.AES_KEY_SIZE/8]; int offset = (Math.abs(key[(47%key.length)])+137)%(key.length-newSymm.keyBytes.length); - for(int i=0;i<newSymm.keyBytes.length;++i) { + for (int i=0;i<newSymm.keyBytes.length;++i) { newSymm.keyBytes[i] = key[i+offset]; } } catch (Exception e) { @@ -876,7 +876,7 @@ public class Symm { * @throws IOException */ public static synchronized Symm internalOnly() throws IOException { - if(internalOnly==null) { + if (internalOnly==null) { ByteArrayInputStream baos = new ByteArrayInputStream(keygen()); try { internalOnly = Symm.obtain(baos); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/User.java b/cadi/core/src/main/java/org/onap/aaf/cadi/User.java index 512f2e6a..4848e504 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/User.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/User.java @@ -125,7 +125,7 @@ public final class User<PERM extends Permission> { } public void add(LocalPermission permission) { - if(perms==NULL_MAP) { + if (perms==NULL_MAP) { perms=newMap(); } perms.put(permission.getKey(),permission); @@ -157,8 +157,8 @@ public final class User<PERM extends Permission> { sb.append('|'); boolean first = true; synchronized(perms) { - for(Permission gp : perms.values()) { - if(first) { + for (Permission gp : perms.values()) { + if (first) { first = false; sb.append(':'); } else { diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java index 4784d1ee..088227ed 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java @@ -233,9 +233,9 @@ public class Config { ///////////////////////////////////////////////////// Class<?> aafConClass = loadClass(access,CADI_AAF_CON_DEF); Object aafcon = null; - if(con!=null && aafConClass!=null && aafConClass.isAssignableFrom(con.getClass())) { + if (con!=null && aafConClass!=null && aafConClass.isAssignableFrom(con.getClass())) { aafcon = con; - } else if(lur != null) { + } else if (lur != null) { Field f; try { f = lur.getClass().getField("aaf"); @@ -248,14 +248,14 @@ public class Config { boolean hasDirectAAF = hasDirect("DirectAAFLur",additionalTafLurs); // IMPORTANT! Don't attempt to load AAF Connector if there is no AAF URL String aafURL = access.getProperty(AAF_URL,null); - if(!hasDirectAAF && aafcon==null && aafURL!=null) { + if (!hasDirectAAF && aafcon==null && aafURL!=null) { aafcon = loadAAFConnector(si, aafURL); } HttpTaf taf; // Setup Host, in case Network reports an unusable Hostname (i.e. VTiers, VPNs, etc) String hostname = logProp(access, HOSTNAME,null); - if(hostname==null) { + if (hostname==null) { try { hostname = InetAddress.getLocalHost().getHostName(); } catch (UnknownHostException e1) { @@ -279,10 +279,10 @@ public class Config { ///////////////////////////////////////////////////// X509Taf x509TAF = null; String truststore = logProp(access, CADI_TRUSTSTORE,null); - if(truststore!=null) { + if (truststore!=null) { String truststorePwd = access.getProperty(CADI_TRUSTSTORE_PASSWORD,null); - if(truststorePwd!=null) { - if(truststorePwd.startsWith(Symm.ENC)) { + if (truststorePwd!=null) { + if (truststorePwd.startsWith(Symm.ENC)) { try { access.decrypt(truststorePwd,false); } catch (IOException e) { @@ -314,17 +314,17 @@ public class Config { long userExp = Long.parseLong(aafCleanup); boolean basicWarn = "TRUE".equals(access.getProperty(BASIC_WARN,"FALSE")); - if(!hasDirectAAF) { + if (!hasDirectAAF) { HttpTaf aaftaf=null; - if(!hasOAuthDirectTAF) { - if(basicRealm!=null) { + if (!hasOAuthDirectTAF) { + if (basicRealm!=null) { @SuppressWarnings("unchecked") Class<HttpTaf> obasicCls = (Class<HttpTaf>)loadClass(access,CADI_OBASIC_HTTP_TAF_DEF); - if(obasicCls!=null) { + if (obasicCls!=null) { try { String tokenurl = logProp(access,Config.AAF_OAUTH2_TOKEN_URL, null); String introspecturl = logProp(access,Config.AAF_OAUTH2_INTROSPECT_URL, null); - if(tokenurl==null || introspecturl==null) { + if (tokenurl==null || introspecturl==null) { access.log(Level.INIT,"Both tokenurl and introspecturl are required. Oauth Authorization is disabled."); } Constructor<HttpTaf> obasicConst = obasicCls.getConstructor(PropAccess.class,String.class, String.class, String.class); @@ -333,20 +333,20 @@ public class Config { } catch (NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { access.log(Level.INIT, e); } - } else if(up!=null) { + } else if (up!=null) { access.log(Level.INIT,"Basic Authorization is enabled using realm",basicRealm); // Allow warning about insecure channel to be turned off - if(!basicWarn) { + if (!basicWarn) { access.log(Level.INIT, "WARNING! The basicWarn property has been set to false.", " There will be no additional warning if Basic Auth is used on an insecure channel"); } BasicHttpTaf bht = new BasicHttpTaf(access, up, basicRealm, userExp, basicWarn); - for(Object o : additionalTafLurs) { - if(o instanceof CredValDomain) { + for (Object o : additionalTafLurs) { + if (o instanceof CredValDomain) { bht.add((CredValDomain)o); } } - if(x509TAF!=null) { + if (x509TAF!=null) { x509TAF.add(bht); } htlist.add(bht); @@ -359,28 +359,28 @@ public class Config { ///////////////////////////////////////////////////// // Configure AAF Driven Basic Auth ///////////////////////////////////////////////////// - if(aafcon==null) { + if (aafcon==null) { access.log(Level.INIT,"AAF Connection (AAFcon) is null. Cannot create an AAF TAF"); - } else if(aafURL==null) { + } else if (aafURL==null) { access.log(Level.INIT,"No AAF URL in properties, Cannot create an AAF TAF"); } else {// There's an AAF_URL... try to configure an AAF String aafTafClassName = logProp(access, AAF_TAF_CLASS,AAF_TAF_CLASS_DEF); // Only 2.0 available at this time - if(AAF_TAF_CLASS_DEF.equals(aafTafClassName)) { + if (AAF_TAF_CLASS_DEF.equals(aafTafClassName)) { try { Class<?> aafTafClass = loadClass(access,aafTafClassName); - if(aafTafClass!=null) { + if (aafTafClass!=null) { Constructor<?> cstr = aafTafClass.getConstructor(Connector.class,boolean.class,AbsUserCache.class); - if(cstr!=null) { - if(lur instanceof AbsUserCache) { + if (cstr!=null) { + if (lur instanceof AbsUserCache) { aaftaf = (HttpTaf)cstr.newInstance(aafcon,basicWarn,lur); } else { cstr = aafTafClass.getConstructor(Connector.class,boolean.class); - if(cstr!=null) { + if (cstr!=null) { aaftaf = (HttpTaf)cstr.newInstance(aafcon,basicWarn); } } - if(aaftaf==null) { + if (aaftaf==null) { access.log(Level.INIT,"ERROR! AAF TAF Failed construction. NOT Configured"); } else { access.log(Level.INIT,"AAF TAF Configured to ",aafURL); @@ -390,7 +390,7 @@ public class Config { } else { access.log(Level.INIT, "There is no AAF TAF class available: %s. AAF TAF not configured.",aafTafClassName); } - } catch(Exception e) { + } catch (Exception e) { access.log(Level.INIT,"ERROR! AAF TAF Failed construction. NOT Configured",e); } } @@ -400,7 +400,7 @@ public class Config { ///////////////////////////////////////////////////// // Configure OAuth TAF ///////////////////////////////////////////////////// - if(!hasOAuthDirectTAF) { + if (!hasOAuthDirectTAF) { String oauthTokenUrl = logProp(access,Config.AAF_OAUTH2_TOKEN_URL,null); Class<?> oadtClss; try { @@ -409,21 +409,21 @@ public class Config { oadtClss = null; access.log(Level.INIT, e1); } - if(additionalTafLurs!=null && additionalTafLurs.length>0 && (oadtClss!=null && additionalTafLurs[0].getClass().isAssignableFrom(oadtClss))) { + if (additionalTafLurs!=null && additionalTafLurs.length>0 && (oadtClss!=null && additionalTafLurs[0].getClass().isAssignableFrom(oadtClss))) { htlist.add((HttpTaf)additionalTafLurs[0]); String[] array= new String[additionalTafLurs.length-1]; - if(array.length>0) { + if (array.length>0) { System.arraycopy(htlist, 1, array, 0, array.length); } additionalTafLurs = array; access.log(Level.INIT,"OAuth2 Direct is enabled"); - } else if(oauthTokenUrl!=null) { + } else if (oauthTokenUrl!=null) { String oauthIntrospectUrl = logProp(access,Config.AAF_OAUTH2_INTROSPECT_URL,null); @SuppressWarnings("unchecked") Class<HttpTaf> oaTCls = (Class<HttpTaf>)loadClass(access,OAUTH_HTTP_TAF); - if(oaTCls!=null) { + if (oaTCls!=null) { Class<?> oaTTmgrCls = loadClass(access, OAUTH_TOKEN_MGR); - if(oaTTmgrCls!=null) { + if (oaTTmgrCls!=null) { try { Method oaTTmgrGI = oaTTmgrCls.getMethod("getInstance",PropAccess.class,String.class,String.class); Object oaTTmgr = oaTTmgrGI.invoke(null /*this is static method*/,access,oauthTokenUrl,oauthIntrospectUrl); @@ -444,7 +444,7 @@ public class Config { // Adding BasicAuth (AAF) last, after other primary Cookie Based // Needs to be before Cert... see below ///////////////////////////////////////////////////// - if(aaftaf!=null) { + if (aaftaf!=null) { htlist.add(aaftaf); } } @@ -452,22 +452,22 @@ public class Config { ///////////////////////////////////////////////////// // Any Additional Lurs passed in Constructor ///////////////////////////////////////////////////// - if(additionalTafLurs!=null) { - for(Object additional : additionalTafLurs) { - if(additional instanceof BasicHttpTaf) { + if (additionalTafLurs!=null) { + for (Object additional : additionalTafLurs) { + if (additional instanceof BasicHttpTaf) { BasicHttpTaf ht = (BasicHttpTaf)additional; - for(Object cv : additionalTafLurs) { - if(cv instanceof CredValDomain) { + for (Object cv : additionalTafLurs) { + if (cv instanceof CredValDomain) { ht.add((CredValDomain)cv); access.printf(Level.INIT,"%s Authentication is enabled",cv); } } htlist.add(ht); - } else if(additional instanceof HttpTaf) { + } else if (additional instanceof HttpTaf) { HttpTaf ht = (HttpTaf)additional; htlist.add(ht); access.printf(Level.INIT,"%s Authentication is enabled",additional.getClass().getSimpleName()); - } else if(hasOAuthDirectTAF) { + } else if (hasOAuthDirectTAF) { Class<?> daupCls; try { daupCls = Class.forName("org.onap.aaf.auth.direct.DirectAAFUserPass"); @@ -475,7 +475,7 @@ public class Config { daupCls = null; access.log(Level.INIT, e); } - if(daupCls != null && additional.getClass().isAssignableFrom(daupCls)) { + if (daupCls != null && additional.getClass().isAssignableFrom(daupCls)) { htlist.add(new BasicHttpTaf(access, (CredVal)additional , basicRealm, userExp, basicWarn)); access.printf(Level.INIT,"Direct BasicAuth Authentication is enabled",additional.getClass().getSimpleName()); } @@ -484,9 +484,9 @@ public class Config { } // Add BasicAuth, if any, to x509Taf - if(x509TAF!=null) { - for( HttpTaf ht : htlist) { - if(ht instanceof BasicHttpTaf) { + if (x509TAF!=null) { + for ( HttpTaf ht : htlist) { + if (ht instanceof BasicHttpTaf) { x509TAF.add((BasicHttpTaf)ht); } } @@ -494,7 +494,7 @@ public class Config { ///////////////////////////////////////////////////// // Create EpiTaf from configured TAFs ///////////////////////////////////////////////////// - if(htlist.size()==1) { + if (htlist.size()==1) { // just return the one taf = htlist.get(0); } else { @@ -504,7 +504,7 @@ public class Config { taf = new HttpEpiTaf(access,locator, tc, htarray); // ok to pass locator == null String level = logProp(access, CADI_LOGLEVEL, null); - if(level!=null) { + if (level!=null) { access.setLogLevel(Level.valueOf(level)); } } @@ -514,7 +514,7 @@ public class Config { public static String logProp(Access access,String tag, String def) { String rv = access.getProperty(tag, def); - if(rv == null) { + if (rv == null) { access.log(Level.INIT,tag,"is not explicitly set"); } else { access.log(Level.INIT,tag,"is set to",rv); @@ -533,14 +533,14 @@ public class Config { String users = access.getProperty(USERS,null); String groups = access.getProperty(GROUPS,null); - if(groups!=null || users!=null) { + if (groups!=null || users!=null) { LocalLur ll = new LocalLur(access, users, groups); // note b64==null is ok.. just means no encryption. lurs.add(ll); String writeto = access.getProperty(WRITE_TO,null); - if(writeto!=null) { + if (writeto!=null) { String msg = UsersDump.updateUsers(writeto, ll); - if(msg!=null) { + if (msg!=null) { access.log(Level.INIT,"ERROR! Error Updating ",writeto,"with roles and users:",msg); } } @@ -554,10 +554,10 @@ public class Config { ///////////////////////////////////////////////////// String tokenUrl = logProp(access,AAF_OAUTH2_TOKEN_URL, null); String introspectUrl = logProp(access,AAF_OAUTH2_INTROSPECT_URL, null); - if(tokenUrl!=null && introspectUrl !=null) { + if (tokenUrl!=null && introspectUrl !=null) { try { Class<?> olurCls = loadClass(access, CADI_OLUR_CLASS_DEF); - if(olurCls!=null) { + if (olurCls!=null) { Constructor<?> olurCnst = olurCls.getConstructor(PropAccess.class,String.class,String.class); Lur olur = (Lur)olurCnst.newInstance(access,tokenUrl,introspectUrl); lurs.add(olur); @@ -567,7 +567,7 @@ public class Config { } } catch (NoSuchMethodException| SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { String msg = e.getMessage(); - if(msg==null && e.getCause()!=null) { + if (msg==null && e.getCause()!=null) { msg = e.getCause().getMessage(); } access.log(Level.INIT,"AAF/OAuth LUR is not instantiated.",msg,e); @@ -576,7 +576,7 @@ public class Config { access.log(Level.INIT, "OAuth2 Lur disabled"); } - if(con!=null) { // try to reutilize connector + if (con!=null) { // try to reutilize connector lurs.add(con.newLur()); } else { ///////////////////////////////////////////////////// @@ -584,12 +584,12 @@ public class Config { ///////////////////////////////////////////////////// String aafURL = logProp(access,AAF_URL,null); // Trigger Property String aafEnv = access.getProperty(AAF_ENV,null); - if(aafEnv == null && aafURL!=null && access instanceof PropAccess) { // set AAF_ENV from AAF_URL + if (aafEnv == null && aafURL!=null && access instanceof PropAccess) { // set AAF_ENV from AAF_URL int ec = aafURL.indexOf("envContext="); - if(ec>0) { + if (ec>0) { ec += 11; // length of envContext= int slash = aafURL.indexOf('/', ec); - if(slash>0) { + if (slash>0) { aafEnv = aafURL.substring(ec, slash); ((PropAccess)access).setProperty(AAF_ENV, aafEnv); access.printf(Level.INIT, "Setting aafEnv to %s from aaf_url value",aafEnv); @@ -598,30 +598,30 @@ public class Config { } // Don't configure AAF if it is using DirectAccess - if(!hasDirect("DirectAAFLur",additionalTafLurs)) { - if(aafURL==null) { + if (!hasDirect("DirectAAFLur",additionalTafLurs)) { + if (aafURL==null) { access.log(Level.INIT,"No AAF LUR properties, AAF will not be loaded"); } else {// There's an AAF_URL... try to configure an AAF String aafLurClassStr = logProp(access,AAF_LUR_CLASS,AAF_V2_0_AAF_LUR_PERM); ////////////AAF Lur 2.0 ///////////// - if(aafLurClassStr!=null && aafLurClassStr.startsWith(AAF_V2_0)) { + if (aafLurClassStr!=null && aafLurClassStr.startsWith(AAF_V2_0)) { try { Object aafcon = loadAAFConnector(si, aafURL); - if(aafcon==null) { + if (aafcon==null) { access.log(Level.INIT,"AAF LUR class,",aafLurClassStr,"cannot be constructed without valid AAFCon object."); } else { Class<?> aafAbsAAFCon = loadClass(access, AAF_V2_0_AAFCON); - if(aafAbsAAFCon!=null) { + if (aafAbsAAFCon!=null) { Method mNewLur = aafAbsAAFCon.getMethod("newLur"); Object aaflur = mNewLur.invoke(aafcon); - if(aaflur==null) { + if (aaflur==null) { access.log(Level.INIT,"ERROR! AAF LUR Failed construction. NOT Configured"); } else { access.log(Level.INIT,"AAF LUR Configured to ",aafURL); lurs.add((Lur)aaflur); String debugIDs = logProp(access,Config.AAF_DEBUG_IDS, null); - if(debugIDs !=null && aaflur instanceof CachingLur) { + if (debugIDs !=null && aaflur instanceof CachingLur) { ((CachingLur<?>)aaflur).setDebug(debugIDs); } } @@ -638,9 +638,9 @@ public class Config { ///////////////////////////////////////////////////// // Any Additional passed in Constructor ///////////////////////////////////////////////////// - if(additionalTafLurs!=null) { - for(Object additional : additionalTafLurs) { - if(additional instanceof Lur) { + if (additionalTafLurs!=null) { + for (Object additional : additionalTafLurs) { + if (additional instanceof Lur) { lurs.add((Lur)additional); access.log(Level.INIT, additional); } @@ -666,9 +666,9 @@ public class Config { } private static boolean hasDirect(String simpleClassName, Object[] additionalTafLurs) { - if(additionalTafLurs!=null) { - for(Object tf : additionalTafLurs) { - if(tf.getClass().getSimpleName().equals(simpleClassName)) { + if (additionalTafLurs!=null) { + for (Object tf : additionalTafLurs) { + if (tf.getClass().getSimpleName().equals(simpleClassName)) { return true; } } @@ -746,15 +746,15 @@ public class Config { public static Locator<URI> loadLocator(SecurityInfoC<HttpURLConnection> si, final String _url) throws LocatorException { Access access = si.access; Locator<URI> locator = null; - if(_url==null) { + if (_url==null) { access.log(Level.INIT,"No URL passed to 'loadLocator'. Disabled"); } else { String url = _url; String replacement; int idxAAFLocateUrl; - if((idxAAFLocateUrl=_url.indexOf(AAF_LOCATE_URL_TAG))>0 && ((replacement=access.getProperty(AAF_LOCATE_URL, null))!=null)) { + if ((idxAAFLocateUrl=_url.indexOf(AAF_LOCATE_URL_TAG))>0 && ((replacement=access.getProperty(AAF_LOCATE_URL, null))!=null)) { StringBuilder sb = new StringBuilder(replacement); - if(!replacement.endsWith("/locate")) { + if (!replacement.endsWith("/locate")) { sb.append("/locate"); } sb.append(_url,idxAAFLocateUrl+AAF_LOCATE_URL_TAG.length(),_url.length()); @@ -763,7 +763,7 @@ public class Config { try { Class<?> lcls = loadClass(access,AAF_LOCATOR_CLASS_DEF); - if(lcls==null) { + if (lcls==null) { throw new CadiException("Need to include aaf-cadi-aaf jar for AAFLocator"); } // First check for preloaded @@ -773,7 +773,7 @@ public class Config { } catch (Exception e) { access.log(Level.INIT, e); } - if(locator==null) { + if (locator==null) { URI locatorURI = new URI(url); Constructor<?> cnst = lcls.getConstructor(SecurityInfoC.class,URI.class); locator = (Locator<URI>)cnst.newInstance(new Object[] {si,locatorURI}); @@ -785,7 +785,7 @@ public class Config { access.log(Level.INFO, "AAFLocator enabled using preloaded " + locator.getClass().getSimpleName()); } } catch (InvocationTargetException e) { - if(e.getTargetException() instanceof LocatorException) { + if (e.getTargetException() instanceof LocatorException) { throw (LocatorException)e.getTargetException(); } access.log(Level.INIT,e.getTargetException().getMessage(),"AAFLocator for",url,"could not be created.",e); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java index 56ac4dd5..b48dd74d 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Get.java @@ -59,7 +59,7 @@ public interface Get { } // Take def if nothing else - if(str==null) { + if (str==null) { str = def; // don't log defaults } else { @@ -83,8 +83,8 @@ public interface Get { } public String get(String name, String def, boolean print) { String gotten = access.getProperty(name, def); - if(print) { - if(gotten == null) { + if (print) { + if (gotten == null) { access.log(Level.INIT,name, "is not set"); } else { access.log(Level.INIT,name, "is set to", gotten); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java index 4655dfa1..30adcc97 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/GetAccess.java @@ -38,7 +38,7 @@ public class GetAccess extends PropAccess { public String getProperty(String tag, String def) { String rv; rv = super.getProperty(tag, null); - if(rv==null && getter!=null) { + if (rv==null && getter!=null) { rv = getter.get(tag, null, true); } return rv==null?def:rv; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/MultiGet.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/MultiGet.java index a73df14e..c5e5a50e 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/MultiGet.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/MultiGet.java @@ -31,9 +31,9 @@ public class MultiGet implements Get { @Override public String get(String name, String def, boolean print) { String str; - for(Get getter : getters) { + for (Get getter : getters) { str = getter.get(name, null, print); - if(str!=null) + if (str!=null) return str; } return def; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java index 45e1dd1c..4e365fba 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/SecurityInfoC.java @@ -44,7 +44,7 @@ public class SecurityInfoC<CLIENT> extends SecurityInfo { @SuppressWarnings("unchecked") public static synchronized <CLIENT> SecurityInfoC<CLIENT> instance(Access access, Class<CLIENT> cls) throws CadiException { SecurityInfoInit<CLIENT> sii; - if(cls.isAssignableFrom(HttpURLConnection.class)) { + if (cls.isAssignableFrom(HttpURLConnection.class)) { try { @SuppressWarnings("rawtypes") Class<SecurityInfoInit> initCls = (Class<SecurityInfoInit>)Class.forName("org.onap.aaf.cadi.http.HSecurityInfoInit"); @@ -62,7 +62,7 @@ public class SecurityInfoC<CLIENT> extends SecurityInfo { } SecurityInfoC<CLIENT> sic = (SecurityInfoC<CLIENT>) sicMap.get(cls); - if(sic==null) { + if (sic==null) { sic = new SecurityInfoC<CLIENT>(access); sic.set(sii.bestDefault(sic)); sicMap.put(cls, sic); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java index de25cb7f..98ab4706 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/UsersDump.java @@ -41,7 +41,7 @@ public class UsersDump { */ public static boolean write(OutputStream os, AbsUserCache<?> lur) { PrintStream ps; - if(os instanceof PrintStream) { + if (os instanceof PrintStream) { ps = (PrintStream)os; } else { ps = new PrintStream(os); @@ -59,14 +59,14 @@ public class UsersDump { // Obtain all unique role names HashSet<String> groups = new HashSet<>(); - for(AbsUserCache<?>.DumpInfo di : lur.dumpInfo()) { + for (AbsUserCache<?>.DumpInfo di : lur.dumpInfo()) { sb.append("\n <user username=\""); sb.append(di.user); sb.append("\" roles=\""); boolean first = true; - for(String role : di.perms) { + for (String role : di.perms) { groups.add(role); - if(first)first = false; + if (first)first = false; else sb.append(','); sb.append(role); } @@ -75,7 +75,7 @@ public class UsersDump { } // Print roles - for(String group : groups) { + for (String group : groups) { ps.print(" <role rolename=\""); ps.print(group); ps.println("\"/>"); @@ -104,15 +104,15 @@ public class UsersDump { */ public static String updateUsers(String writeto, LocalLur up) { // Dump a Tomcat-user.xml lookalike (anywhere) - if(writeto!=null) { + if (writeto!=null) { // First read content ByteArrayOutputStream baos = new ByteArrayOutputStream(); - if(UsersDump.write(baos, up)) { + if (UsersDump.write(baos, up)) { byte[] postulate = baos.toByteArray(); // now get contents of file File file = new File(writeto); boolean writeIt; - if(file.exists()) { + if (file.exists()) { try { FileInputStream fis = new FileInputStream(file); byte[] orig = new byte[(int)file.length()]; @@ -122,17 +122,17 @@ public class UsersDump { } finally { fis.close(); } - if(read<=0) { + if (read<=0) { writeIt = false; } else { // Starting at third "<" (<tomcat-users> line) int startA=0, startB=0; - for(int i=0;startA<orig.length && i<3;++startA) if(orig[startA]=='<')++i; - for(int i=0;startB<orig.length && i<3;++startB) if(postulate[startB]=='<')++i; + for (int i=0;startA<orig.length && i<3;++startA) if (orig[startA]=='<')++i; + for (int i=0;startB<orig.length && i<3;++startB) if (postulate[startB]=='<')++i; writeIt=orig.length-startA!=postulate.length-startB; // first, check if remaining length is the same - while(!writeIt && startA<orig.length && startB<postulate.length) { - if(orig[startA++]!=postulate[startB++])writeIt = true; + while (!writeIt && startA<orig.length && startB<postulate.length) { + if (orig[startA++]!=postulate[startB++])writeIt = true; } } } catch (Exception e) { @@ -142,7 +142,7 @@ public class UsersDump { writeIt = true; } - if(writeIt) { + if (writeIt) { try { FileOutputStream fos = new FileOutputStream(file); try { diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java index affb8f96..cd48556b 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiFilter.java @@ -113,7 +113,7 @@ public class CadiFilter implements Filter { public CadiFilter(boolean init, PropAccess access, Object ... moreTafLurs) throws ServletException { this.access = access; additionalTafLurs = moreTafLurs; - if(init) { + if (init) { init(new AccessGetter(access)); } } @@ -129,7 +129,7 @@ public class CadiFilter implements Filter { public void init(FilterConfig filterConfig) throws ServletException { // need the Context for Logging, instantiating ClassLoader, etc ServletContextAccess sca=new ServletContextAccess(filterConfig); - if(access==null) { + if (access==null) { access = sca; } @@ -144,9 +144,9 @@ public class CadiFilter implements Filter { TrustChecker tc = TrustChecker.NOTRUST; // default position try { Class<TrustChecker> ctc = (Class<TrustChecker>) Class.forName("org.onap.aaf.cadi.aaf.v2_0.AAFTrustChecker"); - if(ctc!=null) { + if (ctc!=null) { Constructor<TrustChecker> contc = ctc.getConstructor(Access.class); - if(contc!=null) { + if (contc!=null) { tc = contc.newInstance(access); } } @@ -184,8 +184,8 @@ public class CadiFilter implements Filter { // In this case, the epiTaf will be changed to a non-NullTaf, and thus not instantiate twice. synchronized(CadiHTTPManip.noAdditional /*will always remain same Object*/) { ++count; - if(httpChecker == null) { - if(access==null) { + if (httpChecker == null) { + if (access==null) { access = new PropAccess(); } try { @@ -193,16 +193,16 @@ public class CadiFilter implements Filter { } catch (CadiException | LocatorException e1) { throw new ServletException(e1); } - } else if(access==null) { + } else if (access==null) { access= httpChecker.getAccess(); } /* * Setup Authn Path Exceptions */ - if(pathExceptions==null) { + if (pathExceptions==null) { String str = getter.get(Config.CADI_NOAUTHN, null, true); - if(str!=null) { + if (str!=null) { pathExceptions = str.split("\\s*:\\s*"); } } @@ -210,22 +210,22 @@ public class CadiFilter implements Filter { /* * SETUP Permission Converters... those that can take Strings from a Vendor Product, and convert to appropriate AAF Permissions */ - if(mapPairs==null) { + if (mapPairs==null) { String str = getter.get(Config.AAF_PERM_MAP, null, true); - if(str!=null) { + if (str!=null) { String mstr = getter.get(Config.AAF_PERM_MAP, null, true); - if(mstr!=null) { + if (mstr!=null) { String map[] = mstr.split("\\s*:\\s*"); - if(map.length>0) { + if (map.length>0) { MapPermConverter mpc=null; int idx; mapPairs = new ArrayList<>(); - for(String entry : map) { - if((idx=entry.indexOf('='))<0) { // it's a Path, so create a new converter + for (String entry : map) { + if ((idx=entry.indexOf('='))<0) { // it's a Path, so create a new converter access.log(Level.INIT,"Loading Perm Conversions for:",entry); mapPairs.add(new Pair(entry,mpc=new MapPermConverter())); } else { - if(mpc!=null) { + if (mpc!=null) { mpc.map().put(entry.substring(0,idx),entry.substring(idx+1)); } else { access.log(Level.ERROR,"cadi_perm_map is malformed; ",entry, "is skipped"); @@ -248,7 +248,7 @@ public class CadiFilter implements Filter { public void destroy() { // Synchronize, in case multiCadiFilters are used. synchronized(CadiHTTPManip.noAdditional) { - if(--count<=0 && httpChecker!=null) { + if (--count<=0 && httpChecker!=null) { httpChecker.destroy(); httpChecker=null; access=null; @@ -272,7 +272,7 @@ public class CadiFilter implements Filter { String tag = ""; try { HttpServletRequest hreq = (HttpServletRequest)request; - if(noAuthn(hreq)) { + if (noAuthn(hreq)) { startCode=System.nanoTime(); chain.doFilter(request, response); code = Timing.millis(startCode); @@ -281,11 +281,11 @@ public class CadiFilter implements Filter { startValidate=System.nanoTime(); TafResp tresp = httpChecker.validate(hreq, hresp, hreq); validate = Timing.millis(startValidate); - if(tresp.isAuthenticated()==RESP.IS_AUTHENTICATED) { + if (tresp.isAuthenticated()==RESP.IS_AUTHENTICATED) { user = tresp.getPrincipal().personalName(); tag = tresp.getPrincipal().tag(); CadiWrap cw = new CadiWrap(hreq, tresp, httpChecker.getLur(),getConverter(hreq)); - if(httpChecker.notCadi(cw, hresp)) { + if (httpChecker.notCadi(cw, hresp)) { startCode=System.nanoTime(); oauthFilter.doFilter(cw,response,chain); code = Timing.millis(startCode); @@ -308,11 +308,11 @@ public class CadiFilter implements Filter { * @return */ private boolean noAuthn(HttpServletRequest hreq) { - if(pathExceptions!=null) { + if (pathExceptions!=null) { String pi = hreq.getPathInfo(); - if(pi==null) return false; // JBoss sometimes leaves null - for(String pe : pathExceptions) { - if(pi.startsWith(pe))return true; + if (pi==null) return false; // JBoss sometimes leaves null + for (String pe : pathExceptions) { + if (pi.startsWith(pe))return true; } } return false; @@ -322,11 +322,11 @@ public class CadiFilter implements Filter { * Get Converter by Path */ private PermConverter getConverter(HttpServletRequest hreq) { - if(mapPairs!=null) { + if (mapPairs!=null) { String pi = hreq.getPathInfo(); - if(pi !=null) { - for(Pair p: mapPairs) { - if(pi.startsWith(p.name))return p.pc; + if (pi !=null) { + for (Pair p: mapPairs) { + if (pi.startsWith(p.name))return p.pc; } } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java index 3c0f139b..bab758ec 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/CadiHTTPManip.java @@ -78,18 +78,18 @@ public class CadiHTTPManip { Config.setDefaultRealm(access); aaf_id = access.getProperty(Config.CADI_ALIAS,access.getProperty(Config.AAF_APPID, null)); - if(aaf_id==null) { + if (aaf_id==null) { access.printf(Level.INIT, "%s is not set. %s can be used instead",Config.AAF_APPID,Config.CADI_ALIAS); } else { access.printf(Level.INIT, "%s is set to %s",Config.AAF_APPID,aaf_id); } String ns = aaf_id==null?null:UserChainManip.idToNS(aaf_id); - if(ns!=null) { + if (ns!=null) { thisPerm = ns+ACCESS_CADI_CONTROL; int dot = ns.indexOf('.'); - if(dot>=0) { + if (dot>=0) { int dot2=ns.indexOf('.',dot+1); - if(dot2<0) { + if (dot2<0) { dot2=dot; } companyPerm = ns.substring(0, dot2)+ACCESS_CADI_CONTROL; @@ -105,9 +105,9 @@ public class CadiHTTPManip { lur = Config.configLur(si, con, additionalTafLurs); tc.setLur(lur); - if(lur instanceof EpiLur) { + if (lur instanceof EpiLur) { up = ((EpiLur)lur).getUserPassImpl(); - } else if(lur instanceof CredVal) { + } else if (lur instanceof CredVal) { up = (CredVal)lur; } else { up = null; @@ -160,20 +160,20 @@ public class CadiHTTPManip { public boolean notCadi(CadiWrap req, HttpServletResponse resp) { String pathInfo = req.getPathInfo(); - if(METH.equalsIgnoreCase(req.getMethod()) && pathInfo!=null && pathInfo.contains(CADI)) { - if(req.getUser().equals(aaf_id) || req.isUserInRole(thisPerm) || req.isUserInRole(companyPerm)) { + if (METH.equalsIgnoreCase(req.getMethod()) && pathInfo!=null && pathInfo.contains(CADI)) { + if (req.getUser().equals(aaf_id) || req.isUserInRole(thisPerm) || req.isUserInRole(companyPerm)) { try { - if(pathInfo.contains(CADI_CACHE_PRINT)) { + if (pathInfo.contains(CADI_CACHE_PRINT)) { resp.getOutputStream().println(lur.toString()); resp.setStatus(200); return false; - } else if(pathInfo.contains(CADI_CACHE_CLEAR)) { + } else if (pathInfo.contains(CADI_CACHE_CLEAR)) { StringBuilder report = new StringBuilder(); lur.clear(req.getUserPrincipal(), report); resp.getOutputStream().println(report.toString()); resp.setStatus(200); return false; - } else if(pathInfo.contains(CADI_LOG_SET)) { + } else if (pathInfo.contains(CADI_LOG_SET)) { Level l; int slash = pathInfo.lastIndexOf('/'); String level = pathInfo.substring(slash+1); @@ -200,7 +200,7 @@ public class CadiHTTPManip { public void destroy() { access.log(Level.INFO,"CadiHttpChecker destroyed."); - if(lur!=null) { + if (lur!=null) { lur.destroy(); lur=null; } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java index f56cbf27..cf7c922d 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/filter/FCGet.java @@ -49,25 +49,25 @@ class FCGet implements Get { public String get(String name, String def, boolean print) { String str = null; // Try Server Context First - if(context!=null) { + if (context!=null) { str = context.getInitParameter(name); } // Try Filter Context next - if(str==null && filterConfig != null) { + if (str==null && filterConfig != null) { str = filterConfig.getInitParameter(name); } - if(str==null) { + if (str==null) { str = access.getProperty(name, def); } // Take def if nothing else - if(str==null) { + if (str==null) { str = def; // don't log defaults } else { str = str.trim(); // this is vital in Property File based values, as spaces can hide easily - if(print) { + if (print) { access.log(Level.INFO,"Setting", name, "to", str); } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java index c1b477b1..a41c5eb7 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/ConfigPrincipal.java @@ -57,10 +57,10 @@ public class ConfigPrincipal implements Principal, GetCred { } public String getAsBasicAuthHeader() throws IOException { - if(content ==null) { + if (content ==null) { String s = name + ':' + new String(cred); content = "Basic " + Symm.base64.encode(s); - } else if(!content.startsWith("Basic ")) { // content is the saved password from construction + } else if (!content.startsWith("Basic ")) { // content is the saved password from construction String s = name + ':' + content; content = "Basic " + Symm.base64.encode(s); } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java index 2c5e1957..5443dec2 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/EpiLur.java @@ -57,30 +57,30 @@ public final class EpiLur implements Lur { */ public EpiLur(Lur ... lurs) throws CadiException{ this.lurs = lurs; - if(lurs.length==0) throw new CadiException("Need at least one Lur implementation in constructor"); + if (lurs.length==0) throw new CadiException("Need at least one Lur implementation in constructor"); } public boolean fish(Principal bait, Permission ... pond) { - if(pond==null) { + if (pond==null) { return false; } boolean rv = false; Lur lur; - for(int i=0;!rv && i<lurs.length;++i) { + for (int i=0;!rv && i<lurs.length;++i) { rv = (lur = lurs[i]).fish(bait, pond); - if(!rv && lur.handlesExclusively(pond)) break; + if (!rv && lur.handlesExclusively(pond)) break; } return rv; } public void fishAll(Principal bait, List<Permission> permissions) { - for(Lur lur : lurs) { + for (Lur lur : lurs) { lur.fishAll(bait, permissions); } } public void destroy() { - for(Lur lur : lurs) { + for (Lur lur : lurs) { lur.destroy(); } } @@ -90,8 +90,8 @@ public final class EpiLur implements Lur { * @return */ public CredVal getUserPassImpl() { - for(Lur lur : lurs) { - if(lur instanceof CredVal) { + for (Lur lur : lurs) { + if (lur instanceof CredVal) { return (CredVal)lur; } } @@ -109,15 +109,15 @@ public final class EpiLur implements Lur { * @return */ public Lur get(int idx) { - if(idx>=0 && idx<lurs.length) { + if (idx>=0 && idx<lurs.length) { return lurs[idx]; } return null; } public boolean handles(Principal p) { - for(Lur l : lurs) { - if(l.handles(p)) { + for (Lur l : lurs) { + if (l.handles(p)) { return true; } } @@ -125,16 +125,16 @@ public final class EpiLur implements Lur { } public void remove(String id) { - for(Lur l : lurs) { - if(l instanceof CachingLur) { + for (Lur l : lurs) { + if (l instanceof CachingLur) { ((CachingLur<?>)l).remove(id); } } } public Lur subLur(Class<? extends Lur> cls ) { - for(Lur l : lurs) { - if(l.getClass().isAssignableFrom(cls)) { + for (Lur l : lurs) { + if (l.getClass().isAssignableFrom(cls)) { return l; } } @@ -151,14 +151,14 @@ public final class EpiLur implements Lur { */ @Override public void clear(Principal p, StringBuilder report) { - for(Lur lur : lurs) { + for (Lur lur : lurs) { lur.clear(p, report); } } public String toString() { StringBuilder sb = new StringBuilder(); - for(Lur lur : lurs) { + for (Lur lur : lurs) { sb.append(lur.getClass().getSimpleName()); sb.append(": Report\n"); sb.append(lur.toString()); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java index d2b6f1aa..f8fa02e5 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/lur/LocalLur.java @@ -98,7 +98,7 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur if (pond == null) { return false; } - for(Permission p : pond) { + for (Permission p : pond) { if (handles(bait) && p instanceof LocalPermission) { // local Users only have LocalPermissions User<LocalPermission> user = getUser(bait); if (user != null) { @@ -134,7 +134,7 @@ public final class LocalLur extends AbsUserCache<LocalPermission> implements Lur public boolean handlesExclusively(Permission ... pond) { boolean rv = false; for (Permission p : pond) { - if(rv=supportingGroups.contains(p.getKey())) { + if (rv=supportingGroups.contains(p.getKey())) { break; } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java index d3c1e236..746e67d8 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/BasicPrincipal.java @@ -45,8 +45,8 @@ public class BasicPrincipal extends BearerPrincipal implements GetCred { created = System.currentTimeMillis(); ByteArrayInputStream bis = new ByteArrayInputStream(content.getBytes()); // Read past "Basic ", ensuring it starts with it. - for(int i=0;i<basic.length;++i) { - if(bis.read()!=basic[i]) { + for (int i=0;i<basic.length;++i) { + if (bis.read()!=basic[i]) { name=content; cred = null; return; @@ -54,10 +54,10 @@ public class BasicPrincipal extends BearerPrincipal implements GetCred { } BasicOS bos = new BasicOS(content.length()); Symm.base64.decode(bis,bos); // note: writes directly to name until ':' - if(name==null) throw new IOException("Invalid Coding"); + if (name==null) throw new IOException("Invalid Coding"); else cred = bos.toCred(); int at; - if((at=name.indexOf('@'))>0) { + if ((at=name.indexOf('@'))>0) { domain=name.substring(at+1); shortName=name.substring(0, at); } else { @@ -83,7 +83,7 @@ public class BasicPrincipal extends BearerPrincipal implements GetCred { @Override public void write(int b) throws IOException { - if(b==':' && first) { + if (b==':' && first) { first = false; name = new String(baos.toByteArray()); baos.reset(); // diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java index f81e160d..4a6e4cda 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/CachedBasicPrincipal.java @@ -54,7 +54,7 @@ public class CachedBasicPrincipal extends BasicPrincipal implements CachedPrinci public CachedPrincipal.Resp revalidate(Object state) { Resp resp = creator.revalidate(this, state); - if(resp.equals(Resp.REVALIDATED))expires = System.currentTimeMillis()+timeToLive; + if (resp.equals(Resp.REVALIDATED))expires = System.currentTimeMillis()+timeToLive; return resp; } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java index 8c75701f..20f22846 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/Kind.java @@ -33,19 +33,19 @@ public class Kind { public static char getKind(final Principal principal) { Principal check; - if(principal instanceof TrustPrincipal) { + if (principal instanceof TrustPrincipal) { check = ((TrustPrincipal)principal).original(); } else { check = principal; } - if(check instanceof X509Principal) { + if (check instanceof X509Principal) { return X509; } - if(check instanceof OAuth2FormPrincipal) { + if (check instanceof OAuth2FormPrincipal) { // Note: if AAF, will turn into 'A' return OAUTH; } - if(check instanceof BasicPrincipal) { + if (check instanceof BasicPrincipal) { return BASIC_AUTH; } return UNKNOWN; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java index 4d13de87..01326054 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/OAuth2FormPrincipal.java @@ -49,7 +49,7 @@ public class OAuth2FormPrincipal extends TaggedPrincipal { @Override public String personalName() { - if(username!=null && username!=client_id) { + if (username!=null && username!=client_id) { StringBuilder sb = new StringBuilder(); sb.append(username); sb.append('|'); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java index 9dddcd63..7bb4ff52 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TaggedPrincipal.java @@ -47,7 +47,7 @@ public abstract class TaggedPrincipal implements Principal { } public String personalName() { - if(tagLookup == null) { + if (tagLookup == null) { return getName(); } try { diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java index 5d4a0586..7e92aaca 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/TrustPrincipal.java @@ -33,10 +33,10 @@ public class TrustPrincipal extends BearerPrincipal implements UserChain { public TrustPrincipal(final Principal actual, final String asName) { this.original = actual; name = asName.trim(); - if(actual instanceof UserChain) { + if (actual instanceof UserChain) { UserChain uc = (UserChain)actual; userChain = uc.userChain(); - } else if(actual instanceof TaggedPrincipal) { + } else if (actual instanceof TaggedPrincipal) { userChain=((TaggedPrincipal)actual).tag(); } else { userChain = actual.getClass().getSimpleName(); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java index 1cd114a0..0348cd1f 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/principal/X509Principal.java @@ -55,17 +55,17 @@ public class X509Principal extends BearerPrincipal implements GetCred { String _name = null; String subj = cert.getSubjectDN().getName(); int cn = subj.indexOf("OU="); - if(cn>=0) { + if (cn>=0) { cn+=3; int space = subj.indexOf(',',cn); - if(space>=0) { + if (space>=0) { String id = subj.substring(cn, space); - if(pattern.matcher(id).matches()) { + if (pattern.matcher(id).matches()) { _name = id; } } } - if(_name==null) { + if (_name==null) { throw new IOException("X509 does not have Identity as CN"); } name = _name; @@ -74,7 +74,7 @@ public class X509Principal extends BearerPrincipal implements GetCred { public String getAsHeader() throws IOException { try { - if(content==null) { + if (content==null) { content=cert.getEncoded(); } } catch (CertificateEncodingException e) { diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java index b248e553..d2cbf3fa 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/EpiTaf.java @@ -47,7 +47,7 @@ public class EpiTaf implements Taf { */ public EpiTaf(Taf ... tafs) throws CadiException{ this.tafs = tafs; - if(tafs.length==0) throw new CadiException("Need at least one Taf implementation in constructor"); + if (tafs.length==0) throw new CadiException("Need at least one Taf implementation in constructor"); } /** @@ -63,13 +63,13 @@ public class EpiTaf implements Taf { */ public TafResp validate(LifeForm reading, String... info) { TafResp tresp,firstTryAuth=null; - for(Taf taf : tafs) { + for (Taf taf : tafs) { tresp = taf.validate(reading, info); switch(tresp.isAuthenticated()) { case TRY_ANOTHER_TAF: break; case TRY_AUTHENTICATING: - if(firstTryAuth==null)firstTryAuth=tresp; + if (firstTryAuth==null)firstTryAuth=tresp; break; default: return tresp; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java index b0f56603..6334164e 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/HttpEpiTaf.java @@ -94,7 +94,7 @@ public class HttpEpiTaf implements HttpTaf { TafResp firstTry = null; List<Redirectable> redirectables = null; List<TafResp> log; - if(access.willLog(Level.DEBUG)) { + if (access.willLog(Level.DEBUG)) { log = new ArrayList<>(); } else { log = null; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java index 21830b01..d5f6b032 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/basic/BasicHttpTaf.java @@ -85,23 +85,23 @@ public class BasicHttpTaf implements HttpTaf { */ public TafResp validate(Taf.LifeForm reading, HttpServletRequest req, HttpServletResponse resp) { // See if Request implements BasicCred (aka CadiWrap or other), and if User/Pass has already been set separately - if(req instanceof BasicCred) { + if (req instanceof BasicCred) { BasicCred bc = (BasicCred)req; - if(bc.getUser()!=null) { // CadiWrap, if set, makes sure User & Password are both valid, or both null - if(DenialOfServiceTaf.isDeniedID(bc.getUser())!=null) { + if (bc.getUser()!=null) { // CadiWrap, if set, makes sure User & Password are both valid, or both null + if (DenialOfServiceTaf.isDeniedID(bc.getUser())!=null) { return DenialOfServiceTaf.respDenyID(access,bc.getUser()); } CachedBasicPrincipal bp = new CachedBasicPrincipal(this,bc,realm,timeToLive); // Be able to do Organizational specific lookups by Domain CredVal cv = rbacs.get(bp.getDomain()); - if(cv==null) { + if (cv==null) { cv = rbac; } // ONLY FOR Last Ditch DEBUGGING... // access.log(Level.WARN,bp.getName() + ":" + new String(bp.getCred())); - if(cv.validate(bp.getName(),Type.PASSWORD,bp.getCred(),req)) { + if (cv.validate(bp.getName(),Type.PASSWORD,bp.getCred(),req)) { return new BasicHttpTafResp(access,bp,bp.getName()+" authenticated by password",RESP.IS_AUTHENTICATED,resp,realm,false); } else { //TODO may need timed retries in a given time period @@ -112,25 +112,25 @@ public class BasicHttpTaf implements HttpTaf { } // Get User/Password from Authorization Header value String authz = req.getHeader("Authorization"); - if(authz != null && authz.startsWith("Basic ")) { - if(warn&&!req.isSecure()) { + if (authz != null && authz.startsWith("Basic ")) { + if (warn&&!req.isSecure()) { access.log(Level.WARN,"WARNING! BasicAuth has been used over an insecure channel"); } try { CachedBasicPrincipal ba = new CachedBasicPrincipal(this,authz,realm,timeToLive); - if(DenialOfServiceTaf.isDeniedID(ba.getName())!=null) { + if (DenialOfServiceTaf.isDeniedID(ba.getName())!=null) { return DenialOfServiceTaf.respDenyID(access,ba.getName()); } final int at = ba.getName().indexOf('@'); CredVal cv = rbacs.get(ba.getName().substring(at+1)); - if(cv==null) { + if (cv==null) { cv = rbac; // default } // ONLY FOR Last Ditch DEBUGGING... // access.log(Level.WARN,ba.getName() + ":" + new String(ba.getCred())); - if(cv.validate(ba.getName(), Type.PASSWORD, ba.getCred(), req)) { + if (cv.validate(ba.getName(), Type.PASSWORD, ba.getCred(), req)) { return new BasicHttpTafResp(access,ba, ba.getName()+" authenticated by BasicAuth password",RESP.IS_AUTHENTICATED,resp,realm,false); } else { //TODO may need timed retries in a given time period @@ -148,7 +148,7 @@ public class BasicHttpTaf implements HttpTaf { protected String buildMsg(Principal pr, HttpServletRequest req, Object ... msg) { StringBuilder sb = new StringBuilder(); - if(pr!=null) { + if (pr!=null) { sb.append("user="); sb.append(pr.getName()); sb.append(','); @@ -157,9 +157,9 @@ public class BasicHttpTaf implements HttpTaf { sb.append(req.getRemoteAddr()); sb.append(",port="); sb.append(req.getRemotePort()); - if(msg.length>0) { + if (msg.length>0) { sb.append(",msg=\""); - for(Object s : msg) { + for (Object s : msg) { sb.append(s.toString()); } sb.append('"'); @@ -173,7 +173,7 @@ public class BasicHttpTaf implements HttpTaf { public CredVal getCredVal(String key) { CredVal cv = rbacs.get(key); - if(cv==null) { + if (cv==null) { cv = rbac; } return cv; @@ -181,9 +181,9 @@ public class BasicHttpTaf implements HttpTaf { @Override public Resp revalidate(CachedPrincipal prin, Object state) { - if(prin instanceof BasicPrincipal) { + if (prin instanceof BasicPrincipal) { BasicPrincipal ba = (BasicPrincipal)prin; - if(DenialOfServiceTaf.isDeniedID(ba.getName())!=null) { + if (DenialOfServiceTaf.isDeniedID(ba.getName())!=null) { return Resp.UNVALIDATED; } return rbac.validate(ba.getName(), Type.PASSWORD, ba.getCred(), state)?Resp.REVALIDATED:Resp.UNVALIDATED; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java index d0034c76..0f252e39 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/cert/X509Taf.java @@ -81,18 +81,18 @@ public class X509Taf implements HttpTaf { public X509Taf(Access access, Lur lur, CertIdentity ... cis) throws CertificateException, NoSuchAlgorithmException, CadiException { this.access = access; env = access.getProperty(Config.AAF_ENV,null); - if(env==null) { + if (env==null) { throw new CadiException("X509Taf requires Environment ("+Config.AAF_ENV+") to be set."); } // this.lur = lur; this.cadiIssuers = new ArrayList<>(); - for(String ci : access.getProperty(Config.CADI_X509_ISSUERS, "").split(":")) { + for (String ci : access.getProperty(Config.CADI_X509_ISSUERS, "").split(":")) { access.printf(Level.INIT, "Trusting Identity for Certificates signed by \"%s\"",ci); cadiIssuers.add(ci); } try { Class<?> dci = access.classLoader().loadClass("org.onap.aaf.auth.direct.DirectCertIdentity"); - if(dci==null) { + if (dci==null) { certIdents = cis; } else { CertIdentity temp[] = new CertIdentity[cis.length+1]; @@ -129,28 +129,28 @@ public class X509Taf implements HttpTaf { // Check for Mutual SSL try { X509Certificate[] certarr = (X509Certificate[])req.getAttribute("javax.servlet.request.X509Certificate"); - if(certarr!=null && certarr.length>0) { + if (certarr!=null && certarr.length>0) { si.checkClientTrusted(certarr); // Note: If the Issuer is not in the TrustStore, it's not added to the Cert list String issuer = certarr[0].getIssuerDN().toString(); - if(cadiIssuers.contains(issuer)) { + if (cadiIssuers.contains(issuer)) { String subject = certarr[0].getSubjectDN().getName(); // avoiding extra object creation, since this is validated EVERY transaction with a Cert int at = subject.indexOf('@'); - if(at>=0) { + if (at>=0) { int start = subject.lastIndexOf(',', at); - if(start<0) { + if (start<0) { start = 0; } int end = subject.indexOf(',', at); - if(end<0) { + if (end<0) { end=subject.length(); } int temp; - if(((temp=subject.indexOf("OU=",start))>=0 && temp<end) || + if (((temp=subject.indexOf("OU=",start))>=0 && temp<end) || ((temp=subject.indexOf("CN=",start))>=0 && temp<end)) { String[] sa = Split.splitTrim(':', subject, temp+3,end); - if(sa.length==1 || (sa.length>1 && env!=null && env.equals(sa[1]))) { // Check Environment + if (sa.length==1 || (sa.length>1 && env!=null && env.equals(sa[1]))) { // Check Environment return new X509HttpTafResp(access, new X509Principal(sa[0], certarr[0],(byte[])null,bht), "X509Taf validated " + sa[0] + (sa.length<2?"":" for aaf_env " + env ), RESP.IS_AUTHENTICATED); @@ -168,10 +168,10 @@ public class X509Taf implements HttpTaf { String responseText=null; String authHeader = req.getHeader("Authorization"); - if(certarr!=null) { // If cert !=null, Cert is Tested by Mutual Protocol. - if(authHeader!=null) { // This is only intended to be a Secure Connection, not an Identity - for(String auth : Split.split(',',authHeader)) { - if(auth.startsWith("Bearer ")) { // Bearer = OAuth... Don't use as Authenication + if (certarr!=null) { // If cert !=null, Cert is Tested by Mutual Protocol. + if (authHeader!=null) { // This is only intended to be a Secure Connection, not an Identity + for (String auth : Split.split(',',authHeader)) { + if (auth.startsWith("Bearer ")) { // Bearer = OAuth... Don't use as Authenication return new X509HttpTafResp(access, null, "Certificate verified, but Bearer Token is presented", RESP.TRY_ANOTHER_TAF); } } @@ -179,9 +179,9 @@ public class X509Taf implements HttpTaf { cert = certarr[0]; responseText = ", validated by Mutual SSL Protocol"; } else { // If cert == null, Get Declared Cert (in header), but validate by having them sign something - if(authHeader != null) { - for(String auth : Split.splitTrim(',',authHeader)) { - if(auth.startsWith("x509 ")) { + if (authHeader != null) { + for (String auth : Split.splitTrim(',',authHeader)) { + if (auth.startsWith("x509 ")) { ByteArrayOutputStream baos = new ByteArrayOutputStream(auth.length()); try { array = auth.getBytes(); @@ -197,10 +197,10 @@ public class X509Taf implements HttpTaf { // cert.checkValidity(); // cert.--- GET FINGERPRINT? String stuff = req.getHeader("Signature"); - if(stuff==null) + if (stuff==null) return new X509HttpTafResp(access, null, "Header entry 'Signature' required to validate One way X509 Certificate", RESP.TRY_ANOTHER_TAF); String data = req.getHeader("Data"); - // if(data==null) + // if (data==null) // return new X509HttpTafResp(access, null, "No signed Data to validate with X509 Certificate", RESP.TRY_ANOTHER_TAF); // Note: Data Pos shows is "<signatureType> <data>" @@ -215,7 +215,7 @@ public class X509Taf implements HttpTaf { Signature sig = Signature.getInstance(cert.getSigAlgName()); sig.initVerify(cert.getPublicKey()); sig.update(data.getBytes()); - if(!sig.verify(array)) { + if (!sig.verify(array)) { access.log(Level.ERROR, "Signature doesn't Match"); return new X509HttpTafResp(access, null, CERTIFICATE_NOT_VALID_FOR_AUTHENTICATION, RESP.TRY_ANOTHER_TAF); } @@ -227,21 +227,21 @@ public class X509Taf implements HttpTaf { } } } - if(cert==null) { + if (cert==null) { return new X509HttpTafResp(access, null, "No Certificate Info on Transaction", RESP.TRY_ANOTHER_TAF); } // A cert has been found, match Identify TaggedPrincipal prin=null; - for(int i=0;prin==null && i<certIdents.length;++i) { - if((prin=certIdents[i].identity(req, cert, certBytes))!=null) { + for (int i=0;prin==null && i<certIdents.length;++i) { + if ((prin=certIdents[i].identity(req, cert, certBytes))!=null) { responseText = prin.getName() + " matches Certificate " + cert.getSubjectX500Principal().getName() + responseText; } } // if Principal is found, check for "AS_USER" and whether this entity is trusted to declare - if(prin!=null) { + if (prin!=null) { return new X509HttpTafResp( access, prin, @@ -249,7 +249,7 @@ public class X509Taf implements HttpTaf { RESP.IS_AUTHENTICATED); } } - } catch(Exception e) { + } catch (Exception e) { return new X509HttpTafResp(access, null, e.getMessage(), RESP.TRY_ANOTHER_TAF); } @@ -266,7 +266,7 @@ public class X509Taf implements HttpTaf { } public CredVal getCredVal(final String key) { - if(bht==null) { + if (bht==null) { return null; } else { return bht.getCredVal(key); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java index 4154e50e..f083e5aa 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/taf/dos/DenialOfServiceTaf.java @@ -62,9 +62,9 @@ public class DenialOfServiceTaf implements HttpTaf { public DenialOfServiceTaf(Access access) throws CadiException { puntNotDenied = new PuntTafResp("DenialOfServiceTaf", "This Transaction is not denied"); this.access = access; - if(dosIP==null || dosID == null) { + if (dosIP==null || dosID == null) { String dirStr; - if((dirStr = access.getProperty(Config.AAF_DATA_DIR, null))!=null) { + if ((dirStr = access.getProperty(Config.AAF_DATA_DIR, null))!=null) { dosIP = new File(dirStr+"/dosIP"); readIP(); dosID = new File(dirStr+"/dosID"); @@ -76,10 +76,10 @@ public class DenialOfServiceTaf implements HttpTaf { @Override public TafResp validate(LifeForm reading, HttpServletRequest req, final HttpServletResponse resp) { // Performance, when not needed - if(deniedIP != null) { + if (deniedIP != null) { String ip; Counter c = deniedIP.get(ip=req.getRemoteAddr()); - if(c!=null) { + if (c!=null) { c.inc(); return respDenyIP(access,ip); } @@ -100,7 +100,7 @@ public class DenialOfServiceTaf implements HttpTaf { * for use in Other TAFs, before they attempt backend validation of */ public static Counter isDeniedID(String identity) { - if(deniedID!=null) { + if (deniedID!=null) { return deniedID.get(identity); } return null; @@ -110,7 +110,7 @@ public class DenialOfServiceTaf implements HttpTaf { * */ public static Counter isDeniedIP(String ipvX) { - if(deniedIP!=null) { + if (deniedIP!=null) { return deniedIP.get(ipvX); } return null; @@ -125,24 +125,24 @@ public class DenialOfServiceTaf implements HttpTaf { */ public static synchronized boolean denyIP(String ip) { boolean rv = false; - if(deniedIP==null) { + if (deniedIP==null) { deniedIP = new HashMap<>(); deniedIP.put(ip, new Counter(ip)); // Noted duplicated for minimum time spent rv= true; - } else if(deniedIP.get(ip)==null) { + } else if (deniedIP.get(ip)==null) { deniedIP.put(ip, new Counter(ip)); rv = true; } - if(rv) { + if (rv) { writeIP(); } return rv; } private static void writeIP() { - if(dosIP!=null && deniedIP!=null) { - if(deniedIP.isEmpty()) { - if(dosIP.exists()) { + if (dosIP!=null && deniedIP!=null) { + if (deniedIP.isEmpty()) { + if (dosIP.exists()) { dosIP.delete(); } } else { @@ -150,7 +150,7 @@ public class DenialOfServiceTaf implements HttpTaf { try { fos = new PrintStream(new FileOutputStream(dosIP,false)); try { - for(String ip: deniedIP.keySet()) { + for (String ip: deniedIP.keySet()) { fos.println(ip); } } finally { @@ -164,17 +164,17 @@ public class DenialOfServiceTaf implements HttpTaf { } private static void readIP() { - if(dosIP!=null && dosIP.exists()) { + if (dosIP!=null && dosIP.exists()) { BufferedReader br; try { br = new BufferedReader(new FileReader(dosIP)); try { - if(deniedIP==null) { + if (deniedIP==null) { deniedIP=new HashMap<>(); } String line; - while((line=br.readLine())!=null) { + while ((line=br.readLine())!=null) { deniedIP.put(line, new Counter(line)); } } finally { @@ -195,9 +195,9 @@ public class DenialOfServiceTaf implements HttpTaf { * @return */ public static synchronized boolean removeDenyIP(String ip) { - if(deniedIP!=null && deniedIP.remove(ip)!=null) { + if (deniedIP!=null && deniedIP.remove(ip)!=null) { writeIP(); - if(deniedIP.isEmpty()) { + if (deniedIP.isEmpty()) { deniedIP=null; } return true; @@ -214,15 +214,15 @@ public class DenialOfServiceTaf implements HttpTaf { */ public static synchronized boolean denyID(String id) { boolean rv = false; - if(deniedID==null) { + if (deniedID==null) { deniedID = new HashMap<>(); deniedID.put(id, new Counter(id)); // Noted duplicated for minimum time spent rv = true; - } else if(deniedID.get(id)==null) { + } else if (deniedID.get(id)==null) { deniedID.put(id, new Counter(id)); rv = true; } - if(rv) { + if (rv) { writeID(); } return rv; @@ -230,9 +230,9 @@ public class DenialOfServiceTaf implements HttpTaf { } private static void writeID() { - if(dosID!=null && deniedID!=null) { - if(deniedID.isEmpty()) { - if(dosID.exists()) { + if (dosID!=null && deniedID!=null) { + if (deniedID.isEmpty()) { + if (dosID.exists()) { dosID.delete(); } } else { @@ -240,7 +240,7 @@ public class DenialOfServiceTaf implements HttpTaf { try { fos = new PrintStream(new FileOutputStream(dosID,false)); try { - for(String ip: deniedID.keySet()) { + for (String ip: deniedID.keySet()) { fos.println(ip); } } finally { @@ -254,17 +254,17 @@ public class DenialOfServiceTaf implements HttpTaf { } private static void readID() { - if(dosID!=null && dosID.exists()) { + if (dosID!=null && dosID.exists()) { BufferedReader br; try { br = new BufferedReader(new FileReader(dosID)); try { - if(deniedID==null) { + if (deniedID==null) { deniedID=new HashMap<>(); } String line; - while((line=br.readLine())!=null) { + while ((line=br.readLine())!=null) { deniedID.put(line, new Counter(line)); } } finally { @@ -284,9 +284,9 @@ public class DenialOfServiceTaf implements HttpTaf { * @return */ public static synchronized boolean removeDenyID(String id) { - if(deniedID!=null && deniedID.remove(id)!=null) { + if (deniedID!=null && deniedID.remove(id)!=null) { writeID(); - if(deniedID.isEmpty()) { + if (deniedID.isEmpty()) { deniedID=null; } @@ -297,16 +297,16 @@ public class DenialOfServiceTaf implements HttpTaf { public List<String> report() { int initSize = 0; - if(deniedIP!=null)initSize+=deniedIP.size(); - if(deniedID!=null)initSize+=deniedID.size(); + if (deniedIP!=null)initSize+=deniedIP.size(); + if (deniedID!=null)initSize+=deniedID.size(); ArrayList<String> al = new ArrayList<>(initSize); - if(deniedID!=null) { - for(Counter c : deniedID.values()) { + if (deniedID!=null) { + for (Counter c : deniedID.values()) { al.add(c.toString()); } } - if(deniedIP!=null) { - for(Counter c : deniedIP.values()) { + if (deniedIP!=null) { + for (Counter c : deniedIP.values()) { al.add(c.toString()); } } @@ -344,13 +344,13 @@ public class DenialOfServiceTaf implements HttpTaf { private synchronized void inc() { ++count; last = System.currentTimeMillis(); - if(first==null) { + if (first==null) { first = new Date(last); } } public String toString() { - if(count==0) + if (count==0) return name + " is on the denied list, but has not attempted Access"; else return diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java index f0b8d38d..07389aad 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/FQI.java @@ -31,14 +31,14 @@ public class FQI { StringBuilder sb = null; String[] split = Split.split('.',fqi); int at; - for(int i=split.length-1;i>=0;--i) { - if(sb == null) { + for (int i=split.length-1;i>=0;--i) { + if (sb == null) { sb = new StringBuilder(); } else { sb.append('.'); } - if((at = split[i].indexOf('@'))>0) { + if ((at = split[i].indexOf('@'))>0) { sb.append(split[i].subSequence(at+1, split[i].length())); } else { sb.append(split[i]); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java index 7c3ac30d..e790766b 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/JsonOutputStream.java @@ -39,11 +39,11 @@ public class JsonOutputStream extends OutputStream { @Override public void write(int b) throws IOException { - if(ret=='\n') { + if (ret=='\n') { ret = 0; - if(prev!=',' || (b!='{' && b!='[')) { + if (prev!=',' || (b!='{' && b!='[')) { os.write('\n'); - for(int i=0;i<indent;++i) { + for (int i=0;i<indent;++i) { os.write(TWO_SPACE); } } @@ -58,7 +58,7 @@ public class JsonOutputStream extends OutputStream { case ']': --indent; os.write('\n'); - for(int i=0;i<indent;++i) { + for (int i=0;i<indent;++i) { os.write(TWO_SPACE); } break; @@ -81,7 +81,7 @@ public class JsonOutputStream extends OutputStream { @Override public void close() throws IOException { - if(closeable) { + if (closeable) { os.close(); } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java index 2a3d75ff..19fd1e2d 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/NetMask.java @@ -56,7 +56,7 @@ public class NetMask { public static long derive(byte[] inBytes) { long addr = 0L; int offset = inBytes.length*8; - for(int i=0;i<inBytes.length;++i) { + for (int i=0;i<inBytes.length;++i) { addr&=(inBytes[i]<<offset); offset-=8; } @@ -68,22 +68,22 @@ public class NetMask { int idx=str.indexOf(':'); int slash = str.indexOf('/'); - if(idx<0) { // Not IPV6, so it's IPV4... Is there a mask of 123/254? + if (idx<0) { // Not IPV6, so it's IPV4... Is there a mask of 123/254? idx=str.indexOf('.'); int offset = 24; int end = slash>=0?slash:str.length(); int bits = slash>=0?Integer.parseInt(str.substring(slash+1)):32; - if(check && bits>32) { + if (check && bits>32) { throw new MaskFormatException("Invalid Mask Offset in IPV4 Address"); } int prev = 0; long lbyte; - while(prev<end) { - if(idx<0) { + while (prev<end) { + if (idx<0) { idx = end; } lbyte = Long.parseLong(str.substring(prev, idx)); - if(check && (lbyte>255 || lbyte<0)) { + if (check && (lbyte>255 || lbyte<0)) { throw new MaskFormatException("Invalid Byte in IPV4 Address"); } rv|=lbyte<<offset; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java index a2c76967..4bb1d3b8 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Split.java @@ -36,20 +36,20 @@ public class Split { } public static String[] split(char c, String value, int start, int end) { - if(value==null) { + if (value==null) { return new String[0]; } // Count items to preallocate Array (memory alloc is more expensive than counting twice) int count,idx; - for(count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count); + for (count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count); String[] rv = new String[count]; - if(count==1) { + if (count==1) { rv[0]=value.substring(start,end); } else { int last=0; count=-1; - for(idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) { + for (idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) { rv[++count]=value.substring(last,idx); last = ++idx; } @@ -59,20 +59,20 @@ public class Split { } public static String[] splitTrim(char c, String value, int start, int end) { - if(value==null) { + if (value==null) { return new String[0]; } // Count items to preallocate Array (memory alloc is more expensive than counting twice) int count,idx; - for(count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count); + for (count=1,idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,++idx),++count); String[] rv = new String[count]; - if(count==1) { + if (count==1) { rv[0]=value.substring(start,end).trim(); } else { int last=0; count=-1; - for(idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) { + for (idx=value.indexOf(c,start);idx>=0 && idx<end;idx=value.indexOf(c,idx)) { rv[++count]=value.substring(last,idx).trim(); last = ++idx; } @@ -86,23 +86,23 @@ public class Split { } public static String[] splitTrim(char c, String value, int size) { - if(value==null) { + if (value==null) { return new String[0]; } int idx; String[] rv = new String[size]; - if(size==1) { + if (size==1) { rv[0]=value.trim(); } else { int last=0; int count=-1; size-=2; - for(idx=value.indexOf(c);idx>=0 && count<size;idx=value.indexOf(c,idx)) { + for (idx=value.indexOf(c);idx>=0 && count<size;idx=value.indexOf(c,idx)) { rv[++count]=value.substring(last,idx).trim(); last = ++idx; } - if(idx>0) { + if (idx>0) { rv[++count]=value.substring(last,idx).trim(); } else { rv[++count]=value.substring(last).trim(); diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java index 5cab15f6..a85020ff 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/SubStandardConsole.java @@ -40,7 +40,7 @@ public class SubStandardConsole implements MyConsole { try { System.out.printf(fmt,args); rv = br.readLine(); - if(args.length==1 && rv.length()==0) { + if (args.length==1 && rv.length()==0) { rv = args[0].toString(); } } catch (IOException e) { diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java index 9ddd0626..da99d06d 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/TheConsole.java @@ -25,7 +25,7 @@ public class TheConsole implements MyConsole { @Override public String readLine(String fmt, Object... args) { String rv = System.console().readLine(fmt, args); - if(args.length>0 && args[0]!=null && rv.length()==0) { + if (args.length>0 && args[0]!=null && rv.length()==0) { rv = args[0].toString(); } return rv; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java index ff74f39c..d42aaf55 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/UserChainManip.java @@ -31,7 +31,7 @@ public class UserChainManip { */ public static StringBuilder build(StringBuilder sb, String app, String id, UserChain.Protocol proto, boolean as) { boolean mayAs; - if(!(mayAs=sb.length()==0)) { + if (!(mayAs=sb.length()==0)) { sb.append(','); } sb.append(app); @@ -39,34 +39,34 @@ public class UserChainManip { sb.append(id); sb.append(':'); sb.append(proto.name()); - if(as && mayAs) { + if (as && mayAs) { sb.append(":AS"); } return sb; } public static String idToNS(String id) { - if(id==null) { + if (id==null) { return ""; } else { StringBuilder sb = new StringBuilder(); char c; int end; boolean first = true; - for(int idx = end = id.length()-1;idx>=0;--idx) { - if((c = id.charAt(idx))=='@' || c=='.') { - if(idx<end) { - if(first) { + for (int idx = end = id.length()-1;idx>=0;--idx) { + if ((c = id.charAt(idx))=='@' || c=='.') { + if (idx<end) { + if (first) { first = false; } else { sb.append('.'); } - for(int i=idx+1;i<=end;++i) { + for (int i=idx+1;i<=end;++i) { sb.append(id.charAt(i)); } } end=idx-1; - if(c=='@') { + if (c=='@') { break; } } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java index b8468129..9751969e 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/util/Vars.java @@ -48,28 +48,28 @@ public class Vars { StringBuilder sb = null; int idx,index=0,prev = 0; - if(text.contains("%s")) { + if (text.contains("%s")) { sb = new StringBuilder(); } StringBuilder[] sbs = new StringBuilder[] {sb,holder}; boolean replace, clearIndex = false; int c; - while((idx=text.indexOf('%',prev))>=0) { + while ((idx=text.indexOf('%',prev))>=0) { replace = false; - if(clearIndex) { + if (clearIndex) { index=0; } - if(sb!=null) { + if (sb!=null) { sb.append(text,prev,idx); } - if(holder!=null) { + if (holder!=null) { holder.append(text,prev,idx); } boolean go = true; - while(go) { - if(text.length()>++idx) { + while (go) { + if (text.length()>++idx) { switch(c=text.charAt(idx)) { case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': case '8': case '9': @@ -87,19 +87,19 @@ public class Vars { } prev = idx; go=false; - if(replace) { - if(sb!=null) { + if (replace) { + if (sb!=null) { sb.append('%'); sb.append(index); } - if(index<=vars.length) { - if(holder!=null) { + if (index<=vars.length) { + if (holder!=null) { holder.append(vars[index-1]); } } } else { - for(StringBuilder s : sbs) { - if(s!=null) { + for (StringBuilder s : sbs) { + if (s!=null) { s.append("%"); } } @@ -107,10 +107,10 @@ public class Vars { } } - if(sb!=null) { + if (sb!=null) { sb.append(text,prev,text.length()); } - if(holder!=null) { + if (holder!=null) { holder.append(text,prev,text.length()); } diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java index 38322307..d0a7da47 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/Match.java @@ -57,42 +57,42 @@ public class Match<OUTPUT> { this.qname = new QName(ns,name); this.next = next; stopAfter = exclusive = false; - for(Match<OUTPUT> m : next) { // add the possible tags to look for - if(!m.stopAfter)m.prev = this; + for (Match<OUTPUT> m : next) { // add the possible tags to look for + if (!m.stopAfter)m.prev = this; } } public Match<OUTPUT> onMatch(OUTPUT output, XReader reader) throws XMLStreamException { - while(reader.hasNext()) { + while (reader.hasNext()) { XEvent event = reader.nextEvent(); switch(event.getEventType()) { case XMLEvent.START_ELEMENT: QName e_qname = event.asStartElement().getName(); //System.out.println("Start - " + e_qname); boolean match = false; - for(Match<OUTPUT> m : next) { - if(e_qname.equals(m.qname)) { + for (Match<OUTPUT> m : next) { + if (e_qname.equals(m.qname)) { match=true; - if(m.onMatch(output, reader)==null) { + if (m.onMatch(output, reader)==null) { return null; // short circuit Parsing } break; } } - if(exclusive && !match) // When Tag MUST be present, i.e. the Root Tag, versus info we're not interested in + if (exclusive && !match) // When Tag MUST be present, i.e. the Root Tag, versus info we're not interested in return null; break; case XMLEvent.CHARACTERS: //System.out.println("Data - " +event.asCharacters().getData()); - if(action!=null) { - if(!action.content(output,event.asCharacters().getData())) { + if (action!=null) { + if (!action.content(output,event.asCharacters().getData())) { return null; } } break; case XMLEvent.END_ELEMENT: //System.out.println("End - " + event.asEndElement().getName()); - if(event.asEndElement().getName().equals(qname)) { + if (event.asEndElement().getName().equals(qname)) { return prev; } break; diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java index b7cc40ad..aa46bec5 100644 --- a/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java +++ b/cadi/core/src/main/java/org/onap/aaf/cadi/wsse/XReader.java @@ -66,7 +66,7 @@ public class XReader { } public boolean hasNext() throws XMLStreamException { - if(curr==null) { + if (curr==null) { curr = parse(); } return curr!=null; @@ -106,7 +106,7 @@ public class XReader { Map<String,String> nss = nsses.isEmpty()?null:nsses.peek(); XEvent rv; - if((rv=another)!=null) { // "another" is a tag that may have needed to be created, but not + if ((rv=another)!=null) { // "another" is a tag that may have needed to be created, but not // immediately returned. Save for next parse. If necessary, this could be turned into // a FIFO storage, but a single reference is enough for now. another = null; // "rv" is now set for the Event, and will be returned. Set to Null. @@ -115,15 +115,15 @@ public class XReader { int c=0; try { - while(go && (c=is.read())>=0) { + while (go && (c=is.read())>=0) { ++count; switch(c) { case '<': // Tag is opening state|=~BEGIN_DOC; // remove BEGIN_DOC flag, this is possibly an XML Doc XEvent cxe = null; - if(baos.size()>0) { // If there are any characters between tags, we send as Character Event + if (baos.size()>0) { // If there are any characters between tags, we send as Character Event String chars = baos.toString().trim(); // Trim out WhiteSpace before and after - if(chars.length()>0) { // don't send if Characters were only whitespace + if (chars.length()>0) { // don't send if Characters were only whitespace cxe = new XEvent.Characters(chars); baos.reset(); go = false; @@ -145,7 +145,7 @@ public class XReader { default: ns = ""; } - if(ns==null) + if (ns==null) throw new XMLStreamException("Invalid Namespace Prefix at " + count); go = false; switch(t.state) { // based on @@ -165,9 +165,9 @@ public class XReader { break; case START_TAG|END_TAG: // This tag is both start/end aka <myTag/> rv = new XEvent.StartElement(ns,t.name); - if(last=='/')another = new XEvent.EndElement(ns,t.name); + if (last=='/')another = new XEvent.EndElement(ns,t.name); } - if(cxe!=null) { // if there is a Character Event, it actually should go first. ow. + if (cxe!=null) { // if there is a Character Event, it actually should go first. ow. another = rv; // Make current Event the "another" or next event, and rv = cxe; // send Character Event now } @@ -175,12 +175,12 @@ public class XReader { case ' ': case '\t': case '\n': - if((state&BEGIN_DOC)==BEGIN_DOC) { // if Whitespace before doc, just ignore + if ((state&BEGIN_DOC)==BEGIN_DOC) { // if Whitespace before doc, just ignore break; } // fallthrough on purpose default: - if((state&BEGIN_DOC)==BEGIN_DOC) { // if there is any data at the start other than XML Tag, it's not XML + if ((state&BEGIN_DOC)==BEGIN_DOC) { // if there is any data at the start other than XML Tag, it's not XML throw new XMLStreamException("Parse Error: This is not an XML Doc"); } baos.write(c); // save off Characters @@ -190,7 +190,7 @@ public class XReader { } catch (IOException e) { throw new XMLStreamException(e); // all errors parsing will be treated as XMLStreamErrors (like StAX) } - if(c==-1 && (state&BEGIN_DOC)==BEGIN_DOC) { // Normally, end of stream is ok, however, we need to know if the + if (c==-1 && (state&BEGIN_DOC)==BEGIN_DOC) { // Normally, end of stream is ok, however, we need to know if the throw new XMLStreamException("Premature End of File"); // document isn't an XML document, so we throw exception if it } // hasn't yet been determined to be an XML Doc } @@ -214,15 +214,15 @@ public class XReader { String prefix=null,name=null,value=null; baos.reset(); - while(go && (c=is.read())>=0) { + while (go && (c=is.read())>=0) { ++count; - if(quote!=0) { // If we're in a quote, we only end if we hit another quote of the same time, not preceded by \ - if(c==quote && last!='\\') { + if (quote!=0) { // If we're in a quote, we only end if we hit another quote of the same time, not preceded by \ + if (c==quote && last!='\\') { quote=0; } else { baos.write(c); } - } else if((state&COMMENT)==COMMENT) { // similar to Quote is being in a comment + } else if ((state&COMMENT)==COMMENT) { // similar to Quote is being in a comment switch(c) { case '-': switch(state) { // XML has a complicated Quote set... <!-- --> ... we keep track if each has been met with flags. @@ -244,7 +244,7 @@ public class XReader { } break; case '>': // Tag indicator has been found, do we have all the comment characters in line? - if((state&COMPLETE_COMMENT)==COMPLETE_COMMENT) { + if ((state&COMPLETE_COMMENT)==COMPLETE_COMMENT) { byte ba[] = baos.toByteArray(); tag = new Tag(null,null, new String(ba,0,ba.length-2)); baos.reset(); @@ -254,7 +254,7 @@ public class XReader { // fall through on purpose default: state&=~(COMMENT_D3|COMMENT_D4); - if((state&IN_COMMENT)!=IN_COMMENT) state&=~IN_COMMENT; // false alarm, it's not actually a comment + if ((state&IN_COMMENT)!=IN_COMMENT) state&=~IN_COMMENT; // false alarm, it's not actually a comment baos.write(c); } } else { // Normal Tag Processing loop @@ -273,7 +273,7 @@ public class XReader { } break; case '!': - if(last=='<') { + if (last=='<') { state|=COMMENT|COMMENT_E; // likely a comment, continue processing in Comment Loop } baos.write(c); @@ -296,15 +296,15 @@ public class XReader { case ' ': case '\t': case '\n': // white space indicates change in internal tag state, ex between name and between attributes - if((state&VALUE)==VALUE) { + if ((state&VALUE)==VALUE) { value = baos.toString(); // we're in VALUE state, add characters to Value - } else if(name==null) { + } else if (name==null) { name = baos.toString(); // we're in Name state (default) add characters to Name } baos.reset(); // we've assigned chars, reset buffer - if(name!=null) { // Name is not null, there's a tag in the offing here... + if (name!=null) { // Name is not null, there's a tag in the offing here... Tag t = new Tag(prefix,name,value); - if(tag==null) { // Set as the tag to return, if not exists + if (tag==null) { // Set as the tag to return, if not exists tag = t; } else { // if we already have a Tag, then we'll treat this one as an attribute tag.add(t); @@ -314,7 +314,7 @@ public class XReader { break; case '\'': // is the character one of two kinds of quote? case '"': - if(last!='\\') { + if (last!='\\') { quote=c; break; } @@ -327,10 +327,10 @@ public class XReader { last = c; } int type = state&(DOC_TYPE|COMMENT|END_TAG|START_TAG); // get just the Tag states and turn into Type for Tag - if(type==0) { + if (type==0) { type=START_TAG; } - if(tag!=null) { + if (tag!=null) { tag.state|=type; // add the appropriate Tag States } return tag; @@ -350,20 +350,20 @@ public class XReader { */ private Map<String, String> getNss(Map<String, String> nss, Tag t) { Map<String,String> newnss = null; - if(t.attribs!=null) { - for(Tag tag : t.attribs) { - if("xmlns".equals(tag.prefix)) { - if(newnss==null) { + if (t.attribs!=null) { + for (Tag tag : t.attribs) { + if ("xmlns".equals(tag.prefix)) { + if (newnss==null) { newnss = new HashMap<>(); - if(nss!=null)newnss.putAll(nss); + if (nss!=null)newnss.putAll(nss); } newnss.put(tag.name, tag.value); } } } //return newnss==null?(nss==null?new HashMap<String,String>():nss):newnss; - if(newnss==null) { - if(nss==null) { + if (newnss==null) { + if (nss==null) { newnss = new HashMap<>(); } else { newnss = nss; @@ -399,7 +399,7 @@ public class XReader { * @param tag */ public void add(Tag attrib) { - if(attribs == null) { + if (attribs == null) { attribs = new ArrayList<>(); } attribs.add(attrib); @@ -407,14 +407,14 @@ public class XReader { public String toString() { StringBuffer sb = new StringBuffer(); - if(prefix!=null) { + if (prefix!=null) { sb.append(prefix); sb.append(':'); } sb.append(name==null?"!!ERROR!!":name); char quote = ((state&DOC_TYPE)==DOC_TYPE)?'\'':'"'; - if(value!=null) { + if (value!=null) { sb.append('='); sb.append(quote); sb.append(value); diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java index f57bb93e..22ce8abf 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/filter/test/JU_AUTHZServlet.java @@ -99,7 +99,7 @@ public class JU_AUTHZServlet { field.setAccessible(true); field.set(target, value); field.setAccessible(false); - } catch(Exception e) { + } catch (Exception e) { System.err.println("Could not set field [" + fieldName + "] to " + value); } } diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_X509Principal.java b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_X509Principal.java index a8839f2c..ea45c128 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_X509Principal.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/principal/test/JU_X509Principal.java @@ -93,7 +93,7 @@ public class JU_X509Principal { try { x509 = new X509Principal(cert, cred, null); fail("Should have thrown an Exception"); - } catch(IOException e) { + } catch (IOException e) { assertThat(e.getMessage(), is("X509 does not have Identity as CN")); } @@ -102,7 +102,7 @@ public class JU_X509Principal { try { x509 = new X509Principal(cert, cred, null); fail("Should have thrown an Exception"); - } catch(IOException e) { + } catch (IOException e) { assertThat(e.getMessage(), is("X509 does not have Identity as CN")); } @@ -111,7 +111,7 @@ public class JU_X509Principal { try { x509 = new X509Principal(cert, cred, null); fail("Should have thrown an Exception"); - } catch(IOException e) { + } catch (IOException e) { assertThat(e.getMessage(), is("X509 does not have Identity as CN")); } diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTaf.java b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTaf.java index d67acf3c..47d8f8d1 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTaf.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/taf/dos/test/JU_DenialOfServiceTaf.java @@ -353,7 +353,7 @@ public class JU_DenialOfServiceTaf { field.setAccessible(true); field.set(null, value); field.setAccessible(false); - } catch(Exception e) { + } catch (Exception e) { System.err.println("Could not set field [" + fieldName + "] to " + value); } } diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AES.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AES.java index affaccc5..a3e0db0d 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AES.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_AES.java @@ -60,7 +60,7 @@ public class JU_AES { byte[] keyBytes = new byte[AES.AES_KEY_SIZE/8]; char[] codeset = Symm.base64.codeset; int offset = (Math.abs(codeset[0]) + 47) % (codeset.length - keyBytes.length); - for(int i = 0; i < keyBytes.length; ++i) { + for (int i = 0; i < keyBytes.length; ++i) { keyBytes[i] = (byte)codeset[i+offset]; } aes = new AES(keyBytes, 0, keyBytes.length); diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedServletInputStream.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedServletInputStream.java index 78a6fa21..60999b69 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedServletInputStream.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_BufferedServletInputStream.java @@ -151,7 +151,7 @@ public class JU_BufferedServletInputStream { @Test public void ByteArrayReadStateIsReadTest() throws Exception { byte output[] = new byte[200]; - for(int i = 0; i < 2; ++i) { + for (int i = 0; i < 2; ++i) { bsis.mark(0); bsis.read(output, 0, 100); Assert.assertEquals(new String(output, 0, expected.length()), expected); @@ -160,7 +160,7 @@ public class JU_BufferedServletInputStream { bsis.read(output, 0, output.length); Assert.assertEquals(new String(output, 0, expected.length()), expected); bsis = new BufferedServletInputStream(new ByteArrayInputStream(output)); - if(i == 0) { + if (i == 0) { output = new byte[200]; } } @@ -286,7 +286,7 @@ public class JU_BufferedServletInputStream { byte aa[] = new byte[testString.length()]; // 65 count... important for our test (divisible by 5); int read; - for(int i=0;i<aa.length;i+=5) { + for (int i=0;i<aa.length;i+=5) { read = bsis.read(aa, i, 5); assertEquals(5,read); } @@ -296,7 +296,7 @@ public class JU_BufferedServletInputStream { byte bb[] = new byte[aa.length]; read = 0; - for(int i=0;read>=0;i+=read) { + for (int i=0;read>=0;i+=read) { read = bsis.read(bb,i,5); switch(i) { case 65: diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Capacitor.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Capacitor.java index 1bdbc571..4c842915 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Capacitor.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_Capacitor.java @@ -58,13 +58,13 @@ public class JU_Capacitor { assertNull(curr_field.get(cap)); assertEquals(idx_field.get(cap), 0); - for(int iter = 0; iter < 20; ++iter) { - for(int i = 0; i < 20; ++i) { + for (int iter = 0; iter < 20; ++iter) { + for (int i = 0; i < 20; ++i) { cap.put((byte)('a' + i)); } cap.setForRead(); byte[] array = new byte[20]; - for(int i = 0; i < 20; ++i) { + for (int i = 0; i < 20; ++i) { array[i]=(byte)cap.read(); } assertEquals("abcdefghijklmnopqrst", new String(array)); @@ -73,12 +73,12 @@ public class JU_Capacitor { cap.done(); } - for(int i = 0; i < 500; i++) { + for (int i = 0; i < 500; i++) { cap.put((byte)'a'); } cap.setForRead(); byte[] array = new byte[500]; - for(int i = 0; i < 500; ++i) { + for (int i = 0; i < 500; ++i) { array[i]=(byte)cap.read(); } assertEquals((new String(array)).length(), 500); @@ -88,7 +88,7 @@ public class JU_Capacitor { @Test public void availableTest() { assertEquals(cap.available(), 0); - for(int i = 0; i < 100; ++i) { + for (int i = 0; i < 100; ++i) { cap.put((byte)'a'); } // The Capacitor can hold 256 bytes. After reading 100 bytes, @@ -114,12 +114,12 @@ public class JU_Capacitor { byte[] a = b.getBytes(); byte[] c = new byte[b.length()]; // we want to use this to test reading offsets, etc - for(int i = 0; i < a.length; i += 11) { + for (int i = 0; i < a.length; i += 11) { cap.put(a, i, Math.min(11, a.length-i)); } cap.reset(); int read; - for(int i = 0; i < c.length; i += read) { + for (int i = 0; i < c.length; i += read) { read = cap.read(c, i, Math.min(3, c.length-i)); } assertEquals(b, new String(c)); diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java index cba4c46a..967bf221 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_CmdLine.java @@ -163,7 +163,7 @@ public class JU_CmdLine { String filePath = "test/output_key"; File testDir = new File("test"); - if(!testDir.exists()) { + if (!testDir.exists()) { testDir.mkdirs(); } CmdLine.main(new String[]{"keygen", filePath}); diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_PropAccess.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_PropAccess.java index 6f6f49e1..45f221c4 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_PropAccess.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_PropAccess.java @@ -115,7 +115,7 @@ public class JU_PropAccess { }); try { pa.log(new Exception("This exception was thrown intentionally, please ignore it")); - } catch(Exception e) { + } catch (Exception e) { fail("Should have thrown an exception"); } } diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_ServletContextAccess.java b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_ServletContextAccess.java index 15464bf1..7c67f8c9 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_ServletContextAccess.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/test/JU_ServletContextAccess.java @@ -89,7 +89,7 @@ public class JU_ServletContextAccess { try { sca.log(new Exception("This exception was thrown intentionally, please ignore it")); - } catch(Exception e) { + } catch (Exception e) { fail("Should have thrown an exception"); } } diff --git a/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_WSSEParser.java b/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_WSSEParser.java index 5a1014bc..5f880403 100644 --- a/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_WSSEParser.java +++ b/cadi/core/src/test/java/org/onap/aaf/cadi/wsse/test/JU_WSSEParser.java @@ -130,12 +130,12 @@ public class JU_WSSEParser { // is = new BufferedServletInputStream(fis); // is.mark(0); // try { -// while(is.read()>=0); +// while (is.read()>=0); // } finally { // fis.close(); // } // -// for(int i=0;i<iter;++i) { +// for (int i=0;i<iter;++i) { // start = System.nanoTime(); // is.reset(); // try { diff --git a/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/SimpleRESTClient.java b/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/SimpleRESTClient.java index 7c633640..f98c76fb 100644 --- a/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/SimpleRESTClient.java +++ b/cadi/oauth-enduser/src/main/java/org/onap/aaf/cadi/enduser/SimpleRESTClient.java @@ -61,11 +61,11 @@ public class SimpleRESTClient { callTimeout = Integer.parseInt(tcf.access.getProperty(Config.AAF_CALL_TIMEOUT,Config.AAF_CALL_TIMEOUT_DEF)); tokenClient = tcf.newClient(tokenURL); Result<TimedToken> rtt = tokenClient.getToken(scope); - if(rtt.isOK()) { + if (rtt.isOK()) { restClient = tcf.newTzClient(endpoint); - if((client_id = tcf.access.getProperty(Config.AAF_APPID, null))==null) { - if((client_id = tcf.access.getProperty(Config.CADI_ALIAS, null))==null) { + if ((client_id = tcf.access.getProperty(Config.AAF_APPID, null))==null) { + if ((client_id = tcf.access.getProperty(Config.CADI_ALIAS, null))==null) { throw new CadiException(Config.AAF_APPID + " or " + Config.CADI_ALIAS + " needs to be defined"); } } @@ -86,10 +86,10 @@ public class SimpleRESTClient { //Format:<ID>:<APP>:<protocol>[:AS][,<ID>:<APP>:<protocol>]* public SimpleRESTClient endUser(Principal principal) { - if(principal==null) { + if (principal==null) { chain = null; } else { - if(principal instanceof TaggedPrincipal) { + if (principal instanceof TaggedPrincipal) { TaggedPrincipal tp = (TaggedPrincipal)principal; chain = tp.getName() + ':' + (app==null?"":app) + ':' + tp.tag() + ":AS"; } else { @@ -128,7 +128,7 @@ public class SimpleRESTClient { } public StringBuilder builder() { - if(sb==null) { + if (sb==null) { sb = new StringBuilder(); content = null; } @@ -140,16 +140,16 @@ public class SimpleRESTClient { */ public void clear() { content = null; - if(sb!=null) { + if (sb!=null) { sb.setLength(0); } } @Override public String toString() { - if(content!=null) { + if (content!=null) { return content; - } else if(sb!=null) { + } else if (sb!=null) { return sb.toString(); } else { return ""; @@ -158,8 +158,8 @@ public class SimpleRESTClient { public byte[] getBytes() { byte[] rv; - if(content==null) { - if(sb==null) { + if (content==null) { + if (sb==null) { rv = EMPTY_STREAM_BYTES; } else { rv = sb.toString().getBytes(); @@ -192,7 +192,7 @@ public class SimpleRESTClient { return client.create(path, contentType, new ETransfer(input)); } }); - if(!future.get(callTimeout)) { + if (!future.get(callTimeout)) { throw new RESTException(future); } } @@ -217,7 +217,7 @@ public class SimpleRESTClient { return client.read(path,accepts, headers()); } }); - if(future.get(callTimeout)) { + if (future.get(callTimeout)) { return future.value; } else { throw new RESTException(future); @@ -245,7 +245,7 @@ public class SimpleRESTClient { return client.update(path, contentType, new ETransfer(input)); } }); - if(future.get(callTimeout)) { + if (future.get(callTimeout)) { return future.value; } else { throw new RESTException(future); @@ -268,7 +268,7 @@ public class SimpleRESTClient { return client.delete(path, contentType); } }); - if(!future.get(callTimeout)) { + if (!future.get(callTimeout)) { throw new RESTException(future); } } @@ -292,14 +292,14 @@ public class SimpleRESTClient { } public String[] headers() { - if(chain==null) { + if (chain==null) { return headers.headers(); } else { String[] strs = headers.headers(); String[] rv = new String[strs.length+2]; rv[0]=Config.CADI_USER_CHAIN; rv[1]=chain; - for(int i = 0;i<strs.length;++i) { + for (int i = 0;i<strs.length;++i) { rv[i+2]=strs[i]; } return rv; diff --git a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java index 154ba1b7..cd9c2313 100644 --- a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java +++ b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OAuthExample.java @@ -94,7 +94,7 @@ public class OAuthExample { // If AAF Token server, then its just the same as your other AAF MechID creds // If it is the Alternate OAUTH, you'll need THOSE credentials. See that tool's Onboarding procedures. String client_id = access.getProperty(Config.AAF_APPID); - if(client_id==null) { + if (client_id==null) { // For AAF, client_id CAN be Certificate. This is not necessarily true elsewhere client_id = access.getProperty(Config.CADI_ALIAS); } @@ -126,7 +126,7 @@ public class OAuthExample { // tc.clearToken("org.onap.aaf","org.onap.test"); // Result Object can be queried for success - if(rtt.isOK()) { + if (rtt.isOK()) { TimedToken token = rtt.value; print(token); // Take a look at what's in a Token @@ -147,7 +147,7 @@ public class OAuthExample { // The "future" calling method allows you to do other processing, such as call more than one backend // client before picking up the result // If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then - if(future.get(CALL_TIMEOUT)) { + if (future.get(CALL_TIMEOUT)) { // Client Returned expected value return future.value; } else { @@ -165,7 +165,7 @@ public class OAuthExample { // As a Service, read Introspection information as proof of Authenticated Authorization ////////////////////////////////////////////////////////////////////// // CADI Framework (i.e. CadiFilter) works with the Introspection to drive the J2EE interfaces ( - // i.e. if(isUserInRole("ns.perm|instance|action")) {... + // i.e. if (isUserInRole("ns.perm|instance|action")) {... // // Here, however, is a way to introspect via Java // @@ -174,7 +174,7 @@ public class OAuthExample { TokenClient tci = tcf.newClient(tokenIntrospectURL); tci.client_creds(client_id, client_secret); Result<Introspect> is = tci.introspect(token.getAccessToken()); - if(is.isOK()) { + if (is.isOK()) { // Note that AAF will add JSON set of Permissions as part of "Content:", legitimate extension of OAuth Structure print(is.value); // do something with Introspect Object } else { @@ -206,7 +206,7 @@ public class OAuthExample { } private static void print(Introspect ti) { - if(ti==null || ti.getClientId()==null) { + if (ti==null || ti.getClientId()==null) { System.out.println("Empty Introspect"); return; } diff --git a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OnapClientExample.java b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OnapClientExample.java index 657a9b78..f4fe017f 100644 --- a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OnapClientExample.java +++ b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/OnapClientExample.java @@ -97,7 +97,7 @@ public class OnapClientExample { // tc.clearToken("org.onap.aaf","org.onap.test"); // Result Object can be queried for success - if(rtt.isOK()) { + if (rtt.isOK()) { TimedToken token = rtt.value; print(token); // Take a look at what's in a Token @@ -122,7 +122,7 @@ public class OnapClientExample { // The "future" calling method allows you to do other processing, such as call more than one backend // client before picking up the result // If "get" matches the HTTP Code for the method (i.e. read HTTP Return value is 200), then - if(future.get(CALL_TIMEOUT)) { + if (future.get(CALL_TIMEOUT)) { // Client Returned expected value return future.value; } else { @@ -140,7 +140,7 @@ public class OnapClientExample { // As a Service, read Introspection information as proof of Authenticated Authorization ////////////////////////////////////////////////////////////////////// // CADI Framework (i.e. CadiFilter) works with the Introspection to drive the J2EE interfaces ( - // i.e. if(isUserInRole("ns.perm|instance|action")) {... + // i.e. if (isUserInRole("ns.perm|instance|action")) {... // // Here, however, is a way to introspect via Java // @@ -148,7 +148,7 @@ public class OnapClientExample { // We need a Different Introspect TokenClient, because different Endpoint (and usually different Services) TokenClient tci = tcf.newClient(Config.AAF_OAUTH2_INTROSPECT_URL); Result<Introspect> is = tci.introspect(token.getAccessToken()); - if(is.isOK()) { + if (is.isOK()) { // Note that AAF will add JSON set of Permissions as part of "Content:", legitimate extension of OAuth Structure print(is.value); // do something with Introspect Object } else { @@ -180,7 +180,7 @@ public class OnapClientExample { } private static void print(Introspect ti) { - if(ti==null || ti.getClientId()==null) { + if (ti==null || ti.getClientId()==null) { System.out.println("Empty Introspect"); return; } diff --git a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/SimpleRestClientExample.java b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/SimpleRestClientExample.java index 27f9198a..dc1824fc 100644 --- a/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/SimpleRestClientExample.java +++ b/cadi/oauth-enduser/src/test/java/org/onap/aaf/cadi/enduser/test/SimpleRestClientExample.java @@ -42,7 +42,7 @@ public class SimpleRestClientExample { String urlString = cf.getAccess().getProperty("myurl", null); - if(urlString==null) { + if (urlString==null) { System.out.println("Note: In your startup, add \"myurl=https://<aaf hello machine>:8130\" to command line\n\t" + "OR\n\t" + " add -Dmyurl=https://<aaf hello machine>:8130 to VM Args\n\t" @@ -64,8 +64,8 @@ public class SimpleRestClientExample { PrintWriter pw = input.writer(); pw.print("{\"something\": ["); - for(int i=0;i<4;++i) { - if(i>0) { + for (int i=0;i<4;++i) { + if (i>0) { pw.print(','); } pw.print("{\"myint\":"); @@ -136,14 +136,14 @@ public class SimpleRestClientExample { System.out.println("-------- START Expecting Exception starting here --------"); expectException = true; restClient.get("notAnAPI"); - } catch(RESTException e) { + } catch (RESTException e) { System.out.println(e.getCode()); System.out.println(e.getMsg()); System.out.println(e.getMessage()); System.out.println(e.getLocalizedMessage()); System.out.println(e); } finally { - if(expectException) { + if (expectException) { System.out.println("-------- END Expecting Exception starting here --------"); } System.out.println("-------- END REST READ/GET --------"); diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java index f11d8f89..e3342914 100644 --- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java +++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/MyServlet.java @@ -60,15 +60,15 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal; request.getUserPrincipal()); String perm = request.getParameter("PERM"); - if(perm!=null) { - if(request.isUserInRole(perm)) { - if(perm.indexOf('|')<0) { + if (perm!=null) { + if (request.isUserInRole(perm)) { + if (perm.indexOf('|')<0) { res.getOutputStream().println("\nCongrats!, You are in Role " + perm); } else { res.getOutputStream().println("\nCongrats!, You have Permission " + perm); } } else { - if(perm.indexOf('|')<0) { + if (perm.indexOf('|')<0) { res.getOutputStream().println("\nSorry, you are NOT in Role " + perm); } else { res.getOutputStream().println("\nSorry, you do NOT have Permission " + perm); @@ -78,12 +78,12 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal; // You can get the working AAFCon from Trans AAFCon<?> aafcon = AAFCon.obtain(req); - if(aafcon!=null) { + if (aafcon!=null) { try { res.getOutputStream().println("----- Perms JSON from direct call -----"); final Principal up = request.getUserPrincipal(); TaggedPrincipal tp; - if(up instanceof TaggedPrincipal) { + if (up instanceof TaggedPrincipal) { tp = (TaggedPrincipal)up; } else { tp = new TaggedPrincipal() { @@ -101,7 +101,7 @@ import org.onap.aaf.cadi.principal.TaggedPrincipal; // This call will be "as the user calling", but only if permission is set to trust. // Future<String> future = aafcon.clientAs("2.0",tp).read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json"); Future<String> future = aafcon.client("2.0").read("/authz/perms/user/"+request.getUserPrincipal().getName(),"application/Perms+json"); - if(future.get(4000 /* timeout */)) { + if (future.get(4000 /* timeout */)) { res.getOutputStream().print(future.value); } else { System.err.println(future.code() + ", " + future.body()); diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java index cec8a539..165acffb 100644 --- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java +++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/JettyServletServer.java @@ -51,7 +51,7 @@ public abstract class JettyServletServer implements Servlet { int maxPoolSize = 10; int keepAliveTime = 3000; String hostname = access.getProperty(Config.HOSTNAME, null); - if(hostname==null) { + if (hostname==null) { hostname = Inet4Address.getLocalHost().getHostName(); } @@ -62,7 +62,7 @@ public abstract class JettyServletServer implements Servlet { Server server = new Server(pool); String protocol; - if(access.getProperty(Config.CADI_KEYSTORE_PASSWORD,null)==null) { + if (access.getProperty(Config.CADI_KEYSTORE_PASSWORD,null)==null) { ServerConnector conn = new ServerConnector(server); conn.setHost(hostname); conn.setPort(port); diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java index 29462cfb..4d170f3f 100644 --- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java +++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/jetty/MiniJASPIWrap.java @@ -55,9 +55,9 @@ public class MiniJASPIWrap extends ServletHolder { this.rolesAllowed = servlet.getAnnotation(RolesAllowed.class); StringBuilder sb = new StringBuilder(); boolean first = true; - if(rolesAllowed!=null) { - for(String str : rolesAllowed.value()) { - if(first)first=false; + if (rolesAllowed!=null) { + for (String str : rolesAllowed.value()) { + if (first)first=false; else sb.append(','); sb.append(str); } @@ -73,26 +73,26 @@ public class MiniJASPIWrap extends ServletHolder { */ @Override public void handle(Request baseRequest, ServletRequest request, ServletResponse response) throws ServletException, UnavailableException, IOException { - if(rolesAllowed==null) { + if (rolesAllowed==null) { super.handle(baseRequest, request, response); } else { // Validate try { HttpServletRequest hreq = (HttpServletRequest)request; boolean proceed = false; - for(String role : rolesAllowed.value()) { - if(hreq.isUserInRole(role)) { + for (String role : rolesAllowed.value()) { + if (hreq.isUserInRole(role)) { proceed = true; break; } } - if(proceed) { + if (proceed) { super.handle(baseRequest, request, response); } else { //baseRequest.getServletContext().log(hreq.getUserPrincipal().getName()+" Refused " + roles); ((HttpServletResponse)response).sendError(403); // forbidden } - } catch(ClassCastException e) { + } catch (ClassCastException e) { throw new ServletException("JASPIWrap only supports HTTPServletRequest/HttpServletResponse"); } } diff --git a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java index 1597dbd5..e82dddd2 100644 --- a/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java +++ b/cadi/servlet-sample/src/test/java/org/onap/aaf/sample/cadi/tomcate/TomcatEmbedded.java @@ -76,10 +76,10 @@ public class TomcatEmbedded { private static void setAttr(Connector connector, Access access, String ctag, String atag) throws IOException { String value = access.getProperty(atag, null); - if(value==null) { + if (value==null) { access.log(Level.ERROR, atag, "is null"); } else { - if(value.startsWith("enc:")) { + if (value.startsWith("enc:")) { access.log(Level.INIT,atag,"=enc:************"); value = access.decrypt(value, false); } else { |